- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, August 28, 202410:30 amExhibitor Hall openRegistration Level:
- Open Sessions
10:30 am - 4:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
11:00 am[Opening Keynote] Protecting Against OT and IoT ThreatsCISO, TrinseoRegistration Level:- Open Sessions
11:00 am - 11:45 amAs Operational Technology (OT) and the Internet of Things (IoT) become integral components of organizational infrastructures, the cybersecurity landscape expands into uncharted territory. This session is dedicated to unraveling the intricacies of safeguarding against threats in the OT and IoT realms. Explore strategies for protecting critical infrastructure, manufacturing processes, and interconnected devices from evolving cyber threats. Industry experts share insights, case studies, and practical approaches to fortify defenses, emphasizing the unique challenges posed by the convergence of OT and IoT. Join this comprehensive discussion on securing the future of interconnected technologies in the face of emerging cyber risks.
11:45 amNetworking BreakRegistration Level:- Open Sessions
11:45 am - 12:00 pmLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pmAI & Insider Threat: A Story about Data Loss PreventionSr. Director, Cyber Security, Acumatica, Inc.Registration Level:- Open Sessions
12:00 pm - 12:45 pmSession description to come.
12:00 pmIntegrate Transformative OT Cybersecurity Programs to Increase EffectivenessPrincipal, CI5O Advisory Services LLCRegistration Level:- Open Sessions
12:00 pm - 12:45 pmAt the operational field, plant, or edge level, growing risks like cybersecurity must be managed amid a need to democratize and expand technology within an increasingly connected workplace. Traditional approaches of handling cyber, analytics, edge, and others as separate IT projects and not addressing these needs as various pieces of a major holistic change effort (including many non-technology aspects) are causing them to fail outright or have poor results. Operational management frameworks are designed to provide consistency and reliability at the field level for various reasons, including safety and environmental priorities, and can create friction with innovative techniques and large-scale change. Culture clashes between OT, IT, and Operations teams and priorities worsen this situation.
It’s important to appreciate how transformative OT cybersecurity programs are in order to integrate those objectives and ways of working into existing frameworks. This also allows cybersecurity teams to take advantage of new models and emerging technology which can accelerate progress. Finding and supporting these solutions is not enough though; companies need to apply a different approach to leading their internal change to overcome resistance and improve engagement.
12:00 pmManufacturing Foundational Digital ResilienceField CTO, Cyber Security & Infrastructure, SplunkCo-Founder & Chief Operating Officer, CI-DiscernRegistration Level:- Open Sessions
12:00 pm - 12:45 pmIn an increasingly interconnected world, the manufacturing and energy sector faces unprecedented challenges in safeguarding its digital infrastructure. The rise of Industry 4.0 has brought about a fusion of physical and digital systems, making the protection of data, Visibility of IoT (Internet of Things) and OT (Operational Technology) not just a necessity, but a cornerstone for sustainable growth. This talk will focus on foundational digital resilience within the energy and manufacturing industry, emphasizing the importance of visibility across all data sectors, removing internal and external silos, and functional strategies to achieve cybersecurity and infrastructure goals.
The discussion will cover the New NIST CSF (V2) controls and key elements of digital resilience, including the adoption of proactive security measures, the role of advanced analytics in threat detection, and the importance of returning to foundational strategies of defense in depth, data to outcome and framework alignment across all levels of an organization. We will discuss strategies for mitigating risks associated with supply chain vulnerabilities, ensuring operational continuity, and maintaining the integrity of critical manufacturing data.
By establishing a comprehensive and resilient digital foundation, manufacturers can protect themselves against the growing threat landscape.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pmManaging Smart Buildings Service Provider FragmentationNational Practice Lead – Building Cybersecurity, Michael Baker InternationalRegistration Level:- Open Sessions
1:00 pm - 1:45 pmBuilding control systems have been around since the late 1970s. These systems were digitally controlled and proprietary. The building staff could run the building, but the logic/programming required the system service provider’s knowledge to maintain. Over time, the building staff’s reliance on the service provider grew to the point that the service provider not only has unrestricted local access but also unrestricted remote access. And in most cases, the service provider provides and controls remote access. When you take this into account and multiply it by the number of building control systems per building, the number of service provider technicians that currently have access, and former employees that possibly have access, and then multiply this by the number of buildings owned, this number can be huge. Now take into consideration that most of the service providers are not bound to cybersecurity service provider agreements. These buildings are a high degree of risk exposure for building owners.
Learning Objectives:
- Participants will be exposed to the current state of the building control system cybersecurity.
- Participants will be walked through some real-world examples of results when service provider management does not exist and/or breaks down.
- Participants will learn the basic concepts of managing service providers using ISA 62443.
1:00 pm[Panel] Automation in an OT & IoT WorldVice President, Cyber Liability, Woodruff SawyerTeam Lead of Security Operations, AutomoxMember, Data Privacy & Cybersecurity, Clark Hill LawRegistration Level:- Open Sessions
1:00 pm - 1:45 pmSession description to come.
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pmPig Butchering, BEC, and Artificial Intelligence: What the Secret Service Wants You to KnowFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Open Sessions
2:00 pm - 2:45 pmSession description to come.
2:00 pm[Panel] The Current Threat LandscapeCISO, NovolexCEO, Trout SoftwareIndustry Technical Specialist Lead, SplunkRegistration Level:- Open Sessions
2:00 pm - 2:45 pmIf we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?
It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.
2:45 pmNetworking BreakRegistration Level:- Open Sessions
2:45 pm - 3:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
3:00 pmEmploying a Strategic Approach to Managing Shared Supply Chain RiskSr. Strategic Advisor & vCISO, Sentinel TechnologiesRegistration Level:- Open Sessions
3:00 pm - 3:45 pmSession description coming soon.
3:00 pmFortifying Identity Security Defenses with AI-Powered Threat ProtectionSr. Product Marketing Manager, OktaRegional Sales Manager, OktaRegistration Level:- Open Sessions
3:00 pm - 3:45 pmCybersecurity threats are targeting identity vulnerabilities. Traditional methods fall short against complex threats. Our webinar will highlight AI-driven solutions for identity threat protection and the importance of a unified security strategy. What you will learn:
- AI for Identity Protection: Explore pivotal AI advancements in fighting identity threats.
- Advanced Threat Detection: Discover why evolving attacks need immediate, innovative detection and response strategies.
- AI-Driven Security: Learn how AI boosts security with real-time detection, fewer false positives, and breach mitigation.
- Unified Security Strategy: Understand the benefits of an integrated approach to enhance visibility, policy enforcement, and security automation, reducing identity risks.
3:45 pmNetworking BreakRegistration Level:- Open Sessions
3:45 pm - 4:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
4:00 pm[Closing Keynote] Navigating the Future: Privacy and Cybersecurity Challenges in the Era of an All-Connected WorldThe Privacy Professor; CEO, Privacy & Security BrainiacsRegistration Level:- Open Sessions
4:00 pm - 4:45 pmThe proliferation of smart products being manufactured is staggering. If you can see it, smell it, touch it, wear it, ride in it, hear it, or…whatever…you can computerize it in some way to improve life, surveil others, provide protection, fix bodies, be entertaining; the list is endless. A lot of thought goes into making “bells and whistles” to make a product useful in some way at a price low enough to motivate purchases, reaping as much profits to the manufacturers and retailers, and/or benefits to those using the product, as possible. The potential for building radical, innovative advancements in transportation, lifestyles, clothing, consumer health, education, safety, environment, technology, recreation, housing, finance, nutrition and communication is exciting! However, what often gets lost in the excitement of the possibilities are the manufacturers’ and retailers’ considerations for, and critical conversations about, the privacy and cybersecurity risks inherent in using these smart devices and associated components. Subsequently, security and privacy controls are not engineered into the full smart products’ components.
This session will explore the multifaceted challenges surrounding privacy and cybersecurity in the era of a world where anything that exists could potentially be a smart product. Rebecca will delve into the intricacies of data collection, transmission, and storage within these technologies, examining the potential vulnerabilities and privacy concerns that arise as consumers surreptitiously become interconnected with their surroundings, and ultimately a wide range of organizations that utilize their collected data in a variety of ways.
Key topics to be addressed include the secure transmission of sensitive personal data, the collection and sharing of personal data by smart products, and the ethical considerations of balancing advancements in consumer products with individual data protection. Real-world use cases will be presented, illustrating both the potential benefits and risks associated with such products as smart automobiles and roadways, smart jewelry, smart travel products and fitness trackers.
Attendees will gain valuable insights into best practices for engineering robust cybersecurity capabilities into such products, ensuring personal data confidentiality, and navigating the evolving regulatory landscape. This session aims to empower manufacturing engineers, technology developers, and policymakers with the knowledge needed to strike a balance between innovation and the protection of consumer privacy in the dynamic and expanding landscape of smart consumer products. Join us for an engaging discussion that paves the way for a secure and ethical future in an increasingly connected world.
- AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- SplunkBooth:
Splunk helps build a safer and more resilient digital world. Organizations trust Splunk to prevent security, infrastructure and application incidents from becoming major issues, absorb shocks from digital disruptions and accelerate digital transformation.
- Trout SoftwareBooth:
Simple and agile approach to secure your assets: secure your digital perimeters, respond to threats quickly, and ensure continuous operations.
- Tammy KlotzCISO, Trinseo
Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.
- Mike MuscatellSr. Director, Cyber Security, Acumatica, Inc.
Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.
- Al LindsethPrincipal, CI5O Advisory Services LLC
Highly effective and successful senior executive with 25 years in the energy industry. Experience and knowledge spans different markets, products, business models and disciplines. Proven track record of:
Driving resolution of the top challenges facing different groups, companies or individuals, whether as a member of its management team or as an outside expert;
Acting as change agent to effect turnaround situations and solve critical problems;
Balancing between an entrepreneurial culture and the discipline to achieve the high standards and controls of a large public company; and
Doing more with less (PAALP ranked #5 in Forbes 500 in revenues/employee in 2009) - Tony PierceField CTO, Cyber Security & Infrastructure, Splunk
As Field CTO for Cyber Security and Infrastructure, Tony focuses primarily on Client Cyber and Infrastructure Resilience mapping, Cybersecurity strategy, Data Strategy and Data to outcome goals for Cisco and Splunk clients across all sectors in AMER (Canada, LATAM and US). He partners heavily with internal teams in Product development, Internal SOC team and Strategy/Alignment.
- Greg SissonCo-Founder & Chief Operating Officer, CI-Discern
Greg is a co-founder and Chief Operating Officer of CI-Discern, a veteran owned professional services and solutions firm focused on improving Critical Infrastructure security and resilience. Founded by senior executives from the government and private sector, CI-Discern is committed to creating and implementing solutions that enhance governance, oversight, and strategic capabilities for critical infrastructure owners and operators.
Greg is a seasoned executive-level cybersecurity leader with extensive experience leading, developing, and implementing cybersecurity initiatives, programs, and policies in positions of increasing responsibility at the department level for the US Departments of Energy and Defense.
Prior to launching CI-DISCERN, Greg served as a Managing Director in EY’s Energy Cybersecurity Consulting practice. While there, Greg served as the cybersecurity field of play lead on multiple power and utilities, oil and natural gas and global manufacturing accounts assisting CISO’s in maturing and transforming their cybersecurity programs.
Greg culminated his public service in 2022 as the US Department of Energy (DOE) Chief Information Security Officer where he was responsible for Department wide cybersecurity operations, risk management and compliance enabling the Departments support to energy, environmental management, transformative science, and nuclear security missions.
Prior to joining DOE in 2018, he served as the Chief of Staff and the Deputy Director of Operations at Joint Force Headquarters Department of Defense Information Network (JFHQ-DODIN). JFHQ-DODIN is a component of United States Cyber Command and oversees DOD information network operations and defensive cyberspace operations globally.
Before JFHQ-DODIN, he served in a number of roles at United States Joint Forces Command and the Joint Staff, training military organizations as they prepared for combat operations and was awarded the Civilian Global War on Terrorism Medal for his work.Greg is a proud military veteran, having served over 20 years as a non-commissioned and commissioned officer in the United States Army where he led diverse organizations at multiple echelons. He retired as a Signal Officer in 2004.
Greg completed his undergraduate work at the University of South Carolina Aiken where he earned a Bachelor of Arts in History and, in 2014 he earned a Master of Arts in National Security and Strategic Studies from the College of Naval Warfare in Newport, RI.
- Fred GordyNational Practice Lead – Building Cybersecurity, Michael Baker International
Fred Gordy is a nationally recognized thought leader, speaker, and expert in building systems cybersecurity specializing in organizational and technical vulnerabilities. He has over 20 years of industry experience including information technology and building controls systems. Fred has been the Chairperson of the Cyber Security Committee for the InsideIQ 55 international member companies, Security Steering Committee Member for S.E.A.T. (Sports & Entertainment Alliance in Technology), founding member of Cyber Security for Control Systems Association International (CS2AI), past president and current president emeritus the Atlanta CS2AI Chapter.
- David AndersonVice President, Cyber Liability, Woodruff Sawyer
David focuses on complex cyber, privacy, technology, and professional liability issues and is a dedicated and fierce advocate for his clients.
- Ryan BraunsteinTeam Lead of Security Operations, Automox
A passionate Security Engineer with seven years of experience, committed to safeguarding data and networks. Skilled in identifying vulnerabilities and mitigating threats, while collaborating with teams to develop comprehensive security policies. Enthusiastic about staying current with emerging technologies, ensuring the highest level of protection for organizations served.
- Myriah V. Jaworski, Esq., CIPP/US, CIPP/EMember, Data Privacy & Cybersecurity, Clark Hill Law
Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Matthew BurroughsCISO, Novolex
- Florian DoumencCEO, Trout Software
As the CEO of Trout Software, I lead a team of talented and diverse professionals who are passionate about delivering innovative and integrated security solutions for industrial and defense companies. With over seven years of experience in the cybersecurity field, I have a strong background in information technology, cloud engineering, and quantum computing. My goal is to help our clients build the most secure facilities.
- Chris DuffeyIndustry Technical Specialist Lead, Splunk
Chris Duffey is a Splunk Industry Technical Lead specializing in OT cybersecurity. With a focus on security and observability, Chris guides organizations in leveraging Splunk's capabilities to safeguard critical operational technology environments. He has developed specialized content and integrations such as the OT Security Add-on for Splunk. Chris is committed to helping organizations protect their systems from evolving cyber threats and mature their OT cyber capabilities by leveraging Splunk and its eco-system of partners.
- Arvin VermaSr. Strategic Advisor & vCISO, Sentinel Technologies
Arvin Verma is a highly motivated cybersecurity professional, with over 14 years of experience across a multitude of cyber and IT domains. He has worked in multiple industries spanning over 5 Fortune 500 companies and Big 4 consulting. He is currently a vCISO within the SMB segment.
In addition, Arvin proudly served in the US Navy Reserves as a Cryptologic Warfare Officer. He also serves as a research fellow with the Cybersecurity Forum Initiative where he has co-authored several research papers in new cyber trends and best practices.
Arvin holds several leadership positions with InfraGard Chicago and InfraGard National. He currently serves as the National Sector Chief for the Information Technology Sector, National Sector Security and Resilience Program of InfraGard National.He also serves as an advisor to several private and public entities, several startup organizations and is a guest lecturer at several universities across the State of Illinois.
Arvin is ISC2 CISSP certified, CompTIA Security+ certified, ISO 27001 Lead Auditor certified and a CMMC Registered Practitioner. - Rebecca HeroldThe Privacy Professor; CEO, Privacy & Security Brainiacs
Rebecca Herold has more than 30 years of security, privacy, and compliance experience. She is founder of The Privacy Professor Consultancy (2004) and of Privacy & Security Brainiacs SaaS services (2021) and has helped hundreds of clients throughout the years. Rebecca has been a subject matter expert (SME) for the National Institute of Standards and Technology (NIST) on a wide range of projects since 2009, including: seven and a half years leading the smart grid privacy standards creation initiative, and co-authoring those informative references and standards; two years being a co-author of and a SME member of the team that created the Privacy Framework (PF) and associated documents; and three years as a SME team member, and co-author of the Internet of Things (IoT) technical and non-technical standards and associated informative references; and performing throughout the years proof of concept (PoC) tests for a variety of technologies, such as field electricity solar inverters, PMU reclosers, and associated sensors. Rebecca has served as an expert witness for cases covering HIPAA, privacy compliance, criminals using IoT devices to track their victims, stolen personal data of retirement housing residents, tracking apps and website users via Meta Pixels and other tracking tech, and social engineering using AI. Rebecca has authored 22 books, and was adjunct professor for nine and a half years for the Norwich University MSISA program. Since early 2018, Rebecca has hosted the Voice America podcast/radio show, Data Security & Privacy with the Privacy Professor. Rebecca is based in Des Moines, Iowa, USA. www.privacysecuritybrainiacs.com
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes