Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, November 3, 2022
    8:30 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:30 am - 3:00 pm
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    9:00 am
    [Opening Keynote] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:00 am
    Internal Talent Pipelines: Get Out of Your Own Way
    • session level icon
    speaker photo
    Associate CISO, The University of Kansas Health System
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:45 am
    10:00 am
    Addressing Modern-Day Data Breaches
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:45 am
    10:00 am
    Modern Threat Detection, Investigation, and Response with Google Cloud's SecOps Suite
    • session level icon
    speaker photo
    Engineer, Google Cloud Security
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:45 am

    To stay secure in today’s growing threat landscape, organizations must uncover and remediate cyber threats at unprecedented speed and scale. This demonstration will showcase how Google Cloud’s Chronicle, Siemplify, and VirusTotal products are coming together to provide a holistic approach to modern threat detection, investigation, and response. Join us and discover how to:

    • Uncover and analyze new and evolving threats at petabyte scale.
    • Decrease alert fatigue and caseload by as much as 80% working threat-centric cases.
    • Automate up to 98% of Tier 1 tasks with custom dynamic playbooks.
    • Reduce mean time to detection (MTTD) and mean time to response (MTTR) with actionable threat intel and context-driven investigations.
    • Hunt for new and advanced threats 90% faster than traditional SOC tools.
    10:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:00 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:00 am
    The Inadvertent Remote Insider Threat
    • session level icon
    speaker photo
    Sr. Director, Cyber Security, Acumatica, Inc.
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:45 am

    Threat methods and controls utilized are very comprehensive and effective for those who are typically in the office, but what about the remote workforce of today? Their intent may not be malicious but rather inherent to poor practices.

    This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations, we will show simple techniques used to bypass various controls.

    Objectives:

    • Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity
    • How to identify system based behavioral indicators
    • Learn which existing or enhanced security layer can provide insider threat profile data
    • Learn how areas of the organization, i.e. Legal, Procurement, and HR, are key stakeholders in assisting to identify insider threat activity

    Key Takeaways:

    • How to identify business processes which can contribute to remote work insider threats
    • Enhance current security program on what controls are bypassed by utilizing routine IT procedures
    • Enhance procedures required to identify insider threat exposures
    • Enhance awareness training to include additional methods of insider threat
    • Enhance existing physical and digital security layers to better identify specific insider threat activity
    11:00 am
    Common IAM Challenges Organizations Struggle with and How to Solve Them
    • session level icon
    speaker photo
    Director, Integral Partners
    speaker photo
    Director, Integral Partners
    speaker photo
    Director, Integral Partners
    speaker photo
    VP of Services, Integral Partners
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:45 am

    Organizations developing their IAM programs are faced with a perplexing set of issues.   During this presentation, we’ll discuss why each of these IAM challenges exists and how we’ve helped organizations overcome them.

    1. Achieving Role-Based Access Control (RBAC): What RBAC really means and strategies for unlocking the efficiency and reduced risk that it offers.
    2. PAM Adoption: Why driving adoption of PAM tools and processes can be so challenging and how to overcome organizational pushback.
    3. IGA Adoption and ROI: Maximizing your IGA investments by integrating with your broader application ecosystem
    4. Integrating PAM & IGA: Why you should consider integrating your PAM and IGA tools, the challenges you might face, and strategies for doing it right.
    11:00 am
    1Password Masterclass: Security Tactics vs. Proven Security Theatre
    • session level icon
    speaker photo
    Solutions Architect, 1Password
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:45 am

    Many password myths and security policies make things less secure for everyone and harder to stay safe online. Learn how to spot and avoid security theatre.

    11:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:45 am - 12:00 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    12:00 pm
    [Fireside Chat] Things I Wish I Had Known About Cybersecurity Before I Got into a Leadership Role
    • session level icon
    speaker photo
    BISO, Cardinal Health
    speaker photo
    CISO, The Anschutz Corporation
    speaker photo
    CSO, Trexin Consulting
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    12:00 pm
    Special film screening of "Made in Beijing: The Plan for Global Market Domination"
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm

    This film from the FBI helps the private sector recognize the urgent need to protect their intellectual property against sustained and ongoing industrial espionage by the People’s Republic of China (PRC).

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:00 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:00 pm
    Transforming Information Security for Businesses of All Sizes
    • session level icon
    speaker photo
    CTO, Center for Internet Security
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm

    In order to combat cyber threats for organizations of all sizes and the supply chain, how information security is delivered and managed requires transformation. The burden of securing systems and networks has long been placed on the end organization, resulting in a distributed management requirement that does not scale. Requirements placed on the end organization exacerbate the burden, whereas “shift left,” setting requirements on the vendor, can alleviate it. Industry has a unique opportunity to aid a positive transformation to better scale security for solutions, with an aim towards improving the overall security posture and reducing the security professional deficit. Innovation to deploy security following scalable architectural patterns for security management is paramount.

    1:00 pm
    Incredible Email Hacks You'd Never Expect and How You Can Stop Them
    • session level icon
    speaker photo
    Data-Driven Defense Evangelist, KnowBe4
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm

    If you think the only way your network and devices can be compromised via email is phishing, think again!

    A majority of data breaches are caused by attacks on the human layer, but email hacking is much more than phishing and launching malware. From code execution and clickjacking to password theft and rogue forms, cybercriminals have more than enough email-based tricks that mean trouble for your InfoSec team.

    In this webinar Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist and security expert with over 30-years of experience, explores many ways hackers use social engineering and phishing to trick your users into revealing sensitive data or enabling malicious code to run.

    Roger will show you how hackers compromise your network. You’ll also see incredible demos including a (pre-filmed) hacking demo by Kevin Mitnick, the World’s Most Famous Hacker and KnowBe4’s Chief Hacking Officer.

    Roger will teach you:

    • How remote password hash capture, silent malware launches and rogue rules work
    • Why rogue documents, establishing fake relationships and tricking you into compromising your ethics are so effective
    • The ins and outs of clickjacking
    • Actionable steps on how to defend against them all

    Email is still a top attack vector cybercriminals use. Don’t leave your network vulnerable to these attacks.

    1:00 pm
    Zero Trust in a Modern IT World
    • session level icon
    speaker photo
    Principal Security Architect, Okta
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:45 pm
    1:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:45 pm - 2:00 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:00 pm
    [Closing Keynote] Ukraine vs. Russia: The Cyber War, 8 Month Update
    • session level icon
    speaker photo
    CNN Military Analyst; USAF (Ret.), Chairman, Cedric Leighton Associates, LLC
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:45 pm

    For a preview of Col. Cedric’s Leighton’s presentation, read the SecureWorld News article, “World’s First Hybrid War in Ukraine Holds Important Cyber Lessons.” 

Exhibitors
  • 1Password
    Booth:

    1Password is a privacy-focused password manager that keeps you safe online. 1Password is the world’s most-loved password manager. By combining industry-leading security and award-winning design, the company provides private, secure, and user-friendly password management to businesses and consumers globally. More than 80,000 business customers, including IBM, Slack, PagerDuty, and GitLab, trust 1Password as their enterprise password manager.

  • Cohesity, Inc
    Booth:

    We believe that simplicity is the foundation of modern data management. Our mission is to radically simplify how organizations manage their data and unlock limitless value. The company develops software that allows IT professionals to backup, manage, and gain insights from their data across multiple systems or cloud providers.

  • Google Cloud
    Booth:

    Google Cloud provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.

  • Integral Partners LLC
    Booth:

    Integral Partners is a leading cybersecurity consulting firm dedicated exclusively to helping customers identify, define, and implement the right IAM programs. Our solutions include world-class Advisory, IGA, PAM, Customer Identity and Access Enforcement services. Whether you’re looking to reduce your business risk, create an IAM roadmap, tackle governance, manage SOX, HIPAA, PCI, and NERC CIP compliance, securely move to the cloud or drive digital transformation, we have the expertise and experience to help. IAM is what we do. It is all we do.

  • KnowBe4
    Booth:

    We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.

    KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.

    The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.

    Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • Women in CyberSecurity (WiCyS)
    Booth:

    Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Michael Meis
    Associate CISO, The University of Kansas Health System

    Michael is an Army veteran with over 13 years' experience and has a passion for architecting security programs, leading people, and developing world-class security teams. During his career, Michael previously partnered with the USDA CISO to develop one of the largest consolidations of security services in the federal government. Michael also led the H&R Block Information Security team through a transformation of their GRC operations to instill quantitative cyber risk management practices. Michael currently leads The University of Kansas Health System Cybersecurity team as they protect the critical systems, data, and people that provide lifesaving patient care.

  • speaker photo
    Dale 'Dr. Z' Zabriskie, CISSP CCSK
    Field CISO, Cohesity

    Known for his ability to communicate both technically and conceptually in an authoritative yet entertaining style, Dale “Dr. Z” Zabriskie has consulted with IT professionals across the globe, advising on implementing effective cyber security strategies. He is a CISSP (Certified Information Systems Security Professional), and certified in Cloud Security Knowledge (CCSK).

    In his 20-year cybersecurity career, Dr. Z has advised major healthcare, public sector, finance, retail, entertainment, and manufacturing organizations in over fifty countries. He has also been a popular moderator and participant in numerous industry panels. His expertise is supported by career experience in information technology, regulatory compliance, research and development, marketing, and sales.

    Before joining Cohesity, Dr. Z was an Evangelist with Symantec for over 16 years. Prior companies include Proofpoint, Veritas, SunGard, and IBM.

  • speaker photo
    Severin Simko
    Engineer, Google Cloud Security

    Severin worked at Siemplify for nearly 3 years, 2.5 years of which were spent at TIP where he was team led for a team that was responsible for all integrations that Siemplify had. Nowadays he is focusing his work on Sales Engineering at Google Cloud Security and has been doing so for nearly half a year. Prior to that, Severin was working for a company in the Czech Republic where he designed, implemented and maintained SOCs mostly for customers from central Europe - banks and insurance companies.

  • speaker photo
    Mike Muscatell
    Sr. Director, Cyber Security, Acumatica, Inc.

    Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.

  • speaker photo
    Ryan Cluff
    Director, Integral Partners

    Ryan is a multifaceted technical leader with 20+ years of information security and governance experience. Throughout his career, Ryan has led and created dozens of strategic initiatives from the ground up, built successful teams and delivered quality results with consistency. His. extensive experience delivering complex regulatory and technical risk-based compliance initiatives across industry verticals including Health Care, Finance, Utilities, and Higher Education.

    Ryan leads Integral Partners’ Identity Governance and Administration (IGA) practice and is a SailPoint & 3rd party identity access implementation and legacy Oracle/OIM replacement expert.

  • speaker photo
    Brent Andrewsen
    Director, Integral Partners

    Brent is the Director of the Privileged Access Management (PAM) practice at Integral Partners focusing on implementing CyberArk, BeyondTrust, Delinea, and other solutions. He has over 20 years of experience across a variety of IT disciplines including web infrastructure implementation and maintenance, ERP applications deployment and support, Cloud and mobile technologies design and implementation, and IAM.

    Brent has led strategic Identity Governance and PAM projects to successful outcomes for organizations across many industries, including Healthcare, Higher Education, Pharmaceutical, Finance, and Energy Utilities. Brent also teaches a graduate-level cyber-physical and IoT course as an adjunct professor at Brigham Young University.

  • speaker photo
    David Oaxaca
    Director, Integral Partners

    David leads the Cloud Identity Governance and Administration practice at Integral Partners. He brings over 20 years of software development, cybersecurity, access enforcement, IAM, and IGA consulting expertise. David is focused on establishing emerging technology partnerships and delivering evolving and innovative cloud-based IGA solutions and services to clients across multitudes of organizations and verticals.

    David earned a B.S. in Computer Systems from Instituto Tecnológico y de Estudios Superiores de Monterrey. He holds multiple product technical certifications, including CISSP and CCSP.

  • speaker photo
    Moderator: David Cox
    VP of Services, Integral Partners

    David is a co-founder of Integral Partners, bringing over 25 years of technical and leadership experience in the cybersecurity consulting industry. He is responsible for strategic client and partner relationships and leads service delivery for all Integral Partners’ offerings. David has worked with organizations in many industry verticals and is recognized for his ability to develop strong partnerships of trust and guide successful delivery and adoption of IAM solutions.

    David has a B.A. from BYU, an M.B.A. from Northeastern University, and is a CISSP.

  • speaker photo
    Adam Pike
    Solutions Architect, 1Password

    Adam Pike is a solutions architect at 1Password (and former 1Password account administrator in a previous life) with two decades of IT experience focused on privacy and security, working at the intersection of people and technology. He spends most of his workdays helping customers integrate 1Password into their tech stack. When he’s not at his desk, you can usually find him enjoying the beauty of Newfoundland on a hiking trail.

  • speaker photo
    Britney Kennedy Hommertzheim
    BISO, Cardinal Health

    Britney began the first decade of her security career in the U.S. Army, where she managed over 90 teams and traveled internationally to assess the security of international government partners. Later, she oversaw the Information Security Department for AMC Theatres, responsible for the development and implementation of the global strategy, and overseeing all security personnel. Britney is a certified CISSP, CISM, PMP, and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics, and an MS in Cybersecurity. She was also named an IT Security Power Player by SC Magazine.

  • speaker photo
    Sam Masiello
    CISO, The Anschutz Corporation

    Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to Beckage, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.

    Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).

  • speaker photo
    Glenn Kapetansky
    CSO, Trexin Consulting

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Kathleen Moriarty
    CTO, Center for Internet Security

    Kathleen Moriarty, Chief Technology Officer, Center for Internet Security, has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS.

    Kathleen achieved over 20 years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet.

    Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Published work: "Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain," July 2020.

  • speaker photo
    Roger Grimes
    Data-Driven Defense Evangelist, KnowBe4

    Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.

  • speaker photo
    Sami Laine
    Principal Security Architect, Okta
  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; USAF (Ret.), Chairman, Cedric Leighton Associates, LLC

    Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

    Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes