- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, November 3, 20228:30 amExhibitor Hall openRegistration Level:
- Open Sessions
8:30 am - 3:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] BEC Attacks, Crypto, and the Investigative Powers of the Secret ServiceFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Open Sessions
9:00 am - 9:45 am9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amInternal Talent Pipelines: Get Out of Your Own WayAssociate CISO, The University of Kansas Health SystemRegistration Level:- Open Sessions
10:00 am - 10:45 am10:00 amAddressing Modern-Day Data BreachesField CISO, CohesityRegistration Level:- Open Sessions
10:00 am - 10:45 am10:00 amModern Threat Detection, Investigation, and Response with Google Cloud's SecOps SuiteEngineer, Google Cloud SecurityRegistration Level:- Open Sessions
10:00 am - 10:45 amTo stay secure in today’s growing threat landscape, organizations must uncover and remediate cyber threats at unprecedented speed and scale. This demonstration will showcase how Google Cloud’s Chronicle, Siemplify, and VirusTotal products are coming together to provide a holistic approach to modern threat detection, investigation, and response. Join us and discover how to:
- Uncover and analyze new and evolving threats at petabyte scale.
- Decrease alert fatigue and caseload by as much as 80% working threat-centric cases.
- Automate up to 98% of Tier 1 tasks with custom dynamic playbooks.
- Reduce mean time to detection (MTTD) and mean time to response (MTTR) with actionable threat intel and context-driven investigations.
- Hunt for new and advanced threats 90% faster than traditional SOC tools.
10:45 amNetworking BreakRegistration Level:- Open Sessions
10:45 am - 11:00 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:00 amThe Inadvertent Remote Insider ThreatSr. Director, Cyber Security, Acumatica, Inc.Registration Level:- Open Sessions
11:00 am - 11:45 amThreat methods and controls utilized are very comprehensive and effective for those who are typically in the office, but what about the remote workforce of today? Their intent may not be malicious but rather inherent to poor practices.
This presentation is designed to help individuals identify how seemingly “innocent” activity can make them an insider threat, and to help organizations identify existing critical controls needed to develop an Insider Threat Program using a white hat hacking methodology. Through live demonstrations, we will show simple techniques used to bypass various controls.
Objectives:
- Learn the methodologies utilized by individuals within the organization that would be defined as insider threat activity
- How to identify system based behavioral indicators
- Learn which existing or enhanced security layer can provide insider threat profile data
- Learn how areas of the organization, i.e. Legal, Procurement, and HR, are key stakeholders in assisting to identify insider threat activity
Key Takeaways:
- How to identify business processes which can contribute to remote work insider threats
- Enhance current security program on what controls are bypassed by utilizing routine IT procedures
- Enhance procedures required to identify insider threat exposures
- Enhance awareness training to include additional methods of insider threat
- Enhance existing physical and digital security layers to better identify specific insider threat activity
11:00 amCommon IAM Challenges Organizations Struggle with and How to Solve ThemDirector, Integral PartnersDirector, Integral PartnersDirector, Integral PartnersVP of Services, Integral PartnersRegistration Level:- Open Sessions
11:00 am - 11:45 amOrganizations developing their IAM programs are faced with a perplexing set of issues. During this presentation, we’ll discuss why each of these IAM challenges exists and how we’ve helped organizations overcome them.
- Achieving Role-Based Access Control (RBAC): What RBAC really means and strategies for unlocking the efficiency and reduced risk that it offers.
- PAM Adoption: Why driving adoption of PAM tools and processes can be so challenging and how to overcome organizational pushback.
- IGA Adoption and ROI: Maximizing your IGA investments by integrating with your broader application ecosystem
- Integrating PAM & IGA: Why you should consider integrating your PAM and IGA tools, the challenges you might face, and strategies for doing it right.
11:00 am1Password Masterclass: Proven Security Tactics vs. Security TheatreSolutions Architect, 1PasswordRegistration Level:- Open Sessions
11:00 am - 11:45 amMany password myths and security policies make things less secure for everyone and harder to stay safe online. Learn how to spot and avoid security theatre.
11:45 amNetworking BreakRegistration Level:- Open Sessions
11:45 am - 12:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pm[Fireside Chat] Things I Wish I Had Known About Cybersecurity Before I Got into a Leadership RoleGlobal BISO & Director of Business Partnership, Cardinal HealthCISO, The Anschutz CorporationChief Security Officer & Technology Lead, Trexin GroupRegistration Level:- Open Sessions
12:00 pm - 12:45 pm12:00 pmSpecial film screening of "Made in Beijing: The Plan for Global Market Domination"Registration Level:- Open Sessions
12:00 pm - 12:45 pmThis film from the FBI helps the private sector recognize the urgent need to protect their intellectual property against sustained and ongoing industrial espionage by the People’s Republic of China (PRC).
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pm[Closing Keynote] Transforming Information Security for Businesses of All SizesCTO, Center for Internet SecurityRegistration Level:- Open Sessions
1:00 pm - 1:45 pmIn order to combat cyber threats for organizations of all sizes and the supply chain, how information security is delivered and managed requires transformation. The burden of securing systems and networks has long been placed on the end organization, resulting in a distributed management requirement that does not scale. Requirements placed on the end organization exacerbate the burden, whereas “shift left,” setting requirements on the vendor, can alleviate it. Industry has a unique opportunity to aid a positive transformation to better scale security for solutions, with an aim towards improving the overall security posture and reducing the security professional deficit. Innovation to deploy security following scalable architectural patterns for security management is paramount.
1:00 pmIncredible Email Hacks You'd Never Expect and How You Can Stop ThemData-Driven Defense Evangelist, KnowBe4Registration Level:- Open Sessions
1:00 pm - 1:45 pmIf you think the only way your network and devices can be compromised via email is phishing, think again!
A majority of data breaches are caused by attacks on the human layer, but email hacking is much more than phishing and launching malware. From code execution and clickjacking to password theft and rogue forms, cybercriminals have more than enough email-based tricks that mean trouble for your InfoSec team.
In this webinar Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist and security expert with over 30-years of experience, explores many ways hackers use social engineering and phishing to trick your users into revealing sensitive data or enabling malicious code to run.
Roger will show you how hackers compromise your network. You’ll also see incredible demos including a (pre-filmed) hacking demo by Kevin Mitnick, the World’s Most Famous Hacker and KnowBe4’s Chief Hacking Officer.
Roger will teach you:
- How remote password hash capture, silent malware launches and rogue rules work
- Why rogue documents, establishing fake relationships and tricking you into compromising your ethics are so effective
- The ins and outs of clickjacking
- Actionable steps on how to defend against them all
Email is still a top attack vector cybercriminals use. Don’t leave your network vulnerable to these attacks.
1:00 pmZero Trust in a Modern IT WorldPrincipal Security Architect, OktaRegistration Level:- Open Sessions
1:00 pm - 1:45 pm1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pm[Closing Keynote] Ukraine vs. Russia: The Cyber War, 8 Month UpdateCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCRegistration Level:- Open Sessions
2:00 pm - 2:45 pmFor a preview of Col. Cedric’s Leighton’s presentation, read the SecureWorld News article, “World’s First Hybrid War in Ukraine Holds Important Cyber Lessons.”
- 1PasswordBooth:
1Password is a privacy-focused password manager that keeps you safe online. 1Password is the world’s most-loved password manager. By combining industry-leading security and award-winning design, the company provides private, secure, and user-friendly password management to businesses and consumers globally. More than 80,000 business customers, including IBM, Slack, PagerDuty, and GitLab, trust 1Password as their enterprise password manager.
- Cohesity, IncBooth:
We believe that simplicity is the foundation of modern data management. Our mission is to radically simplify how organizations manage their data and unlock limitless value. The company develops software that allows IT professionals to backup, manage, and gain insights from their data across multiple systems or cloud providers.
- Google CloudBooth:
Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.
- Integral Partners LLCBooth:
Integral Partners is a leading cybersecurity consulting firm dedicated exclusively to helping customers identify, define, and implement the right IAM programs. Our solutions include world-class Advisory, IGA, PAM, Customer Identity and Access Enforcement services. Whether you’re looking to reduce your business risk, create an IAM roadmap, tackle governance, manage SOX, HIPAA, PCI, and NERC CIP compliance, securely move to the cloud or drive digital transformation, we have the expertise and experience to help. IAM is what we do. It is all we do.
- KnowBe4Booth:
We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.
KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.
The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.
Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Michael MeisAssociate CISO, The University of Kansas Health System
Michael is an Army veteran with over 13 years' experience and has a passion for architecting security programs, leading people, and developing world-class security teams. During his career, Michael previously partnered with the USDA CISO to develop one of the largest consolidations of security services in the federal government. Michael also led the H&R Block Information Security team through a transformation of their GRC operations to instill quantitative cyber risk management practices. Michael currently leads The University of Kansas Health System Cybersecurity team as they protect the critical systems, data, and people that provide lifesaving patient care.
- Dale 'Dr. Z' Zabriskie, CISSP CCSKField CISO, Cohesity
Known for his ability to communicate both technically and conceptually in an authoritative yet entertaining style, Dale “Dr. Z” Zabriskie has consulted with IT professionals across the globe, advising on implementing effective cyber security strategies. He is a CISSP (Certified Information Systems Security Professional), and certified in Cloud Security Knowledge (CCSK).
In his 20-year cybersecurity career, Dr. Z has advised major healthcare, public sector, finance, retail, entertainment, and manufacturing organizations in over fifty countries. He has also been a popular moderator and participant in numerous industry panels. His expertise is supported by career experience in information technology, regulatory compliance, research and development, marketing, and sales.
Before joining Cohesity, Dr. Z was an Evangelist with Symantec for over 16 years. Prior companies include Proofpoint, Veritas, SunGard, and IBM.
- Severin SimkoEngineer, Google Cloud Security
Severin worked at Siemplify for nearly 3 years, 2.5 years of which were spent at TIP where he was team led for a team that was responsible for all integrations that Siemplify had. Nowadays he is focusing his work on Sales Engineering at Google Cloud Security and has been doing so for nearly half a year. Prior to that, Severin was working for a company in the Czech Republic where he designed, implemented and maintained SOCs mostly for customers from central Europe - banks and insurance companies.
- Mike MuscatellSr. Director, Cyber Security, Acumatica, Inc.
Mike Muscatell is a seasoned IT veteran with more than 21 years in the Information Security field. He is a certified ethical hacker (CEH). Was honored as top 100 professionals in the Information Security field by Strathmore's for 2014. Member of a number of security organizations, including InfraGard and the U.S. Chamber of Commerce Cyber Committee.
- Ryan CluffDirector, Integral Partners
Ryan is a multifaceted technical leader with 20+ years of information security and governance experience. Throughout his career, Ryan has led and created dozens of strategic initiatives from the ground up, built successful teams and delivered quality results with consistency. His. extensive experience delivering complex regulatory and technical risk-based compliance initiatives across industry verticals including Health Care, Finance, Utilities, and Higher Education.
Ryan leads Integral Partners’ Identity Governance and Administration (IGA) practice and is a SailPoint & 3rd party identity access implementation and legacy Oracle/OIM replacement expert.
- Brent AndrewsenDirector, Integral Partners
Brent is the Director of the Privileged Access Management (PAM) practice at Integral Partners focusing on implementing CyberArk, BeyondTrust, Delinea, and other solutions. He has over 20 years of experience across a variety of IT disciplines including web infrastructure implementation and maintenance, ERP applications deployment and support, Cloud and mobile technologies design and implementation, and IAM.
Brent has led strategic Identity Governance and PAM projects to successful outcomes for organizations across many industries, including Healthcare, Higher Education, Pharmaceutical, Finance, and Energy Utilities. Brent also teaches a graduate-level cyber-physical and IoT course as an adjunct professor at Brigham Young University.
- David OaxacaDirector, Integral Partners
David leads the Cloud Identity Governance and Administration practice at Integral Partners. He brings over 20 years of software development, cybersecurity, access enforcement, IAM, and IGA consulting expertise. David is focused on establishing emerging technology partnerships and delivering evolving and innovative cloud-based IGA solutions and services to clients across multitudes of organizations and verticals.
David earned a B.S. in Computer Systems from Instituto Tecnológico y de Estudios Superiores de Monterrey. He holds multiple product technical certifications, including CISSP and CCSP.
- Moderator: David CoxVP of Services, Integral Partners
David is a co-founder of Integral Partners, bringing over 25 years of technical and leadership experience in the cybersecurity consulting industry. He is responsible for strategic client and partner relationships and leads service delivery for all Integral Partners’ offerings. David has worked with organizations in many industry verticals and is recognized for his ability to develop strong partnerships of trust and guide successful delivery and adoption of IAM solutions.
David has a B.A. from BYU, an M.B.A. from Northeastern University, and is a CISSP.
- Adam PikeSolutions Architect, 1Password
Adam Pike is a solutions architect at 1Password (and former 1Password account administrator in a previous life) with two decades of IT experience focused on privacy and security, working at the intersection of people and technology. He spends most of his workdays helping customers integrate 1Password into their tech stack. When he’s not at his desk, you can usually find him enjoying the beauty of Newfoundland on a hiking trail.
- Britney KennedyGlobal BISO & Director of Business Partnership, Cardinal Health
Britney began the first decade of her security career in the U.S. Army where she managed over 90 teams and traveled to assess the security of international government partners. She oversaw the Information Security Department for AMC Theatres where she was responsible for the development and implementation of the global strategy. She has since transitioned to Cardinal Health, initially leading Cyber Operations and now performing as the Director of Information Security Business Partnerships, providing Business Support, Security Awareness, and Compliance Operations across the Globe. Britney is a certified CISSP, CISM, PMP, SSAP. and holds certifications for CompTIA S+, CCSK, and IT Business Management. She holds a BS in Applied & Discrete Mathematics and an MS in Cybersecurity. Britney was also named an IT Security Power Player by SC Magazine and named as the Security Professional of the Year by ASIS Kansas City Chapter in 2020.
- Sam MasielloCISO, The Anschutz Corporation
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to The Anschutz Corporation, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.
Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).
- Glenn KapetanskyChief Security Officer & Technology Lead, Trexin Group
Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.
Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).
- Kathleen MoriartyCTO, Center for Internet Security
Kathleen Moriarty, Chief Technology Officer, Center for Internet Security, has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS.
Kathleen achieved over 20 years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet.
Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Published work: "Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain," July 2020.
- Roger GrimesData-Driven Defense Evangelist, KnowBe4
Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes