- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, February 17, 20213:00 pm[PLUS Course] Data Privacy and Security: Essentials for an Evolving Legal LandscapeSession 1 – Trends in the Law: An Overview of the Domestic Regulatory and Legal LandscapeFounding Partner & Owner, Fischer Law, LLCRegistration Level:
- SecureWorld Plus
3:00 pm - 4:30 pmThis in-depth training course will provide an administrative, legal, and technical overview of the Privacy and Security Legal Landscape, with operational tools to address the changing regulatory and legal landscape. Attendees qualify for 5 CPE credits (11 total with conference attendance).
The three sessions will include hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space. The sessions will involve a deep dive into the requirements of the Federal Trade Commission (FTC), California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the New York SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR), as well as standards including the NIST Privacy Standard and the ISO Privacy Standards.
Session 1 – Trends in the Law: An Overview of the Domestic Regulatory and Legal Landscape
The U.S. legal framework for data security and privacy continues to evolve. Trying to stay abreast of the ever-evolving technologies and legal requirements can be overwhelming. In the past year, State and Federal regulatory changes have altered the legal and compliance obligations of many companies across a wide variety of industries. Additionally, the courts are starting to issue opinions that have placed heightened liability on companies to protect sensitive personal data.
This session will provide an overview of key regulatory and legal changes, both at the State and Federal level, and discuss how companies should prepare to meet these evolving obligations. We will break down the requirements of key regulations, including the GDPR and the CCPA, providing insight into key aspects of the laws. Additionally, this session will discuss the impact of recent court decisions on privacy and security liability.
- Thursday, February 18, 20217:30 am[PLUS Course] Data Privacy and Security: Essentials for an Evolving Legal LandscapeSession 2 – Risk Transference: Developing a Security and Privacy Program to Address Compliance RequirementsFounding Partner & Owner, Fischer Law, LLCRegistration Level:
- SecureWorld Plus
7:30 am - 9:00 amThis in-depth training course will provide an administrative, legal, and technical overview of the Privacy and Security Legal Landscape, with operational tools to address the changing regulatory and legal landscape. Attendees qualify for 5 CPE credits (11 total with conference attendance).
The three sessions will include hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space. The sessions will involve a deep dive into the requirements of the Federal Trade Commission (FTC), California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the New York SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR), as well as standards including the NIST Privacy Standard and the ISO Privacy Standards.
Session 2 – Risk Transference: Developing a Security and Privacy Program to Address Compliance Requirements
In the current patchwork approach to data security and privacy legal requirements, it can be challenging for a business to create a comprehensive privacy and security program that complies with the various (and sometimes conflicting) legal requirements while also fitting organically within your business. Building solutions that can be easily shifted to meet new and evolving legal requirements is key.
This session will provide a detailed explanation of core components of a security and privacy program, methods to ensure that the program can be altered to fit new requirements as they come into place, and how to transfer risk when possible. The session will include a discussion on Written Information Security Policies, Departmental and Employee Policies, Risk Management Programs, Client Contract Management Programs, Incident/Breach Response Programs, and training.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 9:00 amLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council RoundtableThe State of the Industry in New EnglandDigital Event Director, SecureWorldRegistration Level:- VIP / Exclusive
8:00 am - 8:50 amThis session is for SecureWorld Advisory Council members by invite only.
Discussion topic moderated by Tom Bechtold of SecureWorld.
8:15 amISSA New England Chapter Meeting and PresentationWhat Are You Doing to Attract and Cultivate the Next Generation of InfoSec Professionals?President, ISSA International; CISO, NeuEonSr. Principal, Security Risk Management, VerizonRegistration Level:- Open Sessions
8:15 am - 8:55 amJoin this fireside chat with the ISSA New England Chapter as they have a candid conversation with two industry veterans and two aspiring InfoSec professionals. Learn what the next generation of workers is looking for, perceptions, and topics of training, as well as what our seasoned professionals are doing to cultivate and develop their teams.
Joining co-presenters Candy Alexander and David Dumas will be students Juliana Daggett of University of Rhode Island and Kyle Hagerman and Nasar Kasirye of Mass Bay Community College.
8:15 amManaging Insider Risk without Compromising Speed of BusinessSecurity Community Evangelist, Manager, Code42Registration Level:- Open Sessions
8:15 am - 8:55 amAs companies double down on time to innovation, time to market, and time to revenue, they are inherently introducing more risk from the inside. The more cloud-based, collaborative, and fast an organization becomes, the greater the Insider Risks posed to its people, technology, and data. The upside is that cloud collaboration tools make employees more productive. The downside is that these same tools make it easier to exfiltrate data.
Adding to the complexities of working from home and off the corporate network, more employees are routinely using unauthorized devices, tools, and cloud-based applications to share files and ideas with colleagues.
Join us to discuss the growing Insider Risk problem and how the right data protection methods can set security teams up for success, without slowing down company productivity.
8:15 amAchieving the Security Data LakeVP, Solution Architecture, ChaosSearchRegistration Level:- Open Sessions
8:15 am - 8:55 amThe promise of the Security Data Lake is to provide a centralized, massively scalable repository for ALL data relevant for the Security Operations team, enabling many core functions required by the modern enterprise—monitoring and alerting, threat hunting, advanced persistent threat protection, DDoS mitigation, and many others. But the quest to achieve it has been a rocky one, as infrastructure complexity has prevented most teams from achieving the vision.
This session will explain the benefits of achieving a true security data lake, explain the previous barriers that companies have faced, and describe a new approach which is allowing companies to achieve the vision, and finally put the Security Data Lake at the heart of their overall Security Architecture.
8:15 amAI-Powered Incident ResponseRegional Sales Manager, SentinelOneSr. Sales Engineer - New England & Upstate NY, SentinelOneRegistration Level:- Open Sessions
8:15 am - 8:55 amThe SentinelOne platform unifies Prevention (EPP), Detection & Response (ActiveEDR), Fast Recovery, Incident Response Threat Hunting, and Security Suite features into a single-agent solution for modern Windows, Mac Linux and Kubernetes.
In this overview we touch upon these high-level capabilities:
- Prevention: Delivered using pre-execution Static AI technologies that replace signatures. Used to detect file-based malware in PE, PDF, and Microsoft Office files.
- Detection: Delivered using on-execution Behavioral AI technologies that detect anomalous actions in real time at the endpoint without cloud reliance. Used to detect fileless attacks, exploits, bad macros, evil scripts, cryptominers, ransomware and other attacks.
- Response: Delivered in milliseconds to shutdown attacks thereby reducing dwell time to near zero. Includes alert, kill, quarantine, and network containment.
- Recovery: One-click reversal (remediation) of unwanted changes, Windows rollback to recover data, remote shell.
- Hunting: Delivered as a supplement to Prevention/Detection/Response for organizations that need advanced IoC and artifact hunting capability.
9:00 am[Opening Keynote] Fireside Chat with Pentesters Arrested for Doing Their JobDirecting, Center of Excellence for Red Team, Social Engineering, and Physical Penetration Testing, CoalfireSr. Security Consultant, CoalfireRegistration Level:- Open Sessions
9:00 am - 9:45 amWhen an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin will tell their story on the SecureWorld New England virtual stage during a candid fireside chat. They will take us through what happened to them and share what they learned in the process.
For more background, read our original news story here.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amUsing the CIS Controls to Measure and Support Your Security ProgramElection Security Partnership Program Manager, Office of the Secretary, Commonwealth of MassachusettsRegistration Level:- Open Sessions
10:00 am - 10:30 amIn this session, you will learn what the CIS Controls are, why people use them, and how they can be used to grade the maturity of your security program. This will help you shape your security budget for the next few years. Presentation Level: MANAGERIAL (security and business leaders)
10:00 amBig-Game Ransomware Attack Simulation and SolarWinds ResponseField CTO, VaronisRegistration Level:- Open Sessions
10:00 am - 10:30 amThe SolarWinds supply chain compromise opened a hard-to-detect backdoor for one of the world’s most advanced threat actors to steal data and establish persistence. This is the stealthiest attack we’ve ever seen. Let’s ensure you’re protected.
Join us to see exactly how a big-game ransomware attack works and how to defend against it. Ransomware gangs dwell in networks for months, stealing data and leaving backdoors before they start dropping ransom notes. We’ll teach you how big-game ransomware gangs operate and showcase common tactics, techniques, and procedures (TTPs) that will help you prepare for an attack.
10:00 amIncredible Email Hacks You'd Never Expect and How You Can Stop ThemData-Driven Defense Evangelist, KnowBe4Registration Level:- Open Sessions
10:00 am - 10:30 amLocation / Room: 103If you think the only way your network and devices can be compromised via email is phishing, think again!
A majority of data breaches are caused by attacks on the human layer, but email hacking is much more than phishing and launching malware. From code execution and clickjacking to password theft and rogue forms, cybercriminals have more than enough email-based tricks that mean trouble for your InfoSec team.
In this webinar Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist and security expert with over 30-years of experience, explores many ways hackers use social engineering and phishing to trick your users into revealing sensitive data or enabling malicious code to run.
Roger will show you how hackers compromise your network. You’ll also see incredible demos including a (pre-filmed) hacking demo by Kevin Mitnick, the World’s Most Famous Hacker and KnowBe4’s Chief Hacking Officer.
Roger will teach you:
- How remote password hash capture, silent malware launches and rogue rules work
- Why rogue documents, establishing fake relationships and tricking you into compromising your ethics are so effective
- The ins and outs of clickjacking
- Actionable steps on how to defend against them all
Email is still a top attack vector cybercriminals use. Don’t leave your network vulnerable to these attacks.
10:00 amThe Challenge of Detecting Threats in the CloudVP of Solutions, SecuronixRegistration Level:- Open Sessions
10:00 am - 10:30 amDetecting threats in the cloud presents several challenges: dealing with new technologies and facing new threat scenarios, exacerbated by the COVID-19 accelerated cloud adoption. Gartner indicates that organizations have been expanding their adoption of cloud security-oriented tools, such as Cloud Security Posture Management (CSPM) and Cloud Access Security Broker (CASB), as they try to keep cloud-related threats under control. However, not all organizations have an interest in adopting all these added technologies, and even when they do, the challenge of integrating them into their security monitoring infrastructure remains.
Join this discussion to learn:
- What are the differences between traditional threats and cloud threats?
- How to align your security monitoring architecture to the new cloud monitoring requirements
- How to optimize cloud security monitoring with a cloud-first SIEM approach
10:30 amNetworking BreakRegistration Level:- Open Sessions
10:30 am - 10:45 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:45 amConnected Devices Need Connected TeamsCISO, SPX CorporationRegistration Level:- Open Sessions
10:45 am - 11:15 amIoT security is a growing concern as the number of connected devices increases. California, Oregon, and the EU now regulate the security of IoT devices. Leveraging compliance to create IT/Security partnership with Engineering, Application, and R&D teams is an opportunity to create successes for your business.
Presentation level: MANAGERIAL (security and business leaders)
10:45 amA Critical Look at the Security Posture of the Fortune 500Sr. Director, Chief Security Data Scientist, Rapid7Registration Level:- Open Sessions
10:45 am - 11:15 amThe global pandemic has brought many changes to the IT landscape of corporations across the globe. To see how this has impacted the “best of the best,” Rapid7 Labs has reprised its seminal industry cyber exposure research from 2018 to see how the security posture of Fortune 500 organizations has evolved (or devolved), and to present solid advice to CISOs and practitioners looking to improve their cybersecurity practices.
10:45 amGet Beyond Compliance and Achieve Real Data SecuritySVP, Strategy and Imperva Fellow, ImpervaRegistration Level:- Open Sessions
10:45 am - 11:15 amTo keep pace with the database activity explosion that has accompanied recent rapid technology innovations, organizations must rethink their strategy for securing their data assets. A strategy designed to meet compliance requirements is not enough. Organizations need to develop new approaches that augment traditional agent-based monitoring to achieve real data security today and in the future.
We’ll provide insight into how you can automate data collection and monitoring so you may apply more resources to identifying non-compliant behavior and orchestrating rapid responses, regardless of where your data is or the size of your data estate.
10:45 amThe Cybersecurity Hangover: Why We're Still Recovering from the Attack on SolarWindsDirector, Technology & Strategy / Deputy CTO, BitSightRegistration Level:- Open Sessions
10:45 am - 11:15 amThe attack on SolarWinds and ensuing trojaning of the Orion Network Management product had a potential effect on every organization on the planet. IT teams scrambled to determine if Orion was installed on their infrastructure, whether they’d upgraded to the trojaned version at any point, and if the attackers had targeted them for second stage compromise. Even today, BitSight is observing signs that organizations still haven’t reconciled their security posture, and we’re working with organizations to identify their exposure.
Join us to learn where organizations could have better prepared for a supply chain attack and the practices you need to put in place to be able to respond to incidents ranging from a global supply chain attack to nuisanceware.
11:15 amNetworking BreakRegistration Level:- Open Sessions
11:15 am - 11:30 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:30 amHealthcare Digital Disruption—the Unexpected COVID-19 OutcomeCISO, Steward Health CareRegistration Level:- Open Sessions
11:30 am - 12:00 pm11:30 amAligning with the Business: Where Are We Going Wrong?President, ISSA International; CISO, NeuEonRegistration Level:11:30 am - 12:00 pmMany in our profession now operate under a “business enablement” mindset. We recognize the fact that we must align security efforts with the needs of the business or we will continue towards becoming irrelevant. But what does “aligning with the business” really mean? Candy Alexander, CISO of NeuEon and ISSA International President, believes we may be misunderstanding this concept and applying it incorrectly within our organization. Attend this session for an honest and possibly controversial take on aligning security with the business.
11:30 amThe Implementation Journey of Zero Trust and SASE: Realizing the BenefitsVP, CSO - Cloud Security Transformation, NetskopeRegistration Level:- Open Sessions
11:30 am - 12:00 pmMost organizations have a hybrid implementation of cloud and on-prem services. With the rapid adoption of business digitalization and expanding remote work force, how do we consolidate controls and enhance the security of the systems?
In this hybrid mode, enterprises need speed, visibility, security, and reliability without compromise. Enter the secure access service edge, better known as SASE. It’s inevitable that SASE implementations and Zero Trust implementations will provide a more comprehensive security capability to truly support digital transformation. How can your organization best position itself for the transition?
In this session, James Christianson will discuss:
· How to migrate your security controls to take advantage of SASE
· Reducing cost while increasing your security posture
· Implementing a road map for SASE / Zero Trust11:30 amA Modern Approach to Information ProtectionSr. Director, Enterprise Security Strategy, ProofpointRegistration Level:- Open Sessions
11:30 am - 12:00 pmData Loss Prevention (DLP) solutions alone can no longer address today’s data privacy requirements. Customer PII data is the most often lost or stolen data, and more than half of these breaches involve malicious attacks. Challenges like increasing threat activity, difficulty protecting a remote workforce, and accelerating migration of data to cloud platforms make it harder to secure data and comply with privacy regulations—especially when analysts need multiple tools to investigate data leakages. So how can you better protect your company in 2021?
12:00 pmNetworking BreakRegistration Level:- Open Sessions
12:00 pm - 12:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:15 pmThe Medical Internet of Things: How to Manage What Historically Has Been UnmanagedSr. Security Engineer, Boston ScientificRegistration Level:- Open Sessions
12:15 pm - 1:00 pmThe medical device landscape is rapidly changing. Clinicians and Health Delivery Organizations are increasingly demanding that medical devices be connected. Why do we want to connect these devices? How do we do it securely? What challenges does this present? Dave Presuhn will discuss how to ensure your medical devices survive in the jungle that we call a network.
12:15 pmCyber Incidents, Forensics, and Insurance: Are All Three up to Snuff?Director, Audit and Compliance, CipherTechs, Inc.Registration Level:- Open Sessions
12:15 pm - 1:00 pm2020 was the year of ransomware and the pandemic, and many organizations realized their IR wasn’t up to snuff, and others did not listen to external professionals helping and were re-compromised. Have you really tested your Incident Response processes? How about having a detailed post-mortem after an event? Have you looked at your cyber insurance policy to see who you are supposed to be using for assistance? This session will review going through an actual incident and what was good and what was missing in the recovery, alerting (oops, the customers are involved), and finding the root cause, and whether cyber insurance was worth it.
12:15 pmThe Three Most Crucial Words in Digital Transformation“Machine Identity Management” and How It Secures Our Digital Transformation JourneysDirector of Product, VenafiRegistration Level:- Open Sessions
12:15 pm - 1:00 pmNothing has been more disruptive to the landscape of the financial services industry than digital transformation, defined as “the process of using digital technologies to create new—or modify existing—business processes, culture, and customer experiences to meet changing business and market requirements.” In this session, we’ll demonstrate how all digital transformation efforts rely, ultimately, on machines, whether those are virtual and serverless systems, containers and applications, or IoT and end-user devices.
We’ll also show how a whole new security category has arisen—what Gartner calls Machine Identity Management—to instantly and dynamically protect the tens of thousands of machine identities driving digital transformation. Lastly, we’ll show how Visibility, Intelligence, and Automation are the building blocks you need to design and implement a Machine Identity Management program that bridges current practices and the emerging technologies of the future.
12:15 pm[Panel] Ransomware, BEC Attacks, and Insider Threats - What's Next?Chief Security Advisor, SentinelOneChief Product Officer, Egress Software Technologies LtdData-Driven Defense Evangelist, KnowBe4Principal Threat Research Engineer, LogRhythmSr. Presales Systems Engineer, Arctic Wolf NetworksRegistration Level:- Open Sessions
12:15 pm - 1:00 pmEven a pandemic didn’t slow the roll of hackers and other nefarious groups. Ransomware and BEC attacks are at an all-time high, and insider threats (malicious and unknowing) are on the rise, as well. It seems if a dollar is to be had, someone is trying to take it. So, how do we arm our clients, partners, and coworkers with the tools they need to identify these next-level threats?
12:15 pm[Executive Roundtable] 5G and the Impact to Your BusinessSr. Principal, Security Risk Management, VerizonRegistration Level:- VIP / Exclusive
12:15 pm - 1:00 pmDiscussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only).
Moderated by David Dumas of Verizon, the discussion will center on 5G networking and a better understanding of what 5G can do to positively revolutionize your business. Use cases in various industry sectors will be covered.
1:00 pmNetworking BreakRegistration Level:- Open Sessions
1:00 pm - 1:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmTeaching Others to Hike in the Cybersecurity WildsDirector, Information Security, Risk & Compliance, Columbia SportswearSenior Manager, InfoSec Awareness and Analytics, Columbia SportswearRegistration Level:- Open Sessions
1:15 pm - 2:00 pmEvery hike takes you to new places, but the basics of hiking are the same: good shoes, a map, and a trailhead. Building a strong cybersecurity awareness program is no different. Let us take you on our journey of how we built a cybersecurity oriented culture, and how you know it’s working.
1:15 pmCybersecurity and Monitoring for the Year 2021Sr. Security Consultant, GigamonRegistration Level:- Open Sessions
1:15 pm - 2:00 pmWe all must acknowledge that we are in a pandemic of cyberattacks, in a world of an ever-increasing attack surface, with no one single technological vaccine.
In this session by Gigamon, we will discuss practical, real-world approaches to providing continuous visibility in your complex attack surface, allowing you to combat the threat landscape and therefore increase your confidence in your security posture.
1:15 pm[Panel] Workforce 2.0: The New NormalDirector of Solutions Engineering, BeyondTrustCMO, SiemplifySLED CTO & Chief IT Architect, TaniumSr. Director, Product Management, SynopsysDirector of Engineering Services, Nexum, Inc.Registration Level:- Open Sessions
1:15 pm - 2:00 pmOur panelists will discuss the continued challenges with managing the remote workforce securely. Whether people go back to an office again is up in the air, but InfoSec and Operations must have processes and technology in place to keep the business running with an acceptable risk. Bring your questions for our panel.
1:15 pm[Panel] Let's Talk About CloudsDirector of Technology - Office of the CTO, ImpervaSr. Cybersecurity Solutions Architect, SecuronixM.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales UniversityMajor Accounts Systems Engineer, Palo Alto NetworksRegistration Level:- Open Sessions
1:15 pm - 2:00 pmIt’s been a year now since many companies were forced to adopt cloud services or perish. For many, this was a huge shift and a leap of faith. This discussion will cover lessons learned, positives we have uncovered, and some of the new alphabet soup relating to cloud—CASB, SaaS, IaaS, etc.
1:15 pm[Executive Roundtable] Third-Party Risk in a Pandemic: Is It Worth It?Co-Founder & Managing Partner, XPAN Law PartnersRegistration Level:- VIP / Exclusive
1:15 pm - 2:00 pmDiscussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only). Moderated by Rebecca Rakoski.
2:00 pmNetworking BreakRegistration Level:- Open Sessions
2:00 pm - 2:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:15 pm[Closing Keynote] Digital Extortion Drama: Deconstructing the Ransomware Response LifecycleCo-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLPRegistration Level:- Open Sessions
2:15 pm - 3:00 pmThis session is part drama and part virtual tabletop exercise. Cyber attorney Shawn Tuma will make the lifecycle of a successful ransomware attack come alive. From initial discovery and ransom negotiation, to IR team activation, to data recovery and restoration, all the way through the process to lingering litigation. Attend this session to more fully understand the impact a ransomware attack can create for any organization, including yours.
3:15 pm[PLUS Course] Data Privacy and Security: Essentials for an Evolving Legal LandscapeSession 3 – Data Subject Rights: Complying Across Regulatory FrameworksFounding Partner & Owner, Fischer Law, LLCRegistration Level:- SecureWorld Plus
3:15 pm - 4:45 pmThis in-depth training course will provide an administrative, legal, and technical overview of the Privacy and Security Legal Landscape, with operational tools to address the changing regulatory and legal landscape. Attendees qualify for 5 CPE credits (11 total with conference attendance).
The three sessions will include hands-on exercises to demonstrate the best approach to the dynamic legal requirements in the cyber and privacy space. The sessions will involve a deep dive into the requirements of the Federal Trade Commission (FTC), California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the New York SHIELD Act, and the European Union’s General Data Protection Regulation (GDPR), as well as standards including the NIST Privacy Standard and the ISO Privacy Standards.
Session 3 – Data Subject Rights: Complying Across Regulatory Frameworks
Data subjects have numerous rights under data protection regulations, including the CCPA and GDPR. Being able to address those rights effectively and efficiently in the appropriate time frame and manner is a key element to compliance with those regulations. In this session, we will demonstrate how an organization can integrate administrative and technical controls to address Data Subject requests. Providing a hands-on approach, participants will walk through several data subject requests and work through the administrative and technical mechanisms to address those requests.
- Arctic Wolf NetworksBooth:
Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.
- Armis, IncBooth:
Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.
- BeyondTrustBooth:
BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.
The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 78 of the Fortune 100, and a global partner network.
- BitSightBooth:
BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog, or follow @BitSight on X.
- ChaosSearchBooth:
ChaosSearch delivers on the true promise of data lakes, instantly turning a company’s own cloud object storage into a hot, robust, streamlined analytics engine. We make it surprisingly easy for businesses to gain insights from terabytes to petabytes of data, quickly and at minimal cost. Founded in 2017, ChaosSearch is headquartered in Boston, MA.
- Checkmarx Inc.Booth:
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
- Code42Booth:
Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data from insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider threat solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.
- DeSales University Cyber Security ProgramBooth:
DeSales University offers an exciting digital forensics certificate program, composed of four courses, that teaches students how to recover evidence from various types of electronic devices. Students receive hands-on experience with popular forensic tools and are prepared to address the legal and investigative issues involved with seizing and handling digital evidence. Graduates of the certificate program can add more courses toward a master’s degree in criminal justice or information systems. All courses are online, allowing students with busy schedules greater flexibility.
- Egress Software TechnologiesBooth:
Egress Software Technologies Ltd is a UK-based software company. It provides a range of data security services designed to protect shared information throughout its lifecycle, offering on-demand security for organisations and individuals sharing confidential information electronically.
- GigamonBooth:
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com.
- ImpervaBooth:
Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.
- ISC2 Eastern MassachusettsBooth:
Advancing Information Security One Community at a Time
As anyone seriously involved in the information security profession can attest, peer networking is an invaluable resource. ISC2 Eastern Massachusetts Chapter provide members with the opportunity to build a local network of peers to share knowledge, exchange resources, collaborate on projects, and create new ways to earn CPE credits! - ISSA New EnglandBooth:
The Information Systems Security Association (ISSA) is an international organization providing educational forums, publications, and peer interaction opportunities that enhance the knowledge, skills, and professional growth of its members’ information security professionals. The primary goal of ISSA is to promote management practices that will ensure availability, integrity, and confidentiality of organizational resources.
Since its inception in 1982, ISSA’s membership has grown to include more than 100 chapters around the world with members who represent a diverse collection of organizations, including major U.S. and international corporations, leading consulting firms, world-class educational institutions, and government agencies. From EDP audit and corporate security to contingency planning and disaster recovery, ISSA members are committed to protecting their organizations’ assets and resources.
Visit the National Headquarter’s website at www.issa.org.
- KnowBe4Booth:
We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.
KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.
The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.
Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.
- LogRhythmBooth:
LogRhythm, a leader in security intelligence and analytics, empowers organizations around the globe to rapidly detect, respond to and neutralize damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behavior analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.
- NetskopeBooth:
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.
- NexumBooth:
Nexum, Inc. is a cybersecurity and networking company that builds and secures global networks for organizations across multiple verticals around the world. In addition to its Chicago headquarters, Nexum has sales, training and support presence in Kentucky, Michigan, New Hampshire, Ohio, and Wisconsin, as well as the Security and Network Operations Command Centers (SNOCC) in New Mexico and Illinois.
- OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- Palo Alto NetworksBooth:
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world’s greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.
- PCYSYSBooth:
Focused on the inside threat, Pcysys’ automated penetration-testing platform mimics the hacker’s attack – automating the discovery of vulnerabilities and performing ethical exploits, while ensuring an undisrupted network operation. Detailed reports are produced together with proposed remediations, one step ahead of tomorrow’s malicious hacker.
- ProofpointBooth:
Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.
Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.
- Rapid7Booth:
Rapid7 transforms data into insight, empowering IT and security professionals to progress and protect their organizations. How? Our solutions are powered by advanced analytics and an unmatched understanding of the attacker mindset. This makes it easy to collect data, transform it into prioritized and actionable insight, and get it to the people who can act on it—all in an instant.
- Recorded FutureBooth:
Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.
- SecuronixBooth:
Securonix is redefining threat detection and response for today’s hybrid cloud, data-driven enterprise. Securonix Next-Gen SIEM and XDR are powered by the most advanced analytics and built on a scalable, flexible cloud native architecture. Securonix leverages behavioral analytics technology that pioneered the UEBA category to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats.
- SentinelOneBooth:
SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.
- SiemplifyBooth:
The Siemplify team is comprised of cyber-security professionals, veterans of Israeli intelligence agencies. We bring rich experience in security analysis, management and operations and are backed by experts in data science and applied mathematics.
WE BELIEVE In the modern world of cyber threat analysis, investigation and management should be more holistic, intuitive and simple. Technology and data science should serve cyber security experts by providing all the relevant information about the threat in real-time and focus them in rapid decision making.
- SynopsysBooth:
Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
- TaniumBooth:
Tanium defends every team, endpoint and workflow against the largest attack surface in history by delivering the industry’s first convergence of IT management and security operations with a single platform under a new category, Converged Endpoint Management (XEM).
The integrated offering links IT operations, security and risk teams from a single pane of glass to provide a shared source of truth, a unified set of controls, and a common taxonomy that brings together siloed teams for a shared purpose—to protect critical information and infrastructure.
For more information, visit: https://www.tanium.com.
- TechTargetBooth:
TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.
- VaronisBooth:
Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.
- VenafiBooth:
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
With more than 30 patents, Venafi delivers innovative solutions for the world’s most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel Capital, QuestMark Partners, Mercato Partners and NextEquity.
For more information, visit: www.venafi.com.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Jordan Fischer, InstructorFounding Partner & Owner, Fischer Law, LLC
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.
Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.
With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.
Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.
In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.
Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.
Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.
HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data PrivacyCERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP) - Jordan Fischer, InstructorFounding Partner & Owner, Fischer Law, LLC
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.
Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.
With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.
Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.
In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.
Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.
Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.
HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data PrivacyCERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP) - Tom BechtoldDigital Event Director, SecureWorld
Tom has been part of the SecureWorld team for over 14 years. He has launched several of the regional conferences we hold today. Tom is currently responsible for SecureWorld Digital, which provides educational content to the SecureWorld audience. He produces, executes, and moderates the majority of the Remote Sessions webcasts while also working closely with the SecureWorld event directors to build relevant agendas at the regional conferences.
- Candy AlexanderPresident, ISSA International; CISO, NeuEon
Ms. Alexander has over 30 years of experience in the cybersecurity profession. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a CISO and Cyber Risk Practice lead for NeuEon, Inc., assisting companies large and small to improve their cyber risk and security programs through effective business alignment.
Ms. Alexander is a leader within the cyber profession, where her contributions include being twice-elected as Information Systems Security Association's (ISSA) International President, chief architect for the Cyber Security Career Lifecycle, and a long-standing Director on the International Board. She is also the inaugural President and past Board Member of the ISSA Education and Research Foundation. She has been instrumental in establishing the annual ISSA/ESG research project to better understand challenges face by cybersecurity professionals worldwide.
- David DumasSr. Principal, Security Risk Management, Verizon
David Dumas, CISSP, CISM, ISSA Distinguished Fellow, is a Senior Principal in Security Risk Management for Verizon's Wireline Security Operations group. He has 32 years in the security field, working at Digital Equipment and Verizon. He has been on the ISSA New England Chapter Board since 1998.
- Riley BruceSecurity Community Evangelist, Manager, Code42
Riley is a Security Community Evangelist at Code42, where he enjoys educating Security and IT teams through engaging technical content and presentation. Previously, Riley served in both customer support and customer education roles at Code42. In his spare time, he enjoys photography, travel, and relaxing at the lake in northern Wisconsin with his pug Mimi.
- Gary DeMercurioDirecting, Center of Excellence for Red Team, Social Engineering, and Physical Penetration Testing, Coalfire
Gary DeMercurio runs one of the largest groups in Coalfire Labs as a Director, where he leads Coalfire’s “Center of Excellence” for Red Teaming, Social Engineering and Physical Penetration. At Coalfire, Gary manages day-to-day business involved with FedRAMP, PCI, HIPPA, and penetration testing, while helping to spearhead the physical and social engineering portion of testing. Gary is also a proud member of Coalfire Veterans.
- Justin WynnSr. Security Consultant, Coalfire
As a Senior Security Consultant, Justin Wynn is responsible for actively compromising and reporting on virtual environments typically encountered at Fortune 500 companies. Justin performs wireless, physical, red team and social engineering engagements. Justin also conducts research to include the production of open-source models for printing/milling to aid in red team engagements, with specific regard to tool gaps in the locksport industry as well as master keys for access control/elevator overrides.
- Mike Ste MarieElection Security Partnership Program Manager, Office of the Secretary, Commonwealth of Massachusetts
Mike has over 17 years of experience in the Information Security field, working in multiple industries around the Boston area. He has helped build and improve information security programs, deploy and manage awareness training to over 1,000 staff members, as well audit networks against the CIS Controls. He holds the CISSP certification, has a Masters in Information Assurance from Norwich University and has been a long time member of the Secureworld Boston Advisory Council.
- Brian VecciField CTO, Varonis
As Field CTO at Varonis, Brian supports a wide range of security and technology initiatives by helping Varonis’ customers and partner get the most out of the company’s products. In his 20-year technical career, Brian served as a developer, tech architect, engineer and product manager for companies in financial services, legal, and cybersecurity. Brian joined Varonis in 2010 in technical marketing, led education and development, and now serves as the company’s Field CTO. He holds a CISSP certification and frequently speaks on topics related to security and technology. He has been quoted in news sources ranging from The Financial Times to Dark Reading and has made multiple appearances on CNBC. Brian holds a Bachelor’s Degree from The New School in New York City and graduated from The Lakeside School in Seattle, Washington.
- Roger GrimesData-Driven Defense Evangelist, KnowBe4
Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.
- Lisa TuttleCISO, SPX Corporation
Lisa Tuttle has served as an executive leader of global organizations, managing technology teams with her engaging enthusiasm and unique combination of information security, privacy, legal, compliance, project management and business management expertise. As CISO of SPX Corporation, she provides technology vision and strategic leadership for the company's IT security, directory services, privacy/compliance, project/change management, and contracts/vendor management programs. She excels at partnering with IT and Business teams, mentoring Women in Technology and encouraging STEM education.
- Bob RudisSr. Director, Chief Security Data Scientist, Rapid7
Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Data Scientist at Rapid7, where he specializes in research on internet-scale exposure. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the team that produces the annual Data Breach Investigations Report. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), R (#rstats) avunculur, author (Data-Driven Security), speaker, and regular contributor to the open source community.
- Terry RaySVP, Strategy and Imperva Fellow, Imperva
Terry Ray is the SVP and Imperva Fellow for Imperva Inc. As a technology fellow, Terry supports all of Imperva’s business functions with his years of industry experience and expertise. Previously he served as Chief Technology Officer where he was responsible for developing and articulating the company’s technical vision and strategy, as well as, maintaining a deep knowledge of the Application and Data Security Solution and Threats Landscape.
Earlier in his tenure at Imperva, he held the role of Chief Product Strategist where he consulted directly with Imperva’s strategic global customers on industry best practices, threat landscape, application and data security implementation and industry regulations. He continues to operate as an executive sponsor to strategic customers who benefit from having a bridge between both company’s executive teams. He was the first U.S.-based employee, and during his 15 years at Imperva, he has worked hundreds of data security projects to meet the security requirements of customers and regulators from every industry.
Terry is a frequent speaker for RSA, ISSA, OWASP, ISACA, IANS, CDM, NLIT, The American Petroleum Institute, and other professional security and audit organizations in the Americas and abroad. Terry also provides expert commentary to the media and has been quoted in Security Week, SC Magazine, CBS News, the BBC, and others.
- Chris PoulinDirector, Technology & Strategy / Deputy CTO, BitSight
Chris is Director of Technology & Strategy, as well as the Deputy CTO, at BitSight Technologies, guiding enterprises in assessing risk metrics and managing third-party relationships. He's been in cybersecurity for over 35 years, in both technical roles as a developer for the DoD intelligence community, and in executive positions, such as CSO for Q1 Labs and CEO of his own boutique consultancy. He's spent time in both the startup community and at established companies, such as IBM and Booz Allen Hamilton. Chris brings this breadth of experience to customers, clients, and the stage.
- Esmond KaneCISO, Steward Health Care
Esmond Kane brings more than two decades of expertise as a distinguished leader in information security, safeguarding vital sectors. With a rich leadership background at prestigious institutions like Harvard University, Mass General Brigham, and Steward Health Care, he also serves on the advisory boards of multiple companies, providing valuable insights on cyber matters. Kane excels as a trusted consultant to top executives and founders, ensuring secure IT operations, regulatory compliance, and resilient design. His stellar track record is a testament to his recognized authority in the field.
- Candy AlexanderPresident, ISSA International; CISO, NeuEon
Ms. Alexander has over 30 years of experience in the cybersecurity profession. She has held several positions as CISO (Chief Information Security Officer) for which she developed and managed corporate security programs. She is now working as a CISO and Cyber Risk Practice lead for NeuEon, Inc., assisting companies large and small to improve their cyber risk and security programs through effective business alignment.
Ms. Alexander is a leader within the cyber profession, where her contributions include being twice-elected as Information Systems Security Association's (ISSA) International President, chief architect for the Cyber Security Career Lifecycle, and a long-standing Director on the International Board. She is also the inaugural President and past Board Member of the ISSA Education and Research Foundation. She has been instrumental in establishing the annual ISSA/ESG research project to better understand challenges face by cybersecurity professionals worldwide.
- James ChristiansenVP, CSO - Cloud Security Transformation, Netskope
James Christiansen is Netskope’s vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.
James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.
As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.
James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.
- Mike StacySr. Director, Enterprise Security Strategy, Proofpoint
Mike works with customers and oversees technical strategy for areas which include cloud security, advanced email defense, SOAR, browsing security, and SDP. Prior to joining Proofpoint, Mike held numerous technical leadership and product strategy roles across a variety of solutions.
- Dave PresuhnSr. Security Engineer, Boston Scientific
Dave has been working in IT since the last millennium. In his current role, he manages the device management system for medical devices. He has worked primarily in healthcare throughout his IT career.
- Sandy BacikDirector, Audit and Compliance, CipherTechs, Inc.
Sandy Bacik, CISSP, ISSMP, CGEIT, CISA, CDPSE, PCI QSA, is CipherTechs’ Director Audit & Compliance, has over 20 years’ direct information security and operational experience in the areas of IT Audit and Compliance, BCP/DR, Incident Response, Physical security, Privacy, Regulatory Compliance and Audit, Policies/Procedures, Operations, and Management and is a former CISO. With an additional 15 years in Information Technology Operations. Ms. Bacik has been heavily involved with local, national, and international security industry events. Ms. Bacik is the author of Building an Effective Security Policy Architecture and a contributing author to the past years of Information Security Management Handbook.
- Michael ThelanderDirector of Product, Venafi
Michael has a 20-year history in product marketing and product management, with a focus over the last seven years on cybersecurity. He held senior product marketing and product management roles at security leader Tripwire, and has other career highlights that include co-founding a successful startup and receiving patents for network technology. He loves to educate markets, tell stories that demonstrate value, play music, and on occasion fly small airplanes into active volcanoes.
- Morgan WrightChief Security Advisor, SentinelOne
Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, national security and intelligence. He currently serves as Chief Security Advisor for SentinelOne, Senior Fellow at The Center for Digital Government, and is the chief technology analyst for Fox News and Fox Business. Morgan's landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program, the Senior Law Enforcement Advisor for the 2012 Republican National Convention, taught behavioral analysis at the National Security Agency and spent a year teaching the FBI how to conduct internet investigations. In addition to 18 years in state and local law enforcement as a highly decorated state trooper and detective, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world including Cisco, SAIC, Unisys and Alcatel-Lucent/Bell Labs.
- Sudeep VenkateshChief Product Officer, Egress Software Technologies Ltd
Sudeep Venkatesh is a noted expert on data protection, bringing two decades of industry and technology experience in this area. His expertise spans the protection of data in both structured and unstructured data ecosystems, with an emphasis on solving real-world business problems through encryption, authentication and key management. He has an in-depth understanding of regulatory compliance standards, including the EU GDPR, PCI and NYDFS, etc. Sudeep has worked on numerous data security projects with Fortune 500 firms in the U.S., the U.K., and globally.
At Egress, Sudeep works as Chief Product Officer with responsibility for product strategy, product management and the delivery of pre- and post-sales technical services to customers. Prior to this, he was the Global Head of Pre-sales for the Data Security division of Hewlett Packard Enterprise (HPE), leading a global team of Sales Engineers. Sudeep joined HPE through its acquisition of Voltage Security, where he was part of the executive team.
- Roger GrimesData-Driven Defense Evangelist, KnowBe4
Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.
- Brian CoulsonPrincipal Threat Research Engineer, LogRhythm
As Principal Threat Research Engineer in LogRhythm Labs, Brian works to keep abreast of current cyberthreats and news, develop threat detection and response content, and demonstrate how we detect and respond to threats. In this role, he regularly engages with the LogRhythm Community and offers advice and solutions to remediate common security-related issues. He is also responsible for creating new content in the form of AI Engine rules, WebUI dashboards, and Kibana.
Prior to starting at LogRhythm, Brian worked as lead information security engineer for a LogRhythm customer. He also used a number of other SIEMS and logging solutions throughout his time at the company. In this position, his day-to-day responsibilities included incident response, forensics, compliance, policy authoring, internal training, security architecture, and more.
Brian has a Bachelor of Arts in Film and Video Art from the University of New Mexico.
- David DumasSr. Principal, Security Risk Management, Verizon
David Dumas, CISSP, CISM, ISSA Distinguished Fellow, is a Senior Principal in Security Risk Management for Verizon's Wireline Security Operations group. He has 32 years in the security field, working at Digital Equipment and Verizon. He has been on the ISSA New England Chapter Board since 1998.
- Brennan O'BrienDirector, Information Security, Risk & Compliance, Columbia Sportswear
Brennan is the head of Information Security for Columbia Sportswear Company and a 20-year veteran of cybersecurity in verticals including apparel, logistics, healthcare, and financial services.
- Rori PerkinsSenior Manager, InfoSec Awareness and Analytics, Columbia Sportswear
Rori is an expert in organizational change management with a focus on security awareness and driving human behavior.
- George J. SmithSr. Security Consultant, Gigamon
George has 35 years of industry experience planning, designing, installing, and analyzing LAN, WAN infrastructures, peripherals, and tools for wired and wireless infrastructures. An enthusiast for technology and customers alike, he keeps his skills sharp by looking around corners to see what technology and business challenges are coming down the road. Additionally, Smith has contributed to hardware and software R&D for high-technology companies, including General Electric, 3Com (acquired by HP), and Wang Labs.
From an early stage, he was fortunate enough to be actively involved in the birth of IP/Ethernet-based networking, evolving WAN technologies, distributed communications, and hardware applications when groundbreaking efforts in computer communications were taking place. Smith was honored to be part of a team that ushered in the age of digital sports broadcasting and utility development.
Smith is part of Covington's "Who's Who of Networking Professionals," Professional of the Year, and a VIP Member in good standing. Driven to stay ahead of change, Smith continually reinvents himself to keep pace with technology's fast-paced evolution. He has a passion for developing his ability to understand and explain complicated techniques and bringing out the business implications. He thrives on creating the ideal business solutions for his customers and enjoys the human side of networking by fostering long-term relationships. His vision and passion for technology and the solutions it provides enhance his abilities in the workforce.
In his free time, George enjoys spending time with his family, flying aircraft, being in stage musicals and plays, and giving back to the community through volunteer efforts.
- Nimmy ReichenbergCMO, Siemplify
Nimmy Reichenberg oversees strategy and marketing for Siemplify, the leading independent provider of Security Orchestration, Automation, and Response (SOAR). A cybersecurity industry veteran, Nimmy has more than 15 years of experience helping enterprises around the world tackle their security challenges. Nimmy started his careers as a security engineer and held leadership positions at eSentire, AlgoSec, and NextNine. He is a frequent contributor to leading security publications including SC Magazine, Dark Reading, and Security Week, and has spoken at countless security conferences including the RSA Conference.
- Meera RaoSr. Director, Product Management, Synopsys
Ms. Meera Rao is a Senior Director of Product Management, focusing on DevOps solutions at Synopsys, Inc. Ms. Meera has over 20 years of experience in software development organizations in a variety of roles including Architect, Lead Developer, and Project Manager, and Security Architect. Ms. Meera has been working as a trusted adviser to Fortune 500 companies, helping them achieve realistic goals for practical CI/CD & DevSecOps. She advises organizations in defining, implementing, maturing, scaling and measuring DevSecOps. Ms. Meera is very passionate about getting more women working in the technology industry. Ms. Meera participates, presents, and speaks at several conferences, spreading her knowledge of security and the importance of women in the technology workforce. Meera was awarded the SecDevOps Trailblazer award from SecuritySerious in London in 2018. Meera was a finalist in the Computing Women in IT Excellence Awards 2019 for Role Model of the Year.
- Moderator: Joe WalshM.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.
- Rebecca RakoskiCo-Founder & Managing Partner, XPAN Law Partners
Rebecca L. Rakoski is the managing partner at XPAN Law Partners, LLC. Rebecca advises her clients on a proactive, multi jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She uses her extensive experience to work with her clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.
Rebecca counsels and aggressively defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skillfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to minimize her client's litigation risks.
Rebecca regularly negotiates complex contractual provisions that are impacted by domestic and international data privacy regulations including the California Consumer Privacy Act of 2018, and the European Union's General Data Protection Regulation. She understands how the nature of the data can affect the role her client plays in the data transaction and uses that knowledge to mitigate corporate liability.
As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section.Rebecca has been appointed and served in multiple highly complex litigation matters by the New Jersey Superior Court as a Special Master in the areas of technology and eDiscovery. She also served on the Complex Business Litigation Committee that drafted and revised the New Jersey Court Rules involving electronic discovery. Rebecca was on the eDiscovery committee of her prior law firm and created its eDiscovery subgroup.
Rebecca is on the Board of Governors for Temple University Health Systems and is also the Acting Dean of Online Learning and an adjunct professor at Drexel University’s Thomas R. Kline School of Law.
- Shawn E. TumaCo-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane LLP
Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.
- Jordan Fischer, InstructorFounding Partner & Owner, Fischer Law, LLC
Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.
Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.
With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).
Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.
Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.
In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.
Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.
Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.
HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data PrivacyCERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Join your InfoSec peers for high-quality training and collaboration. Sign up today!