googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, October 13, 2022
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:30 pm
    Location / Room: Registration Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Discussion Topic: Changing Landscape of Compliance and Regulatory Requirements
    speaker photo
    Executive Director, Americas Region, CREST
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am
    Location / Room: Liberty 3

    Tom Brennan will moderate a roundtable discussion of new compliance and regulatory requirements. One of the items covered will be the new CREST | OWASP Verification Standard: https://www.crest-approved.org/membership/crest-ovs-programme.

    For our Advisory Council members only.

    9:00 am
    [Opening Fireside Chat] Re:Make the Pathway to Cybersecurity Success
    • session level icon
    speaker photo
    Head of Security, Riot Games
    speaker photo
    CISO, JetBlue Airways
    speaker photo
    Global Head of Cyber Resilience & Data Protection, BlackRock
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    We're Becoming a Crypto Business
    • session level icon
    speaker photo
    CISO, Robinhood Crypto
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: Liberty 5

    So your business decided that they are adopting crypto. Cryptocurrencies, blockchain, decentralization, and Web 3.0 are going to disrupt your business beyond IT and security. Now what? This talk will cover where crypto touched my own career as a CISO, what has changed in the crypto space, and what is staying the same. The intent of this discussion is that attendees walk away with tools and knowledge to help you and your organization jump start on the impending crypto disruption.

    10:15 am
    Small but Mighty: Building the Next Generation of Cybersecurity Professionals with Limited Resources
    • session level icon
    speaker photo
    Founder & Executive Director, Cybersecurity Gatebreakers Foundation
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Location / Room: Riverside Suite
    There are simply not enough people in the field of information security. According to the U.S. Department of Commerce, there are over half a million unfilled cybersecurity jobs in the U.S. Around the world, that number swells to an estimated 3.5 million jobs unfilled.
    Unfortunately, business leaders are constrained in their investment in the next generation of security professionals; security is, ultimately, a cost center. How then, with our limited budgets, time, and energy, can leaders build the next generation of cybersecurity professionals? After all, the cybersecurity professionals that we hire and train today will be the grizzled veterans that we need in the future.
    This session tackles practical tips and industry-proven methods for finding, training, and benefiting from incredible junior-level cybersecurity professionals for your growing information security team.
    10:15 am
    Defeat the Modern Malicious Operation with XDR
    • session level icon
    speaker photo
    CISO, Cybereason
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: Liberty 4

    How do you find and end compromise no matter where it starts?

    For today’s organizations, cybersecurity is more important and more challenging than ever before. Organizations must defend across multiple axes: endpoint, email & productivity, identity, and multi-cloud against a threat landscape that continues to blur between nation-state adversaries and cybercrime threat actors.

    Just as you can’t assemble a jigsaw puzzle with only half–or less–of the pieces, you can’t detect and stop attacks effectively without the right integrations and workflows. Israel will share key learnings on attacks in 2022, critical integrations and use-cases, and what XDR architectures look like across enterprises and small businesses alike.

    Join us to learn:

    • Why modern attack trends, including Account Takeover Attacks, MFA Fatigue, and Email Compromise, demands a new approach to security operations
    • What is XDR? How should teams compare XDR to EDR, MDR, and SIEM approaches?
    • Why Cybereason & Google Cloud have partnered to deliver XDR to customers today
    10:15 am
    Breaking the Ransomware Attack Chain
    • session level icon
    speaker photo
    VP, CTO of Security Strategy, Akamai
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am
    Location / Room: Liberty 2

    Despite consistent increases in security spending, ransomware remains an ever-growing threat to businesses. Surprisingly, the ransomware itself, the malware that does the encryption, is only a part of a larger, equally dangerous, attack chain. Considering the entire chain offers defenders more opportunities to thwart the attack before mass encryption can occur.

    In this session, we’ll provide details on how micro-segmentation can prevent adversarial techniques that precede and follow the deployment of ransomware itself. By turning our attention to the entire kill chain, a path towards minimizing the likelihood, impact, and recovery of ransomware time become clear.

    In this session you will learn:

    • Practical steps you can take to disrupt the kill chain before ransomware can be deployed.
    • How to map complex environments and expedite the path towards policy enforcement that drastically reduces the impact of ransomware.
    • How advancements in host-based segmentation are helping businesses achieve an infrastructure that enables rapid remediation of ransomware events without disrupting business operations.
    • How to leverage Mitre ATT&CK for a personalized SWOT analyses of your business against real world threats
    11:10 am
    The Safeguards Rule Update
    • session level icon
    speaker photo
    CISO, Colgate University
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Location / Room: Liberty 2

    The Safeguards Rule was designed to protect the security of customer information of financial institutions. It was created by the U.S. Federal Trade Commission (FTC) in support of the the Gramm Leach Bliley Act (GLBA) and went into effect in 2003. The original version of the Safeguards Rule was not very prescriptive and didn’t impose a significant compliance burden on financial institutions.

    However, the Safeguards Rule was given a much needed update in December 2021. The new version is much more prescriptive and imposes a much more significant compliance burden and these new prescriptive controls are required to be in effect by December 2022.

    Learn more about these new controls, what they mean to your organization, and strategies for getting these controls in place by this year’s deadline.

    11:10 am
    Healthcare Ground Zero: Cybersecurity at the Height of Pandemic
    • session level icon
    speaker photo
    Global CISO, OPKO Health, Inc.
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    Location / Room: Liberty 5
    The COVID-19 pandemic has had a profound impact on technology and cybersecurity. It reshaped healthcare; it accelerated digital transformation; it changed how people live and work (maybe forever); and it caused cybersecurity risks to rise significantly.
    This session helps define what is the new normal and how do we as security leaders address it. We’ll discuss how organizations get back to business and at the same time avoid the new and expanding traps bad actors are throwing at us.
    11:10 am
    [Panel] 2022 InfoSec State of the Union
    • session level icon
    speaker photo
    Lead Cybersecurity Consultant, vCISO, AccessIT Group
    speaker photo
    Head of Research, Threat Intelligence Division, Radware
    speaker photo
    Co-Host, Colorado = Security Podcast
    speaker photo
    Director of Cybersecurity Sales, Infoblox
    speaker photo
    Sr. Product Marketing Manager, Recorded Future
    speaker photo
    Director, Information Risk Management, Verizon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: Riverside Suite

    With high-priority concerns regarding ransomware and the latest in technology dominating the news cycle, what about good old-fashioned cyberattacks? Are those still happening? Social engineering still works and everyone likes a good phish, but what do you need to stay aware of that maybe you put on the backburner? Staying up to date with patching? How secure are those old legacy systems your organization is still using? Are you keeping up with awareness training and those other compliance and privacy projects you must maintain? Are staffing issues reaching our vendor partners?

    Join our experts and bring your questions to this inactive panel. We will shed light and takeaways on the 2022 InfoSec State of the Union and help spark insight and ideas on how to stay ahead of threats.

    11:10 am
    Deriving Insight from Threat Actor Infrastructure
    • session level icon
    speaker photo
    Senior Analyst, Team Cymru
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    Location / Room: Liberty 4

    From proactively hunting for unknown attacker infrastructure, to placing the exploitation of vulnerabilities on a timeline often obscured by large spikes in activity. This talk will explore ways in which we can enrich our understanding of the threat landscape beyond that which is shared in threat feeds and reports.

    12:00 pm
    [Lunch Keynote] Predicting Security Events: A Machine Learning Approach
    • session level icon
    speaker photo
    Chief Data Scientist, Kenna Security (a Cisco company)
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater (New York Ballroom East)

    Security is overdue for actionable forecasts. Like predicting the weather, similar models should work for vulnerabilities. With some open source data and a clever machine learning model, the open source EPSS model predicts which vulnerabilities will be exploited in the next 30 days. The author is one of the creators of EPSS and will walk through the history of vulnerability predictions, how the team from Virginia Tech, RAND, Cisco, and Cyentia came together to create the model (and how they got the patent licenses), and what the future of predictive security holds for XDR.

    12:00 pm
    Advisory Council Roundtable Lunch – (VIP / Invite only)
    • session level icon
    Is Your Defensive Stack Ready for a Targeted Attack?
    speaker photo
    Enterprise Director, Northeast, Pentera
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm
    Location / Room: Liberty 3

    For Advisory Council members only. This roundtable discussion will be moderated by Alex Henkes of Pentera.

    Understanding the potential risks in a security program leads to a healthy security program. Let’s discuss in depth how taking an offensive approach, through Automated Security Validation, enhances a team’s current defensive strategies.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Panel] Incident Response!
    • session level icon
    speaker photo
    DFIR Principal Consultant, Avertium
    speaker photo
    Director of Cloud Security Sales, Fortinet
    speaker photo
    Head of Solutions Architecture, Tidelift
    speaker photo
    Security Strategist, Mimecast
    speaker photo
    CISO, New York State Department of Education
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Riverside Suite

    Security teams are struggling to keep up with the myriad of attack vectors looming. As we emerge from the pandemic, now is the time to focus and adjust your Incident Response plan. There is a new set of tools and technologies helping squash attacks, but what happens when they fail? What’s in your IR plan that addresses the unknown, and how are your preparing? What has worked and what has not? Join our panel of experts in a valuable discussion focusing on current threats and how your company can be better equipped during these unprecedented times.

    1:15 pm
    [Panel] The Current Threat Landscape
    • session level icon
    speaker photo
    Co-Founder & CEO, DoControl
    speaker photo
    Senior Field Sales Engineer, WithSecure
    speaker photo
    Sr. Security Consultant, Critical Start
    speaker photo
    Sr. Account Executive, Hoxhunt
    speaker photo
    Sr. Threat Researcher, Proofpoint
    speaker photo
    Chief Commercial Officer, Binary Defense
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Keynote Theater (New York Ballroom East)

    If we’ve learned one thing from the pandemic it’s that cybercriminals do not take breaks. They are constantly retooling and trying new approaches. They collaborate—often better than we do. It is time for us to join forces, identify the most likely of risks to our organizations, and strengthen our networks. We’ve got to get our developers on board, as well, as it’s got to be secure before it goes to market. And what about all the careless clicking from employees?

    It’s a huge task, but we don’t have to do it alone. Join our panel of experts as they unpack the current threat landscape and offer ideas on how to start making effective changes within your organization.

    1:15 pm
    Liability in an Automated World
    • session level icon
    Emerging U.S. and Global Regulation of AI/ML Decision Making
    speaker photo
    Member, Data Privacy & Cybersecurity, Clark Hill Law
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Location / Room: Liberty 4

    From U.S. cities to the European Commission, regulators around the globe are focused on stamping out bias in automated decision-making by businesses.  Whether used for recruitment and hiring, insurance claims and financial offerings, healthcare treatments, or housing, automation is everywhere. What constitutes an automated tool, is your organization using one, and how can security and privacy professionals reduce risk of liability in this increasingly automated world?

    1:15 pm
    Best Practices PAM Security and Privilege Protection
    • session level icon
    speaker photo
    Sr. Solutions Architect, BeyondTrust
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm
    Location / Room: Liberty 5

    The term “best practices” is used a lot, and the definition of it can differ between organizations based on risk appetite and tolerance. Similarly, the term, “PAM” is also often misused or overused. This session will look at how PAM is defined today, understanding how privileges are used within your organization, and some useful tips to start or mature your security model.

    Some items we will discuss are ways to:

    • Protect sensitive passwords and credentials
    • Remove admin privileges from users and systems
    • Meet compliance mandates
    • Reduce risk from third-party vendors

    Additionally, we will look at how privileges, session, and application management can help your organization move towards just-in-time and a Zero Trust security model.

    2:30 pm
    Suing the CISO: No Longer a Hypothetical
    • session level icon
    speaker photo
    Co-Founder & Managing Partner, XPAN Law Partners
    speaker photo
    Chief Security Officer & Technology Lead, Trexin Group
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Location / Room: Liberty 5

    A group of investors is suing SolarWinds following its supply chain cyberattack and naming the CISO in the lawsuit. They accuse him, and the company, of embracing “intentional or severely reckless deceit on investors” because of alleged claims about the company’s cybersecurity. Join this conversation between a Chief Information Security Officer and a cyber attorney to explore the impacts. How could this case alter future lawsuits? Is additional insurance needed for some security leaders? Is this the start of a trend or a one-off lawsuit? Plus, hear what other cybersecurity professionals are saying and share your opinion on this legal development.

    2:30 pm
    Deploying Authenticity in the Workplace & Activating Untapped Power for Increased Productivity
    • session level icon
    speaker photo
    Privacy and Cybersecurity Specialist, Author, Speaker, and Strategist
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: Riverside Suite

    This session is about the human aspect of cybersecurity that is not often addressed. Professionals at all levels struggle and face life issues. Many have untapped expertise, gifts, and talents in the workplace. Some do not shine light on their abilities due to the corporate culture or authenticity level in the workplace.

    This session will address authenticity from three angles for the benefit of: the cybersecurity professional, the cybersecurity leader, and the cybersecurity organization.

    Learning objectives:

    • Leaders will receive strategies to effect change in the workplace and reduce turnovers.
    • Individuals will learn to value and showcase their brilliance; they will identify issues that undermine personal development and stall career elevation goals.
    • Organizations will identify ways to improve corporate culture, increase diversity, equity and inclusion in the workplace, promote effective allyship, and retain talent.
    2:30 pm
    Detecting Mac Malware Served Through Ads
    • session level icon
    speaker photo
    CEO & Co-Founder, Confiant Inc.
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm
    Location / Room: Liberty 4

    The digital landscape has dramatically evolved over the past 10 years. Phishing, malware attacks, and crypto scams using ads as a vector are on the rise. Malvertisers have been empowered to become sophisticated cybercriminals that are a threat to any digital user and enterprise organization. Gain critical insight into attacks via adware and detection of unique macOS malware, including trends, detection of notarized malware, and benchmarking with online malware scanners.

    Key Takeaway: Almost 100% of macOS malware families come from the ad ecosystem.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:15 pm
    Happy Hour & Casino
    • session level icon
    Sponsored by Tanium, AccessIT, and Expel
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 5:00 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary beer, wine, and soda. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    Enjoy the competitive fun at blackjack and craps tables!

    Generously sponsored by:

    3:45 pm
    [Closing Fireside Chat] BEC Attacks, Crypto, and the Investigative Powers of the Secret Service
    • session level icon
    speaker photo
    Sr. Investigator, Global Intelligence, Coinbase
    speaker photo
    Assistant to the Special Agent in Charge, New York Field Office, U.S. Secret Service
    speaker photo
    Supervising Investigator, New York County District Attorney's Office
    speaker photo
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater (New York Ballroom East)
    3:45 pm
    Inclusion Frameworks Allow All Genders to Work in Inclusive Environments
    • session level icon
    speaker photo
    Founder and CEO, CyberSN and Secure Diversity
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Riverside Suite
    While we all want diversity and inclusion at work, our work environments struggle to provide them. Why is this? What can each of us do to create inclusive work environments? There is a model that works. I had the privilege of experiencing this model young in my career and then built many successful companies implementing it. I look forward to sharing it with you! Together we can make change one by one. Everyone wants to work in cultures that are fair, productive, kind and provide growth. There is a model for this.
    4:00 pm
    Happy Hour: Cyber Breakfast Club
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    4:00 pm - 5:30 pm
    Location / Room: Riverside Suite

    Join your peers for complimentary appetizers and drinks! Register to attend here: https://www.eventbrite.com/e/428269143537

    The Cyber Breakfast Club™ is a private cybersecurity breakfast group connecting cybersecurity executives and leaders. Enjoy monthly networking and quarterly socials with peers in a relaxed environment, keynote speakers, interactive table top exercises, community engagement and connecting with both local cybersecurity community leaders and national leaders.

    4:30 pm
    InfraGard Member Reception
    • session level icon
    Open to all attendees
    Registration Level:
    • session level iconOpen Sessions
    4:30 pm - 5:30 pm
    Location / Room: Keynote Theater (New York Ballroom East)

    Open to InfraGard members and any prospective members.

Exhibitors
  • AccessIT Group
    Booth: 385

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Adaptiva
    Booth: 450

    Adaptiva’s unrivaled solutions empower complex, enterprise IT teams to manage and secure endpoints with unparalleled speed at massive scale. They eliminate the need for a vast IT infrastructure and automate countless endpoint management tasks for many of the world’s largest organizations and government agencies.

  • Akamai Technologies
    Booth: 130

    Akamai powers and protects life online. Leading companies choose Akamai to build, deliver, and secure digital experiences. With the most distributed compute platform—cloud to edge—customers can build modern apps while keeping experiences closer to users and threats farther away. Learn about Akamai’s security, compute, and delivery solutions at akamai.com.

  • AuditBoard, Inc
    Booth: 340

    AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management and GRC software on G2, and was recently ranked for the second year in a row as one of the 100 fastest-growing technology companies in North America by Deloitte.

  • Avertium
    Booth: 100

    Avertium was born from 4 award-winning cybersecurity firms in 2019. Today, helping mid-to-enterprise organizations protect assets and manage risk is our only business. Our mission is to make our customers’ world a safer place so that they may thrive in an always-on, connected world.

  • BeyondTrust
    Booth: 140

    BeyondTrust is the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. Our integrated products and platform offer the industry’s most advanced PAM solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments.

    The BeyondTrust Universal Privilege Management approach secures and protects privileges across passwords, endpoints, and access, giving organizations the visibility and control they need to reduce risk, achieve compliance, and boost operational performance. We are trusted by 20,000 customers, including 78 of the Fortune 100, and a global partner network.

  • Binary Defense
    Booth: 270

    Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.

  • CardinalOps
    Booth: 480

    CardinalOps delivers AI-powered detection content and metrics to ensure your SOC is protected from the MITRE ATT&CK techniques most relevant to your organization’s adversaries, infrastructure, and business priorities.

    Leveraging proprietary analytics and API-driven automation, the platform continuously delivers new use cases enabling your SOC team to stay ahead of constant change in the attack surface and threat landscape – plus continuously identify and remediate broken rules and misconfigured log sources – so you can close the riskiest detection gaps that leave your organization exposed.

    Founded in early 2020, CardinalOps is led by serial entrepreneurs whose previous companies were acquired by Palo Alto Networks, HP, Microsoft Security, IBM Security, and others. The company’s advisory board includes Dr. Anton Chuvakin, recognized SIEM expert and Head of Security Solution Strategy at Google (formerly Gartner Research VP); Dan Burns, former Optiv CEO and founder of Accuvant; and Randy Watkins, CTO of Critical Start.

  • Cisco / Kenna Security
    Booth: 210

    We pioneered risk-based vulnerability management, and now we’re doing the same for Modern Vulnerability Management. What is Modern Vulnerability Management? It’s a new model for managing the right level of risk for your business. It provides clear prioritization based on real-time threat and exploit intelligence, and uses those insights to deliver guidance unique to your environment. And it eliminates the friction between Security and IT teams about what to patch, and when. So you can save time, money and resources—and keep your teams efficiently focused on reducing the biggest risks to your business.

  • Confiant
    Booth: 120

    Confiant is a cybersecurity provider specialized in detecting and stopping threats that leverage advertising technology infrastructure, also known as Malvertising. We help digital publishers and advertising technology platforms around the world take back control of the ad experience in real-time. In addition, Confiant helps enterprises protect themselves and their customers from threat actors performing these attacks. Confiant oversees trillions of monthly ad impressions with innovative integrations embedded deep into the ad tech ecosystem, giving us a unique vantage point. Our superior detection set for phishing, crypto scams and malware attacks using ads as a vector is one-of-a-kind in the industry. Confiant executes our mission everyday to protect users and organizations of all sizes, including Microsoft, Orange, Paramount and IBM. We offer unique and actionable insights into threats that systematically target brands, businesses, individuals and supply chains via ads. Our recently published Malvertising Matrix maps the tactics, techniques and procedures active in Malvertising today. inclusive of emerging Web3 Layer 4 threats.

    To learn more about Malvertising go to matrix.confiant.com

  • Critical Start
    Booth: 310

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • Cybereason
    Booth: 200

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • DoControl Inc.
    Booth: 320

    DoControl’s mission is to build a future where SaaS application-based business enablement and security are balanced through technology, automation, and simplicity. We work hand-in-hand with our customers and partners to deliver automated security solutions that are purpose-built for today’s fast paced business environment.

  • Endace
    Booth: 440

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • Forcepoint
    Booth: 430

    Forcepoint is transforming cybersecurity by focusing on what matters most: people’s behavior as they interact with critical data and systems. Forcepoint behavior-based solutions adapt to risk in real time and are delivered via a converged security platform, protecting the human point for thousands of enterprise and government customers. Our solutions include Cloud Security, Network Security, Data & Insider Threat Security.

  • Fortinet
    Booth: 470

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • HelpSystems
    Booth: 495

    GoAnywhere MFT automates and encrypts file transfers using industry standard protocols (e.g. OpenPGP, AES, FTPS, SFTP, SCP, AS2, and HTTPS). With full audit trails and reporting functionality, GoAnywhere can help organizations comply with strict compliance regulations like PCI DSS, HIPAA, and the GDPR.

  • Hoxhunt
    Booth: 260

    Data breaches start with people, so Hoxhunt does too. We combine cognitive automation with the human touch to create individualized adaptive training experiences employees love, and a managed service model enterprises depend on.

  • Infoblox
    Booth: 350

    Infoblox delivers modern, cloud-first networking and security experiences that are simple, automated, scalable and reliable. The company is the market leader with over 12,000 customers worldwide, including over 70 percent of the Fortune 500. The company’s portfolio of SaaS, data center, and hybrid offerings for DHCP, DNS, IPAM and security solutions enable organizations to leverage the advantages of on-premises and cloud-first architectures. The combination of NIOS, BloxOne DDI, BloxOne Threat Defense and threat intelligence services provide a robust foundation for connecting and securing the modern enterprise.

  • InfraGard New York Metro
    Booth:

    The New York City Metro InfraGard Members Alliance (NYM-IMA) is a local program of the INMA. The New York Metro InfraGard Chapter holds regular meetings and provides members with a forum for information sharing within a secure environment, while focusing on protecting the critical infrastructure of New York City and surrounding areas.

    Member’s alliance are part of a national network of FBI-vetted volunteers who are critical infrastructure SME in one or more sectors. It provides a trusted forum for the real-time exchange of information, training and expertise related to the protection of critical infrastructure and key resources from both physical and cyber threats.

  • ISACA New York Metropolitan Chapter
    Booth:

    Our Mission: As a leading ISACA chapter, our mission is to serve our membership by providing world-class training, networking opportunities, and guidance while contributing to the profession both locally and internationally. Today, ISACA is a worldwide organization with over 200 chapters and the New York Metropolitan Chapter has grown to be one of the largest ISACA chapters in the world.

    Our Membership: The New York Metropolitan Chapter has over 3,800 members, from the information systems audit/assurance, information security, IT risk management, and governance professions. Our members represent a wide array of industries including financial services, accounting and consulting, legal services, education, entertainment, health care, retail, public utilities, and government/regulatory entities – and hold positions ranging from entry level staff to senior management.

  • Mimecast
    Booth: 410

    Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.

  • Okta
    Booth: 400

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Oxeye
    Booth: 370

    Oxeye provides a cloud-native application security solution designed specifically for modern architectures. The company enables customers to quickly identify and resolve all application-layer risks as an integral part of the software development lifecycle by offering a seamless, comprehensive, and effective solution that ensures touchless assessment, focus on the exploitable risks, and actionable remediation guidance. Built for Dev and AppSec teams, Oxeye helps to shift security to the left while accelerating development cycles, reducing friction, and eliminating risks. To learn more, please visit www.oxeye.io.

  • Pentera
    Booth: 230

    Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale.

    Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited.

  • Proofpoint
    Booth: 220

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Radware
    Booth: 360

    Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and software-defined data centers (SDDC). Our award-winning solutions portfolio secures the digital experience by providing infrastructure, application and corporate IT protection, and availability services to enterprises globally. Our solutions are deployed by, among others, enterprise customers, carriers, and cloud service providers.

  • Recorded Future
    Booth: 150

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • Red Canary
    Booth: 240

    Red Canary was founded to create a world where every organization can make its greatest impact without fear of cyber attacks. As a security operations ally, we arm businesses of all sizes with outcome-focused solutions to quickly identify and shut down attacks from adversaries. Security teams can make a measurable improvement to security operations within minutes.

  • RiskRecon
    Booth: 300

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • runZero
    Booth: 280

    runZero provides an asset inventory and network visibility solution that helps organizations find and identify managed and unmanaged assets connected to their networks and in the cloud. Powered by our research-driven model for fingerprinting, runZero can uncover areas of your network you didn’t even know you had. No credentials needed.

  • SecurEnds, Inc
    Booth: 390

    SecurEnds provides companies with a tool to automate user access reviews (UAR) across cloud and on-prem applications to meet SOX, ISO27001, PCI, HIPAA, HITRUST, FFEIC, GDPR, and CCPA audit requirements. Utilizing fuzzy logic to pull data from systems of record (SOR), complimentary identity governance and administration (IGA) solutions, and SaaS-based, custom, and legacy downstream applications, SecurEnds provides a complete, end-to-end process for UAR, then automates it out of the box.

  • Security Journey
    Booth: 420

    HackEDU’s spring 2022 acquisition of Security Journey brings together two powerful platforms to provide application security education for developers and the entire SDLC team. The two officially became one in August 2022 and are now Security Journey. Two platforms, one path to build a security-first development culture.

  • Sonatype
    Booth: 460

    Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally

  • Tanium
    Booth: 380

    Tanium defends every team, endpoint and workflow against the largest attack surface in history by delivering the industry’s first convergence of IT management and security operations with a single platform under a new category, Converged Endpoint Management (XEM).

    The integrated offering links IT operations, security and risk teams from a single pane of glass to provide a shared source of truth, a unified set of controls, and a common taxonomy that brings together siloed teams for a shared purpose—to protect critical information and infrastructure.

    For more information, visit: https://www.tanium.com.

  • Team Cymru
    Booth: 110

    Team Cymru’s mission is to save and improve human lives.  We are unrivalled across three disciplines; digital business risk platforms, free to use community services and support services to over 143 Government CSIRT teams.

    Our business risk and threat intelligence platforms empower global organizations with unmatched Threat Reconnaissance and Attack Surface Management capabilities to meet the challenges of today’s cyber threats.

    Community Services equip those who run the internet to defend it from criminals who wish to disrupt and cause harm, and CSIRT enables Governments the tools to outmaneuver nation state threat actors.

    Since 2005, our reputation remains unchallenged.

  • TechTarget
    Booth: n/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tidelift
    Booth: 250

    Tidelift helps organizations effectively manage the open source behind modern applications.

    Through the Tidelift Subscription, the company delivers a comprehensive management solution, including the tools to create customizable catalogs of known-good, proactively maintained components backed by Tidelift and its open source maintainer partners.

    Tidelift enables organizations to accelerate development and reduce risk when building applications with open source, so they can create even more incredible software, even faster.

  • Cyber Fraud Task Force – U.S. Secret Service
    Booth:

    Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

  • Waterfall Security
    Booth: 490

    Waterfall Security’s technology represents an evolutionary alternative to firewalls. Our innovative, patented Unidirectional Security Gateway solutions enable safe and reliable IT/OT integration, data sharing, cloud services, and all required connectivity for industrial control systems and critical infrastructures. Waterfall Security’s products dramatically reduce the cost and complexity of regulatory compliance with NERC CIP, NRC, NIST, CFATS, ANSSI and others.

    Waterfall products enable external parties, HQ, engineering, contractors and vendors, cloud services, and others to have access to operational information, while keeping the industrial control systems safe and secure. Our purpose-built hardware based security is enhanced by off-the-shelf software with a multitude of interfaces to widest range of industrial systems, protocols, databases and IT solutions in the market.

    Waterfall has a growing list of customers worldwide, including national infrastructures throughout North America, Europe, Asia and the Middle-East in power plants, nuclear plants, on/off-shore platforms, refineries, manufacturing plants, utility companies plus many more. Our strategic partners are multinational conglomerates and integrators in manufacturing, automation and other parallel industries.

  • WithSecure
    Booth: 330

    WithSecure™ (formerly F-Secure Business) is cybersecurity’s reliable partner. IT service providers, MSSPs and businesses—along with the largest financial institutions, manufacturers, and thousands of the world’s most advanced communications and technology providers—trust us for outcome-based cybersecurity that protects and enables their operations. Our AI-driven protection secures endpoints and cloud collaboration, and our intelligent detection and response are powered by experts who identify business risks by proactively hunting for threats and confronting live attacks. Our consultants partner with enterprises and tech challengers to build resilience through evidence-based security advice. WithSecure™ is part of F-Secure Corporation, founded in 1988, and listed on NASDAQ OMX Helsinki Ltd.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Tom Brennan
    Executive Director, Americas Region, CREST

    Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

    As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

  • speaker photo
    Nicole Dove
    Head of Security, Riot Games

    Nicole Dove is an award-winning cybersecurity leader, university lecturer & host of the Urban Girl Corporate World podcast.

    As Head of Security for Riot Games, she is responsible for building a scalable security program including a team of BISOs to support the company’s expansion into entertainment, music and esports.
    Nicole performed voice over work on two Grand Theft Auto titles, attended the 2016 White House Summit on the United State of Women, won the 2021 EWF Woman of Influence Award and completed Cybersecurity Leadership studies at Harvard University.

    She produces and hosts the Urban Girl Corporate World podcast, creates Cybersecurity courses for LinkedIn Learning, is a frequent guest on tech podcasts and has given keynotes at tech conferences and organizations including Facebook, Yale School of Management, RSA, OWASP, Deloitte Consulting, and Goldman Sachs.

  • speaker photo
    Tomás Maldonado, Moderator
    CISO, NFL

    Tomás Maldonado is the Chief Information Security Officer (CISO) at the National Football League (NFL).  He is globally responsible for leading the information security program for the League and its entities.  Maldonado has over 23 years of experience in this area, having led global information security teams and programs at several large international organizations.

    Prior to Joining the NFL, Maldonado was the CISO at International Flavors & Fragrances where he was globally responsible for establishing and leading the Cybersecurity & Technology Risk Management business unit.

    Maldonado was also an executive director and CISO for the corporate sector of JPMorgan Chase, where he established and shaped the future direction of the security program and focus for the line of business. He was also a VP of technology risk management at Goldman Sachs where he worked on several key initiatives namely creating and leading the data loss protection program. He had additional opportunities at Schroders where he was the network security officer, Ernst & Young and Bloomberg LP.

    Maldonado serves as an advisory board member to several innovative companies. He has several industry recognizable certifications: he is a CISSP, a CISM, a CDPSE, and a CRISC. He also holds a Bachelor of Science in computer science from Fordham University.

  • speaker photo
    Timothy Rohrbaugh
    CISO, JetBlue Airways
  • speaker photo
    Taylor Milligan Crotty, Moderator
    Global Head of Cyber Resilience & Data Protection, BlackRock

    Taylor M. Crotty leads BlackRock Information Security’s Cyber Wargames team and is responsible for education, training and process development related to Cyber Incident Response & Recovery, measuring and managing cyber risks across the organization and Third Party Security for BlackRock’s critical service providers.

    Taylor is focused on assuring the resiliency of BlackRock and key partners critical to BlackRock’s business operations before, during, and after a cyber event. She coordinates periodic, tabletop-style resilience exercises (“Wargames”) with BlackRock’s most critical provider partners, internal business functions, and at the sector level. Taylor also drives strategic workflow analysis initiatives for Information Security, leveraging deep technical expertise to identify and mitigate security risks across the Firm and optimize our ability to protect information.

    Prior to assuming her current role, Taylor led BlackRock's Third Party Security program where she was responsible for assuring the security of outsourced workflows, establishing a stronger baseline level of protection with service providers through contracting and conducting security assessments of critical provider partners to ensure Firm and Client information was protected with the requisite care in accordance with industry best practices.

    Taylor first developed a Third Party Security practice while working as a consultant with Security Risk Advisors. She administered Third Party Security programs for a large private healthcare company and a financial services company notable for being the nation’s primary provider of private-label credit cards.

    Taylor serves as a board member for the University of Michigan College of Engineering Alumni Board. She has been formally invited to share her experience and thought leadership in the cyber resilience space as a speaker at various events and industry conferences.

  • speaker photo
    Scott Matsumoto
    CISO, Robinhood Crypto

    Scott Matsumoto joined Robinhood in 2021 and is responsible for building and maintaining the cybersecurity program for Robinhood Crypto. He brings extensive experience in both the cryptocurrency and cybersecurity spaces having previously served as the CISO for Circle Internet Financial and the Poloniex cryptocurrency exchange.

  • speaker photo
    Naomi Buckwalter
    Founder & Executive Director, Cybersecurity Gatebreakers Foundation

    Naomi Buckwalter, CISSP CISM, is the Director of Product Security for Contrast Security and author of the LinkedIn course: “Training today for tomorrow's solutions - Building the Next Generation of Cybersecurity Professionals”. She is also the founder and Executive Director of Cybersecurity Gatebreakers Foundation, a nonprofit dedicated to closing the demand gap in cybersecurity hiring. She has over 20 years' experience in IT and Security and has held roles in Software Engineering, Security Architecture, Security Engineering, and Security Executive Leadership. As a cybersecurity career adviser and mentor for people around the world, her passion is helping people, particularly women, get into cybersecurity. Naomi has two Masters degrees from Villanova University and a Bachelors of Engineering from Stevens Institute of Technology.

  • speaker photo
    Israel Barak
    CISO, Cybereason

    Israel Barak, Chief Information Security Officer at Cybereason, is a cyber defense and warfare expert with a background developing cyber warfare infrastructure and proprietary technologies, including that of proprietary cryptographic solutions, research and analysis of security vulnerabilities. Israel has spent years training new personnel, providing in-depth expertise related to cyber warfare and security, threat actor’s tactics and procedures. As Cybereason’s CISO, Israel is at the forefront of the company’s security innovation, research and analysis of advanced threats.

  • speaker photo
    Patrick Sullivan
    VP, CTO of Security Strategy, Akamai

    Patrick Sullivan is VP, CTO of Security Strategy for Akamai and a Contributing Author for Information-Security magazine. Patrick joined Akamai's Security Team in 2005 and has been a leader working with leading enterprises to design security architectures and thwart evolving threats. Patrick is a frequent speaker at Security Conferences including RSAC, Blackhat, Gartner, IANS, and others. Prior to Akamai, Patrick held leadership positions in the US DoD, Cable&Wireless, Savvis, and AT&T. Patrick holds various network and security certifications including: CISSP, GWAPT, GSLC, GCIH, GCFA, GCSA.

  • speaker photo
    Blake Penn
    CISO, Colgate University
  • speaker photo
    Afzal Khan
    Global CISO, OPKO Health, Inc.

    Afzal Khan is a distinguished leader in the field of technology security and risk management, bringing over 26 years of expertise to his role. Currently serving at OPKO, he provides strategic direction and guidance on technology risk management, IT, OT, and cybersecurity, ensuring compliance with IT regulatory standards across domestic and international entities. Afzal's extensive experience includes notable positions such as the Global Head of IT Security, Risk Management & Compliance at Everest Reinsurance, where he led critical projects and built robust organizational teams. He holds 7 security and risk management certifications, including CISSP, CISA, and CRISC, underscoring his deep knowledge in the field. Afzal is renowned for his visionary approach, aiming to establish a secure technology platform aligned with business objectives, emphasizing a business-focused and risk-based approach to security decisions. His dedication to operational excellence and adaptability in the face of disruptive technologies have made him a trusted leader in the industry.

  • speaker photo
    Brett Price, CISSP, CISM
    Lead Cybersecurity Consultant, vCISO, AccessIT Group

    Brett Price is a Senior Cybersecurity Consultant for the Risk Advisory Services practice at AccessIT Group (AITG). Brett is a knowledgeable cybersecurity consultant with over twenty years of experience and an extensive background in security consulting, network engineering/administration and cybersecurity best practices. Brett’s skills range from analyzing network packet behavior to securing enterprise critical infrastructure with expertise in assessing and consulting on risk management frameworks and standards such as NIST 800-53, NIST CSF, CIS and ISO/IEC 2700X. Brett has experience working with enterprise and mid-market customers across various industry sectors such as healthcare, banking, industrial, retail, pharmaceutical and insurance.

  • speaker photo
    Daniel Smith
    Head of Research, Threat Intelligence Division, Radware

    Daniel is the Head of Research for Radware’s Threat Intelligence division. He helps produce actionable intelligence to protect against botnet-related threats by working behind the scenes to identify network and application-based vulnerabilities. Daniel brings over ten years of experience to the Radware Threat Intelligence division. Before joining, Daniel was a member of Radware’s Emergency Response Team (ERT-SOC), where he applied his unique expertise and intimate knowledge of threat actors’ tactics, techniques, and procedures to help develop signatures and mitigate attacks proactively for customers.

  • speaker photo
    Robb Reck, Moderator
    Co-Host, Colorado = Security Podcast
  • speaker photo
    Tom Grimes
    Director of Cybersecurity Sales, Infoblox
  • speaker photo
    Chad Knipschild
    Sr. Product Marketing Manager, Recorded Future

    Chad is a senior product marketing manager at Recorded Future working on intelligence-based solutions. Before joining Recorded Future, he served as a U.S. Naval Intelligence Officer with an extensive background in special operations and cyber threat intelligence.

  • speaker photo
    Rod Aday, Moderator
    Director, Information Risk Management, Verizon

    Rod Aday is an experienced security professional with many years of experience in information security/cybersecurity, business continuity, operational risk and information technology. As a CISO in the financial services sector, Rod has built Information Security and Business Continuity Programs from the ground up at three different financial institutions, bringing their cybersecurity maturity to the level appropriate for each institution’s risk profile and in-line with regulatory guidance. He was formerly the CISO, Head of Operational Risk and Information Security, for Dexia Credit Local, NY Branch. Rod holds a CISSP certification as well as the concentrations CISSP-ISSAP and CISSP-ISSMP. He is currently pursuing his Masters in Information Security with the University of London, International program.

  • speaker photo
    Josh Hopkins
    Senior Analyst, Team Cymru

    Now leading the internal S2 research team, Josh has been an analyst with Team Cymru for the past five years leading him to become an expert in counting to 10 and recommencing his work. He specializes in the tracking of infrastructure for a diverse target set that includes both nation state and criminal threat actors. Josh has an extensive background in law enforcement and national security investigations.

  • speaker photo
    Michael Roytman
    Chief Data Scientist, Kenna Security (a Cisco company)

    Michael Roytman is a recognized expert in cybersecurity data science. At Kenna Security, Michael is responsible for building the company's core analytics functionality focusing on security metrics, risk measurement, and vulnerability measurement.

    Named one of Forbes' 30 Under 30, Michael's strong entrepreneurship skills include founding organizations such as Dharma Platform, a cloud-based data management platform, and TruckSpotting, a mobile app for tracking food trucks. He also serves on the board of Cryptomove, a moving target data protection startup. In addition, Michael chairs the Board of Dharma Platform, is a board member and the program director at the Society of Information Risk Analysts (SIRA), and is a co-author of the Exploit Prediction Scoring System (EPSS).

    Michael is a frequent speaker at security industry events, including Black Hat, BSides, Metricon, RSA, SIRACon, SOURCE, and more. Michael holds a Master of Science in Operations Research degree from Georgia Institute of Technology.

  • speaker photo
    Alex Henkes
    Enterprise Director, Northeast, Pentera
  • speaker photo
    Patterson Cake
    DFIR Principal Consultant, Avertium

    Patterson has worked in information-technology for more than two decades, focusing on information-security for the past several years, specializing in the development of incident-response teams, programs and processes. Before joining Avertium, he was a Senior Security Consultant for Haven Information Security, a Senior Security Engineer for AWS Managed Services, and has extensive experience in information-security across multiple verticals, from non-profit healthcare to cloud-service providers to financial-service providers. He also teaches for SANS, is a member of the GIAC GPEN advisory board, and is actively involved in the information-security community.

  • speaker photo
    Stephen Clark
    Director of Cloud Security Sales, Fortinet

    Stephen Clark has over 25 years experience in the information security space having spent time at Check Point, Cisco, and Palo Alto Networks. Stephen also spent time working in the security consulting field working primarily with the Fortune 1000.

    He is presently the Director of Cloud Security Sales for Fortinet. Today he helps manage and set the direction for cloud security within the Fortinet Sales team. The product portfolio includes Next Generation Firewalls, Web Applications Firewalls, CASB and Containers.

  • speaker photo
    Mark Galpin
    Head of Solutions Architecture, Tidelift

    As a developer, architect and product manager, Mark Galpin has a passion for making the release process better.

  • speaker photo
    Rick Salimov
    Security Strategist, Mimecast
  • speaker photo
    Marlowe Cochran, Moderator
    CISO, New York State Department of Education

    Marlowe Cochran has been working in the IT field for over 30 years, with 20 plus years in information security roles. He has worked in a multitude of sectors from government to health care. In his current role at the New York State Department of Education, he is the Chief Information Security Officer. Marlowe currently collaborates with internal and external stakeholders in regard to modernizing technology and data sharing; he oversees data risk assessment/management, incident response, the development of policies/procedures, and manages the overall risk posture of the agency.

  • speaker photo
    Adam Gavish
    Co-Founder & CEO, DoControl

    Adam Gavish is the Co-Founder and Chief Executive Officer of DoControl. Adam brings 15 years of experience in product management, software engineering, and network security. Prior to founding DoControl, Adam was a Product Manager at Google Cloud, where he led ideation, execution, and strategy of Assured Workloads (GovCloud) customer experience serving Fortune 500 customers. Before Google, Adam was a Senior Technical Product Manager at Amazon, where he launched customer-obsessed products improving the payment experience for 300M customers globally. Before Amazon, Adam was a Software Engineer in two successfully acquired startups, eXelate for $200M, and Skyfence for $60M.

  • speaker photo
    Raj Patel
    Senior Field Sales Engineer, WithSecure

    Raj Patel is a Senior Field Sales Engineer with Finland-based cybersecurity firm, WithSecure. His 20 years of experience leading IT projects has focused on analyzing business requirements and customer goals to deliver enterprise solutions with a focus on cloud and cybersecurity technologies.

  • speaker photo
    Cary Spearman
    Sr. Security Consultant, Critical Start

    Cary Spearman is a strong advocate for implementing real security and avoiding “security theater. As a graduate of Charleston Southern, Cary started his career in the IT world as a network administrator for a healthcare provider. His initial foray into the world as security was as a firewall admin with a large MSSP. Currently he is Security Consultant for Critical Start.

  • speaker photo
    Sean Raffetto
    Sr. Account Executive, Hoxhunt

    Sean works with organizations across the globe partnering with them to provide tailored Consulting security services enabling security teams to keep up with the rapid pace of change in the cyber threat landscape. With over a decade of experience working with enterprise level solutions, Sean specializes in implementing proactive and defense cyber programs across finance, media, and critical national infrastructure. Sean is a lifelong soccer fan and enjoys staying active by hiking and snowboarding.

  • speaker photo
    Jared Peck
    Sr. Threat Researcher, Proofpoint

    Jared Peck is a Senior Threat Researcher for the Field Facing Threat Research Team at Proofpoint where he focuses on phishing kit research and phishing campaign creation as well as communicating specific threats and the threat landscape to customers. Prior to joining Proofpoint, Jared spent eight years at a Fortune 500 financial services company in several roles including Senior Cyber Threat Intelligence Analyst. Before changing careers to information security, Jared worked in the emergency services field for over 15 years as a firefighter, paramedic, and hospital emergency room technician. Jared holds several SANS certifications including GCTI, GREM, GCIH, and GCIA.

  • speaker photo
    Moderator: Tracy Caudill
    Chief Commercial Officer, Binary Defense

    As Binary Defense Chief Commercial Officer, Tracy Caudill, brings her experience leading complex cybersecurity engagements and building collaborative teams that create customer value and enable long-lasting partnerships across the customer journey. She is responsible for leading Binary Defense’s marketing, sales and customer success strategy to drive business growth and customer centricity.

    Prior to Binary Defense, Tracy was Vice President and Head of Delivery Management for Capgemini Americas Cloud and Infrastructure Services where she was responsible for leading delivery of a $200M Projects and Consulting portfolio. In her 20-year career, Tracy has guided the build, management and strategic transformation of security operations for some of the largest companies in the world. She has held multiple leadership positions as part of Lockheed Martin Corporation, Leidos Cyber and Capgemini Americas in the core areas of cybersecurity, program management and business development for Fortune 500 clients as well as the U.S. Air Force, U.S. Navy and Department of Homeland Security.

    Tracy holds a Bachelor of Science in Electrical Engineering and a Master of Science in Engineering Management from the University of Southern California. She lives in Alexandria, VA with her husband and two children. Tracy is passionate about giving back to her community and inspiring the next generation of women leaders. She has served as troop leader for the Girl Scout Nation’s Capital Council and is a Sustaining Member of the Junior League of Washington.

  • speaker photo
    Myriah V. Jaworski, Esq., CIPP/US, CIPP/E
    Member, Data Privacy & Cybersecurity, Clark Hill Law

    Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.

  • speaker photo
    Jason Silva
    Sr. Solutions Architect, BeyondTrust

    Jason Silva is a Senior Solutions Architect focused on Privilege Access Management (PAM), Identity and Access Management (IAM), and Least Privilege. Jason brings over 25 years of experience in solutions management to BeyondTrust's Privileged Access Management Solutions enforcing Privileged Password Management and Privileged Session Management, Privileged Endpoint Management, and Secure Remote Access which utilizes a single pane of glass for all management aspects including Automated Account Discovery, Privileged Management and Elevation, Audit and Compliance, and Reporting.

  • speaker photo
    Rebecca Rakoski
    Co-Founder & Managing Partner, XPAN Law Partners

    Rebecca L. Rakoski is the managing partner at XPAN Law Partners, LLC. Rebecca advises her clients on a proactive, multi jurisdictional approach to identify and address data privacy and cybersecurity compliance gaps and potential liabilities. She uses her extensive experience to work with her clients to create and tailor a security and privacy governance program that fits their specific needs in order to limit their regulatory exposure.

    Rebecca counsels and aggressively defends public and private corporations, and their boards, during data breaches and responds to state/federal regulatory compliance and enforcement actions. As an experienced litigator, Rebecca has handled hundreds of matters in state and federal courts. Rebecca skillfully manages the intersection of state, federal, and international regulations that affect the transfer, storage, and collection of data to minimize her client's litigation risks.

    Rebecca regularly negotiates complex contractual provisions that are impacted by domestic and international data privacy regulations including the California Consumer Privacy Act of 2018, and the European Union's General Data Protection Regulation. She understands how the nature of the data can affect the role her client plays in the data transaction and uses that knowledge to mitigate corporate liability.
    As a thought leader in the area of data privacy and cybersecurity, Rebecca serves on the New Jersey State Bar Association's Cyber Task Force. Rebecca is Vice-Chair Elect for the New Jersey State Bar Association's Bankruptcy Law Section.

    Rebecca has been appointed and served in multiple highly complex litigation matters by the New Jersey Superior Court as a Special Master in the areas of technology and eDiscovery. She also served on the Complex Business Litigation Committee that drafted and revised the New Jersey Court Rules involving electronic discovery. Rebecca was on the eDiscovery committee of her prior law firm and created its eDiscovery subgroup.

    Rebecca is on the Board of Governors for Temple University Health Systems and is also the Acting Dean of Online Learning and an adjunct professor at Drexel University’s Thomas R. Kline School of Law.

  • speaker photo
    Glenn Kapetansky
    Chief Security Officer & Technology Lead, Trexin Group

    Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

    Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

  • speaker photo
    Belinda Enoma, CIPP/US
    Privacy and Cybersecurity Specialist, Author, Speaker, and Strategist

    Belinda Enoma is a privacy and cybersecurity consultant with a legal and technology background. She offers virtual privacy and cybersecurity services including risk mitigation solutions and building privacy programs from scratch. She is a writer, corporate trainer, lifestyle strategist, mentor, and coach to women in the cybersecurity and data protection industry. Her published work includes “Data breach in the travel sector and strategies for risk mitigation,” (Journal of Data Privacy and Protection, Volume 3.4, 2020). Belinda is a Certified Information Privacy Professional (CIPP/US) and has an LLM from Benjamin N. Cardozo Law School, New York.

  • speaker photo
    Louis-David (LD) Mangin
    CEO & Co-Founder, Confiant Inc.

    Louis-David ("LD") is CEO and Co-Founder of Confiant, a cybersecurity startup specialized in threats that use digital ads as a cyber-attack vector. With 130+ custom ad tech integrations, Confiant has a unique vantage point to track credential phishing, malware infected software, investment scams, and more! Confiant is the sixth startup LD has been a part of and the second he co-founded. He holds a Bachelors in Computer Science from Boston College, Chestnut Hill, Massachusetts.

  • speaker photo
    Kristen Spaeth
    Sr. Investigator, Global Intelligence, Coinbase

    Kristen Spaeth is a Senior Investigator on the Global Intelligence team at Coinbase, where she works on investigations involving criminal matters in coordination with law enforcement partners. Prior to joining Coinbase, she was a Senior Cybercrime Analyst in the Cybercrime and Identity Theft Bureau at the Manhattan District Attorney’s Office. She has been the investigative lead on numerous complex long-term investigations involving identity theft, money laundering, terrorism financing, bank fraud, network intrusions and enterprise corruption.

  • speaker photo
    Casey McGee
    Assistant to the Special Agent in Charge, New York Field Office, U.S. Secret Service

    Casey McGee is an Assistant to the Special Agent in Charge in the New York Field Office of the U.S. Secret Service. He leads efforts to increase public and private partnership in the investigation of complex transnational criminal investigations involving the use of digital assets. In an executive developmental role, ATSAIC McGee served as the Advisor to the Vice President of Global Intelligence at Coinbase where he identified opportunities for joint USSS/Coinbase initiatives and partnered with various leaders across both organizations to implement cross functional programs. He holds a Juris Doctor from Vermont Law School and a Bachelor of Science from the University of Notre Dame.

  • speaker photo
    Greg Dunlavey
    Supervising Investigator, New York County District Attorney's Office

    Greg Dunlavey is a Supervising Investigator for the New York County District Attorney. Assigned to the Cybercrime and Identity Theft Bureau, his squad investigates sim swaps, DeFi exploits, and NFT thefts, as well as identity theft, business email compromise schemes and cyberstalking. He has been an Investigator for 12 years, previously serving in the Major Economic Crimes Bureau, and is a Certified Fraud Examiner. He formerly taught the NCFI Digital Currency Course and is a certified instructor in firearms and defensive tactics. He graduated from Colgate University in 2007.

  • speaker photo
    Moderator: Joe Walsh
    M.A.C.J. Program Director and Assistant Professor of Criminal Justice/Computer Science, DeSales University

    Joe Walsh teaches digital forensics and computer security at DeSales University. He previously worked as a senior security consultant where he performed security assessments, conducted penetration testing, and responded to computer security incidents. He has been a police officer for 13 years and is a former member of the ICAC Task Force and the FBI Child Exploitation Task Force, where he was responsible for conducting online undercover investigations and digital forensic examinations. Joe has a bachelor's degree in Information Systems, a master's degree in Criminal Justice/Digital Forensics, a master's degree in Information Systems/Cybersecurity, and is currently pursuing a Ph.D. in Information Systems with a concentration in Cybersecurity.

  • speaker photo
    Deidre Diamond
    Founder and CEO, CyberSN and Secure Diversity

    Deidre Diamond is the founder and CEO of CyberSN, the largest cybersecurity talent acquisition technology and services firm in the U.S., transforming job searching and hiring for the cybersecurity industry. Standardizing all cybersecurity job functions into a common taxonomy of 45 roles, the CyberSN platform allows professionals to make anonymous, public profiles that match with employer-posted job descriptions using the same taxonomy. This innovation is disruptive and solves a serious national security issue. Deidre’s leadership style combines 25 years of experience working in technology and staffing, her love of the cybersecurity community, and a genuine enthusiasm for people. She has led large-scale sales and operations and built high-performance teams at Rapid7 and Motion Recruitment prior to founding her own organizations. She believes a company-culture established on ‘anything is possible’ attitudes and open communication frameworks, along with positive energy, career advancement, and kindness, enables her teams to have fun at work and reach beyond peak performance. She also encourages the use of EQ (Emotional Intelligence) skills: self-awareness, self-regulation, motivation, social skills, and empathy. Deidre has also founded SecureDiversity.org, a non-profit organization working to raise awareness for, and increase the hiring of, women and underrepresented humans in the cybersecurity workforce. She has also spoken at some of the biggest tech summits, conferences, and podcasts in the world including ISC2 Congress, RSA, ISSA International, and Hacker Halted.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
INVEST IN YOUR GROWTH!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!