googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, April 17, 2024
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 1
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    7:30 am
    [PLUS Course] Navigating the Cybersecurity Landscape: Tools and Tactics for Modern Defenses - Part 1
    • session level icon
    Mastering OSINT with Maltego
    speaker photo
    Cybersecurity Specialist and Founder of The Valander Group
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Unveiling Digital Footprints: Mastering OSINT with Maltego

    In the digital age, the ability to gather information from publicly available sources is invaluable for cybersecurity professionals. This presentation introduces participants to the powerful capabilities of Maltego, a renowned tool for conducting open source intelligence (OSINT). Attendees will explore how Maltego can be leveraged to uncover and visualize complex networks of information from diverse data sources, enabling more effective threat intelligence, incident response, and security assessments. Through live demonstrations, we will illustrate the process of gathering, linking, and analyzing data, showcasing Maltego’s utility in identifying vulnerabilities and potential threats. Participants will leave with a solid foundation in OSINT principles and hands-on experience in utilizing Maltego to enhance their cybersecurity strategies.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Drag Racing & Cybersecurity: The Crossover
    • session level icon
    speaker photo
    CISO, United Musculoskeletal Partners
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    You’d be amazed what you can learn from everyday hobbies or obstacles to help you become a better practitioner. Krista Arndt shares a very personal story of survival after a bad drag racing accident in 2015. It was a life-altering experience and provided perspective on her personal and professional life that drives her every day as a loving mom and wife, volunteer, and successful CISO.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    [Panel] Beyond Premiums and Policies: Cyber Insurance Unlocked
    • session level icon
    speaker photo
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP
    speaker photo
    Cyber Practice Leader, Graham Company, a Marsh & McLennan Agency LLC Company
    speaker photo
    Senior Counsel, TittmannWeix
    speaker photo
    AVP, eRisk Underwriting, Crum & Forster
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    10:15 am
    The Hitchhiker’s Guide to a Cyber Security Data Program
    • session level icon
    speaker photo
    VP, Cyber Observability, BlackRock
    speaker photo
    VP, Cyber Analytics, BlackRock
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Do you want to discover the best practices and tools for security data program? Do you want some options to help bring value to your security data, make sense of it, and either alert or make analytics on it? Do you want to learn more about data tiering and understanding how to efficiently store security data? If you answered yes to any of these questions, then this session is for you. Join us as we take you on a journey through the Cyber Security Data universe, where you will learn how to monitor, measure, and improve your analytics and observability within security.

    10:15 am
    Human Machine Teaming: The Indispensable Human Element of Cybersecurity
    • session level icon
    speaker photo
    Field CTO, Americas, SentinelOne
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Artificial Intelligence is a pervasive part of our lives today and cybersecurity teams and adversaries alike have learned to harness the speed and power of machines to strengthen their capabilities. With machine learning becoming one of the most important defense tools, leaders must balance the overwhelming speed and accuracy advantage of AI with the need for measured and intuitive interactions with a real-world human element.

    Join this session to discuss:

    • What these trends mean for the hands-on practitioner
    • How AI and Machine Learning will make humans more effective, not replace them
    • When the velocity of innovation outpaces the capabilities of human intellect
    • The role of automation in the effective practice of securing our digital world
    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Cyber Safety Is Patient Safety
    • session level icon
    speaker photo
    Executive Director, Health Sector Coordinating Council Cybersecurity Working Group
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    In February 2024, the Health Sector Coordinating Council (HSCC) – an industry-led public-private partnership for critical infrastructure protection – released its Health Industry Cybersecurity Five-Year Strategic Plan. It provides a prescription for moving healthcare cybersecurity from critical condition to stable condition. The White House has identified healthcare as one of the Top 3 priority critical infrastructure sectors in the fight against cybersecurity threats. The HSCC partners with the U.S. Department of Health and Human Services and the DHS Cybersecurity and Infrastructure Security agency to develop best practices, policies, and operational support for health providers, medical device and pharmaceutical companies, plans and payers, health IT and public health to strengthen the security and resiliency of the sector and ultimately, patient safety.
     
    In this session, the Executive Director of the HSCC Cybersecurity Working Group breaks down the Strategic Plan, further explaining why it is a wellness plan by the sector, for the sector, with support from the government. Hear about how healthcare cybersecurity is responding to the cybersecurity challenges to protect healthcare data, clinical and manufacturing operations, and patient safety.
    11:10 am
    Guardians of the Digital Pantheon: Achieving Equilibrium between Cybersecurity and Compliance in the Modern Olympus
    • session level icon
    speaker photo
    VP, Information Security, PENN Entertainment
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Let’s dive into today’s digital landscape where organizations face the dual challenge of safeguarding their systems against evolved cyber threats while ensuring compliance with the ever-expanding regulatory landscape. Much like the battles between heroes and villains in Greek Mythology, there’s challenges lurking around every corner and the delicate equilibrium required to strike the right balance can be arduous. From navigating compliance frameworks to fortifying defenses against evolving threats, this session spotlights the critical need for harmony in the pursuit of a resilient and secure digital landscape. Gain insights, hear strategies, and discover the art of achieving equilibrium in cybersecurity – one in which security and compliance work hand in hand.

    11:10 am
    [Panel] Unveiling the Threat Landscape and Unmasking Digital Villains
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    In the shadows of our digital world, a clandestine battle is waged against our data, systems, and infrastructure. These hidden threats, much like the villains of comic books, lurk in the shadows, seeking to exploit vulnerabilities and disrupt our digital lives. Join us as we delve into the ever-evolving threat landscape, unmasking the villains of the digital realm and exploring their nefarious tactics.

    Our panel of cybersecurity experts unravel the intricate world of cyber threats, shedding light on the latest trends, emerging attack vectors, and the expanding arsenal of malicious tools employed by cyber adversaries. Learn the motivations behind these threats, from profit-driven cybercriminals to state-sponsored actors wielding cyberweapons.

    Our panel provides a comprehensive overview of the current threat landscape.

    11:10 am
    [Team Cymru] Attack Surface Management
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description coming soon.

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    The FUN-damentals of FinOps Security
    • session level icon
    speaker photo
    Director, Information Security, CubeSmart
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session description coming soon.

    1:15 pm
    Building Your Personal Board of Directors for Women in Cyber
    • session level icon
    speaker photo
    CISO, Trinseo
    speaker photo
    Executive VP & CISO, Radian Group
    speaker photo
    Chief of Cybersecurity, Region 3, DHS CISA
    speaker photo
    Information Security Analyst, Federal Reserve Bank of Philadelphia
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm
    1:15 pm
    [Panel] Securing the Cloud Fortress: Revealing Defense Strategies for the Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In the ever-expanding digital universe, the cloud has emerged as a powerful tool, enabling organizations to store data, access applications, and operate their businesses with unprecedented agility. However, this vast digital fortress, like any other, is not without its vulnerabilities. Join us as we delve into the realm of cloud security, exploring the hidden defenses employed by cybersecurity superheroes to safeguard the cloud and its inhabitants.

    Our panel of cloud security experts shed light on the unique challenges and strategies involved in protecting cloud-based environments. They discuss the shared responsibility model, the role of cloud providers and customers, and the evolving tools and techniques employed to secure the cloud.

    Our panel provides a comprehensive overview of cloud security, empowering attendees to understand the hidden defenses of the cloud and strengthen their cloud security posture. Learn how to identify and mitigate cloud-based threats, implement robust access controls, and effectively manage cloud security risks.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    [Panel] The Cybersecurity Staffing Problem: Is There a Talent Shortage, a Hiring Problem, or Both?
    • session level icon
    speaker photo
    Information Risk, Governance, and Resilience Executive, Hudson's Bay Company (HBC)
    speaker photo
    Chief of Cybersecurity, Region 3, DHS CISA
    speaker photo
    Executive Director of Product Security, JPMorgan Chase & Co.
    speaker photo
    Founder & CEO, Cyber Job Central
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm
    Join this session to hear from an experienced cybersecurity recruiter and InfoSec practitioners to discuss the issues of why positions on cyber teams are so hard to fill and what some solutions are. What’s are the traditional tools used to hire and what are the differences – including internal and external recruiting, job boards, LinkedIn, other social media channels, and more. The panel will examine common hiring and recruiting roadblocks, including job descriptions, buzz words, ATS, resume spamming, and finding time to schedule interviews and make offers. Learn how to advertise effective job titles, realistic job descriptions, and leaning on technology to making vetting candidates easier. Job seekers will learn what successful resumes include and how to network effectively.
    2:10 pm
    Fight Shadow IT by Using Third-Party Risk Management as an Enabler
    • session level icon
    speaker photo
    Security Architecture Lead, Wawa, Inc.
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm
    It’s difficult to manage third-party risk when security teams aren’t involved in the vendor process, intentionally or unintentionally. By positioning security as a partner and the Third Party Risk Management process as an enabler instead of another hoop to jump through, you can gain a foothold in helping secure your organization against third parties, and reduce the amount of shadow IT. This session covers how to recast conversations and partnerships within the organization to better integrate TPRM while enabling technology users and increasing security.
    2:10 pm
    How to Build an Insider Threat Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.

    Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything  changes so quickly. Insider threat initiatives require a new, more focused approach.

    This presentation will explore:

    • The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
    • Four attributes of a successful insider threat program
    • How behavioral analytics baseline “normal” behavior of users and devices—showing risk faster
    • An automated investigation experience that replaces manual routines and effectively guides new insider threat teams
    3:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    3:30 pm
    [Closing Keynote] Unmasking Cyber Villains: A BarCode Podcast
    • session level icon
    speaker photo
    CISO, United Musculoskeletal Partners
    speaker photo
    VP, Information Security, PENN Entertainment
    speaker photo
    VP of IT, Visit Philadelphia
    speaker photo
    Founder, The BarCode Podcast
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater
    When we think of cyber villains, it’s the ransomware gangs, malware distributors, and identity thieves doing the most obvious dirty work. Not many think of the villains that reside within corporate walls. Yes, insider threats do exist, but often they are unintended due to uneducated and assuming executives, lazy end users, non-paying cyber insurance companies, and over aggressive sales reps. There may be no malicious intent, but there can be severe consequences. These internal actors, whether through ignorance, apathy, or greed, frequently undermine cybersecurity efforts. In this “live” podcast session for future replay, our panelists identify the real cyber villains, as well as ones who seem to battle us on a different level. Who are the real villains? And who are the real heroes? It’s time to unmask the personalities, powers, and positions of cyber villains.
    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 2
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    3:45 pm
    [PLUS Course] Navigating the Cybersecurity Landscape: Tools and Tactics for Modern Defenses - Part 2
    • session level icon
    Network Information Gathering with Nmap
    speaker photo
    Cybersecurity Specialist and Founder of The Valander Group
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Mapping the Unknown: Network Discovery and Security with Nmap

    Understanding the layout and vulnerabilities of your network is a critical first step in safeguarding against cyber threats. This session focuses on Nmap, the gold standard tool for network discovery and security auditing. Attendees will learn the fundamentals of Nmap, including its various scanning techniques, options, and the interpretation of its output for actionable intelligence. Through practical examples, participants will be guided on how to effectively use Nmap for comprehensive network scans, service detection, and vulnerability assessment. This presentation aims to equip cybersecurity practitioners with the knowledge to use Nmap as a potent tool in their security toolkit, enhancing their ability to detect and respond to potential network vulnerabilities.

  • Thursday, April 18, 2024
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:15 pm
    Location / Room: Registration Desk / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 3
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    7:30 am
    [PLUS Course] Navigating the Cybersecurity Landscape: Tools and Tactics for Modern Defenses - Part 3
    • session level icon
    Web Vulnerability Assessment with Burp Suite
    speaker photo
    Cybersecurity Specialist and Founder of The Valander Group
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Fortifying Web Applications: Penetration Testing with Burp Suite

    In the realm of web application security, Burp Suite stands out as an indispensable tool for identifying vulnerabilities. This presentation delves into the capabilities of Burp Suite, from initial mapping and analysis of an application’s attack surface to finding and exploiting security flaws. Attendees will gain insights into setting up and utilizing the Burp Suite environment, employing its various tools for effective penetration testing, and understanding its role in securing web applications. Demonstrations will provide a hands-on look at conducting automated and manual testing, enhancing the skills needed to uncover and mitigate web application vulnerabilities. This session is designed to empower participants with the expertise to use Burp Suite as a critical component of their cybersecurity defenses.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    This roundtable discussion is for our Advisory Council members only.

    8:00 am
    Deception as a Tool in Your Cybersecurity Playbook
    • session level icon
    Special Presentation in Cooperation with Philadelphia InfraGard
    speaker photo
    Former Computer Scientist, FBI Cyber Division HQ
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Conventional tools and practices are not always sufficientto secure the assets you are charged with protecting. In hispresentation, former FBI Computer Scientist Dr. Russell Handorfdescribes a real-world dilemma where it was necessary to add an elementof deception to protect an asset. He then ties that experience into howdeception can – and should – be customized and applied to ITenvironments in order to deter and degrade the capabilities ofadversaries.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Converge 2024: Outcome-Driven Cybersecurity Transformation
    • session level icon
    speaker photo
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
    speaker photo
    Founding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
    speaker photo
    CIO, Morgan, Lewis & Bockius LLP
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    The cybersecurity landscape is no longer defined by APTs and static defenses; it’s a dynamic battlefield where agility, strategic insights and creative risk reduction executed with technical veracity drive differentiating outcomes. Our co-presenters provide differentiating insights at the intersection of national defense, global security trends, and cybersecurity risk management.

    This session helps you reimagine your security posture and provides you with a battle plan to protect your organizational assets. Col. Leighton and VJ delve into the defining trends of cybersecurity transformation, including using AI to shift from detection to prediction; addressing the evolving human factor risk with advanced security training and creating a culture of security; embracing integration and breaking down siloed data and disparate tools; and building future-proof defenses with automation and threat intelligence platforms.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    [Panel] Stories from the Front Lines of the Ransomware Pandemic in Healthcare
    • session level icon
    speaker photo
    Executive Director, Health Sector Coordinating Council Cybersecurity Working Group
    speaker photo
    CISO, ChristianaCare Health System
    speaker photo
    CISO, Temple Health
    speaker photo
    System Director, IT Security Operations, Main Line Health
    speaker photo
    Founder, Armstrong Risk Management LLC
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Our panelists draw on the lessons learned from hundreds of ransomware incidents at hospitals – and there’s no sign of incidents slowing down. The panelists take attendees on a historical journey that includes a variety of strange scenarios — ransomware combined with insider threat; the EHR is not encrypted but the hospital is still down; the decryption keys worked but the data is still unusable.
     
    The session uncovers topics, including:
    • Adopting a whole-organization approach to ransomware preparedness
    • Asking the question, to pay or not to pay?
    • What constitutes a data breach?
    • How has ransomware evolved, and what can we expect next?
    10:15 am
    Bouncing Back from Cyber Calamity: Crafting Watertight Business Continuity Plans
    • session level icon
    speaker photo
    CISO & CPO, Cooper University Health Care
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am
    Business continuity and disaster recovery planning are crucial to help organizations prepare for and recover from cyberattacks or data breaches. This session provides an overview of key strategies and best practices for developing a robust cyber resilience plan. Topics will include conducting a business impact analysis to prioritize critical systems and data, implementing comprehensive backup solutions, formulating incident response procedures, assessing supply chain vulnerabilities, retaining talent, and testing existing plans. Whether preparing for widespread ransomware attacks or isolated system failures, organizations must architect cyber resilience to minimize disruption and bounce back better than before.
    10:15 am
    Zscaler: Transforming IT for a Cloud-Enabled World
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    With an explosion of vendors providing cloud-based services are we ready to move security functions out of our premises as well? We will be exploring the market readiness to (re)move the security perimeter, the extent to which this can be accomplished, while discussing the challenges associated with this transformation.

    Audience Takeaway: Key considerations for both security and network transformation as IT teams undertake cloud initiatives (moving infrastructure to AWS/Google, building apps in Azure, deploying Office 365)

    Presentation topics: IT transformation, Cloud first, secure direct to internet access, security platform

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    A Journey to Zero Trust
    • session level icon
    speaker photo
    CISO, Flagship Credit Acceptance
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Session description coming soon.

    11:10 am
    [Panel] The Secret Potential of AI and ML: Empowering Cyber Superheroes with Artificial Intelligence
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Artificial intelligence (AI) and machine learning (ML) have emerged as powerful tools for cybersecurity professionals, offering the potential to revolutionize how organizations and individuals detect, analyze, and respond to cyber threats. Join us as we delve into the world of AI- and ML-powered cybersecurity, exploring the hidden potential of these technologies and their ability to transform cybersecurity superheroes into formidable defenders of the digital realm.

    Our panel of experts unravel the intricate world of AI and ML in cybersecurity, shedding light on the latest advancements, emerging applications, and the challenges involved in harnessing the power of these technologies effectively. They discuss the use of AI in threat detection and analysis, ML-powered threat prediction, and the potential of AI-driven automated response capabilities.

    Our panel provides a comprehensive overview of AI and ML in cybersecurity, empowering attendees to understand the hidden potential of these technologies and explore how they can be leveraged to enhance their organization’s cybersecurity posture. Learn how to identify and implement AI and ML solutions, overcome the challenges of data privacy and ethics, and embrace the future of AI-powered cybersecurity.

    11:10 am
    [Panel] Resilience: The Role of Cyber Incident Response
    • session level icon
    speaker photo
    Information Risk, Governance, and Resilience Executive, Hudson's Bay Company (HBC)
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    With increasing regulatory scrutiny such as the SEC disclosure requirements and the increasing number of cyber incidents, cyber incident response planning is key to enterprise resilience. A strong cybersecurity posture requires a robust governance, risk, and compliance program. Practicing good cyber hygiene, identifying vulnerabilities, timely patching, endpoint protection, policies, standards, training, and awareness, go hand in hand with an effective and tested incident response plan. This helps manage the risk of cyber incidents that could lead to a disruption. This panel session discusses the key elements of a cyber incident response plan; and how you can ensure that it is actionable. Learn about the importance of clear roles and responsibilities and communication protocols, tested via regular tabletops with impactful and plausible scenarios.
    12:00 pm
    [Lunch Keynote] Managing CISO Culpability and Risk Management Transparency
    • session level icon
    speaker photo
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    On the one hand, CISOs need to protect themselves. On the other hand, they need to better include executives in managing the risks cybersecurity leaders face. They (management) can’t be involved with the minutia CISOs deal with every day, but the aggregated risks are out of their line of sight until something goes wrong. Some mature companies have good programs in showing leadership the decisions and trade-offs made, but most are left to manage it and only report the super big issues up the leadership ladder. This keynote explores a better way to let management and the board know how prepared CISOs and their teams really are; and examines why it isn’t happening as much as it should. Learn how to protect your career, get more funding, and really let the business understand the risks when they own the technology.

    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Panel] Communications Boot Camp: How to Effectively Address Leadership
    • session level icon
    speaker photo
    Director, Information Security, CubeSmart
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session description coming soon.

    1:15 pm
    Outmaneuvering Cyber Threats and Streamlining Processes with Automation and Orchestration
    • session level icon
    speaker photo
    Chief of Cybersecurity, Region 3, DHS CISA
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session description coming soon.

    1:15 pm
    Beyond the Shadows: Anticipating Tomorrow's Cyber Threats
    • session level icon
    speaker photo
    CISO & CPO, Cooper University Health Care
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In the dynamic realm of cybersecurity, the battle between defenders and digital villains is an ongoing saga. This forward-looking session will explore the evolution of cyber threats, forecasting the next wave of challenges that organizations and individuals may face. We aim to unmask the upcoming generation of digital villains, examining their sophisticated tactics and exploiting vulnerabilities that may become prevalent in the future.

    Our distinguished panel of cybersecurity experts will dissect the motivations driving these threats, from the ever-adapting strategies of profit-driven cybercriminals to the evolving techniques employed by state-sponsored actors wielding cyberweapons. As we peer into the future, we will also address the role of emerging technologies in reshaping the threat landscape, providing insights that empower organizations to proactively defend against tomorrow’s cyber challenges.

    Join us in this exploration of the unseen, as we strive to anticipate and understand the threats that lie beyond the shadows of the current cybersecurity landscape.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    The GPT of Teaching: How Teaching Part-Time Can Transform Your Cybersecurity Career
    • session level icon
    speaker photo
    Cybersecurity Teaching Professor and Pentesting Project Lead, Drexel University
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm
    Teaching cybersecurity, even part-time, can greatly add technical and professional skills to your cybersecurity career portfolio. Hear how teaching can lead you in applying new technologies (such as ChatGPT) to the field, exploring new cybersecurity tools, communicating complex concepts in simple terms, and developing leadership skills. Explore how teaching can lead to cybersecurity contributions such as bug bounties, vulnerability disclosures, entries in the Google Hacking Database (GHDB), National Vulnerability Database (NVD) entries, new hacking tools, cybersecurity conference papers, and new partnerships. This session examines initial steps that you can take to get cybersecurity teaching experience that in turn boosts your cybersecurity career.
    2:10 pm
    Protecting Against OT and IoT Threats
    • session level icon
    speaker photo
    CISO, Trinseo
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    As Operational Technology (OT) and the Internet of Things (IoT) become integral components of organizational infrastructures, the cybersecurity landscape expands into uncharted territory. This session is dedicated to unraveling the intricacies of safeguarding against threats in the OT and IoT realms. Explore strategies for protecting critical infrastructure, manufacturing processes, and interconnected devices from evolving cyber threats. Industry experts share insights, case studies, and practical approaches to fortify defenses, emphasizing the unique challenges posed by the convergence of OT and IoT. Join this comprehensive discussion on securing the future of interconnected technologies in the face of emerging cyber risks.

    2:10 pm
    Security Alert Management: How to Manage Your Alerts without Losing Your Mind
    • session level icon
    speaker photo
    VP, Threat Detection Management, BlackRock
    speaker photo
    VP, Incident Response, BlackRock
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Alerting is essential for security monitoring, but it can also be overwhelming, distracting, and confusing to monitor the health and progress of alerts. How can you manage your alerts effectively without losing your mind? In this presentation, you will learn how to apply best practices and techniques for alert management, strategies, and ideas for monitoring your alerts to ensure their health. Learn how to generate metrics to show the alerts are working, and build a workflow/process for onboarding them. Don’t let your alerts drive you crazy; learn how to manage them like a pro.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Join your peers for conversation and complimentary hors d’oeuvres and beverages. This is a great opportunity to network with other security professionals from the area, and to discuss the hot topics from the day.

    3:30 pm
    [Closing Keynote] Building a Stronger InfoSec Community
    • session level icon
    speaker photo
    VP of IT, Visit Philadelphia
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    The strength of community is our greatest asset when it comes to cybersecurity. This session aims to inspire and mobilize cybersecurity professionals to foster a more robust and collaborative InfoSec community. Keith shares insights on the vital components of a strong cybersecurity community, including the roles of practitioners, business leaders, government entities, educators, students, and entrepreneurs.
     
    This talk delves into the multifaceted challenges faced by cybersecurity professionals, such as the rising sophistication of cyber-attacks, increased regulatory compliance, and the growing reliance on technology. Hear actionable strategies to build individual networks, integrate with other groups, empower each other, and the importance of mentorship. Keith addresses critical issues like diversity in cybersecurity, attracting and retaining talent, and improving the standing of cybersecurity within organizations.
    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 4
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    3:45 pm
    [PLUS Course] Navigating the Cybersecurity Landscape: Tools and Tactics for Modern Defenses - Part 4
    • session level icon
    Digital Forensics with CSI Linux
    speaker photo
    Cybersecurity Specialist and Founder of The Valander Group
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Solving Cyber Mysteries: Forensic Investigations with CSI Linux

    The digital landscape is fraught with complex cybercrimes that demand sophisticated tools for investigation. This presentation introduces CSI Linux, a comprehensive toolkit designed for digital forensics and investigative tasks. Participants will explore how CSI Linux equips professionals with the necessary tools to conduct thorough investigations, from data recovery to analysis of digital evidence. The session will cover the suite’s capabilities in gathering intelligence, analyzing malware, and cracking passwords, among other forensic activities. Through case studies and live demonstrations, attendees will learn how to apply CSI Linux tools in real-world scenarios, enhancing their investigative skills and bolstering their cybersecurity toolset for combating digital threats.

Exhibitors
  • Arctic Wolf Networks
    Booth: TBD

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

  • Binary Defense
    Booth: TBD

    Binary Defense is a managed security services provider and software developer with leading cybersecurity solutions that include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence. Binary Defense believes its unique approach resolves infosec’s biggest challenges such as limited in-house security expertise, lack of innovative resources and the significant budgetary and time investment required to ensure protection from today’s threats.

  • Cato Networks
    Booth: TBD

    Cato Networks pioneered the convergence of networking and security into the cloud. Aligned with Gartner’s Secure Access Service Edge (SASE) and Security Service Edge (SSE) frameworks, Cato’s vision is to deliver a next generation secure network architecture that eliminates the complexity, costs, and risks associated with legacy IT approaches based on disjointed point solutions. With Cato, organizations securely and optimally connect any user to any application anywhere on the globe. Our cloud-native architecture enables Cato to rapidly deploy new capabilities and maintain optimum security posture, without any effort from the IT teams. With Cato, your IT organization and your business are ready for whatever comes next. For more information, visit https://www.catonetworks.com.

  • Cloud Security Alliance Delaware Valley Chapter (CSA-DV)
    Booth: TBD

    Cloud Security Alliance Delaware Valley Chapter (CSA-DV) is a not-for-profit organization for people interested in education, training and possible certification in cloud security. We seek to improve the understanding of cloud security and to promote the interaction of both professionals and students in order to discuss current trends and topics within the industry.

    OUR PURPOSE:

    To promote cloud security best practices within the Greater Philadelphia region, to educate about cloud computing, identify its risks, methods to secure it, and to continually provide opportunities for the development of cloud security professionals.

  • CrowdStrike
    Booth: TBD

    CrowdStrike sets the standard for cybersecurity in the cloud era. The CrowdStrike Falcon® platform protects and enables the people, processes, and technologies that drive modern enterprise, delivering superior protection, better performance, reduced complexity, and immediate time-to-value. CrowdStrike secures the most critical areas of enterprise risk—endpoints and cloud workloads, identity, and data—to keep organizations ahead of today’s adversaries and stop breaches.

  • CyberArk Software
    Booth: TBD

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • Forcepoint
    Booth: TBD

    Forcepoint is transforming cybersecurity by focusing on what matters most: people’s behavior as they interact with critical data and systems. Forcepoint behavior-based solutions adapt to risk in real time and are delivered via a converged security platform, protecting the human point for thousands of enterprise and government customers. Our solutions include Cloud Security, Network Security, Data & Insider Threat Security.

  • Google Cloud
    Booth: TBD

    Google Cloud provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.

  • Philadelphia InfraGard Members Alliance
    Booth: TBD

    InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.

  • ISACA Philadelphia
    Booth: TBD

    The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.

  • ISC2
    Booth: TBD

    ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, ISC2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation, The Center for Cyber Safety and Education™.

  • ISSA Delaware Valley
    Booth: TBD

    Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
    We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”

  • Keysight
    Booth: TBD

    Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline, by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes; protecting users and applications with increased the efficiency, performance, and reliability of your security systems;  patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic; and practice your cyber skills enhancing your security and attack response skills against real-world threats.

  • Lacework
    Booth: TBD

    Lacework automates security across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP), providing a comprehensive view of risks across cloud workloads and containers. Lacework’s unified cloud security platform provides unprecedented visibility, automates intrusion detection, delivers one-click investigation, and simplifies cloud compliance.

  • Lookout
    Booth: TBD

    Lookout is a cybersecurity company that makes it possible for individuals and enterprises to be both mobile and secure. With 100 million mobile sensors fueling a dataset of virtually all the mobile code in the world, the Lookout Security Cloud can identify connections that would otherwise go unseen—predicting and stopping mobile attacks before they do harm.

  • National Cybersecurity Alliance
    Booth: TBD

    Our alliance stands for the safe and secure use of all technology. We encourage everyone to do their part to prevent digital wrongdoing of any kind. We build strong partnerships, educate and inspire all to take action to protect ourselves, our families, organizations and nations. Only together can we realize a more secure, interconnected world.

  • Okta
    Booth: TBD

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • Optiv
    Booth: TBD

    Optiv is a security solutions integrator delivering end-to-end cybersecurity solutions that help clients maximize and communicate the effectiveness of their cybersecurity programs. Optiv starts with core requirement of every enterprise—risk mitigation—and builds out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. Learn more at https://www.optiv.com.

  • Palo Alto Networks
    Booth: TBD

    Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world’s greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.

  • Pure Storage, Inc.
    Booth: TBD

    Pure Storage is pioneering a new class of enterprise storage that has been designed from the ground up to take full advantage of flash memory. The company’s products accelerate random I/O-intensive applications like server virtualization, desktop virtualization (VDI), database (OLTP, rich analytics/OLAP, SQL, NoSQL), and cloudcomputing.

    Pure Storage makes it cost-effective to broadly deploy flash within the data center, enabling organizations to manage growth within existing power and space constraints. Launching later this year, the company’s products are in private beta with select customers. Pure Storage is funded by Greylock Partners and Sutter Hill Ventures.

  • Red River + Cloudflare
    Booth: TBD

    Red River’s Security Practice has nearly 20 years of experience helping federal and enterprise customers strengthen their security stance with strategically-integrated data- and network-centric physical and cyber security solutions designed to protect critical assets, enable situational awareness and simplify security management. We not only hold the coveted Cisco Master Security Specialization, but our highly-certified experts use a balanced approach that blends leading-edge technology, systems, policies and proven processes to deliver secure, effective solutions that offer complete protection and long-term value to our customers. For more information, visit: https://redriver.com/.

    Cloudflare is a global network designed to make everything you connect to the internet secure, private, fast, and reliable.

    • Secure your websites, APIs, and Internet applications.
    • Protect corporate networks, employees, and devices.
    • Write and deploy code that runs on the network edge.

    For more information, visit https://www.cloudflare.com/.

  • SentinelOne
    Booth: TBD

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Sentra
    Booth: TBD

    Sentra’s multi-cloud data security platform, discovers, classifies, and prioritizes the most business-critical data security risks for organizations, enabling more effective, faster remediation and compliance adherence.

    Specializing in Data Security Posture Management (DSPM), Sentra ensures that the correct security posture moves with sensitive cloud data.
    By automatically detecting vulnerabilities, misconfigurations, over-permissions, unauthorized access, data duplication, and more – Sentra empowers data handlers to work freely and safely with public cloud data, while leveraging rich insights to drive business growth and innovation.

  • Team Cymru
    Booth: TBD

    Team Cymru’s mission is to save and improve human lives.  We are unrivalled across three disciplines; digital business risk platforms, free to use community services and support services to over 143 Government CSIRT teams.

    Our business risk and threat intelligence platforms empower global organizations with unmatched Threat Reconnaissance and Attack Surface Management capabilities to meet the challenges of today’s cyber threats.

    Community Services equip those who run the internet to defend it from criminals who wish to disrupt and cause harm, and CSIRT enables Governments the tools to outmaneuver nation state threat actors.

    Since 2005, our reputation remains unchallenged.

  • Skybox Security
    Booth: TBD

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • ThreatLocker
    Booth: TBD

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • Varonis Systems, Inc.
    Booth: TBD

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Veriti
    Booth: TBD

    Veriti is a fast-growing security infrastructure innovator that helps organizations maximize their security posture while ensuring business uptime.

    Integrated with the entire security stack, Veriti provides a consolidated management layer that continually and proactively monitors exposure to threats and provides actionable remediation paths for security gaps and high-risk vulnerabilities across the organization’s infrastructure and attack surface.

  • WiCyS Delaware Valley
    Booth: TBD

    Women make up only 11% of the cyber security workforce. With such low representation, it is essential that we advocate for and assist women as they navigate through the cyber security industry.

    Philadelphia Women & Cyber Security’s Mission: To provide opportunities to advance careers for professionals in Cyber Security through education, mentoring, and networking. A Supportive community for women in cyber security that works to promote and encourage women to develop their careers. We are open to any support for our mission from any gender. Come to the next Philadelphia Women and Cyber Security’s event to get to know other like-minded, female cyber security professionals in the area. We will discuss industry best practices, the latest security trends and solutions, and share lessons we’ve learned over the years. For more information, contact wicysdelawarevalley@wicys.org.

  • Zscaler
    Booth: TBD

    Zscaler’s Cloud-delivered security solution provides policy-based secure internet access for any employee, on any device, anywhere. Our proxy and scanning scalability ensures ultra-low latency in a 100% SaaS security solution requiring no hardware, software or desktop all while providing complete control over security, policy and DLP.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Eric Robuck, Instructor
    Cybersecurity Specialist and Founder of The Valander Group

    Eric Robuck is a seasoned cybersecurity expert with over two decades of experience in the industry. As the owner and founder of The Valander Group, he leads a team of top-notch business experts dedicated to providing comprehensive cybersecurity solutions for business owners.

    Eric's extensive military background as a Warrant Officer focused on information technology and security has equipped him with the necessary skills and knowledge to handle complex cybersecurity challenges. He has a deep understanding of programming, database design, electronic information transfer, and project management, which allows him to develop and implement effective cybersecurity strategies for his clients.

    Eric holds multiple professional certifications, including the CISSP, CEH, Security+, and AWS Practitioner. He has done masters work in Cybersecurity and leadership in Cyber Security to further enhance his knowledge and skills. Eric's expertise in cybersecurity makes him an invaluable asset to businesses looking to protect themselves from cyber threats.

    When he's not working, Eric enjoys spending time with his family and staying active on the golf course. With his impressive track record and diverse skillset, Eric is a force to be reckoned with in the world of cybersecurity, and his clients trust him to keep their businesses safe from cyber-attacks.

  • speaker photo
    Krista Arndt
    CISO, United Musculoskeletal Partners

    Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

    Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

    Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

    Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

  • speaker photo
    Jordan Fischer
    Cyber Attorney, Partner, Constangy, Brooks, Smith & Prophete, LLP

    Jordan Fischer represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    Margaux Weinraub
    Cyber Practice Leader, Graham Company, a Marsh & McLennan Agency LLC Company
  • speaker photo
    Shevani Jaisingh
    Senior Counsel, TittmannWeix
  • speaker photo
    Katie Crowley, Moderator
    AVP, eRisk Underwriting, Crum & Forster
  • speaker photo
    Matthew Jochym
    VP, Cyber Observability, BlackRock
  • speaker photo
    Chris Jennings
    VP, Cyber Analytics, BlackRock
  • speaker photo
    Dave Gold
    Field CTO, Americas, SentinelOne

    Dave has more than 15 years experience in enterprise information security and brings a strong track record of innovation and customer focus to SentinelOne. Prior to SentinelOne, he was the VP of Product and VP of Solutions Architecture at ProtectWise and helped launch and build the company from stealth to a successful exit to Verizon. Dave helped define the network detection and response market and has helped many organizations develop detection and response strategies and to embrace cloud delivered technologies. He has also led Firewall Product Management at McAfee and has held various roles in sales engineering, product management and support at Websense, Intel, McAfee and Secure Computing.

  • speaker photo
    Greg Garcia
    Executive Director, Health Sector Coordinating Council Cybersecurity Working Group

    Greg served as former (and nation's first) Assistant Secretary for Cybersecurity and Communications at the U.S. Department of Homeland Security, appointed by President Bush in 2006. He also led the Financial Services Sector Coordinating Council, and served in Congress and senior industry executive roles in technology and security.

  • speaker photo
    David Lingenfelter
    VP, Information Security, PENN Entertainment

    David Lingenfelter is the Vice President of Information Security at Penn Entertainment, responsible for ensuring the highest possible level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

    Prior to joining Penn Entertainment, David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform. David also led the charge for getting MaaS360 to be the first mobile device management platform certified for use by the federal government under the FedRAMP program.

    As a member of the Cloud Security Alliance David was co-chair of the Mobile Working Group culminating in the publication of the “Security Guidance for Critical Areas of Mobile Computing”. David also gave input to early versions of the Cloud Control Matrix and other publications and is a former president of the Delaware Valley chapter of the Cloud Security Alliance. David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

  • speaker photo
  • speaker photo
    Okta Representative
  • speaker photo
    Panel Discussion
  • speaker photo
    Team Cymru Representative
  • speaker photo
    Paul Lynch
    Director, Information Security, CubeSmart

    Paul Lynch, who has more than 20 years of experience in information technology, is Director of Information Security and Infrastructure for CubeSmart Self Storage. He has established security governance programs and best practices for government, non-profit, private, and publicly traded organizations ranging from technology startup to city. He holds several information security certifications, including Certified CISO, CISSP, ISSMP, and CCSP. He has served as a subject matter expert for EC-Council and (ISC)2, specializing in security governance and cloud security. He serves on the Customer Advisory Board for eSentire.

  • speaker photo
    Tammy Klotz
    CISO, Trinseo

    Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.

  • speaker photo
    Donna Ross
    Executive VP & CISO, Radian Group

    Dynamic leader and board member demonstrating over 20 years of diverse risk, compliance, information security, technology, and operations experience within the manufacturing, insurance, banking, financial services, and retail sector. Adept in developing and implementing strategic technology and risk solutions, performing research and analysis to keep employer advised regarding emerging technologies and management of risk. Security and DEI evangelist.

  • speaker photo
    Arielle Baine
    Chief of Cybersecurity, Region 3, DHS CISA
  • speaker photo
    Molly Dodge, Moderator
    Information Security Analyst, Federal Reserve Bank of Philadelphia
  • speaker photo
    Jeff Williams
    Founder & CTO, Contrast Security
  • speaker photo
    Lacework Representative
  • speaker photo
    Panel Discussion
  • speaker photo
    Sara Ricci
    Information Risk, Governance, and Resilience Executive, Hudson's Bay Company (HBC)

    Sara Ricci is an accomplished executive with a proven track record in global leadership roles, building new capabilities and enhancing organizational resilience. She is experienced in Risk Management and Technology Enablement in highly regulated financial and energy sectors. Sara excels at building trust and credibility with executives, clearly communicating risk concepts and strategies in non-technical terms to help drive business results.

    As a Risk and Resilience leader, Sara leverages prior experience as Head of Information Risk Governance and Resilience at HBC and senior leadership roles at HCL Technologies, New York Power Authority, JP Morgan Chase, Citi, Bank of America and UBS. She has led global implementations of governance, risk management and compliance programs, aligning risk and reward with business strategy, specializing in Operational Risk, IT Risk, Information Security, Business Continuity, Enterprise Risk, Third Party Risk, Operational Resilience, Enterprise Resource Planning, Software development and Business Process improvements.

    Sara actively collaborates across organizations and helped develop industry guidance for the financial and energy sectors, including maturity models in Resilience and Cybersecurity, whitepapers and benchmarking studies in Risk Appetite and Resiliency. MBA (Finance and Management), CRISC, CDPSE, CBCP, HSEEP, SCR.

  • speaker photo
    Arielle Baine
    Chief of Cybersecurity, Region 3, DHS CISA
  • speaker photo
    Derek Fisher
    Executive Director of Product Security, JPMorgan Chase & Co.
  • speaker photo
    Colleen Lennox, Moderator
    Founder & CEO, Cyber Job Central
  • speaker photo
    Chris Barone
    Security Architecture Lead, Wawa, Inc.

    Currently the Lead Security Architect at Wawa, Chris has had multiple roles developing process and evangelizing security functions to the rest of the organization. Chris' undergraduate degree is from Drexel University, and he holds a Master's in Cybersecurity Strategy from George Washington University.

  • speaker photo
    Happy Hour
  • speaker photo
    Krista Arndt
    CISO, United Musculoskeletal Partners

    Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

    Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

    Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

    Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

  • speaker photo
    David Lingenfelter
    VP, Information Security, PENN Entertainment

    David Lingenfelter is the Vice President of Information Security at Penn Entertainment, responsible for ensuring the highest possible level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

    Prior to joining Penn Entertainment, David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform. David also led the charge for getting MaaS360 to be the first mobile device management platform certified for use by the federal government under the FedRAMP program.

    As a member of the Cloud Security Alliance David was co-chair of the Mobile Working Group culminating in the publication of the “Security Guidance for Critical Areas of Mobile Computing”. David also gave input to early versions of the Cloud Control Matrix and other publications and is a former president of the Delaware Valley chapter of the Cloud Security Alliance. David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

  • speaker photo
    Keith McMenamin
    VP of IT, Visit Philadelphia

    Keith McMenamin is the Vice President of Information Technology at VISIT PHILADELPHIA®, the region’s official tourism marketing agency. In his 17 years with VISIT PHILADELPHIA®, Mr. McMenamin is credited with building and securing the technical infrastructure for an award-winning organization that was responsible for creating $11 billion dollars in economic impact for the city of Philadelphia in 2022. Over the years, he quickly became a trusted advisor to C-Suite executives along with evolving into the “go-to tech guy” for friends and colleagues in the local tourism marketing and media industries. Keith is a regular speaker and panelist at national industry conferences, volunteer at local schools and founder of the Philly Tech Council.

    Outside of the office Keith enjoys playing sports, spending time with his family and taking long vacations to Southern California.

  • speaker photo
    Chris Glanden, Host
    Founder, The BarCode Podcast

    Chris Glanden is an experienced cybersecurity strategist and the Founder & CEO of BarCode Security, a full-service consulting firm he launched in November 2023. Through BarCode, Glanden provides advisory services, pentesting, training, and incident response with a team of seasoned industry experts.

    In 2020, Glanden started the BarCode Security podcast to have engaging discussions with global cybersecurity leaders. As COVID restrictions lifted, he took the show on the road nationwide, recording live at venues like private yachts, tech meetups, and hacker conventions. The podcast and live events aim to educate on diverse perspectives in cybersecurity leadership and culture.

    Concurrently, Glanden is producing his first documentary film “Inhuman,” focused on weaponized AI, slated for release in 2024. His approach across projects combines the technical aspects of cybersecurity with a creative and entertainment angle, emphasizing the importance of understanding the human side in establishing efficient security programs.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Eric Robuck, Instructor
    Cybersecurity Specialist and Founder of The Valander Group

    Eric Robuck is a seasoned cybersecurity expert with over two decades of experience in the industry. As the owner and founder of The Valander Group, he leads a team of top-notch business experts dedicated to providing comprehensive cybersecurity solutions for business owners.

    Eric's extensive military background as a Warrant Officer focused on information technology and security has equipped him with the necessary skills and knowledge to handle complex cybersecurity challenges. He has a deep understanding of programming, database design, electronic information transfer, and project management, which allows him to develop and implement effective cybersecurity strategies for his clients.

    Eric holds multiple professional certifications, including the CISSP, CEH, Security+, and AWS Practitioner. He has done masters work in Cybersecurity and leadership in Cyber Security to further enhance his knowledge and skills. Eric's expertise in cybersecurity makes him an invaluable asset to businesses looking to protect themselves from cyber threats.

    When he's not working, Eric enjoys spending time with his family and staying active on the golf course. With his impressive track record and diverse skillset, Eric is a force to be reckoned with in the world of cybersecurity, and his clients trust him to keep their businesses safe from cyber-attacks.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Eric Robuck, Instructor
    Cybersecurity Specialist and Founder of The Valander Group

    Eric Robuck is a seasoned cybersecurity expert with over two decades of experience in the industry. As the owner and founder of The Valander Group, he leads a team of top-notch business experts dedicated to providing comprehensive cybersecurity solutions for business owners.

    Eric's extensive military background as a Warrant Officer focused on information technology and security has equipped him with the necessary skills and knowledge to handle complex cybersecurity challenges. He has a deep understanding of programming, database design, electronic information transfer, and project management, which allows him to develop and implement effective cybersecurity strategies for his clients.

    Eric holds multiple professional certifications, including the CISSP, CEH, Security+, and AWS Practitioner. He has done masters work in Cybersecurity and leadership in Cyber Security to further enhance his knowledge and skills. Eric's expertise in cybersecurity makes him an invaluable asset to businesses looking to protect themselves from cyber threats.

    When he's not working, Eric enjoys spending time with his family and staying active on the golf course. With his impressive track record and diverse skillset, Eric is a force to be reckoned with in the world of cybersecurity, and his clients trust him to keep their businesses safe from cyber-attacks.

  • speaker photo
    Dr. Russell Handorf, Guest Speaker
    Former Computer Scientist, FBI Cyber Division HQ
  • speaker photo
    Col. Cedric Leighton
    CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC

    Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

  • speaker photo
    VJ Viswanathan
    Founding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)

    VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.

    With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.

    VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.

    VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.

  • speaker photo
    Steve Naphy, Moderator
    CIO, Morgan, Lewis & Bockius LLP

    Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

  • speaker photo
    Greg Garcia
    Executive Director, Health Sector Coordinating Council Cybersecurity Working Group

    Greg served as former (and nation's first) Assistant Secretary for Cybersecurity and Communications at the U.S. Department of Homeland Security, appointed by President Bush in 2006. He also led the Financial Services Sector Coordinating Council, and served in Congress and senior industry executive roles in technology and security.

  • speaker photo
    Anahi Santiago
    CISO, ChristianaCare Health System

    Anahi Santiago is the Chief Information Security Officer at ChristianaCare Health System, the largest healthcare provider in the state of Delaware. Prior to CCHS, she spent over 10 years as the Information Security and Privacy Officer at Einstein Healthcare Network. In her role as CISO, Anahi has overall responsibility for the organization's cybersecurity and assurance program. She leads a team of information security professionals in supporting CCHS's strategic initiatives by collaborating with clinical and business leaders, managing cybersecurity risks, implementing policies and controls, generating overall awareness, and fostering a culture of security and safety.

  • speaker photo
    Hugo Lai
    CISO, Temple Health
  • speaker photo
    Kevin Werner
    System Director, IT Security Operations, Main Line Health

    Kevin is the System Director of Security Operations at Main Line Health, a mid-sized hospital system in Suburban Philadelphia, where his team oversees all non-GRC aspects of information security. He has more than a decade of information security experience and is a licensed attorney in Pennsylvania and New Jersey. He currently holds a CISSP certification as well as a CIPP/US certification. Kevin went to the College of the Holy Cross in Worcester, MA, for undergrad with a degree in Philosophy, and attended the Villanova University School of Law.

  • speaker photo
    Justin Armstrong, Moderator
    Founder, Armstrong Risk Management LLC

    Justin Armstrong is a security, privacy, and regulatory compliance consultant with over 25 years of experience in the Healthcare Industry. He worked as a vCISO at FractionalCISO, managed security at Healthcare Cybersecurity startup Tausight, and led Product Security at MEDITECH, a top three Electronic Health Record vendor. He has engaged with Hospitals in nearly 100 ransomware incidents.

    Recently he founded Armstrong Risk Management to provide guidance on security, privacy, and regulatory compliance to companies large and small.

    He holds the CISSP and HCISPP certifications and obtained his Masters in Cybersecurity Leadership at Brandeis University.

  • speaker photo
    Phil Curran
    CISO & CPO, Cooper University Health Care

    Phil Curran has more than 25 years of experience in information security and privacy in the military, government and private sectors. As the Chief Information Assurance Officer and Chief Privacy Officer at Cooper University Health Care in Camden NJ, he is responsible for managing governance and regulatory compliance, risk assessment and management, threat intelligence and vulnerability assessment, privacy and security investigations, business continuity, and awareness and training. He has served on the Health Information Trust Alliance (HITRUST) task force to integrate privacy controls in the Common Security Framework and the development of the ISC2 Health Care Information Security and Privacy Practitioner. Phil serves on the Executive Committee for Secure World – Philadelphia and the Philadelphia and New Jersey Chapters of the CISO Executive Network. He has spoken on Information Security and Privacy issues at Secure World and HIMSS Privacy and Security.

  • speaker photo
    Zscaler Representative
  • speaker photo
    Bryan Bechard
    CISO, Flagship Credit Acceptance

    Bryan is a 20+ year InfoSec career professional currently serving as CISO for an auto finance company and teaching the next generation of InfoSec pros.

  • speaker photo
    Panel Discussion
  • speaker photo
    Sara Ricci, Moderator
    Information Risk, Governance, and Resilience Executive, Hudson's Bay Company (HBC)

    Sara Ricci is an accomplished executive with a proven track record in global leadership roles, building new capabilities and enhancing organizational resilience. She is experienced in Risk Management and Technology Enablement in highly regulated financial and energy sectors. Sara excels at building trust and credibility with executives, clearly communicating risk concepts and strategies in non-technical terms to help drive business results.

    As a Risk and Resilience leader, Sara leverages prior experience as Head of Information Risk Governance and Resilience at HBC and senior leadership roles at HCL Technologies, New York Power Authority, JP Morgan Chase, Citi, Bank of America and UBS. She has led global implementations of governance, risk management and compliance programs, aligning risk and reward with business strategy, specializing in Operational Risk, IT Risk, Information Security, Business Continuity, Enterprise Risk, Third Party Risk, Operational Resilience, Enterprise Resource Planning, Software development and Business Process improvements.

    Sara actively collaborates across organizations and helped develop industry guidance for the financial and energy sectors, including maturity models in Resilience and Cybersecurity, whitepapers and benchmarking studies in Risk Appetite and Resiliency. MBA (Finance and Management), CRISC, CDPSE, CBCP, HSEEP, SCR.

  • speaker photo
    Todd Bearman
    VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Paul Lynch, Moderator
    Director, Information Security, CubeSmart

    Paul Lynch, who has more than 20 years of experience in information technology, is Director of Information Security and Infrastructure for CubeSmart Self Storage. He has established security governance programs and best practices for government, non-profit, private, and publicly traded organizations ranging from technology startup to city. He holds several information security certifications, including Certified CISO, CISSP, ISSMP, and CCSP. He has served as a subject matter expert for EC-Council and (ISC)2, specializing in security governance and cloud security. He serves on the Customer Advisory Board for eSentire.

  • speaker photo
    Arielle Baine
    Chief of Cybersecurity, Region 3, DHS CISA
  • speaker photo
    Panel Discussion
  • speaker photo
    Phil Curran, Moderator
    CISO & CPO, Cooper University Health Care

    Phil Curran has more than 25 years of experience in information security and privacy in the military, government and private sectors. As the Chief Information Assurance Officer and Chief Privacy Officer at Cooper University Health Care in Camden NJ, he is responsible for managing governance and regulatory compliance, risk assessment and management, threat intelligence and vulnerability assessment, privacy and security investigations, business continuity, and awareness and training. He has served on the Health Information Trust Alliance (HITRUST) task force to integrate privacy controls in the Common Security Framework and the development of the ISC2 Health Care Information Security and Privacy Practitioner. Phil serves on the Executive Committee for Secure World – Philadelphia and the Philadelphia and New Jersey Chapters of the CISO Executive Network. He has spoken on Information Security and Privacy issues at Secure World and HIMSS Privacy and Security.

  • speaker photo
    Thomas Heverin
    Cybersecurity Teaching Professor and Pentesting Project Lead, Drexel University

    Former Navy researcher turned cybersecurity educator, Dr. Thomas Heverin ignites minds at The Baldwin School, an all-girls college preparatory school, and Drexel University. He empowers future ethical hackers, sparks innovation with tools like ChatGPT, and uncovers critical ICS vulnerabilities. Google hacks, new hacking modules, new GPTs, and cybersecurity research papers, are just his realm of discovery. A champion of diversity in STEM (Girls Who Code, Black Girls Code, TechGirlz), Thomas brings his Ph.D. and CISSP knowledge to inspire the next generation of cybersecurity professionals.

  • speaker photo
    Tammy Klotz
    CISO, Trinseo

    Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.

  • speaker photo
    Robert Pavone
    VP, Threat Detection Management, BlackRock
  • speaker photo
    Bill Tenerelli
    VP, Incident Response, BlackRock
  • speaker photo
    Happy Hour
  • speaker photo
    Keith McMenamin
    VP of IT, Visit Philadelphia

    Keith McMenamin is the Vice President of Information Technology at VISIT PHILADELPHIA®, the region’s official tourism marketing agency. In his 17 years with VISIT PHILADELPHIA®, Mr. McMenamin is credited with building and securing the technical infrastructure for an award-winning organization that was responsible for creating $11 billion dollars in economic impact for the city of Philadelphia in 2022. Over the years, he quickly became a trusted advisor to C-Suite executives along with evolving into the “go-to tech guy” for friends and colleagues in the local tourism marketing and media industries. Keith is a regular speaker and panelist at national industry conferences, volunteer at local schools and founder of the Philly Tech Council.

    Outside of the office Keith enjoys playing sports, spending time with his family and taking long vacations to Southern California.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Eric Robuck, Instructor
    Cybersecurity Specialist and Founder of The Valander Group

    Eric Robuck is a seasoned cybersecurity expert with over two decades of experience in the industry. As the owner and founder of The Valander Group, he leads a team of top-notch business experts dedicated to providing comprehensive cybersecurity solutions for business owners.

    Eric's extensive military background as a Warrant Officer focused on information technology and security has equipped him with the necessary skills and knowledge to handle complex cybersecurity challenges. He has a deep understanding of programming, database design, electronic information transfer, and project management, which allows him to develop and implement effective cybersecurity strategies for his clients.

    Eric holds multiple professional certifications, including the CISSP, CEH, Security+, and AWS Practitioner. He has done masters work in Cybersecurity and leadership in Cyber Security to further enhance his knowledge and skills. Eric's expertise in cybersecurity makes him an invaluable asset to businesses looking to protect themselves from cyber threats.

    When he's not working, Eric enjoys spending time with his family and staying active on the golf course. With his impressive track record and diverse skillset, Eric is a force to be reckoned with in the world of cybersecurity, and his clients trust him to keep their businesses safe from cyber-attacks.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your local cybersecurity community for learning and professional growth!