googletag.cmd.push(function() { googletag.display('div-gpt-ad-1482431611496-4'); });
Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, April 9, 2025
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:15 pm
    Location / Room: Registration Desk / Lobby

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous Future - Part 1
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Artificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.

    Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.

    This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:

    Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.

    Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.

    Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.

    Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.

    Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0 - Part 1
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:15 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast (VIP / Invite only)
    • session level icon
    speaker photo
    VP, CISO, TE Connectivity
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    BEC Attacks: The Stealthiest and Most Lucrative Threat
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am
    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] The Hidden Costs of Cybersecurity: Unveiling the True Price of Protection
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    With cyber threats evolving at an unprecedented pace, organizations are increasingly aware of the need for robust cybersecurity measures. However, the true cost of cybersecurity extends far beyond the visible expenses of software licenses and security personnel. This keynote panel delves into the often-overlooked aspects of cybersecurity that can significantly impact an organization’s bottom line and operational efficiency. The panel explores:

    • The multifaceted nature of cybersecurity costs, beginning with the critical yet often underestimated areas of incident response (IR) readiness and preparedness.
    • The importance of comprehensive business continuity planning, highlighting how inadequate planning can lead to substantial financial losses and reputational damage. The panel cites real-world examples, including the recent CrowdStrike outage, to illustrate the cascading effects of service disruptions on both providers and their clients.
    • The legal aspects of cybersecurity, exploring how regulatory compliance, potential liabilities, and the cost of legal counsel in the aftermath of a breach contribute to the hidden costs of security. Don’t forget the often-underestimated impact of third-party risk and the importance of robust vendor management practices.
    • How to challenge the conventional wisdom of relying heavily on a single security vendor, advocating for a diversified approach that can enhance resilience and reduce dependency risks. The panel also addresses the counterintuitive problem of implementing too many security controls, which can paradoxically slow recovery efforts after an incident and increase operational complexity.
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Engaging with and Driving Innovation in Cybersecurity
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description to come.

    10:15 am
    [Panel] Beyond the Single Point of Failure
    • session level icon
    Lessons from Recent Vendor Incidents and Strategies for Resilience
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Recent incidents involving major cybersecurity vendors like CrowdStrike and Microsoft have highlighted the critical issue of single-point failures in our digital defense ecosystems. This panel session delves into the aftermath of these events and explores the broader implications for organizational cybersecurity strategies. Our expert panel discusses:

    • The dangers of over-reliance on single vendors: Exploring the risks associated with putting all your security eggs in one basket.
    • Developing a multi-vendor strategy: Balancing the benefits of integrated solutions with the need for redundancy and resilience.
    • Incident response planning: Preparing for vendor-related outages or failures as part of your overall cybersecurity strategy.
    • Future outlook: How the industry might evolve to address these challenges.

    Gain valuable insights into creating more resilient security architectures that can withstand vendor-specific incidents.

    10:15 am
    Starting Your Zero Trust Journey on the Right Foot
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Session description to come.

    10:15 am
    Harnessing Data Analytics for Robust Fraud Detection and Prevention
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Session description to come.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    Myths, Monsters, and Magic: How to Succeed in Cybersecurity
    • session level icon
    speaker photo
    CISO, Penn Entertainment
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Recent surveys have shown that the burnout rate for cybersecurity professions is upwards of 60%. High stress, long hours, rapidly changing landscape, all make the job of a cybersecurity professional difficult on a good day. Add on top of handling the technical aspects of cybersecurity the need to be able to translate what you do into terms that people understand. Because, let’s be honest, no one understands what we do. The less tech savvy people think we’re wizards. Management thinks we’re snake oil salespeople just looking for more budget so we can control everything. So how do you build a successful career in cybersecurity? Pull up a chair and let’s talk about the myths, monsters, and magic behind building a successful career in cybersecurity.

    11:10 am
    Navigating Your Cybersecurity Career: Pathing, Pivots, and Progress
    • session level icon
    speaker photo
    Sr. Manager, Information Security, Affiliated Distributors
    speaker photo
    President & CEO, Keysec Advisors
    speaker photo
    Cybersecurity Specialist & Founder, The Valander Group
    speaker photo
    Information Security Analyst, Federal Reserve Bank of Philadelphia
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    The cybersecurity field offers a vast range of opportunities, but plotting a successful career path can feel overwhelming. Whether you’re just starting out, looking to pivot mid-career, or considering a move to a new company or role, the journey requires strategic planning and adaptability.

    This interactive panel discussion brings together seasoned cybersecurity professionals to share their insights, experiences, and practical advice on moving ahead at any stage of your career in cybersecurity. Key topics include:

    • Exploring Career Pathing: Understand the diverse career tracks within cybersecurity, from technical specializations like penetration testing and cloud security to leadership roles like CISO and beyond.
    • Mid-Career Pivots: Learn how to navigate transitions—whether switching to a new company, changing roles, or making a full career shift into cybersecurity from another field.
    • Building Resilience and Growth: Discover strategies for staying relevant in a fast-paced, ever-changing industry while balancing professional and personal growth.
    • Skills That Matter: Identify the technical and soft skills in demand today and how to position yourself as a top candidate for your dream role.

    Whether you’re climbing the cybersecurity ladder, considering a lateral move, or looking to redefine your career, this session offers actionable advice and inspiration to take the next step with confidence. Bring your questions and prepare for a candid, thought-provoking discussion about the future of your cybersecurity career.

    11:10 am
    Micro Segmentation: What You Need to Know
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description to come.

    11:10 am
    [Panel] The Evolving Cyber Threat Landscape: Tales of Villains, Heroes, and Resilience
    • session level icon
    speaker photo
    Principal Solutions Architect (Cloud Security SME), Bitdefender
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Today’s professionals face challenges reminiscent of classic fairy tales: shadowy villains, unexpected allies, and battles for safety and survival. This panel will delve into the current threat landscape, from ransomware dragons to insider trolls. It will offer insights into the strategies and tools organizations need to craft their own happily ever after in cybersecurity.

    12:00 pm
    [Lunch Keynote] Learning How to Story Tell to Move Cybersecurity Forward
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description to come.

    12:00 pm
    Advisory Council Roundtable Lunch (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Panel] ASPIRE Your Approach: Repay Engineering by Investing in Application Security
    • session level icon
    speaker photo
    Head of Security Assurance and Operations, DAT Freight & Analytics
    speaker photo
    CISO, DAT Freight & Analytics
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Challenges with engineering moving faster with their CI/CD pipelines, releases, and environment updates still need security involved to adopt and scale. Security investments often increasingly create friction within the organization. This session helps security professionals look at their AppSec program with a “more investment is good” model. This mantra allows security and engineering—and the business—to scale with quality, speed, and innovation that improves security and fosters better engineering partnerships.

    1:15 pm
    Get to Know, and Get Along with, Your General Counsel and CFO
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session description to come.

    1:15 pm
    Building a Strong Defense with PCI Compliance
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    As the cybersecurity landscape evolves, the associated PCI requirements supporting those security considerations are also changing. Is your organization well positioned to adapt to the updated guidance issued with version 4.0.1 and the upcoming implementation deadlines for the March 31, 2025, requirements? This presentation explores the essential quick wins for payment card security and PCI compliance related to the new version, 4.0.1, and how to best guard your cardholder data without committing the whole IT team defensive line to compliance-related tasks.

    Key topics include:

    • Rule Changes: Updates to PCI DSS in version 4.0.1
    • Game Footage: Common High-Risk Misses
    • Away Games: Future Dated (2025) Requirements
    1:15 pm
    [Panel] Protecting Data and Systems in the Cloud
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Session description to come.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Weaponizing OSINT: The Silent Threat in Social Engineering Attacks
    • session level icon
    speaker photo
    Cybersecurity Specialist & Founder, The Valander Group
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    In today’s interconnected world, public data has become a powerful weapon in the hands of cybercriminals and ethical hackers alike. This presentation dives deep into how attackers leverage Open-Source Intelligence (OSINT) to craft highly convincing and successful social engineering campaigns. From mining social media profiles and job boards to exploiting organizational leaks and public records, the session explores how seemingly harmless data can be weaponized to gain unauthorized access to systems and sensitive information.

    Come ready to witness live demos showcasing OSINT tools, techniques, and real-world social engineering scenarios that highlight the devastating impact of data exposure. Eric provides actionable steps to minimize OSINT risks through employee awareness, privacy hygiene, and security-first organizational policies. By the end of this session, participants will understand why protecting public data is as critical as securing internal networks—and how to do it effectively.

    2:10 pm
    Managing AI Platform Risk: How Security and Engineering Partner to Deliver Trusted Models
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    This panel discusses why trust is so important to Salesforce and how we approach securing our Generative AI offerings for our customers. The panelists share best practices, tooling, and pitfalls to avoid along the way.

    2:10 pm
    Securing Success: The Impact of Networking, Education, and Certifications in Cybersecurity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Session description to come.

    2:10 pm
    How to Build Trustworthy and Secure AI Systems: Key Frameworks & Vulnerabilities You Need to Know
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    The advancements of artificial intelligence (AI) have taken both popular culture and almost every industry by storm, due to the technology’s far-reaching abilities to augment human skills and bring safety and efficiency to several areas of our everyday lives. But these systems also bring with them a wealth of challenges, from ethics to security. We must be just as concerned about an organizations’ use of AI in critical workflows as we should be about LLMs disclosing sensitive data. How we evaluate these systems security, resilience, and robustness will be driven by well-established bedrock principles in both audit and assessments.

    3:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    3:00 pm
    Happy Hour
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 4:15 pm

    Join your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.

     

    3:30 pm
    [Closing Keynote] The State of Cybersecurity in the Region
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm

    Session description to come.

    3:45 pm
    [PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous Future - Part 2
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Artificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.

    Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.

    This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:

    Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.

    Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.

    Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.

    Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.

    Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0 - Part 2
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

  • Thursday, April 10, 2025
    7:00 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:00 am - 4:15 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous Future - Part 3
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Artificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.

    Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.

    This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:

    Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.

    Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.

    Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.

    Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.

    Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0 - Part 3
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:15 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable Breakfast (VIP / Invite only)
    • session level icon
    speaker photo
    CIO, Morgan, Lewis & Bockius LLP
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:45 am

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    8:00 am
    Association Chapter Meetings
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Participating professional associations and details to be announced.

    8:00 am
    Benchmarking Your Cybersecurity Framework
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:45 am

    Measuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.

    8:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:45 am - 9:00 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    9:00 am
    [Opening Keynote] Digital Cloak and Daggers: Nation-State Threats in an Era of Complex Dependencies
    • session level icon
    speaker photo
    VP, CISO, TE Connectivity
    speaker photo
    VP, Cyber and AI, Azzur Group
    speaker photo
    CIO, Morgan, Lewis & Bockius LLP
    speaker photo
    Executive Director of Product Security, JPMorgan Chase & Co.
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    This panel explores the challenges facing the United States and its Western allies in managing relationships with strategic competitors, particularly China, in an environment where digital threats coexist with economic partnerships. Our speakers examine how nation-states leverage cyber capabilities, intellectual property theft, and digital infrastructure to advance their strategic interests while maintaining essential trade relationships. The discussion focuses on China’s evolving role as both a critical economic partner and a significant security concern, while also addressing emerging threats from other state actors.

    Panelists analyze practical approaches to protecting national security interests and critical infrastructure without severing vital international economic ties. Topics include supply chain security, technology transfer concerns, diplomatic strategies for cyber deterrence, and frameworks for selective economic decoupling in critical sectors. The session concludes with recommendations for developing more resilient international relationships that balance security imperatives with economic realities.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    10:15 am
    Bug Bounties: Tips from the Triager
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Hear directly how someone who has spent years reviewing and prioritizing bug bounty program submissions approaches the task. In this talk, discover how to craft reports that stand out, ensuring your findings are presented for maximum impact and value. Discover the most common pitfalls to avoid, tips on how to structure your reports for clarity and precision, and hear highlights of the key elements triagers focus on to determine the severity and validity of vulnerabilities.

     

    10:15 am
    Investing in Your Application Security Programs
    • session level icon
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description to come.

    10:15 am
    Bug Bounties: Tips from the Triager
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Hear directly how someone who has spent years reviewing and prioritizing bug bounty program submissions approaches the task. In this talk, discover how to craft reports that stand out, ensuring your findings are presented for maximum impact and value. Discover the most common pitfalls to avoid, tips on how to structure your reports for clarity and precision, and hear highlights of the key elements triagers focus on to determine the severity and validity of vulnerabilities.

     

    10:15 am
    Tabletop Exercises: The Fun Kind
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Tabletops are not new in incident response training. But oftentimes, they’re pretty dull or ridden with anxiety. But, what if we applied gamification and game-based learning techniques? By transforming tabletop exercises into interactive, engaging scenarios, with Dungeons & Dragons-style play, we can make them more memorable and effective!

    This approach allows participants to practice critical skills, with a structure that encourages more balanced team involvement and participation, and dice-rolling to determine success and failure (that does a remarkable job in simulating a real-world experience). Enter HackBack Gaming! Why not build incident response “muscle” memory in a fun way? This session provides a foundation for you to start conducting exercises like this yourself right away.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    11:10 am
    From an Army of One to an Army of a Ton: Creating an Effective Security Awareness Program
    • session level icon
    speaker photo
    Associate CISO, St. Luke's University Health Network
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    The human element of security is one of the most difficult to predictand therefore to secure. Additionally, one of our biggest challenges is building a security awareness program for those who may have never been subjected to one by understanding the aversion to buying into the security program. We have great written resources and guidance from things like NIST 800-53, but it’s much more challenging to overcome the sociological elements of the human factor that prevent success of security-aware cultures, such as aversion to technology, fear, uncertainty, doubt, and simply non-malicious human error. As security professionals, we may lose sight of the fact that the professionals we support also have other jobs. So learning and focusing on security controls can be stressful and daunting.

    Incorporating change management methodologies rooted in the psychology of human behavior, such as ADKAR (Awareness, Desire, Knowledge, Ability, and Reinforcement), can assist us as security professionals in facilitating more impactful cultural change through understanding why employees we support act and react the way they do and what other environmental or social factors may influence their decision-making and thought processes. It can also help us gain buy-in from our leadership, nudging from the bottom up, while leading by example from the top down.

    The ADKAR change model has been proven to help individuals understand and accept change so companies can successfully innovate and become more efficient. As security professionals, we have to be conscious that security program costs contribute to the rising costs of healthcare, goods, and services. And we often have to find unique and strategic ways to ingrain ownership of security functions within other departments to augment our limited resources. Building a security ambassador program using these change facilitation concepts will help drive cost-effective ownership of the security program throughout the entire organization, creating a deeper business resilience, reducing risk, and truly leading by example—proving we are stronger together.

    11:10 am
    Building Trusted Partnerships to Enable Secure Products
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    In today’s interconnected digital ecosystem, the security of any product is only as strong as its weakest link. This panel session explores the critical role of trusted partnerships in developing and maintaining secure products throughout their lifecycle.

    Our distinguished panel delves into the challenges and opportunities of fostering collaborative relationships between vendors, suppliers, and customers to enhance product security. They examine how these partnerships can lead to more robust security measures, improved threat intelligence sharing, and faster response times to emerging vulnerabilities. Key topics include:

    • Establishing trust in the supply chain
    • Collaborative approaches to secure software development
    • The role of transparency in building and maintaining trust
    • Balancing intellectual property concerns with security needs
    • Leveraging partnerships for more effective incident response
    • Case studies of successful security-focused partnerships
    11:10 am
    Cyber Risk by the Numbers from a Cyber Insurance Perspective
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    You’ve experienced a cyber incident. Does cyber insurance really pay? What’s actually a recoverable expense? How can insurance help? And when the insurance does pay, how do you balance the amount of insurance with cybersecurity priorities? In this session, we’ll evaluate the data and dig into recent real-world examples of how cyber insurance pays claims, what’s covered, the role of insurance in incident preparation and response, and how organizations are using analytics in decision-making.

    11:10 am
    [Panel] Improving Incident Response Through Threat Intelligence, Cloud Resilience, and AI Innovations
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description to come.

    12:00 pm
    [Lunch Keynote] A Leadership Strategy for Navigating a Crisis
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater

    Session description to come.

    12:00 pm
    Advisory Council Roundtable Lunch (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Moderated discussion for SecureWorld Advisory Council members. By invite only.

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    1:15 pm
    [Panel] Privacy Laws: The Latest Updates and Impacts on Cybersecurity
    • session level icon
    speaker photo
    Founding Partner & Owner, Fischer Law, LLC
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session details to come.

    1:15 pm
    Managing Security and Technology After an Acquisition
    • session level icon
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:00 pm

    Session description to come.

    1:15 pm
    Addressing the Cybersecurity Skill Shortage Internally and Externally
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    This presentation will cover accelerating skill development and cross-department collaboration efficiently and economically. Key takeaway: How to build a cyber guild and utilize it for expanded upskilling and role development.

    1:15 pm
    [Panel] The Secret Potential of AI and ML
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Artificial intelligence (AI) and machine learning (ML) have emerged as powerful tools for cybersecurity professionals, offering the potential to revolutionize how organizations and individuals detect, analyze, and respond to cyber threats. Join us as we delve into the world of AI- and ML-powered cybersecurity, exploring the hidden potential of these technologies and their ability to transform cybersecurity superheroes into formidable defenders of the digital realm.

    Our panel of experts unravel the intricate world of AI and ML in cybersecurity, shedding light on the latest advancements, emerging applications, and the challenges involved in harnessing the power of these technologies effectively. They discuss the use of AI in threat detection and analysis, ML-powered threat prediction, and the potential of AI-driven automated response capabilities.

    Our panel provides a comprehensive overview of AI and ML in cybersecurity, empowering attendees to understand the hidden potential of these technologies and explore how they can be leveraged to enhance their organization’s cybersecurity posture. Learn how to identify and implement AI and ML solutions, overcome the challenges of data privacy and ethics, and embrace the future of AI-powered cybersecurity.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:10 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.

    2:10 pm
    Cognitive Computing in the New Age of AI
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Session description to come.

    2:10 pm
    Integrating Transformative OT Cybersecurity Programs
    • session level icon
    Registration Level:
    • session level iconConference Pass
    2:10 pm - 2:55 pm

    Session description to come.

    2:10 pm
    Social Engineering: Training the Human Firewall
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    Phishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.

    2:10 pm
    Navigating Third-Party Risk and Vendor Resilience
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:10 pm - 2:55 pm

    In today’s dynamic cyber risk landscape, risk managers must stay informed and adapt their strategies accordingly. Recent global cyber events have had a profound impact on critical functions across multiple sectors, underscoring the gravity of cyber events. Risk managers also face complexities from trends like reliance on third parties and evolving data protection laws.

    To successfully navigate these challenges, risk managers are tasked with learning from significant cyber events, implementing best practices for managing third-party cyber risk, and staying updated on privacy regulations. This session assists risk managers in effectively mitigating cyber risks and safeguarding their organizations by discussing strategies for managing third-party cyber risk and providing updates on privacy regulations.

    3:00 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:00 pm - 3:30 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:30 pm
    [Closing Keynote] Fast-Tack Funding of Your Cyber Initiatives by Focusing on Cyber Resilience
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:30 pm - 4:15 pm
    Location / Room: Keynote Theater

    Session description to come.

    3:45 pm
    [PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous Future - Part 4
    • session level icon
    speaker photo
    Sr. Cybersecurity Consultant, Wilson Cyber
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Artificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.

    Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.

    This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:

    Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.

    Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.

    Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.

    Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.

    Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.

    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0 - Part 4
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

Exhibitors
  • AccessIT Group
    Booth: TBD

    AccessIT Group is your partner in cybersecurity. Our talented team of security experts deliver customized solutions designed to protect your systems and information from increasing security threats. From design and implementation to cybersecurity compliance and training, we provide a single point of contact for all your security needs.

    AccessIT Group seeks to differentiate itself by offering a higher level of expertise from engineers and sales staff, all of whose knowledge was derived from real life enterprise deployments. These values have helped AccessIT Group grow to become the first-choice cyber security provider in our region. Today, AccessIT Group maintains sales and service offices in King of Prussia, PA, Mountain Lakes, NJ, New York, NY, Columbia, MD, and Boston, MA.

  • Bitdefender
    Booth: 205

    Powered by its depth of security expertise and rapid pace of research and development, Bitdefender’s long-standing mission is to deliver transformative security technologies to the world’s users and organizations. We are innovators, creating breakthrough technology that radically improves our customer’s experience with security.

    From IoT to Data Centers, from endpoints to hybrid infrastructures – Bitdefender plays a transformational role in how security is best consumed, deployed, and managed. We strive to deliver products and services that radically alter the customer’s experience with security, in terms of efficacy, performance, ease of use and interoperability.

  • Cloud Security Alliance (CSA)
    Booth: TBD

    The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

  • Fortinet
    Booth: 325

    Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network—today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 500,000 customers trust Fortinet to protect their businesses.

  • Google Cloud
    Booth: 200

    Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.

  • HUMAN Security
    Booth: 105

    HUMAN is a cybersecurity company that safeguards 1,200+ brands from digital attacks including bots, fraud and account abuse. We leverage modern defense to disrupt the economics of cybercrime by increasing the cost to cybercriminals while simultaneously reducing the cost of collective defense. Today we verify the humanity of more than 20 trilliondigital interactions per week across advertising, marketing, e-commerce, government, education and enterprise security, putting us in a position to win against cybercriminals. Protect your digital business with HUMAN.

  • Philadelphia InfraGard Members Alliance
    Booth: TBD

    InfraGard is a partnership between the FBI and the private sector. It is an association of people from businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the U.S. Philadelphia InfraGard Members Alliance (IMA) provides a forum for the exchange of information between the government, the owners and operators of the national infrastructure, and others concerned with the protection of the national infrastructure. Philadelphia IMA supports eastern Pennsylvania and southern New Jersey. Membership is free and new members are welcome.

  • ISACA Philadelphia
    Booth: TBD

    The Philadelphia Chapter of ISACA has a membership base of more than 1,600 individuals primarily located in the Philadelphia and the surrounding suburbs, extending into Delaware and Southern New Jersey. The membership of the Chapter includes professionals working in various industries and capacities. From students through experienced C-level executives, the Philadelphia Chapter provides, training, networking and social events to this diverse group who share the common goal of providing expertise in IT audit, security, risk, and governance topics to their colleagues. The Chapter conducts events on a monthly basis led by an active, vibrant and dedicated group of volunteers and is actively seeking business partners to help provide value and knowledge to its members.

  • Island
    Booth: 435

    What if the enterprise had complete control over the browser? What would it mean for security, for productivity, for work itself? Introducing Island, the Enterprise Browser—the ideal enterprise workplace, where work flows freely while remaining fundamentally secure. With the core needs of the enterprise naturally embedded in the browser itself, Island gives organizations complete control, visibility, and governance over the last mile, while delivering the same smooth Chromium-based browser experience users expect. Led by experienced leaders in enterprise security and browser technology and backed by leading venture funds—Insight Partners, Sequoia Capital, Cyberstarts and Stripes Capital—Island is redefining the future of work for some of the largest, most respected enterprises in the world.

  • ISSA Delaware Valley
    Booth: TBD

    Our chapter serves the Delaware Valley and Mid-Atlantic region. This is comprised of Eastern Pennsylvania, Northern Maryland, Southern New Jersey, and Delaware.
    We are making history as we continue to grow the chapter with your membership, and bring exciting programs to you. If you have not already been involved in the membership meetings, we encourage you to do so. Hopefully, you will walk away with more ideas to take back to your organizations, or you may come away with a sense of – “Hey, we had that same problem”, or “Our company is not alone in dealing with these issues.”

  • SentinelOne
    Booth: 215

    SentinelOne delivers real-time cloud workload protection, to stop runtime threats targeting VMs, containers and Kubernetes clusters. From endpoints to workloads, to data center and public cloud, innovate quickly knowing SentinelOne has you protected. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, or on LinkedIn and Facebook.

  • Silverfort
    Booth: 220

    Silverfort protects enterprises from data breaches, cyber attacks and insider threats, by preventing credential compromise and misuse across the entire corporate network and cloud infrastructure. Silverfort leverages patent-pending technology to seamlessly harden the basic authentication and access mechanisms used by all client devices and services, instantly equipping them with the latest authentication and access protection technology without any change or integration.

  • Splunk
    Booth: 430

    Splunk helps build a safer and more resilient digital world. Organizations trust Splunk to prevent security, infrastructure and application incidents from becoming major issues, absorb shocks from digital disruptions and accelerate digital transformation.

  • Tanium
    Booth: 320

    Tanium defends every team, endpoint and workflow against the largest attack surface in history by delivering the industry’s first convergence of IT management and security operations with a single platform under a new category, Converged Endpoint Management (XEM).

    The integrated offering links IT operations, security and risk teams from a single pane of glass to provide a shared source of truth, a unified set of controls, and a common taxonomy that brings together siloed teams for a shared purpose—to protect critical information and infrastructure.

    For more information, visit: https://www.tanium.com.

  • ThreatLocker
    Booth: 170

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • WiCyS Delaware Valley
    Booth: TBD

    Women make up only 11% of the cyber security workforce. With such low representation, it is essential that we advocate for and assist women as they navigate through the cyber security industry.

    Philadelphia Women & Cyber Security’s Mission: To provide opportunities to advance careers for professionals in Cyber Security through education, mentoring, and networking. A Supportive community for women in cyber security that works to promote and encourage women to develop their careers. We are open to any support for our mission from any gender. Come to the next Philadelphia Women and Cyber Security’s event to get to know other like-minded, female cyber security professionals in the area. We will discuss industry best practices, the latest security trends and solutions, and share lessons we’ve learned over the years. For more information, contact wicysdelawarevalley@wicys.org.

  • Zscaler
    Booth: 100

    Zscaler is universally recognized as the leader in zero trust. Leveraging the largest security cloud on the planet, Zscaler anticipates, secures, and simplifies the experience of doing business for the world’s most established companies.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Todd Bearman, Moderator
    VP, CISO, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Panel Discussion
  • speaker photo
    David Lingenfelter
    CISO, Penn Entertainment

    David Lingenfelter is the Chief Information Security Officer at Penn Entertainment, responsible for ensuring the highest possible level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

    Prior to joining Penn Entertainment, David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform. David also led the charge for getting MaaS360 to be the first mobile device management platform certified for use by the federal government under the FedRAMP program.

    As a member of the Cloud Security Alliance David was co-chair of the Mobile Working Group culminating in the publication of the “Security Guidance for Critical Areas of Mobile Computing”. David also gave input to early versions of the Cloud Control Matrix and other publications and is a former president of the Delaware Valley chapter of the Cloud Security Alliance. David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

  • speaker photo
    Joseph Arahill
    Sr. Manager, Information Security, Affiliated Distributors

    Joe Arahill is the Senior Manager of Information Security at Affiliated Distributors (AD). He oversees the people, processes, and technology that secures AD's infrastructure and business systems. Joe started his career in information security for a commercial loan software company, and for most of his career, he has worked in the financial sector, helping to secure systems and meet financial compliance requirements. Joe received his Bachelor of Science in Management of Information Systems and later a Master of Science in Information Assurance from Norwich University. In addition, Joe holds the CISSP and CISA certifications.

  • speaker photo
    Patrick Keating
    President & CEO, Keysec Advisors
  • speaker photo
    Eric Robuck
    Cybersecurity Specialist & Founder, The Valander Group

    Eric Robuck is a cybersecurity powerhouse with over 20 years of experience in the field. As the founder and owner of The Valander Group, he leads a team of elite business experts dedicated to delivering top-notch cybersecurity solutions to business owners.

    Eric's military background as a Warrant Officer specializing in information technology and security has honed his expertise in tackling the most complex cybersecurity challenges. With a deep understanding of programming, database design, electronic information transfer, and project management, Eric is uniquely equipped to develop and implement effective cybersecurity strategies for his clients.
    Eric's professional certifications are equally impressive, including the CISSP, CEH, Security+, and AWS Practitioner. He has also pursued advanced education through master’s work in Cybersecurity and leadership in Cybersecurity, constantly pushing himself to enhance his skills and knowledge.

    Beyond his role in the business world, Eric is a passionate educator and serves as a professor at Alvernia University. He teaches Cybersecurity, Programming, and AI, shaping the next generation of professionals with his real-world expertise and forward-thinking approach.

    When he's not working or teaching, Eric enjoys spending quality time with his family or staying active on the golf course. With his diverse skill set, proven track record, and unwavering dedication, Eric is a trusted leader in cybersecurity, helping businesses safeguard their information from ever-evolving cyber threats.

  • speaker photo
    Molly Dodge, Moderator
    Information Security Analyst, Federal Reserve Bank of Philadelphia

    Molly Dodge has worked as a cybersecurity analyst in positions focused on risk assessment and awareness, internal training, and outreach. She currently works at the Federal Reserve Bank of Philadelphia, and was previously employed at Penn Medicine, the hospital network owned by the University of Pennsylvania. She is a Penn State graduate and holds a Certified Information Systems Security Professional (CISSP) certification. She lives with her husband and children near Doylestown, Pennsylvania.

  • speaker photo
    Yasser Fuentes
    Principal Solutions Architect (Cloud Security SME), Bitdefender

    Yasser is a Principal Solutions Architect (Cloud Security SME) for Bitdefender and Security Practitioner with over 20 years of experience in Information Security. Along his career he has worked for Healthcare Providers, ISPs, MSPs and SOCs, among many other verticals and throughout multiple Information Security Domains. On his previous role as a Product Manager for Cloud Security, he enabled Sales, Technical Teams and Technical Partners and contributed to numerous architectural projects in both private and public sector. Regarding credentials and certifications, he possesses top Security Vendors Certifications such AWS and Azure as well as worldwide recognized credentials such as CISM (ISACA) and CISSP (ISC2).

  • speaker photo
    HUMAN Representative
  • speaker photo
    Panel Discussion
  • speaker photo
    Becky Fricker
    Head of Security Assurance and Operations, DAT Freight & Analytics

    Becky Fricker is the Director of Information Security at DAT Freight & Analytics, where she plays a pivotal role in protecting the company’s digital infrastructure. She oversees Security Operations and Product Security, including areas such as Endpoint Protection and Response, Continuous Threat Exposure Management, Incident Response, and Network Security. Becky holds a Certified Information Systems Security Professional (CISSP) certification, a globally recognized credential that demonstrates her ability to design, implement, and manage a robust cybersecurity program.

    Her extensive background in cybersecurity began with 13 years of service in the NJ Air National Guard, where she held critical roles such as Installation Spectrum Manager and Installation Security Systems Manager. After transitioning to the civilian sector, Becky continued to build her expertise as a Network Security Engineer at Cooper University Health Care. She later took on senior roles in the financial sector and at one of Southern California’s largest utility companies, focusing on information security within critical infrastructure.

    Her academic credentials include an Associate of Science in Electronic Systems Technology, a Bachelor of Arts in Communication and Media Studies, and a Master of Science in Information Technology, specializing in Cybersecurity. Known for her adaptability, mentorship, and strong communication skills, Becky is an invaluable member of the DAT team, continuously driving improvements in the company’s information security programs.

  • speaker photo
    Erika Voss, Moderator
    CISO, DAT Freight & Analytics

    Erika Voss offers two decades of extraordinary success in a series of high level roles at top tier companies that include Capital One, Salesforce, Oracle Public Cloud, Microsoft Corporation and Amazon Web Services.

    Erika’s invaluable expertise and broad business range have powered a history of developing successful process improvements that drive productivity, reliability, and client satisfaction. Such traits have consistently enabled Erika to achieve an impressive command of the skills needed to manage ongoing business planning processes while developing strategies to meet future challenges.

    Upon being named as Vice President of Information Security for DAT Freight & Analytics, Erika will lead vision, strategy, and execution for all facets of security for this Fortune 500 Supply Chain Logistics corporation, while defining and revising policies, procedures, and best practices for security, including application security, access control, authentication, third party risk management, and intrusion detection. Dr.. Voss has dedicated herself and her vision as a leader who engages in projects with an “All-In” attitude.

    With a forte for successfully building strong teams and holding a key role leading all facets of finance and strategy, Dr. Voss has successfully positioned companies, as a leading expert in its field with respect foundational security basics, fraud, identity, and cloud security practices contributing to the following successes:

    ● Effectively manages a team of product and application security engineers, architects, and DevSecOps personnel, continually
    identifying opportunities to reinforce the company’s security posture.
    ● Engages directly with customers, providing information and guidance on the company’s security posture.
    ● Served as the CISO of the company’s cybersecurity program in line with all industry standards and regulatory requirements, including SOC2, PCI, SOX, and other industry regulations.

    Combining her proven business instinct with an unprecedented disciplinary work ethic, Erika has continuously exceeded expectations in high stake environments throughout her career positioning herself as a key member of each company and a driving force for growth. Erika holds a Ph.D. in Cybersecurity from Northcentral University, as well as a Master of Science Degree in Security Administration and a Bachelor of Science Degree in Computer Operations Technology from Southwestern College.

  • speaker photo
    Panel Discussion
  • speaker photo
    Eric Robuck
    Cybersecurity Specialist & Founder, The Valander Group

    Eric Robuck is a cybersecurity powerhouse with over 20 years of experience in the field. As the founder and owner of The Valander Group, he leads a team of elite business experts dedicated to delivering top-notch cybersecurity solutions to business owners.

    Eric's military background as a Warrant Officer specializing in information technology and security has honed his expertise in tackling the most complex cybersecurity challenges. With a deep understanding of programming, database design, electronic information transfer, and project management, Eric is uniquely equipped to develop and implement effective cybersecurity strategies for his clients.
    Eric's professional certifications are equally impressive, including the CISSP, CEH, Security+, and AWS Practitioner. He has also pursued advanced education through master’s work in Cybersecurity and leadership in Cybersecurity, constantly pushing himself to enhance his skills and knowledge.

    Beyond his role in the business world, Eric is a passionate educator and serves as a professor at Alvernia University. He teaches Cybersecurity, Programming, and AI, shaping the next generation of professionals with his real-world expertise and forward-thinking approach.

    When he's not working or teaching, Eric enjoys spending quality time with his family or staying active on the golf course. With his diverse skill set, proven track record, and unwavering dedication, Eric is a trusted leader in cybersecurity, helping businesses safeguard their information from ever-evolving cyber threats.

  • speaker photo
    Happy Hour
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Steve Naphy, Moderator
    CIO, Morgan, Lewis & Bockius LLP

    Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

  • speaker photo
    Todd Bearman
    VP, CISO, TE Connectivity

    Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

    Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
    Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

    Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

  • speaker photo
    Mariano Mattei
    VP, Cyber and AI, Azzur Group

    Mariano Mattei, VP of Cybersecurity and AI at Azzur Solutions, is an industry-leading expert with over 30+ years in cybersecurity, underscored by a deep commitment to AI innovation and software engineering excellence. Holding the title of Certified Chief Information Security Officer (CCISO), Mariano has pioneered AI integration within security frameworks across the Biotechnology, Pharmaceuticals, and Medical Device sectors. His proficiency lies in employing AI for advanced threat detection, risk management, and predictive security measures, always ensuring compliance with standards like GDPR and HIPAA. Mariano’s visionary leadership and strategic approach have been instrumental in fostering cybersecurity resilience through cutting-edge AI solutions. He recently graduated from Temple University’s Masters Program for Cyber Defense and Information Assurance.

  • speaker photo
    Steve Naphy
    CIO, Morgan, Lewis & Bockius LLP

    Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

  • speaker photo
    Derek Fisher, Moderator
    Executive Director of Product Security, JPMorgan Chase & Co.
  • speaker photo
    Krista Arndt
    Associate CISO, St. Luke's University Health Network

    Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

    Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

    When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

  • speaker photo
    Panel Discussion
  • speaker photo
    Jordan Fischer, Moderator
    Founding Partner & Owner, Fischer Law, LLC

    Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.

    Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.

    With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.

    Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.

    In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.

    Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.

    Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.

    HONORS & RECOGNITIONS
    Lawyer on the Fast Track, The Legal Intelligencer (2023)
    Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
    Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
    ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
    SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
    Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
    Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
    European Union ERASMUS Grant Recipient, 2020

    ASSOCIATIONS & MEMBERSHIPS
    American Bar Association, Business Law Fellow, 2020-2022
    American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
    Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
    California Bar Association
    New Jersey Bar Association
    Forbes Business Council Member, 2022
    International Association of Privacy Professionals (IAPP), Member
    University of California, Berkeley, Cybersecurity Lecturer
    former Thomas R. Kline School of Law, Drexel University, Law Professor
    former Chestnut Hill College, Adjunct Professor
    West Chester Friends School, Board Member
    Appointed Fulbright Specialist in Cybersecurity and Data Privacy

    CERTIFICATIONS
    Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
    Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
    Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)

  • speaker photo
    Panel Discussion
  • speaker photo
    Larry Wilson, CISSP, CISA, Instructor
    Sr. Cybersecurity Consultant, Wilson Cyber

    Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Propel your cyber career at SecureWorld!

Hone your skills and connect with your regional peers in InfoSec.