Click here to view registration types and pricing (PDF)
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Wednesday, November 8, 2023
    7:30 am
    Registration open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    7:30 am - 4:30 pm
    Location / Room: Registration Desk

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 1
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm
    Location / Room: Exhibitor Hall

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    ISSA Puget Sound Chapter Meeting - Open to all attendees
    • session level icon
    New CISO Success Blueprint: Preparing and Thriving in the First 30 Days
    speaker photo
    Outreach Director, ISSA Puget Sound
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    Session description to come.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    9:00 am
    [Opening Keynote] Building the Future in Cybersecurity
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    Our panelists will explain their roles during COVID-19 and how they dealt with security challenges over the past year, then move on to discuss:

    • coming year priority projects
    • the ransomware surge and preparing for security incidents
    • their organization’s security culture and training to deal with issues
    • innovative, special projects they are most excited about moving forward
    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    [Panel] Great Minds Think Alike: Bringing Security Teams Together!
    • session level icon
    speaker photo
    Cybersecurity Advisor, Region 10, DHS CISA
    speaker photo
    Regional Cybersecurity Advisor, Region 10, DHS CISA
    speaker photo
    President, Premier Risk Solutions LLC
    speaker photo
    Information Security & Compliance Engineer, Costco Wholesale
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description coming soon.

    10:15 am
    Cyber-Enabled Fraud and Business Email Compromise in 2023
    • session level icon
    speaker photo
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    This presentation focuses on the BEC fraud playbook and shows how technical advancements and applications have reduced the red flags and defenses against cyber fraud, allowing threat actors to increase the efficacy of their attacks. Get an insider’s view of what it’s like to fight against the bad actors as they grow more sophisticated, especially with the help of AI.

    10:15 am
    Cybersecurity in Real-Time: Anticipating Threats and Decoding Network Behavior
    • session level icon
    speaker photo
    Threat Research Analyst, Team Cymru
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    In the fast-evolving realm of cybersecurity, professionals must anticipate emerging threats while simultaneously addressing active ones. A proactive defense strategy is paramount, but so is the ability to quickly assess the impact of present threats. By leveraging NetFlow data analysis, they can preemptively counter threats, often before they go live, and efficiently differentiate between regular and malicious network activities. Specialized tools enhance this by uncovering hidden aspects of the IT landscape, fortifying both proactive and reactive defenses. In this presentation, I’ll explore three major challenges security operations teams face and how we effectively address them.

    10:15 am
    [Fireside Chat] Safely Using AI to Increase Revenue and Productivity While Decreasing Risk
    • session level icon
    speaker photo
    Practice Director - Big Data & Analytics, Optiv
    speaker photo
    VP, CSO - Cloud Security Transformation, Netskope
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Join Optiv and Netskope experts as we deep dive into AI. How do the advantages and disadvantages of its use help shape the success of your business?

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:10 am
    Harmonizing Security: Exploring Legal and AI Frontiers in Cybersecurity
    • session level icon
    speaker photo
    Partner - Data Protection, Privacy & Security Group, K&L Gates LLP
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am
    11:10 am
    [Panel] Symphony of Cyber Defense: Confronting the Crescendo of Threats in the Digital Orchestra
    • session level icon
    Identifying the Current Threat Landscape
    speaker photo
    Growth Technologies Evangelist, Check Point Software Technologies
    speaker photo
    VP, Cyber Risk, Skybox Security
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    In the ever-changing symphony of the cyber realm, a cacophony of threats echoes throughout. Ranging from ransomware to data breaches, phishing, and intricate APTs, the orchestra of cyber threats grows in complexity. Emerging risks like IoT, cloud computing’s unpredictability, AI’s deceptiveness, and cryptocurrency add new layers to our musical security tapestry.

    Threat actors—wielding exploit kits and Zero-Day vulnerabilities—orchestrate their attacks, preying on human vulnerabilities in perfect synchronization with state-sponsored cyber operations. To counter this threat, collaboration is essential. Proactive security practices, training cadences, and threat intelligence sharing must happen. The interplay of public and private sectors is key to a resilient digital effort.

    Let us march to the beat of constant vigilance, adaptability, and investment in a fortified infrastructure. Together, we will compose a symphony of cybersecurity, safeguarding the digital soundscape and ensuring a melodious future.

    11:10 am
    BEC Attacks: The Stealthiest and Most Lucrative Threat
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    Build SASE Better: The Journey in Building a Blueprint for Secure Access Service Edge
    • session level icon
    speaker photo
    Strategic Planning & Design Manager, State of Washington
    speaker photo
    Solutions Architect, State of Washington
    Registration Level:
    • session level iconConference Pass
    1:15 pm - 2:15 pm
    Want something to withstand the test of time? You need a solid foundation, a plan to guide the build process, and a willingness to see the plan through. These truths apply regardless of whether you’re constructing a building or a security program. In this session, you’ll start off at the ground level. You’ll learn the details of the creation of a Secure Access Service Edge (SASE) blueprint. A multifaceted problem set drove the need for a comprehensive & overarching strategic plan, paving the way to evolve Gartner’s SASE framework. You’ll then hear about Washington State’s current SASE framework roadmap, including on many of the key components we are pursuing. At the end of it, you’ll walk away with a deeper appreciation of how our SASE framework approach will lead to an actionable blueprint by 2024 that can uphold security at our organization now and into the future.
    1:15 pm
    [Panel] Navigating the Cybersecurity Symphony in the Age of AI
    • session level icon
    Understanding and Theorizing the Future of Generative AI
    speaker photo
    Americas Mandiant Principal Architect, Mandiant, now part of Google Cloud
    speaker photo
    CISO, AAA Washington
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    Generative AI, such as ChatGPT and Bard, has incredible potential, but it also brings certain negative elements and concerns for everyone. It is important to address these concerns to ensure responsible and ethical use of AI technology, especially within cybersecurity. This panel covers insider threats, lack of accountability, cybersecurity vulnerabilities, fake data and data privacy, human replacement concerns, and ethical misuse.

    By understanding these fears and proactively addressing them through responsible development, robust safeguards, and ongoing monitoring, we can harness the potential of generative AI while mitigating its associated risks. Collaboration between AI researchers, policymakers, and industry professionals is essential to ensure that generative AI technology is developed and deployed in a manner that aligns with ethical standards and human values. Hear from experts in the field on how they’re trying to navigate this new song and dance with AI, what we can expect in the near and distant future, and what it takes to provide the support DevOps teams need.

    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:30 pm
    Securing the Digital Frontier: AI, Cyber Threat Intelligence, and the Future of Privacy
    • session level icon
    speaker photo
    Sr. Intelligence Analyst, Expedia Group
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    In this presentation, Bidemi will delve into the prospective developments in digital security, specifically spotlighting the role of AI and machine learning in strengthening cyber threat intelligence. In addition, he will also discuss the repercussions of these technologies on privacy rights and the safeguarding of data. Audience members will better learn how to harness the power of AI and machine learning can significantly bolster digital security, but it’s critical to carefully navigate their impact on privacy rights and data protection.
    2:30 pm
    [Panel] Women in Security: Harnessing Diverse Talents to Strengthen Cybersecurity
    • session level icon
    speaker photo
    CISO, Valon
    speaker photo
    Deputy Chief Privacy Officer (CPO), Boeing
    speaker photo
    VP, Engineering & Security, Capital One
    speaker photo
    VP, Data Security Architecture, Salesforce
    speaker photo
    Manager, Cybersecurity, KPMG
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm

    ISACA Puget Sound SheLeadsTech, Women in Cybersecurity (WiCyS) Western WA, and Women in Tech Global organizations are excited to come together to co-host a phenomenal panel of experienced cybersecurity leaders and practitioners to share diverse experiences and journeys in the field. You will hear about their learnings and what it takes to build strong cyber strategies and programs through a diverse and inclusive workforce instrumental in long-term success and organizational mission delivery.

    2:30 pm
    Threat Researcher's Guide to the Threat Landscape
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    In today’s hyper-connected world, the digital landscape is constantly evolving, presenting both opportunities and challenges. The Threat Researcher’s Guide to the ThreatLandscape delves into the dynamic realm of cybersecurity threats, providing a comprehensive overview of the latest developments, trends, and insights in the field of threat research. In this talk, Kyle will be exploring the evolving threat landscape and its impact on individuals, businesses and society as a whole. With cyberattacks becoming increasingly sophisticated and persistent, understanding the latest threat vectors and attack techniques is crucial for effective defense and mitigation strategies.

    2:30 pm
    Zero Trust Segmentation – Easier Than You Think
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Session description coming soon.

    3:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    3:45 pm
    The Future of Work
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater

    Over the last few years, the workforce, and the way we work, has entirely shifted focus. Between hybrid work models, attracting and retaining diverse talent, forced digital migrations/transformations, cybersecurity succession planning, and overall mental fatigue, the future of work has dramatically changed. We will discuss how to navigate the “new normal” and lessons learned along the way. This discussion is followed by a Q&A, so come prepared to ask your burning workforce questions!

    3:45 pm
    WiCys Puget Sound Chapter Meeting
    • session level icon
    Open to all attendees
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 2
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

  • Thursday, November 9, 2023
    7:30 am
    Registration open
    Registration Level:
    7:30 am - 4:30 pm

    Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

    7:30 am
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 3
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    7:30 am - 9:00 am

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 4:30 pm

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

    8:00 am
    Washington State InfraGard Chapter Meeting
    • session level icon
    Discussion Topic: Maelstrom of Security
    speaker photo
    Interim Secretary, Washington State InfraGard Member's Alliance
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 8:50 am

    This session is designed for individuals responsible for their organizations’ Confidentiality, Integrity, and Availability—from the front door firewall administrator with IDS/IPS, Cloud, compliance and governance, and networking all the way to the Chief Executives of an organization. In a world of ever-changing threat landscape, this session will cover the overall magnitude of the challenge, the evolution as it took place, and what to do about fixing it with what is in our hands today. Discussing throughout how to speak to the C-Suite and get the business side of the conversation to move forward with better security hygiene. The question of how much security is enough will be answered. This session is truly about information security risk. The risk is Very High to all organizations. The NIST 800-30 defines Very High Risk as that of a threat event that could be expected to have multiple, severe, or catastrophic adverse effects on organizational operations, organizational assets, individuals, other organizations, or the Nation. The topics will be open and free flowing, discussing real-world business issues with the ability to ask questions.

    8:00 am
    Advisory Council Roundtable Breakfast – (VIP / Invite only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This roundtable discussion is for our Advisory Council members only.

    9:00 am
    [Keynote] That Moment When You Realize There Is Nowhere Left to Hide
    • session level icon
    speaker photo
    CISO and Senior Director, Boom Supersonic
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am
    Location / Room: Keynote Theater

    We’ve connected everything, everywhere, all the time, so how DO we more efficiently interact with a digital realm that continually measures our pulse in the real world? Let’s talk about some attack vectors that I’ve spent the last few years researching and helping others work on. And then let’s talk about what we CAN do about things. You’ll never look at your lights the same way again.

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:15 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:15 am
    Generative AI and How to Proceed (with Caution)
    • session level icon
    speaker photo
    BISO, Salesforce
    Registration Level:
    • session level iconConference Pass
    10:15 am - 11:00 am

    Session description coming soon.

    10:15 am
    Behind the Scenes of Teams and OneDrive: The Secret Life of Shared Files
    • session level icon
    speaker photo
    Chief Product Evangelist, Tenfold Security
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    With the accelerated use of Microsoft 365, we are shooting more sensitive and confidential data into the cloud than we are aware of. Keeping track of what files users are sharing among each other in Teams and OneDrive and knowing who else has access to seems an impossible task. What can you do about it? Find out in this talk.

    Topics covered include:

    • What goes on in the background when we share data in Teams & OneDrive.
    • Why more people have access to shared files than we think.
    • How tenfold helps you keep track of permissions and shared files once and for all
    10:15 am
    Vaultless: The Future of Secrets Management
    • session level icon
    speaker photo
    CEO & Co-Founder, Akeyless
    Registration Level:
    • session level iconOpen Sessions
    10:15 am - 11:00 am

    Today’s breaches repeatedly show that the Achilles heel of enterprise security is Secrets Sprawl, where thousands of machine credentials, API keys, and certificates can easily be found within DevOps Automation tools and cloud-containerized environments. The first attempt to better manage secrets using centralized Vaults became insufficient in today’s multi-cloud, microservices-driven landscape. Learn how the Vaultless approach represents the future of Secrets Management, with a lightweight, secure, and easy-to-scale solution to manage secrets that evidently results in faster and wider security adoption.

    11:00 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:00 am - 11:10 am
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:10 am
    Evolving Threat Landscape in the PNW
    • session level icon
    speaker photo
    Regional Cybersecurity Advisor, Region 10, DHS CISA
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    Session description to come.

    11:10 am
    [Panel] Cyber Rhapsody: Harmonizing the Truths Behind Modern Cybersecurity Myths
    • session level icon
    Registration Level:
    • session level iconConference Pass
    11:10 am - 11:55 am

    In the ever-evolving landscape of cybersecurity, staying informed and dispelling prevalent myths is paramount to safeguarding our digital realm. This panel provides an engaging discussion, set to the tune of a Cyber Rhapsody, unveiling and demystifying contemporary cybersecurity myths that have emerged in recent times. By shedding light on these misconceptions, this presentation aims to empower individuals and organizations with accurate knowledge and practical insights to fortify their digital defenses.

    Through this melodious journey of debunking cybersecurity misnomers, individuals and organizations can acquire a deeper understanding of the evolving threat landscape, empowering them to make informed decisions and implement effective strategies to protect their digital assets. Let the Cyber Rhapsody resonate as a guide to harmonizing security in our interconnected world.

    11:10 am
    Data Security and Management
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:10 am - 11:55 am

    Session description coming soon.

    12:00 pm
    LUNCH KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:45 pm
    Location / Room: Keynote Theater
    12:00 pm
    Advisory Council Lunch Roundtable – (VIP / Invite Only)
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:00 pm - 12:45 pm

    Advisory Council – VIP / INVITE ONLY

    12:45 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:45 pm - 1:15 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    Chief Scapegoat Officer Perspective
    • session level icon
    speaker photo
    Executive Director, Americas Region, CREST
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm
    Join industry veteran Tom Brennan, with 30 years of industry insights from running enterprise organizations, teams, and securing what matters most. He provides important considerations to reduce your attack surface, digesting threat intelligence and powerful solutions. The session also has an interactive component, so come prepared to play a game and collaborate!
    1:15 pm
    [Panel] Cloud Sonata: Orchestrating Security in the Digital Sky
    • session level icon
    Securing Your Cloud Environment
    speaker photo
    Distinguished Fellow, ISSA
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:15 pm

    In the symphony of modern cybersecurity, the cloud environment plays a key role as both a conductor of efficiency and a source of potential vulnerabilities. As organizations increasingly embrace the cloud to unlock agility and scalability, it is crucial to harmonize the protective measures that safeguard these virtual landscapes.

    This panel discussion delves into the intricate nuances of securing cloud environments. These experts will share their orchestration of robust security frameworks, best practices, and cutting-edge technologies that fortify the digital sky against threats. From encryption and access controls to identity management and incident response, they will explore the melodies of defense that resonate within the cloud and how they can impact any organization.

    2:15 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 2:30 pm
    Location / Room: Exhibitor Hall

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:30 pm
    Insider Threats: A Multi-Pronged Approach to Protecting Your Organization
    • session level icon
    speaker photo
    CISO, Afiniti
    Registration Level:
    • session level iconConference Pass
    2:30 pm - 3:15 pm
    Insider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyber threats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity solution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify and detect an incident as it occurs.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    2:30 pm
    [Exabeam] Goodbye SIEM Effectiveness Gap
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Session description coming soon.

    2:30 pm
    Demystifying External Exposure Management
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:30 pm - 3:15 pm

    Organizations are increasingly recognizing that unmanaged or under-managed, exposed assets represent the path of least resistance for attackers to execute successful attacks. Yet, the typical G2K organization is unaware of between one to two thirds of exposed assets. Moreover, these assets, which may include business critical web apps with PII data are rarely if ever tested for security vulnerabilities. The combination of unknown exposed assets and inadequate testing with the reality of siloed security programs is a perfect storm that creates a gaping hole that Gartner suggests organizations address as part of an External Exposure Management program. Join this session to learn more about the state of exposure management; it’s key challenges and effective solutions.

    3:15 pm
    Networking Break and Dash for Prizes
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:15 pm - 3:45 pm
    Location / Room: Exhibitor Hall

    Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

    Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

    3:45 pm
    CLOSING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    3:45 pm - 4:30 pm
    Location / Room: Keynote Theater
    3:45 pm
    [PLUS Course] Implementing the NIST Cybersecurity Framework: Part 4
    • session level icon
    speaker photo
    vCISO, Cyber Risk Opportunities LLC
    Registration Level:
    • session level iconSecureWorld Plus
    3:45 pm - 5:15 pm

    Have you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?

    In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) to understand and actively manage their risk posture.

    You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:

    • What are the components of the framework?
    • Why is the framework is valuable?
    • What type of organizations can use the framework?

    Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.

    You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.

    Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.

    We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.

Exhibitors
  • Akeyless
    Booth: TBD

    Akeyless’ unique combination of innovative technology and cloud-native architecture, enables enterprises to fastly secure DevOps, cloud workloads, and legacy environments, while meeting compliance and regulations.

  • Aqua Security
    Booth: TBD

    Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed. Aqua customers are among the world’s largest enterprises in financial services, software, media, manufacturing and retail, with implementations across a broad range of cloud providers and modern technology stacks spanning containers, serverless functions, and cloud VMs.

  • AuditBoard, Inc
    Booth: TBD

    AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management and GRC software on G2, and was recently ranked for the second year in a row as one of the 100 fastest-growing technology companies in North America by Deloitte.

  • BlackBerry
    Booth: TBD

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Check Point Software Technologies
    Booth: TBD

    Check Point Software Technologies is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • CREST
    Booth: TBD

    CREST is an international not-for-profit accreditation and certification body that represents and supports the technical information security market. CREST provides internationally recognised accreditations for organisations and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence, and Security Operations Centre (SOC) services.

  • Critical Start
    Booth: TBD

    Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.

  • CyberArk Software
    Booth: TBD

    CyberArk (NASDAQ: CYBR) is the global leader in privileged access security, a critical layer of IT security to protect data, infrastructure and assets across the enterprise, in the cloud and throughout the DevOps pipeline. CyberArk delivers the industry’s most complete solution to reduce risk created by privileged credentials and secrets. The company is trusted by the world’s leading organizations, including 50 percent of the Fortune 500, to protect against external attackers and malicious insiders. A global company, CyberArk is headquartered in Petach Tikva, Israel, with U.S. headquarters located in Newton, Mass. The company also has offices throughout the Americas, EMEA, Asia Pacific and Japan.

  • CyCognito
    Booth: TBD

    CyCognito empowers companies to take full control over their attack surface by uncovering and eliminating the critical security risks they didn’t even know existed. Welcome to the Shadow Risk Revolution.

  • Cymulate
    Booth: TBD

    Cymulate SaaS-based continuous security validation makes it simple to measure and improve your security posture across the full attack kill-chain. Every assessment is scored and includes actionable remediation guidance to mitigate risk and optimize security control effectiveness. Cymulate enables you to take data-driven decisions and manage your security resources efficiently.

  • DHS Cybersecurity and Infrastructure Security Agency (CISA), Region 10
    Booth: TBD

    Through CISA’s efforts to understand and advise on cyber and physical risks to the Nation’s critical infrastructure, we help partners strengthen their own capabilities. We connect our stakeholders in industry and government to each other and to resources, analyses, and tools to help them build their own cyber, physical and communications security, and, in turn, strengthen national resilience.

    Led by Regional Director Patrick J. Massey, based in Seattle, Washington, CISA’s Region 10 staff provides cybersecurity, physical infrastructure security, chemical security, and sector outreach services to 271 Tribal Nations and the following states: Alaska, Idaho, Oregon, and Washington.

    Region 10 personnel carry out CISA’s five priorities:

    • Improve supply chain security against cyber threats from malicious actors and the rollout of 5G technologies;
    • Harden federal networks (the civilian .gov domain);
    • Reduce risk at soft targets;
    • Enhance election security; and
    • Protect critical infrastructure that includes industrial control systems and the processes that provide vital services in critical infrastructure.
  • Elasticsearch, Inc.
    Booth: TBD

    At Elastic, we help organizations, their employees, and their customers accelerate the results that matter.

    With solutions in Enterprise Search, Observability, and Security, we help enhance customer and employee search experiences, keep mission-critical applications running smoothly, and protect against cyber threats. Delivered wherever data lives, in one cloud, across many clouds, or on-prem, Elastic enables more than 50% of the Fortune 500, and 17,000+ customers including Netflix, Uber, Slack, and Microsoft, to achieve new levels of success at scale and on a single platform. Learn more at elastic.co.

  • Endace
    Booth: TBD

    Customers choose Endace products for one primary reason: they deliver, where competitor products fail. Whether it is capture accuracy, fidelity of time stamps, write-to-disk performance or speed of traffic retrieval, Endace is famous for delivering the very best performing products. Telcos, broadcasters, governments, defence departments, investment banks and many other large enterprises trust our products to help them manage their critical data networks.

  • F5
    Booth: TBD

    F5 provides solutions for an application world. F5 helps organizations seamlessly scale cloud, data center, telecommunications, and software defined networking (SDN) deployments to successfully deliver applications and services to anyone, anywhere, at any time. F5 solutions broaden the reach of IT through an open, extensible framework and a rich partner ecosystem of leading technology and orchestration vendors. This approach lets customers pursue the infrastructure model that best fits their needs over time. The world’s largest businesses, service providers, government entities, and consumer brands rely on F5 to stay ahead of cloud, security, and mobility trends

  • ForeScout Technologies, Inc.
    Booth: TBD

    ForeScout Technologies, Inc. has pioneered an agentless approach to network security to address the explosive growth of the Internet of Things (IoT), cloud computing and operational technologies (OT). We offer a highly scalable, heterogeneous platform that provides Global 2000 enterprises and government agencies with agentless visibility and control of today’s vast array of physical and virtual devices the instant they connect to the network. Our technology continuously assesses, remediates and monitors devices and works with disparate security tools to help accelerate incident response, break down silos, automate workflows and optimize existing investments. As of June 30, 2018, more than 2,900 customers in over 80 countries improve their network security and compliance posture with ForeScout solutions.

  • Gigamon
    Booth: TBD

    Gigamon is the first company to deliver unified network visibility and analytics on all information-in-transit, from raw packets to apps, across physical, virtual and cloud infrastructure. We aggregate, transform and analyze network traffic to solve for critical performance and security needs, including rapid threat detection and response, freeing your organization to drive digital innovation. Gigamon has been awarded over 75 technology patents and enjoys industry-leading customer satisfaction with more than 3,000 organizations, including over 80 percent of the Fortune 100. Headquartered in Silicon Valley, Gigamon operates globally. For the full story on how Gigamon can help you to run fast, stay secure and innovate, please visit www.gigamon.com.

  • hCaptcha
    Booth: TBD

    hCaptcha brings a modern, privacy-focused approach to stopping bots. Our systems are thus designed from the ground up to minimize data collection and retention while maintaining class-leading security. The best way to protect user data is not to store it at all.

  • (ISC)2 Seattle Chapter
    Booth: TBD

    Bringing like-minded professionals together in the Greater Puget Sound region to discuss current tactics, techniques, and procedures within cybersecurity.

  • ISSA Puget Sound Chapter
    Booth: TBD

    ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.

    The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. Join today.

  • Keysight
    Booth: TBD

    Keysight’s portfolio of network security solutions simulate threats, eliminate blind spots, taking control of a rapidly-changing attack surface. Be a hero, not a headline by proving your network is secure simulating attacks, exposing gaps early, and course correct with step-by-step fixes.; protecting users and applications with increased the efficiency, performance, and reliability of your security systems.;  patrolling every packet eliminating vulnerable blind spots and decrypt threats hiding in SSL traffic.; and practice your cyber skills enhancing your security and attack response skills against real-world threats.

  • Mandiant, now part of Google Cloud
    Booth: TBD

    Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats. Mandiant is now part of Google Cloud.

  • Netskope
    Booth: TBD

    The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device. Only Netskope understands the cloud and takes a data-centric approach that empowers security teams with the right balance of protection and speed they need to secure their digital transformation journey.

  • Okta
    Booth: TBD

    Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.

  • One Identity
    Booth: TBD

    One Identity, a Quest Software business, helps organizations achieve an identity-centric security strategy with a uniquely broad and integrated portfolio of identity management offerings developed with a cloud-first strategy including AD account lifecycle management, identity governance and administration, and privileged access management. One Identity empowers organizations to reach their full potential, unimpeded by security, yet safeguarded against threats without compromise regardless of how they choose to consume the services. One Identity and its approach is trusted by customers worldwide, where more than 7,500 organizations worldwide depend on One Identity solutions to manage more than 125 million identities, enhancing their agility and efficiency while securing access to their systems and data—on-prem, cloud, or hybrid.

  • Optiv
    Booth: TBD

    Optiv is a security solutions integrator delivering end-to-end cybersecurity solutions that help clients maximize and communicate the effectiveness of their cybersecurity programs. Optiv starts with core requirement of every enterprise—risk mitigation—and builds out from there with strategy, infrastructure rationalization, operations optimization, and ongoing measurement. Learn more at https://www.optiv.com.

  • Outshift by Cisco
    Booth: TBD

    Outshift by Cisco is the incubation engine for Cisco’s emerging technologies exploring innovation in cloud native development, AI/ML, API security, observability, network automation, and more.

    Backed by Cisco’s unrivaled portfolio of end-to-end security solutions, Panoptica offers a differentiated experience for complete code to cloud security coverage.

    Panoptica is Outshift by Cisco’s cloud native application security solution. It secures modern applications and workloads to ensure end-to-end security and compliance in multicloud environments. Utilizing advanced visual contextual insights along attack paths, Panoptica boosts visibility, accurately prioritizes risks, and offers actionable remediation guidance, securing your entire cloud application stack.

  • Palo Alto Networks
    Booth: TBD

    Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world’s greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.

  • Probely
    Booth: TBD

    Probely is the premier cloud-based application security testing solution designed to empower Security and DevOps teams working efficiently together on a DevSecOps approach built to reduce risk across web applications and RESTful APIs.

    Probely empowers Security and DevOps or Development teams to work together to secure their web applications and APIs. Our goal is to narrow the gap between development, security, and operations by making security an intrinsic characteristic of web applications development life-cycle.

    With over 30,000 vulnerabilities detection capabilities, including SQLi, XSS, Log4j, OS Command Injection, and SSL/TLS issues, Probely reports vulnerabilities that matter, is false-positive free, and includes detailed instructions on fixing them.

  • ReliaQuest
    Booth: TBD

    ReliaQuest, the force multiplier of security operations, increases visibility, reduces complexity, and manages risk with its cloud native security operations platform, GreyMatter. ReliaQuest’s GreyMatter is built on an open XDR architecture and delivered as a service anywhere in the world, anytime of the day, by bringing together telemetry from tools and applications across cloud, on-premises and hybrid cloud architectures. Hundreds of Fortune 1000 organizations trust ReliaQuest to operationalize security investments, ensuring teams focus on the right problems while closing visibility and capability gaps to proactively manage risk and accelerate initiatives for the business. ReliaQuest is a private company headquartered in Tampa, Fla., with multiple global locations. For more information, visit www.reliaquest.com.

  • Skybox Security
    Booth: TBD

    Skybox arms security teams with a powerful set of security management solutions that extract insight from security data silos to give unprecedented visibility of the attack surface, including all Indicators of Exposure (IOEs). With Skybox, security leaders can quickly and accurately prioritize and address vulnerabilities and threat exposures.

  • Splunk
    Booth: TBD

    You see servers and devices, apps and logs, traffic and clouds. We see data—everywhere. Splunk® offers the leading platform for Operational Intelligence. It enables the curious to look closely at what others ignore—machine data—and find what others never see: insights that can help make your company more productive, profitable, competitive and secure. What can you do with Splunk?
    Just ask.

  • Team Cymru
    Booth: TBD

    Team Cymru’s mission is to save and improve human lives.  We are unrivalled across three disciplines; digital business risk platforms, free to use community services and support services to over 143 Government CSIRT teams.

    Our business risk and threat intelligence platforms empower global organizations with unmatched Threat Reconnaissance and Attack Surface Management capabilities to meet the challenges of today’s cyber threats.

    Community Services equip those who run the internet to defend it from criminals who wish to disrupt and cause harm, and CSIRT enables Governments the tools to outmaneuver nation state threat actors.

    Since 2005, our reputation remains unchallenged.

  • TechTarget
    Booth: n/a

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Tenable
    Booth: TBD

    Tenable®, Inc. is the Cyber Exposure company. Over 27,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 25 percent of the Global 2000 and large government agencies. Learn more at www.tenable.com.

  • tenfold Software North America
    Booth: TBD

    The access management solution tenfold enables organizations to manage all access rights and user accounts across their on-prem, cloud and third-party systems and apps centrally from within one platform. Not only does this accelerate approval processes, it also protects data against theft and misuse. Thanks to seamless logs and on-demand reports, compliance regulations are also kept at bay. tenfold is quick and easy to install, user-friendly and integrates with numerous systems, making it the perfect fit for mid-size organizations.

  • Tevora
    Booth: TBD

    Tevora is an enterprise consulting firm specializing in information assurance, governance and compliance services and solutions. We work with some of the world’s leading companies, institutions and governments to ensure the safety of their information and their compliance with applicable regulations. With a distinctive combination of proven products and services, Tevora aids enterprises in protecting their most important assets from external and internal threats. For more information visit https://www.tevora.com.com/.

  • Thales
    Booth: TBD

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • ThreatLocker
    Booth: TBD

    ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com

  • Traceable
    Booth: TBD

    Traceable is the industry’s leading API Security company that helps organizations achieve API protection in a cloud-first, API-driven world. With an API Data Lake at the core of the platform, Traceable is the only intelligent and context-aware solution that powers complete API security – security posture management, threat protection and threat management across the entire Software Development Lifecycle – enabling organizations to minimize risk and maximize the value that APIs bring to their customers.

  • Trellix
    Booth: TBD

    Trellix is a cybersecurity company that helps enterprises in protecting themselves against advanced threats and gaining confidence in the security and resilience of their operations. Trellix provides their clients with a dynamic XDR architecture that adjusts to threat actors’ pace and delivers enhanced cyber threat intelligence.

  • Varonis Systems, Inc.
    Booth: TBD

    Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, compliance, classification and analytics. Varonis detects insider threats and cyberattacks by analyzing file activity and user behavior; prevents disaster by locking down sensitive data; and efficiently sustains a secure state with automation.

  • Veeam Software
    Booth: TBD

    Veeam provides a single platform for modernizing backup, accelerating hybrid cloud and securing data. Veeam has 400,000+ customers worldwide, including 82% of the Fortune 500 and 69% of the Global 2,000. Veeam’s 100% channel ecosystem includes global partners, as well as HPE, NetApp, Cisco and Lenovo as exclusive resellers, and boasts more than 35K transacting partners worldwide.

    With offices in more than 30 countries and over 200 industry awards, Veeam is unquestionably the leader in data protection across all environments. In fact, Veeam has been positioned by Gartner, Inc. in the Leaders quadrant of the 2022 Magic Quadrant for Enterprise Backup and Recovery Solutions. Not only does this mark the sixth consecutive time Gartner has recognized Veeam as a Magic Quadrant Leader, but it is the third consecutive year Veeam is positioned highest overall in ability to execute.

  • VMware
    Booth: TBD

    VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

    At the heart of everything we do lies the responsibility and the opportunity to build a sustainable, equitable and more secure future for all.

    Since our founding in 1998, our employees and partners have been behind the tech innovations transforming entire industries. Today, we continue to cultivate a culture of innovation where curiosity meets execution.

    We work to harness the next wave of innovation and solve our customers’ toughest challenges through disruptive technologies, like edge computing, AI, blockchain, machine learning, Kubernetes, and more.

  • Washington State InfraGard
    Booth: TBD

    InfraGard is a partnership of individuals representing businesses, academic institutions, state and local law enforcement agencies, and communities who are dedicated to collaborating and sharing information to prevent hostile acts against the United States.

    The Evergreen InfraGard Members Alliance area of operation is Washington State and over 600 members. As part of the Western Region, we work closely with the IMAs in Los Angeles, San Diego, Oregon, and Idaho. Our chapter’s mission is, “To protect Washington State’s Infrastructure and critical services by providing a secure platform and trusted community to share experiences and information.”

  • WiCyS Western Washington Affiliate
    Booth: TBD
Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Bryce Matsuoka
    Outreach Director, ISSA Puget Sound
  • speaker photo
    Alexander Salazar Jr.
    Cybersecurity Advisor, Region 10, DHS CISA
  • speaker photo
    Ronald Watters
    Regional Cybersecurity Advisor, Region 10, DHS CISA

    Ron Watters currently serves as the Region X (WA, OR, AK, ID) Cybersecurity Advisor for the Stakeholder Engagement and Cyber Infrastructure Resilience Division of the Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD). Based in Seattle, WA, he supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation's critical infrastructure. His program coordinates cyber preparedness, risk mitigation and incident response, and provides cyber security resources, including assessments, to the nation's sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities. Prior to joining DHS, Watters served 27 years with the U.S. Navy and Naval Reserve as a Submarine Sonar Technician and Diver, retiring from the US Navy in 2007. Recalled to Active duty following 9/11, he was offered a position as the Deputy, Information Systems Management Officer with the 4th Marine Corps recruiting District in New Cumberland, PA. He rose to the position of S-6 before leaving in 2009 to take a position as the Chief, Information Assurance Division, Network Enterprise Center Ft Irwin, CA. Watters remained in that position until leaving to become the Branch Manager of the Cybersecurity Branch of the Puget Sound Naval Shipyard in March of 2016 and, soon after, as the Region X Cybersecurity advisor in June of 2017, which he currently holds.

  • speaker photo
    Michael Bacon
    President, Premier Risk Solutions LLC
  • speaker photo
    Jenifer Clark, Moderator
    Information Security & Compliance Engineer, Costco Wholesale

    Experienced Information Security Professional with a demonstrated history of working in the retail industry. Skilled in Operations Management, Sales, Management, Point of Sale (POS) / Fuel Systems, and Inventory Control. Strive to find ways information security can enable and support business and operations teams with solutions. Actively support public/private partnerships with local and federal agencies with emphases on infrastructure, cyber security and community outreach.

  • speaker photo
    Stephen Dougherty
    Financial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service

    Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

  • speaker photo
    Rachelle Goddin
    Threat Research Analyst, Team Cymru

    Rachelle joined the S2 Team having been a senior threat intelligence researcher analyst at one of the world's biggest retail brands, Nike. She specializes in e-crime and Russian threat actor tracking. In her free time, she enjoys frustrating baddies as a member of the Cryptolaemus group.

  • speaker photo
    Randy Lariar
    Practice Director - Big Data & Analytics, Optiv
  • speaker photo
    James Christiansen
    VP, CSO - Cloud Security Transformation, Netskope

    James Christiansen is Netskope’s vice president of cloud security transformation and leader of the Global Chief Strategy Office. He is focused on enhancing Netskope’s global clients understand the challenges and solutions of cloud deployments by helping drive thought leadership in cloud security transformation.

    James brings extensive expertise as a global leader in information security. Prior to joining Netskope, he was vice president CISO at Teradata where he led the global security, physical, and information security teams. Previously, James was vice president of information risk management at Optiv, chief information risk officer for Evantix, and CISO at Experian Americas, General Motors, and Visa International.

    As a sought-after expert speaker on security, James has been featured at numerous prestigious events, including the Business Roundtable, Research Board, American Bar Association, American Banker, the RSA Conference, BankInfoSecurity, ISSA, ISACA, HIMSS, and MIS Training Institute. He has also been featured in The New York Times and quoted as an expert in USA Today, The Wall Street Journal, Reuters, United States Cybersecurity Magazine, Bloomberg, and Healthcare IT News.

    James is a patent inventor and has received three innovation awards in cyber security, GRC, and cloud computing. He is the author of the Internet Survival Series and contributing author of CISO Essentials, as well as numerous industry papers.

  • speaker photo
    Jake Bernstein, Esq.
    Partner - Data Protection, Privacy & Security Group, K&L Gates LLP

    Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

  • speaker photo
    Grant Asplund
    Growth Technologies Evangelist, Check Point Software Technologies

    For more than 20 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber-attacks in an increasingly complex world. As Check Point’s chief evangelist, he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development, and senior management for Dome 9, Blue Coat Systems, Neustar, and Altor Networks. As CEO of MetaInfo, he led its acquisition by Neustar. Grant is the host of the CISO Secrets podcast (cp.buzzsprout.com) and the Talking Cloud Podcast (www.talkingcloudpodcast.com) on Cloud security.

  • speaker photo
    Tom Cline
    VP, Cyber Risk, Skybox Security

    15+ years of experience in technology consulting in cybersecurity domain and is an evangelist. His core competencies include - designing enterprise security solution framework to proactively protect organization sensitive data, mapping technology to business, and increasing operational IT efficiency. Tom is a trusted advisor to the CxO's.

  • speaker photo
    Cymulate Representative
  • speaker photo
    Panel Discussion
  • speaker photo
    Mike Costello
    Strategic Planning & Design Manager, State of Washington

    Mike Costello is a strategic planning & design manager based in Olympia, WA. Mike oversees solution architecture, systems engineering, and capacity management to develop effective IT strategies. His expertise in networking, computing, and security allows him to harmonize and integrate diverse infrastructure technologies into comprehensive design solutions. Mike is particularly proud of his role as an innovator in architecting and deploying the state's "highway to the clouds," which bridges on-premise and cloud-based resources. Prior to his work in Washington, Mike successfully served as district chief information officer for the Seattle District Army Corps of Engineers, where he played a key role in maintaining and enhancing critical IT systems.

  • speaker photo
    Andrew Johnson
    Solutions Architect, State of Washington

    Andrew Johnson is a solutions architect based in Olympia, WA, responsible for the State's adoption of SD-WAN technology and interconnecting state government with cloud-based resources and external business partners. Andrew spearheaded the development of the state's SD-WAN strategy, oversaw proof of concept efforts, and designed solutions that have enabled the state government to leverage cutting-edge technology in serving the residents of Washington State. Additionally, he modernized the state's DNS system, transitioning it to a hybrid DNS solution that handles both on-premise and cloud-based queries.

  • speaker photo
    Tim Gallo
    Americas Mandiant Principal Architect, Mandiant, now part of Google Cloud

    Tim Gallo leads the Americas Mandiant Principal Architect team covering Mandiant solutions including Cyber Threat Intelligence, traditional Intelligence Operations, Managed Detection and Response, Security Controls Validation, and Attack Surface Management and asset discovery. He joined Google Cloud through the acquisition of Mandiant by Google in 2022; he had spent five years at Mandiant prior to the acquisition in a variety of field facing roles covering the aforementioned topics.

    Before joining Mandiant, Tim leveraged his over 20 years’ experience in information security and intelligence operations to aid in the development and deployment of a number of solutions. Including building client and organizational expertise in Intelligence Guided Cyber Network Defense (IGCND). This included the development and product management of some of the first cyber intelligence solutions ever brought to market. These solutions have included threat and vulnerability management tools, IOC prediction algorithms, intelligence services, and strategic intelligence consulting.

    Today, he spends his days helping clients understand the importance of Intelligence as a guiding principle for building out effective security processes and operations and helping clients and vendors find ways to leverage technologies responsibly to build their cyber defense centers and security operations practices. Every once in a while, he can be found out in the desert, sometimes on his Harley with a flamethrower, sometimes with just a flamethrower.

  • speaker photo
    William Lidster, Moderator
    CISO, AAA Washington

    William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company includes coordinating business continuity program activities and leading the company through emerging privacy legislation management.

    In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University.
    William completed his Bachelor of Science in Computer Science from the US Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

    Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that he also served as the regional Chief Information Security Officer for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

    William served in the US Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

  • speaker photo
    Panel Discussion
  • speaker photo
    Bidemi Ologunde
    Sr. Intelligence Analyst, Expedia Group

    Bidemi, a seasoned Intelligence Analyst, boasts a versatile career spanning incident response, SIEM operations, and the forefront of technological trends. His expertise is backed by an impressive portfolio of certifications, including CISA, C|EH, C|TIA, CASP+, amplifying his prowess in the InfoSec realm. His profound insights have been instrumental in shaping a dynamic security landscape.

    As the host and producer of 'The Bid Picture Podcast' and 'The Cyber Case Files Podcast', he discusses the daily implications of cybersecurity and analyzes federal cybercrime cases, respectively. He takes an active part in open-source investigations and uses his expertise to assist in locating missing children and supporting victims of human trafficking and domestic violence.

  • speaker photo
    Cynthia Damian
    CISO, Valon
  • speaker photo
    Marie Olson
    Deputy Chief Privacy Officer (CPO), Boeing
  • speaker photo
    Erika Voss
    VP, Engineering & Security, Capital One
  • speaker photo
    Elaine Doyle
    VP, Data Security Architecture, Salesforce
  • speaker photo
    Brittany Weinstein, Moderator
    Manager, Cybersecurity, KPMG
  • speaker photo
    Palo Alto Representative
  • speaker photo
    Illumio Representative
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

  • speaker photo
    Melissa Lopez-Barbosa
    Interim Secretary, Washington State InfraGard Member's Alliance
  • speaker photo
    Chris Roberts
    CISO and Senior Director, Boom Supersonic

    Chris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he's founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry. (Likely while coding his EEG driven digital clone that’s monitoring his tea and biscuit consumption!)

    Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that, he managed to get various computers confiscated by several European entities.)

    He’s considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years. (To interesting effect.)

    Chris has led or been involved in information security assessments and engagements for the better part of 25 years and has a wealth of experience with regulations such as GLBA, GDPR, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state, and federal authorities on standards such as CMS, ISO, CMMC, and NIST.

    Chris has been credentialed in many of the top IT and information security disciplines and as a CyberSecurity advocate and passionate industry voice, he is regularly featured in national newspapers, television news, industry publications and several documentaries. He can typically be found waving arms on a stage somewhere on this planet…or hacking into whatever’s taken his fancy… (Cows and camels being two of the more bizarre things, we’ll ignore things in space for now.)

    As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others have covered him in the media.

    And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.

  • speaker photo
    Brian Shea
    BISO, Salesforce

    Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Supportand. Currently, Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data. In addition to this, he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

  • speaker photo
    Patryk Stachowiak
    Chief Product Evangelist, Tenfold Security

    Patryk has years of experience in technical support, presenting IT solutions, and sales in a global IT market. He enjoys traveling, meeting, and interacting with different people all around the world. He is highly customer service-driven and likes to build strong relationships with clients.

  • speaker photo
    Oded Hareven
    CEO & Co-Founder, Akeyless
  • speaker photo
    Ronald Watters
    Regional Cybersecurity Advisor, Region 10, DHS CISA

    Ron Watters currently serves as the Region X (WA, OR, AK, ID) Cybersecurity Advisor for the Stakeholder Engagement and Cyber Infrastructure Resilience Division of the Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD). Based in Seattle, WA, he supports the Department of Homeland Security (DHS) mission of strengthening the security and resilience of the nation's critical infrastructure. His program coordinates cyber preparedness, risk mitigation and incident response, and provides cyber security resources, including assessments, to the nation's sixteen critical infrastructure sectors and state, local, tribal, and territorial government entities. Prior to joining DHS, Watters served 27 years with the U.S. Navy and Naval Reserve as a Submarine Sonar Technician and Diver, retiring from the US Navy in 2007. Recalled to Active duty following 9/11, he was offered a position as the Deputy, Information Systems Management Officer with the 4th Marine Corps recruiting District in New Cumberland, PA. He rose to the position of S-6 before leaving in 2009 to take a position as the Chief, Information Assurance Division, Network Enterprise Center Ft Irwin, CA. Watters remained in that position until leaving to become the Branch Manager of the Cybersecurity Branch of the Puget Sound Naval Shipyard in March of 2016 and, soon after, as the Region X Cybersecurity advisor in June of 2017, which he currently holds.

  • speaker photo
    Panel Discussion
  • speaker photo
    Dr. Adrian M. Mayers, Moderator
    VP & CISO, Premera Blue Cross

    Dr. Adrian M. Mayers joined Premera Blue Cross in November 2019 as Vice President, IT and Chief Information Security Officer (CISO) for Premera Blue Cross. Dr. Mayers is responsible for providing and optimizing an enterprise-wide security program and architecture that minimizes risk, enables business imperatives, and further strengthens Premera’s security posture. He works closely with Premera’s leadership team to establish and maintain a comprehensive program to protect employees, information assets, and technologies, and mature the corporate culture from security awareness to accountability.

    Before joining Premera, Dr. Mayers held senior management positions at Vertafore, Microsoft, Nokia, and Securiguard. He has a strong passion for remaining on the cutting edge of technology and business innovation. Throughout his 25-year career, he has dealt with various aspects of corporate security, such as anti-fraud operations, cybersecurity, intellectual property protection, counterespionage, and loss prevention.

    He holds multiple professional certifications, including CISM, CCSP, CFE, CISA, and CDPSE. He earned his doctorate in Business Administration specializing in International Business from Northcentral University, an MBA from Athabasca University, a graduate certificate in cybersecurity from Harvard University, a graduate certificate in counterintelligence from the American Military University, a certificate in digital transformation from MIT, and an engineering technologies diploma from John Abbott College. His academic research pursuits focus on national security, intelligence, special operations forces, cyber warfare, and foreign policy.

  • speaker photo
    Tom Brennan
    Executive Director, Americas Region, CREST

    Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

    As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

  • speaker photo
    SentinelOne Representative
  • speaker photo
    Frank Simorjay, Moderator
    Distinguished Fellow, ISSA

    Frank Simorjay (CISSP, ISSA Distinguished Fellow) is a cloud security and compliance subject matter expert. Frank works for Microsoft Azure global ecosystem organization as the Lead PM of the Azure automation Blueprint program, that includes the PCI automation blueprint. Frank has written an extensive library of papers, and blogs (http://cloudntech.blogspot.com).

  • speaker photo
    Panel Discussion
  • speaker photo
    Andrew Smeaton
    CISO, Afiniti

    Andrew holds over 22 years of experience in the banking, financial services, and healthcare industries. He is experienced in all facets of IT/IS Security & Risk Management including acquisitions and disaffiliations, and has a track record of developing and implementing security strategies from inception through execution. In addition to his corporate experience, Andrew has also served on the executive boards for international conferences and advised government agencies on information security subjects. Andrew’s regulatory compliance experience includes FSA, PRA, FDIC, ISO 27K, COBIT, HIPAA, PCI-DSS, GLBA, Mass 201 CMR 17.00, SOX 404.SAMA, and NYDFS.

  • speaker photo
    Exabeam Representative
  • speaker photo
    CyCognito Representative
  • speaker photo
    Kip Boyle, Instructor
    vCISO, Cyber Risk Opportunities LLC

    Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Conference Microsite!
Registration is quick and easy. Once you get started, use a browser on your phone or tablet to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Best practices & solutions, straight from the source

Join your InfoSec community for high-quality, affordable training and networking!