- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, April 16, 20259:00 am[PLUS Course] AI Unleashed: Cybersecurity Strategies for an Autonomous FutureSr. Cybersecurity Consultant, Wilson CyberRegistration Level:
- SecureWorld Plus
9:00 am - 3:00 pmArtificial Intelligence (AI) technology enables computers and machines to simulate human learning, comprehension, problem solving, decision making, creativity and autonomy. Applications and devices equipped with AI can see and identify objects, understand, and respond to human language, learn from new information and experience. AI-based applications (a classic example being a self-driving car) can make detailed recommendations to users and experts and act independently, replacing the need for human intelligence or intervention.
Recognizing the importance of technical standards in shaping development and use of AI, the U.S. President’s October 2023 Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (EO 14110) calls for “a coordinated effort… to drive the development and implementation of AI-related consensus standards, cooperation and coordination, and information sharing” internationally.
This PLUS Course focuses on how the development of AI capabilities, technologies, and tools impact cybersecurity. Instructor Larry Wilson breaks down the course into four digestible lessons:
Lesson 1: What Is Artificial Intelligence: Includes an overview of Artificial Intelligence, how AI is used today (case studies), the current / future state of international AI standards.
Lesson 2: AI Security Threats: How threat actors are using AI to automate stages of the attack lifecycle, including reconnaissance, evasion, privilege escalation, lateral movement, and exploitation.
Lesson 3: AI Security Standards: (1) Secure Design – risks and threat modelling; (2) Secure Development – supply chain security, documentation, asset and technical debt management; (3) Secure Deployment – protecting infrastructure from compromise, threat or loss, incident management, and responsible release; and (4) Secure Operation and Maintenance – logging and monitoring, update management and information sharing.
Lesson 4: AI Risk Management Playbook: (1) Govern – policies, processes, procedures and practices across the organization related to the mapping, measuring and managing of AI risks are in place, transparent, and implemented effectively; (2) Map – context is measured and understood; (3) Measure – appropriate methods and metrics are identified and applied; (4) Manage – AI risks based on assessments and other analytical output from the Map and Measure functions are prioritized, responded to, and managed; (5) Roadmap – key activities for advancing the NIST Artificial Intelligence Risk Management Framework.
Upon completion of the class, attendees will have an up-to-date understanding of AI and its impact on cybersecurity. They will learn what actions organizations should take to benefit from the many advancements available with adopting AI into their security design, development, deployment, operations, and maintenance.
9:00 am[PLUS Course] Implementing the NIST Cybersecurity Framework, Including 2.0vCISO & Managing Director, Cyber Risk Opportunities LLCRegistration Level:- SecureWorld Plus
9:00 am - 3:00 pmHave you ever wondered how to actually use the NIST Cybersecurity Framework and apply it to your business or organization?
In this course, you will get an inside look at how cybersecurity, information technology (IT), and business professionals use the NIST Cybersecurity Framework (CSF) Version 2.0 to understand and actively manage their risk posture.
You will begin by learning the fundamentals of the NIST Cybersecurity Framework, including:
- What are the components of the framework?
- Why is the framework is valuable?
- What type of organizations can use the framework?
Then, you will dive deeper into the framework to fully understand the Framework Core, the Framework Tiers, and the Framework Implementation Profile.
You will also review various case studies from diverse organizations across the globe, including critical infrastructure organizations, technology companies, governmental organizations, and others.
Finally, we will spend the majority of this course walking you through how to implement this framework within your own organization by conducting a Cyber Risk Mapping (CR-MAP). This CR-MAP of your organization will aid you in identifying your weaknesses and creating a remediation plan to achieve higher levels of security by minimizing your cyber risk.
We even include a free bonus digital workbook that helps you conduct a step-by-step Cyber Risk Mapping at the conclusion of the course.
- Thursday, April 17, 20257:30 amRegistration openRegistration Level:
- Open Sessions
7:30 am - 4:15 pmLocation / Room: Registration DeskCome to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.
8:00 amExhibitor Hall openRegistration Level:- Open Sessions
8:00 am - 4:15 pmLocation / Room: Exhibitor HallYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
8:00 amAdvisory Council Roundtable Breakfast (VIP / Invite only)Registration Level:- VIP / Exclusive
8:00 am - 8:45 amModerated discussion for SecureWorld Advisory Council members. By invite only.
8:00 amAssociation Chapter MeetingsRegistration Level:- Open Sessions
8:00 am - 8:45 amParticipating professional associations and details to be announced.
8:00 amBenchmarking Your Cybersecurity FrameworkRegistration Level:- Open Sessions
8:00 am - 8:45 amMeasuring one’s cybersecurity framework against others in the same industry, or even outside of their vertical, can provide valuable insights into areas to improve or adjust.
8:45 amNetworking BreakRegistration Level:- Open Sessions
8:45 am - 9:00 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
9:00 am[Opening Keynote] How CISOs Can Elevate Influence and Become a Business DriverRegistration Level:- Open Sessions
9:00 am - 9:45 amLocation / Room: Keynote TheaterFor today’s CISOs, it’s no longer enough to be just technical experts. This panel of top-level cybersecurity professionals representing the regions of Vancouver, B.C., Bozeman, and Seattle, breaks away from talking about the tired mantra of “speaking the language of the business” and instead dives into practical, real-world examples of how security leaders have successfully navigated the business landscape.
The discussion focuses on actionable strategies and tactics that have helped CISOs gain influence, secure funding, and elevate cybersecurity from a technical function to a critical business driver. Walk away with specific metrics, communication techniques, and actionable insights that have been proven to work in the real world—offering practical takeaways that can be implemented immediately. Get ready for a session that goes beyond the theory and delivers tangible answers to the challenges CISOs face today.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:15 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:15 amDeveloping Strategies and Governance Policies Around AIRegistration Level:- Conference Pass
10:15 am - 11:00 amAs AI continues to revolutionize the business landscape, organizations face the critical challenge of harnessing its potential while mitigating associated risks. This panel session brings together experts from varying industries to explore the intricacies of developing comprehensive AI strategies and governance policies.
Our presenter(s) will delve into:
- The current state of AI adoption across various industries and its impact on cybersecurity
- Key components of an effective AI strategy, including alignment with business objectives and ethical considerations
- Designing governance frameworks that ensure responsible AI use while fostering innovation
- Addressing AI-specific risks, including bias, privacy concerns, and potential security vulnerabilities
- Regulatory landscape and compliance requirements for AI implementation
- Best practices for data management and protection in AI-driven environments
- Ethical considerations in AI development and deployment
- Strategies for building AI literacy within organizations
- Future trends and preparing for the evolving AI landscape
Gain valuable insights into creating balanced, forward-thinking AI strategies that maximize benefits while maintaining robust security and ethical standards. The session provides practical guidance on navigating the complex intersection of AI, business objectives, and regulatory requirements.
10:15 amInvesting in Your Application Security ProgramsRegistration Level:- Conference Pass
10:15 am - 11:00 amSession description to come.
10:15 amBug Bounties: Tips from the TriagerRegistration Level:- Open Sessions
10:15 am - 11:00 amHear directly how someone who has spent years reviewing and prioritizing bug bounty program submissions approaches the task. In this talk, discover how to craft reports that stand out, ensuring your findings are presented for maximum impact and value. Discover the most common pitfalls to avoid, tips on how to structure your reports for clarity and precision, and hear highlights of the key elements triagers focus on to determine the severity and validity of vulnerabilities.
10:15 amTabletop Exercises: The Fun KindRegistration Level:- Open Sessions
10:15 am - 11:00 amTabletops are not new in incident response training. But oftentimes, they’re pretty dull or ridden with anxiety. But, what if we applied gamification and game-based learning techniques? By transforming tabletop exercises into interactive, engaging scenarios, with Dungeons & Dragons-style play, we can make them more memorable and effective!
This approach allows participants to practice critical skills, with a structure that encourages more balanced team involvement and participation, and dice-rolling to determine success and failure (that does a remarkable job in simulating a real-world experience). Enter HackBack Gaming! Why not build incident response “muscle” memory in a fun way? This session provides a foundation for you to start conducting exercises like this yourself right away.
11:00 amNetworking BreakRegistration Level:- Open Sessions
11:00 am - 11:10 amLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:10 amTracking the Massive Changes to Privacy Laws in the U.S.Registration Level:- Conference Pass
11:10 am - 11:55 amSession description to come.
11:10 amBuilding Trusted Partnerships to Enable Secure ProductsRegistration Level:- Conference Pass
11:10 am - 11:55 amIn today’s interconnected digital ecosystem, the security of any product is only as strong as its weakest link. This panel session explores the critical role of trusted partnerships in developing and maintaining secure products throughout their lifecycle.
Our distinguished panel delves into the challenges and opportunities of fostering collaborative relationships between vendors, suppliers, and customers to enhance product security. They examine how these partnerships can lead to more robust security measures, improved threat intelligence sharing, and faster response times to emerging vulnerabilities. Key topics include:
- Establishing trust in the supply chain
- Collaborative approaches to secure software development
- The role of transparency in building and maintaining trust
- Balancing intellectual property concerns with security needs
- Leveraging partnerships for more effective incident response
- Case studies of successful security-focused partnerships
11:10 amCyber Risk by the Numbers from a Cyber Insurance PerspectiveRegistration Level:- Open Sessions
11:10 am - 11:55 amYou’ve experienced a cyber incident. Does cyber insurance really pay? What’s actually a recoverable expense? How can insurance help? And when the insurance does pay, how do you balance the amount of insurance with cybersecurity priorities? In this session, we’ll evaluate the data and dig into recent real-world examples of how cyber insurance pays claims, what’s covered, the role of insurance in incident preparation and response, and how organizations are using analytics in decision-making.
11:10 am[Panel] Improving Incident Response Through Threat Intelligence, Cloud Resilience, and AI InnovationsRegistration Level:- Open Sessions
11:10 am - 11:55 amSession description to come.
12:00 pm[Lunch Keynote] A Leadership Strategy for Navigating a CrisisRegistration Level:- Open Sessions
12:00 pm - 12:45 pmLocation / Room: Keynote TheaterSession description to come.
12:00 pmAdvisory Council Roundtable Lunch (VIP / Invite Only)Registration Level:- VIP / Exclusive
12:00 pm - 12:45 pmModerated discussion for SecureWorld Advisory Council members. By invite only.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:15 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmCybersecurity Challenges for Small and Medium BusinessesRegistration Level:- Conference Pass
1:15 pm - 2:00 pmSmall and medium businesses (SMBs) are the backbone of the U.S. economy, generating over half of the annual GDP and employing millions of Americans. But they also face unique cybersecurity challenges that can threaten their survival and growth. In this talk, learn how to assess and mitigate the cyber risks that SMBs face, and how to implement a robust cybersecurity program with limited resources and expertise.
We cover the following topics:
- The state of SMB cybersecurity in the U.S.
- The cost and impact of cyber breaches on SMBs
- The main cyber threats and vulnerabilities that SMBs face
- The best practices and frameworks for SMB cybersecurity
- The steps to build or improve your cybersecurity program
Whether you are an IT manager, a cybersecurity professional, or a business owner, this talk is informative and practical. Walk away with a better understanding of the cyber landscape and the tools and techniques to protect your SMB from cyberattacks.
1:15 pmManaging Security and Technology After an AcquisitionRegistration Level:- Conference Pass
1:15 pm - 2:00 pmSession description to come.
1:15 pmAddressing the Cybersecurity Skill Shortage Internally and ExternallyRegistration Level:- Open Sessions
1:15 pm - 2:00 pmThis presentation will cover accelerating skill development and cross-department collaboration efficiently and economically. Key takeaway: How to build a cyber guild and utilize it for expanded upskilling and role development.
1:15 pm[Panel] The Secret Potential of AI and MLRegistration Level:- Open Sessions
1:15 pm - 2:00 pmArtificial intelligence (AI) and machine learning (ML) have emerged as powerful tools for cybersecurity professionals, offering the potential to revolutionize how organizations and individuals detect, analyze, and respond to cyber threats. Join us as we delve into the world of AI- and ML-powered cybersecurity, exploring the hidden potential of these technologies and their ability to transform cybersecurity superheroes into formidable defenders of the digital realm.
Our panel of experts unravel the intricate world of AI and ML in cybersecurity, shedding light on the latest advancements, emerging applications, and the challenges involved in harnessing the power of these technologies effectively. They discuss the use of AI in threat detection and analysis, ML-powered threat prediction, and the potential of AI-driven automated response capabilities.
Our panel provides a comprehensive overview of AI and ML in cybersecurity, empowering attendees to understand the hidden potential of these technologies and explore how they can be leveraged to enhance their organization’s cybersecurity posture. Learn how to identify and implement AI and ML solutions, overcome the challenges of data privacy and ethics, and embrace the future of AI-powered cybersecurity.
2:00 pmNetworking BreakRegistration Level:- Open Sessions
2:00 pm - 2:10 pmLocation / Room: Exhibitor HallVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:10 pmCognitive Computing in the New Age of AIRegistration Level:- Conference Pass
2:10 pm - 2:55 pmSession description to come.
2:10 pmIntegrating Transformative OT Cybersecurity ProgramsRegistration Level:- Conference Pass
2:10 pm - 2:55 pmSession description to come.
2:10 pmSocial Engineering: Training the Human FirewallRegistration Level:- Open Sessions
2:10 pm - 2:55 pmPhishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.
2:10 pmNavigating Third-Party Risk and Vendor ResilienceRegistration Level:- Open Sessions
2:10 pm - 2:55 pmIn today’s dynamic cyber risk landscape, risk managers must stay informed and adapt their strategies accordingly. Recent global cyber events have had a profound impact on critical functions across multiple sectors, underscoring the gravity of cyber events. Risk managers also face complexities from trends like reliance on third parties and evolving data protection laws.
To successfully navigate these challenges, risk managers are tasked with learning from significant cyber events, implementing best practices for managing third-party cyber risk, and staying updated on privacy regulations. This session assists risk managers in effectively mitigating cyber risks and safeguarding their organizations by discussing strategies for managing third-party cyber risk and providing updates on privacy regulations.
3:00 pmNetworking Break and Dash for PrizesRegistration Level:- Open Sessions
3:00 pm - 3:30 pmLocation / Room: Exhibitor HallVisit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.
Participating sponsors will announce their Dash for Prizes winners. Must be present to win.
3:00 pmHappy HourRegistration Level:- Open Sessions
3:00 pm - 4:00 pmLocation / Room: Exhibitor HallJoin your peers for conversation and complimentary beverages. This is a great opportunity to network with other security professionals from the area and discuss the hot topics from the day.
3:30 pm[Closing Keynote] Fast-Tack Funding of Your Cyber Initiatives by Focusing on Cyber ResilienceRegistration Level:- Open Sessions
3:30 pm - 4:15 pmLocation / Room: Keynote TheaterSession description to come.
- BlackGirlsHackBooth: TBD
We are a training-focused nonprofit organizations that was created to help increase diversity in cybersecurity by helping to bridge the gap between what is taught in educational institutions and what is necessary for careers in cybersecurity. We are one of the leading organizations in this space and set the standards for increasing diversity in technology and cybersecurity.
The mission of BlackGirlsHack Foundation is to increase representation and empower Black girls and women in the field of information security and cyber security through skills training, mentoring, resume review, and access to low-cost resources in an inclusive environment.
BlackGirlsHack is open to all!
- Cyversity South FloridaBooth: TBD
Cyversity South Florida is here! We are very much looking forward to engaging with you! We have lots of plans in-the-works, and hope you’ll join us in furthering our MISSION: “Achieving the consistent representation of women, underrepresented minorities, and all veterans in cybersecurity through programs designed to foster recruitment, inclusion and retention – one person at a time.”
- InfraGardBooth: TBD
InfraGard is an information sharing and analysis effort serving the interests and combining the knowledge base of a wide range of members. At its most basic level, InfraGard is a partnership between the FBI and the private sector. InfraGard is an association of individuals, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States. InfraGard Chapters are geographically linked with FBI Field Office territories.
The FBI retained InfraGard as an FBI sponsored program, and will work with DHS in support of its CIP mission, facilitate InfraGard’s continuing role in CIP activities, and further develop InfraGard’s ability to support the FBI’s investigative mission, especially as it pertains to counterterrorism and cyber crimes.
- ISACA South FloridaBooth: TBD
Our Chapter was chartered as the 33rd chapter of the Information Systems Audit and Control Association® (ISACA®) on December 2nd, 1978. The South Florida chapter includes approximately 1,400 members in the South Florida region, which spans a large geographic territory, including Miami, Fort Lauderdale, West Palm Beach, Naples, Fort Myers, and Port St. Lucie.
Mission Statement: “To help South Florida realize the positive potential of technology.”
Vision Statement: “We are a diverse group of innovative thought leaders partnering with the community to serve as the first choice for professional development and a global role model for ISACA Chapters by 2024.”
- ISC2 South Florida ChapterBooth: TBD
We are the South Florida chapter of ISC2, a local non-for-profit association for information security leaders and practitioners.
Our chapter’s program is founded on the exchange of ideas and knowledge and focused on the development of leadership and professional skills aimed at advancing the profession of information security practitioners.
We invite all information technology and security professionals in our community to join our local chapter and make a positive impact in your community.
- SIM South FloridaBooth: TBD
The Chapter strives to strengthen professional communications among members who direct the application of information technology in private and pubic organizations. Chapter activities include:
- Meeting to share innovative ideas and real world experiences which address enterprise information needs. We have excellent speakers both from our membership, and bring in industry executives and subject matter experts from many sources.
- Providing presentations by leading national information-management professionals and executives who benefit from management-information systems.
- Challenging our comfort levels by exchanging ideas with peers and business counterparts.
- Being a resource for each other, and personal networking.
- South Florida ISSA ChapterBooth: TBD
The South Florida chapter of the Information System Security Association (ISSA) stands as a cornerstone within the global ISSA community, celebrated for its prominence and esteemed reputation.
Since its inception in 1998, the South Florida ISSA has consistently organized Security Conferences every two years. These events have featured keynote speeches from illustrious figures such as Orson Swindle, former head of the FTC, alongside other notable experts from leading corporations and academic institutions.
With a dynamic involvement in the InfoSec realm, South Florida ISSA engages a diverse audience ranging from managers to technical specialists, addressing a wide spectrum of InfoSec subjects. This engagement extends through their monthly meetings and various specialized events.
A highlight of our calendar is the Hack the Flag Challenge, which takes place annually in September. This event is acclaimed throughout Florida as a top-tier collaborative learning opportunity within the industry.
Furthermore, South Florida ISSA takes pride in being the professional sanctuary for numerous ISSA Senior Members, including the distinguished ISSA Fellow William A. Cellich, underscoring its significant contribution to the community and the field at large.
- TeamOne.SupportBooth: TBD
TeamOne.Support, founded in 2022, blends technological innovation with a commitment to U.S. veterans, offering IT and cybersecurity training aimed at empowering and providing them with sustainable career paths in the tech industry. This initiative, driven by a deep sense of social responsibility, has evolved into a full-service IT provider with a focus on high-security standards and flexible veteran employment.
TeamOne.Support’s story is rooted in a unique confluence of technological expertise and a deep sense of social responsibility towards U.S. veterans. It began in 2022 with a commitment to provide veterans with IT and cybersecurity skills as a way to address veteran suicides. This project expanded rapidly, evolving from training programs into a full-fledged IT service provider by late 2023. As the organization grew, it maintained its focus on empowering veterans in the tech industry, ensuring high security standards in their services and creating flexible, meaningful job opportunities for veterans, reflecting a successful merger of professional skill development and impactful social contribution.
- ThreatLockerBooth: TBD
ThreatLocker® is a global cybersecurity leader, providing enterprise-level cybersecurity tools to improve the security of servers and endpoints. ThreatLocker’s combined Application Whitelisting, Ringfencing™, Storage Control, and Privileged Access Management solutions are leading the cybersecurity market towards a more secure approach of blocking unknown application vulnerabilities. To learn more about ThreatLocker visit: www.threatlocker.com
- Women in CyberSecurity (WiCyS)Booth: TBD
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Larry Wilson, CISSP, CISA, InstructorSr. Cybersecurity Consultant, Wilson Cyber
Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.
- Glen Sorensen, InstructorvCISO & Managing Director, Cyber Risk Opportunities LLC
Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.
Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.
- Panel Discussion
- Panel Discussion
- Happy Hour
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes