Top 10 Reasons to Attend SecureWorld
Conference Agenda
Filter by registration level:
  • session level iconOpen Sessions
  • session level iconConference Pass
  • session level iconSecureWorld Plus
  • session level iconVIP / Exclusive
  • Thursday, October 14, 2021
    8:00 am
    Exhibitor Hall open
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    8:00 am - 9:00 am
    Location / Room: Exhibitor Floor

    Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Virtual booths feature demos, resources downloads, and staff ready to answer your questions. Look for participating Dash For Prizes and CyberHunt sponsors to be entered to win prizes.

    8:00 am
    Advisory Council Roundtable
    • session level icon
    Discussion topic to be announced
    Registration Level:
    • session level iconVIP / Exclusive
    8:00 am - 8:50 am

    This session is for SecureWorld Advisory Council members by invite only.

    8:15 am
    Ransomware Hindsight: As Attacks Surge, What Can We Learn from Previous Response?
    • session level icon
    speaker photo
    CISO, State of Texas
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    Ransomware attacks are surging across the United States, often targeting government and education. That was certainly the case when 20 government agencies in Texas were attacked in a single day. Join this fireside chat as Texas CISO Nancy Rainosek shares what that day was like, how her team approached the attacks, and lessons they learned from remediating them. These insights could help your agency in the future.

    8:15 am
    The Evolving Cyber & Privacy Landscape
    • session level icon
    speaker photo
    Cyber Attorney, Global Leader of Privacy Practice Group, Beckage Law
    Registration Level:
    • session level iconOpen Sessions
    8:15 am - 8:50 am

    The changes from an evolving cyber and privacy landscape can seem impossible to track, let alone implement. Join this session with nationally known cybersecurity and privacy attorney Jordan Fischer to gain an understanding of what is new and what is next. Also, learn about key strategies for implementation to help drive organizational compliance.

    9:00 am
    [Opening Keynote] Cybersecurity Habits to Help Secure Your Organization
    • session level icon
    speaker photo
    Chief Security Officer, Southern Methodist University
    Registration Level:
    • session level iconOpen Sessions
    9:00 am - 9:45 am

    Cybersecurity should be understood as a series of nine habits that we must pursue. Doing so can greatly increase the security posture of an organization. Join author and CISO George Finney as he explores implementing these habits, changing our behaviors, and the power of these shifts to help combat most information security problems.

    George’s new book, “Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future,” is available for purchase here: https://www.amazon.com/Well-Aware-Master-Cybersecurity-Protect/dp/1626347352

    9:45 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    9:45 am - 10:00 am
    Location / Room: Exhibitor Floor

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:00 am
    The Unified Controls Framework
    • session level icon
    speaker photo
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    In this presentation, Mia Boom-Ibes, Allstate Vice President, will explore the Secure Software Development Life Cycle and how you can deliver secure products—making the easy thing the right thing to do for your product development teams.

    You’ll get examples that you can put into practice, and leave armed with the knowledge and skills on how to improve code quality and gain transparency into the residual risks. The presentation will also cover a future focus on the unified control framework program and how the world of secure software development is innovating to stay in front of emerging threats.

    10:00 am
    We Are All Collateral Damage Casualties of the Ongoing Cyber War
    • session level icon
    speaker photo
    Director, Global Cybersecurity Program, University of St. Thomas
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    Today, one can make the argument that on some level all commerce is eCommerce and that the safety and prosperity of the places we work and communities we live in depend on a safe and secure internet. But how safe can we be when the titans for global geopolitics are engaged in an undeclared asymmetrical conflict that uses all aspects of national power that operate in the cyber domain? The old school modalities of propaganda, disinformation, espionage, intellectual property theft, and sabotage have greater reach and capabilities in our digitally connected world. Let’s look at a brief history of the conflict from Estonia, NotPetya, to Colonial Pipeline and then ask the question: is there a technical solution to the conflict, or is it time to consider cyber arms control?

    10:00 am
    Practical Considerations When Verifying Your Vendors' Cybersecurity Controls
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:00 am - 10:30 am

    As businesses grow, it becomes increasingly cheaper, more convenient, and more efficient to rely on third parties to take on certain business functions. However, the security of your organization’s assets is only as strong as the weakest link in your vendor chain.

    Embracing the “trust-but-verify” approach, this session offers helpful tips and areas to focus on when validating your vendors’ cybersecurity controls.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:30 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:30 am - 10:45 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    10:45 am
    Insider Threats: A Multi-Pronged Approach to Protecting Your Organization
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am
    Insider threats are a real danger and cannot be overlooked. While deploying the latest secure system to fight against cyber threats is a decent strategy, you must also implement an effective insider threat system for an overall cybersecurity solution. An insider threat program cannot be brought off the shelf, but is a continuous process to identify and detect an incident as it occurs.

    Presentation level: GENERAL (InfoSec best practices, trends, solutions, etc.)

    10:45 am
    Never Trust. Always Verify.
    • session level icon
    speaker photo
    Global Security Strategist, Check Point Software Technologies
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    Humans are inherently both trusting and distrusting, without even knowing it! We pick up on innumerable subtle micro expressions and nuances of our environment, instantly spotting what’s out of place. Without a second thought, our computer brains process and alert us to “things out of place” and focus our attention, silencing distractions so we can verify trust.

    In this session, Eddie Doyle will demonstrate that when we design systems after our neuro-biology, we can focus our networks to eliminate threats in much the same manner as our natural born instincts.

    10:45 am
    From Authentication to Audit: How to Secure Third-Party Connectivity
    • session level icon
    speaker photo
    Director, Sales Engineering, SecureLink
    Registration Level:
    • session level iconOpen Sessions
    10:45 am - 11:15 am

    The risks associated with third-party remote access into an organization’s network grow daily. We regularly see breaches in the headlines that, time and time again, turn out to be the result of unsecured remote access. While the risks and the damages are growing, so is the need for secure third-party remote access. In this session, we’ll review the third-party lifecycle, discuss how to identify vulnerabilities in remote access, and hone in on managing connectivity from authentication to audit.

    If you manage an enterprise network and can’t identify every third-party user on your network by name and tie their identity back to their session activity, then join us to learn about the gaps in the lifecycle you can address to protect your organization.

    11:15 am
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:15 am - 11:30 am

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    11:30 am
    Lessons from Emergency Response for IT and Cybersecurity
    • session level icon
    speaker photo
    Program Manager, Cyber Readiness Center, Texas A&M Engineering Extension Service
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    For years, Information Technology and Cybersecurity departments within organizations have been struggling to develop plans and procedures for mitigating, responding to, and recovering from cybersecurity events. Although some strides have been made at the federal and state government level to integrate cybersecurity into the “all hazards approach” to incident management, many organizations outside of traditional emergency management are hard pressed to develop incident response, recovery, and mitigation/preparedness procedures.

    In this presentation, Andrew Jarrett will discuss a brief history of NIMS/ICS, federal and state doctrine that has been developed to coordinate cybersecurity incident response in the public sector, and how organizations in both the public and private sector can implement a model inspired by the core tenants of incident command and other lessons in emergency response to manage cybersecurity risk and organize for the response and recovery from cybersecurity disasters.

    11:30 am
    Are You Ready for the Convergence of IIoT, OT, and IT Security?
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    Business transformation and drive for smart factory initiatives has placed demands on business leaders to leverage relevant technologies to achieve the desire end goal of operational excellence. The technologies such as industrial internet of things (IIoT) are being layered on top of manufacturing floor machinery to provide that needed insight into business operations and productivity. These improvement and perceived operational excellence have come with cyber security risks which were not a common place in manufacturing space previously. It for this reason that there is now a convergence between operation technology (OT), Industrial internet of things (IIoT) and IT. This intersection is becoming very evident in manufactural, supply chain and traditional production organization or companies.

    Most of these manufacturing machineries were never directly connected to the ethernet networks and as such the risk was very minimal. In some cases, these organizations had organized security based on perimeter controls such as data center firewalls, site firewalls, floor firewalls that provide segmentation or microsegment between corporate IT and manufacturing operation technology (OT space). However, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network — even if there is a secure communication link. There are many ways to run into problems on the OT/IoT front if companies are not careful in their network design security implementation. These increase the risk and a re-thinking of how to architect security appropriately to meet the ever-evolving threat landscape with relevant implications to OT/IIoT and larger enterprise network.
    Presentation Level:
    GENERAL (InfoSec best practices, trends, solutions, etc.)

    11:30 am
    New Remote Workforce: Privacy and Security Risks and Mitigations
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    11:30 am - 12:00 pm

    The sudden growth in the remote workforce exposed critical cybersecurity and privacy concerns that should be considered. This presentation will provide an overview of key legal considerations with remote work when it comes to privacy and security, as well as discuss some solutions to help mitigate risk as your employees work from home.

    12:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:00 pm - 12:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    12:15 pm
    I.A.M. What I Am: Building a Strong Identity and Access Management Program
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    Identity and Access Management has risen from a necessary evil to the “new perimeter” as applications migrate to the cloud. Having the right people aligned to your business processes with sound technology will propel your IAM program from the back office to business enabling function. This presentation will guide you on how to mature your existing identity and access management program, pitfalls to avoid, and tips to get your stakeholders on board.

    12:15 pm
    Leveraging the Three Lines of Defense to Improve Your Security Position
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm
    Depending on your role, a three lines of defense risk management model can be your best friend or worst enemy. No matter your view, the data produced through these channels can help you better understand your weaknesses, work more effectively with senior management, and respond to a variety of scenarios.
    Presentation Level: MANAGERIAL (security and business leaders)
    12:15 pm
    [Panel] Ransomware: Myths, Pitfalls, and New Insights
    • session level icon
    speaker photo
    VP, Global Services Technical Operations, BlackBerry
    speaker photo
    Principal Security Strategist, Synopsys
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    One thing we have learned over the past 18 months is that ransomware is very lucrative. Backups and cyber insurance have you covered, right? Not so fast. Misinformation abounds around digital extortion. Join our panel of experts as they unpack some of the myths and pitfalls around ransomware and offer valuable insight on how to keep your company out of the headlines!

    12:15 pm
    [Panel] Cloud: Power and Peril
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    12:15 pm - 1:00 pm

    We are making history now, in the cloud. Organizations are utilizing cloud at record levels, revealing its power like never before. However, much of this shift was forced, and fast, which increased risk. And attackers are shifting, too. Join this panel as we unpack the power of the cloud and also its peril: current challenges, threats, and pitfalls.

    12:15 pm
    Executive Roundtable
    • session level icon
    Registration Level:
    • session level iconVIP / Exclusive
    12:15 pm - 1:00 pm

    Discussion forum for executive leaders and SecureWorld Advisory Council members (10-15, invite only). Moderated by a CISO/CSO.

    1:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:00 pm - 1:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    1:15 pm
    Staying Resilient: Small and Medium Enterprises (SMEs) and Cybersecurity
    • session level icon
    speaker photo
    Director of Information Security, Ambra Health
    speaker photo
    IT Security Architect, University of Texas Health Science Center at Houston (UTHealth)
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    Small and Medium Enterprises (SMEs) are the backbone of U.S. and European economies. SMEs are significant drivers of economic growth, job creation, and new innovation. Technology enables businesses to increase connectivity and engagement with their customers, and can provide SMEs with a better understanding of their customer base. Today’s digitally connected environments lead to greater risk of data breach or service disruptions. One of the greatest challenges for SMEs is to keep running the operations while keeping themselves protected from ongoing attacks. Cybercriminals are no longer targeting larger enterprises alone. Larger enterprises have overall better security, so targeting them requires more resources in terms of time and money, whereas 90% of cybercriminals are lazy and want to get easy access and do quick damage. SMEs are lucrative to cybercriminals as they can be easy targets, and also, due to digital connectivity, are a step closer to larger organizations that SMEs partner with.

    Key questions we will cover:

    • What does downtime due to a cyberattack mean to an SME?
    • What data resides in SME networks that needs to be secured?
    • How do SMEs build cyber resilience?
    • What should an SME budget for a cybersecurity program be?

    Presentation level: MANAGERIAL (security and business leaders)

    1:15 pm
    Ethical Hacking and Cyber Ecosystems: Anticipating the Predators
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    In an ever-evolving digital landscape with cloud computing, mobility and IoT systems, more sophisticated approaches to vulnerability assessment are necessary. One of the central tools used in vulnerability testing is penetration testing, along with other techniques that are more broadly classified as ethical hacking. This discussion includes highlights from three case studies of ethical hacking in different settings. Highlights include approaches to ethical hacking and specific penetration techniques relevant to cloud computing and network security. Topics will also include challenges faced in ethical hacking within cybersecurity ecosystems and a discussion of a robust, integrative multi-layered used in ethical hacking.
    Presentation Level: TECHNICAL (deeper dive including TTPs)

    1:15 pm
    [Panel] Third-Party Risk: Managing Your Partners
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    1:15 pm - 2:00 pm

    At any given moment, a company could take a snapshot of its risk and stay busy trying to seal up all of its own holes (or accept them for what they are) in security. But what about the businesses that support you? How do you know that Fred’s band has a secure API for its clients? Does ACME really need access to our HR files? Why do we keep getting old invoices from ABC Parts Company? Dive into third-party risk, networking security with a focus on data exfiltration, and how Zero Trust could eliminate this costly issue.

    2:00 pm
    Networking Break
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:00 pm - 2:15 pm

    Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

    2:15 pm
    CLOSING KEYNOTE
    • session level icon
    Registration Level:
    • session level iconOpen Sessions
    2:15 pm - 3:00 pm
Exhibitors
  • Arctic Wolf Networks
    Booth:

    Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit  https://www.arcticwolf.com.

  • Armis, Inc
    Booth:

    Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. Fortune 1000 companies trust Armis’ unique out-of-band sensing technology to discover and analyze all managed and unmanaged devices, analyze endpoint behavior to identify risks and attacks, and protect information and systems.

  • AttackIQ
    Booth:

    AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to identify security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat Informed Defense.

  • Automox
    Booth:

    Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.

  • BitSight
    Booth:

    BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter

  • BlackBerry
    Booth:

    BlackBerry provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including more than 175M cars on the road today. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and is a leader in the areas of endpoint security management, encryption, and embedded systems. BlackBerry’s vision is clear—to secure a connected future you can trust.

    BlackBerry. Intelligent Security. Everywhere.

    For more information, visit BlackBerry.com and follow @BlackBerry.

  • Check Point Software Technologies Inc.
    Booth:

    Check Point Software Technologies Inc. is a leading provider of cybersecurity solutions to governments and corporate enterprises globally. Its solutions protect customers from 5th generation cyber-attacks with an industry leading catch rate of malware, ransomware, and other types of attacks. Our solutions offer multilevel security architecture, “Infinity” Total Protection with Gen V advanced threat prevention.

  • Checkmarx Inc.
    Booth:

    Checkmarx is the global leader in software security solutions for modern enterprise software development. Checkmarx delivers the industry’s most comprehensive software security platform that unifies with DevOps and provides static and interactive application security testing, SCA and developer AppSec training to reduce and remediate risk from software vulnerabilities. www.checkmarx.com

  • Corelight
    Booth:

    Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com

  • CrowdStrike
    Booth:

    CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus (AV), endpoint detection and response (EDR), and a 24/7 managed hunting service—all delivered via a single lightweight agent.

  • Cybercrime Support Network
    Booth:

    Cybercrime Support Network (CSN) is a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime. CSN’s mission is to improve the plight of Americans facing the ever growing impact of cybercrime by bringing together national partners to support cybercrime victims before, during, and after.

  • Cybereason
    Booth:

    Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.

  • ForgeRock
    Booth:

    ForgeRock® is the digital identity management company transforming the way organizations interact securely with customers, employees, devices, and things. Organizations adopt the ForgeRock Identity Platform™ as their digital identity system of record to monetize customer relationships, address stringent regulations for privacy and consent (GDPR, HIPAA, FCC privacy, etc.), and leverage the internet of things. ForgeRock serves hundreds of brands, including Morningstar, Vodafone, GEICO, Toyota, TomTom, and Pearson, as well as governments like Norway, Canada, and Belgium, securing billions of identities worldwide. ForgeRock has offices across Europe, the USA, and Asia

  • InfraGard North Texas
    Booth:

    The primary purpose of the InfraGard North Texas Members Alliance is to assist in increasing the security of the United States national infrastructures through ongoing exchanges of information relevant to infrastructure protection and through education, outreach, and similar efforts. In addition to the benefits offered by the national InfraGard organization, there are several ways our local chapter accomplishes these objectives, including:

    • Local quarterly membership meetings focused on infrastructure protection
    • Sector-specific meetings and information exchanges
    • Partnerships and discounts to training offerings with other organizations such as ISSA and SecureWorld
    • Networking opportunities with peers within and across all sectors
  • (ISC)2 Dallas-Fort Worth
    Booth:

    The Dallas-Fort Worth Chapter of (ISC)2 is based in the DFW area and serves the counties of the Dallas-Fort Worth Metroplex. Members include those with security certifications from (ISC)2 as well as other professionals practicing or interested in information, software and communications security. Our mission is to advance information security in the DFW area by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects. Our chapter programs provide members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resources and educational programs to keep them up to date with the latest advances in technology as well as information assurance.

  • Okta
    Booth:

    Okta is the foundation for secure connections between people and technology. Our IT products uniquely use identity information to grant people access to applications on any device at any time, while still enforcing strong security protections. Our platform securely connects companies to their customers and partners. Today, thousands of organizations trust Okta to help them fulfill their missions as quickly as possible.

  • PKWARE
    Booth:

    PKWARE protects the world’s data with smart encryption software and solutions. In use by more than 35,000 customers, including government agencies and global corporations, PKWARE’s easy-to-use security armors data itself and eliminates vulnerabilities wherever data is used, shared or stored.

    PKWARE offers the only data discovery and protection solution that locates and secures sensitive data to minimize organizational risks and costs, regardless of device or environment. Our software enables visibility and control of personal data, even in complex environments, making PKWARE a global leader in data discovery, security, and compliance.

  • Proofpoint
    Booth:

    Proofpoint protects your people, data, and brand from advanced threats and compliance risks with cybersecurity solutions that work. Built on advanced analytics and a cloud architecture, our platform secures the way your people work today—through email, mobile apps, and social media.

    Some attacks get through even the best defenses. That’s why our solutions also proactively safeguard the critical information people create. We reduce your attack surface by managing this data and protecting it as you send, store, and archive it. And when things go wrong, we equip security teams with the right intelligence, insight, and tools to respond quickly.

  • Recorded Future
    Booth:

    Recorded Future arms security teams with threat intelligence powered by machine learning to lower risk. Our technology automatically collects and analyzes information from an unrivaled breadth of sources. We provide invaluable context that’s delivered in real time and packaged for human analysis or instant integration with your existing security technology.

  • RedSeal
    Booth:

    By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.

  • Remediant
    Booth:

    Founded in the heart of San Francisco, Remediant offers an industry leading Privileged Access Management (PAM) solution we call SecureOne.  Our innovative and enterprise-class cybersecurity solution enables real-time monitoring, Zero Trust protection of privileged accounts and Just-In-Time Administration (JITA) across IT/Security/Cloud ecosystems. We protect organizations from stolen credentials being used against them, which is the number one attack vector across all breaches. To learn more, please visit: www.remediant.com

  • RiskRecon
    Booth:

    RiskRecon, a Mastercard company, provides cybersecurity ratings and insights that make it
    easy for enterprises to understand and act on their risks. RiskRecon is the only security rating
    solution that delivers risk-prioritized action plans custom-tuned to match customer risk priorities,
    enabling organizations to efficiently operate scalable, third-party risk management programs for
    dramatically better risk outcomes. Request a demo to learn more about our solution.

  • SecureLink
    Booth:

    SecureLink is a leader in managing secure third-party access and remote support for both enterprise companies and technology providers. SecureLink serves over 400 customers and 30,000 organizations worldwide. World-class companies across multiple industries including healthcare, financial services, legal, gaming and retail rely on SecureLink’s secure, purpose-built platform.

  • Synopsys
    Booth:

    Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in static analysis, software composition analysis, and application security testing, is uniquely positioned to apply best practices across proprietary code, open source, and the runtime environment. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.

  • TechTarget
    Booth:

    TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

  • Thales
    Booth:

    As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.

  • ThreatConnect
    Booth:

    Designed by analysts but built for the team, ThreatConnect’s intelligence-driven security operations platform is the only solution available today with intelligence, automation, analytics, and workflows in a single platform. To learn more about our TIP and SOAR solutions, visit www.ThreatConnect.com.

Return to Agenda
Keynote Speakers
Speakers
  • speaker photo
  • speaker photo
    Jordan Fischer
    Cyber Attorney, Global Leader of Privacy Practice Group, Beckage Law

    Jordan Fischer leads Beckage's Global Privacy Team, where she represents clients in cross-border data management, creating cost-effective and business-oriented approaches to cybersecurity, data privacy, and technology compliance. Recognized as a Super Lawyers Rising Star – Technology Law, Jordan practices in many jurisdictions throughout the United States in both state and federal courts, as well as internationally in both Europe and Asia.

    Jordan has counseled clients on a wide variety of regulatory requirements, including the General Data Protection Regulation (GDPR), and implementing member state law, the California Consumer Privacy Act (CCPA), the Fair Credit Reporting Act, the Driver's Privacy Protection Act, biometric data laws, global data breach standards, and federal and state unfair business practices acts. She also provides counsel on a variety of security and privacy frameworks, including the International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST) cyber and privacy frameworks, and the Payment Credit Card Industry Data Security Standard (PCI DSS).

    Jordan has extensive experience in the intersection of law and technology, regularly evaluating and assessing legal and business opportunities and risk to provide public and private sector clients with critical data privacy and cybersecurity assessments and strategy. With a global perspective, Jordan represents clients regarding contractual negotiations related to technology, data management, security, and privacy, and helps to build out compliance programs to address a multitude of regulatory requirements and best practices. She also provides insight into third-party management, working with clients to build solutions to ensure security and privacy are accounted for in the supply chain. Jordan has represented clients in a variety of sectors, including emerging technologies (blockchain, Internet of Things/IoT, and Artificial Intelligence/AI), pharmaceutical, healthcare, agriculture, adtech, and manufacturing. Jordan works with clients to develop business solutions that incorporate privacy-by-design and security-by-design concepts, merging regulatory requirements with real-world practical solutions.

  • speaker photo
    George Finney
    Chief Security Officer, Southern Methodist University

    George Finney is the Chief Security Officer for Southern Methodist University and the author of “No More Magic Wands: Transformative Cybersecurity Change for Everyone.” He previously worked with several startups and global telecommunications firms designing networks, writing policy, hardening servers, and educating users. George is a member of the Texas CISO Council, an Advisory Council member for SecureWorld, and a board member of the Palo Alto Networks FUEL User Group.

  • speaker photo
    Mia Boom-Ibes
    Vice President, Information Security Strategy, Innovation and Analytics, Allstate Insurance Company

    Mia Boom-Ibes is Vice President, Security Innovation, Strategy and Analytics, ATSV for Allstate Insurance Company. In this role, she is responsible for Allstate's cybersecurity strategy and priorities. She manages relationships with key business and technology stakeholders to ensure alignment and oversees architectural standards to enable consistency across the enterprise.

    Prior to becoming a vice president at Allstate in July of 2017, Mia was a director in Allstate Information Security with responsibility for setting the strategy and direction for information security governance, risk and compliance efforts across the corporation. She spearheaded the creation of the company’s first Enterprise Information Security Policy and Information Security Risk Management program aligned with industry best practices and frameworks. In addition, Mia has designed and built security governance programs to obtain or retain PCI compliance status at multiple institutions.

    Mia began her Allstate career in 2012 as an information security compliance and consulting manager, quickly progressing to roles of increasing leadership. She previously served in information security roles at John Deere Financial, PwC Consulting and Discover Financial Services.

    Mia holds CISSP and CISM certifications and bachelor’s degree from the College of Saint Benedict. As the proud mother of four sons, Mia leads an active lifestyle balancing her work responsibilities, learning new skills in mixed martial arts and enjoying time with her husband and children.

  • speaker photo
    Eric Botts
    Director, Global Cybersecurity Program, University of St. Thomas

    Eric Botts is Director, Global Cyber Security Program, and Assistant Professor of International Studies at the University of St. Thomas, teaching courses on Cyber Warfare, Cyber Ethics, Enterprise Cybersecurity, and Digital Governance. Adjunct Lecturer at the University of Houston Downtown, teaching a course on Organizational Resilience in the Master of Security Management program in the College of Business. He is a lecturer at the Women’s Institute of Houston teaching a course entitled The World According to Eric. He received his Bachelor of Arts degree in Political Science from St. Mary's University and a Master of Security Management degree from the University of Houston Downtown.

    After serving for 31 years in the U.S. Department of State as a Foreign Service Officer (Santo Domingo, Seoul, Dublin, and Nassau), Assistant Director of the Houston Passport Agency, and an Information Systems Security Officer, Eric retired and went to work in the private sector. During his federal career, he served as Program Chairman of the Gulf Coast Federal Safety Council, and as a member of the Federal Executive Board. He is a founding board member of the Foreign Policy Alliance and has spoken on foreign policy issues to civic groups, colleges, and the media. He works as a security project manager and consultant for Swailes & Co. Inc., specializing in cybersecurity, risk management, business continuity, due diligence, travel security, and investigations. In the cybersecurity community, he sits on the SecureWorld Advisory Council. He has authored and published two novels: "Conversations with An Alien" (2004) and "The Circle - Portrait of an American Family" (2015), writing under the pen name Eric Cristofer.

  • speaker photo
    Eddie Doyle
    Global Security Strategist, Check Point Software Technologies

    Edwin Doyle communicates with international leaders in cybersecurity, cyber forensics, and cyber law enforcement, across the world. Taking best practices for threat mitigation from the industry’s finest CISOs and from police and military cyber command, Edwin’s responsibilities include sharing cyber defense tactics with media, government agencies, and enterprise corporations, via keynote and panel discussions.

    Edwin’s unconventional background in education allows him to clearly explain technical topics to a diverse audience. With over 20 years of cybersecurity experience, Edwin holds a unique understanding of the security risks and challenges that organizations must overcome.

  • speaker photo
    Russell Dowdell
    Director, Sales Engineering, SecureLink

    For nearly a decade, Russell has worked with SecureLink customers and organizations looking to improve third-party security. He has been an integral part of the implementation, support, and solution engineering for customers ranging from large healthcare vendors to small towns. In his current role, Russell and his team help organizations identify the SecureLink products and product features that can be leveraged to both improve security and streamline workflows.

  • speaker photo
    Andrew Jarrett
    Program Manager, Cyber Readiness Center, Texas A&M Engineering Extension Service

    Andrew Jarrett of the TEEX Cyber Readiness Center is a former firefighter, current member of a Type II/Type III Incident Management Team (IMT) and has recently been deployed as a member of Texas Division of Emergency Management (TDEM) Incident Support Teams (ISTs) for COVID response. As the Cyber Enterprise Program Manager at the TEEX CRC, he helps organizations assess their cybersecurity risk posture, develop pre-incident plans for cybersecurity, and organize their resources for response and recovery. He has also developed and delivered a number of FEMA-certified cybersecurity courses focused on the FEMA mission set of preparedness, mitigation, response, and recovery.

  • speaker photo
    Tony Lee
    VP, Global Services Technical Operations, BlackBerry
  • speaker photo
    Tim Mackey
    Principal Security Strategist, Synopsys

    Tim Mackey is a principal security strategist within the Synopsys CyRC (Cybersecurity Research Center). He joined Synopsys as part of the Black Duck Software acquisition where he worked to bring integrated security scanning technology to Red Hat OpenShift and the Kubernetes container orchestration platforms. As a security strategist, Tim applies his skills in distributed systems engineering, mission critical engineering, performance monitoring, large-scale data center operations, and global data privacy regulations to customer problems. He takes the lessons learned from those activities and delivers talks globally at well-known events such as RSA, Black Hat, Open Source Summit, KubeCon, OSCON, DevSecCon, DevOpsCon, Red Hat Summit, and Interop. Tim is also an O'Reilly Media published author and has been covered in publications around the globe including USA Today, Fortune, NBC News, CNN, Forbes, Dark Reading, TEISS, InfoSecurity Magazine, and The Straits Times. Follow Tim at @TimInTech on Twitter and at mackeytim on LinkedIn.

  • speaker photo
    Panel Discussion
  • speaker photo
    Deepthi Menon
    Director of Information Security, Ambra Health

    Deepthi Menon serves as Director of Information Security at Ambra Health. Ambra Health is an innovative software company that provides solutions for medical image sharing of DICOM and non-DICOM data between patients, physicians, and hospitals. Deepthi has more than 12 years of experience in information security. She has her Masters in Information Security from the University of Houston. In last 12 years, Deepthi has held several different security roles, from Network Security Architect to Leading Security Operations Center to Directory of Security. Deepthi is one of the founding members of Tech Ladies and a champion for women in technology and security. On a personal front, Deepthi is a trained Indian classical dancer (dancing preferably when no one is watching) and an avid fan of mystery novels and movies. Deepthi has a lovely 10-year-old daughter and loves spending time with her.

  • speaker photo
    Karl Bernard
    IT Security Architect, University of Texas Health Science Center at Houston (UTHealth)

    Karl Bernard, CISSP, is an IT Security Architect at UTHealth with 30 years of IT experience, with 20 years in Information Security. His experience runs the full gamut of IT Security: he has implemented new technologies, such as network monitoring products and web application firewalls; performed risk assessments; coordinated large DR tests; led incident response tabletops; started and managed a web application firewall and system vulnerability management program; and trained and mentored colleagues to run these programs.

  • speaker photo
    Panel Discussion
Conference App and Microsite!
Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
app store play store
Learn and connect virtually

Join your InfoSec peers for high-quality training and collaboration. Sign up today!