- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, December 11, 20248:30 amExhibitor Hall openRegistration Level:
- Open Sessions
8:30 am - 8:30 amYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] Shift Left Doesn't Mean Anything AnymoreHead of Community and Education, SemgrepRegistration Level:- Open Sessions
9:00 am - 9:45 amOur job is to make the software more secure. It’s not to find all the bugs. It’s not to deploy tools. It’s not to spend money or write checks. It’s not to be frustrated with developers. It’s not to be “right.” It only matters if we reduce organizational risk. If we are not doing that, regularly and consistently, we are failing.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amLeading with Empathy and Grace: Secrets to Developing High-Performing TeamsCISO, TrinseoRegistration Level:- Open Sessions
10:00 am - 10:45 amSession description to come.
10:00 amArtificial Intelligence Acceptable Use PolicyvCISO, Cyber Risk Opportunities LLCRegistration Level:- Open Sessions
10:00 am - 10:45 amSession description to come.
10:00 am[Panel] How IT Can Improve Your GRC ProgramPartner - Data Protection, Privacy & Security Group, K&L GatesSr. Security Engineer, AutomoxCybersecurity and Compliance Engineer, May MobilityRegistration Level:- Open Sessions
10:00 am - 10:45 amSession description to come.
10:45 amNetworking BreakRegistration Level:- Open Sessions
10:45 am - 11:00 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:00 amSocial Engineering: Training the Human FirewallTeam Leader of Information Security, GarminRegistration Level:- Open Sessions
11:00 am - 11:45 amPhishing is one of the leading cyberattacks worldwide, resulting in numerous social engineering training exercises to train average users to defend against these attacks. This discussion focuses on research that took a pool of users with three different phishing campaigns. Each campaign progressively has a phish that should be more advanced to spot than the previous phish presented. The research shows the psychological reasoning behind why a user will interact with a phish, regardless of educational awareness. Results include why a 0% or 100% report rate is unrealistic and how to use phishing metrics to quantify risk in a business.
11:00 amInsider Threat: Clever Adversary Tactics to Infiltrate Your Organization You Need to Know Now!CEO & Founder, Center for Threat IntelligenceRegistration Level:- Open Sessions
11:00 am - 11:45 amInsider threats pose a significant and often underestimated risk to organizations. This session dives deep into the cunning tactics employed by malicious insiders to infiltrate and compromise your most valuable assets. Learn about:
- The Evolving Insider Threat Landscape: Understand the motivations and methods of today’s insider threats, from disgruntled employees to external actors leveraging compromised credentials.
- Social Engineering & Manipulation: Uncover the subtle techniques used to exploit trust and gain unauthorized access to sensitive information.
- Data Exfiltration & Sabotage: Recognize the warning signs of data breaches, intellectual property theft, and deliberate system disruption orchestrated from within.
- Technical Exploitation & Privilege Abuse: Explore how insiders can leverage their knowledge and access to bypass security controls and exploit vulnerabilities.
- Proactive Defense & Mitigation Strategies: Discover practical steps to detect, deter, and respond to insider threats, including user activity monitoring, access control, and security awareness training.
This session is critical for security professionals, IT administrators, risk managers, and anyone responsible for protecting their organization from internal threats.
11:00 amAre You in a Dysfunctional Relationship with the HR Department?Executive Director, National Cybersecurity AllianceRegistration Level:- Open Sessions
11:00 am - 11:45 amWhen HR and security teams understand their respective roles, value each other, and have an open, productive partnership, life is good. They can help each other be more effective and complement each other’s functions. Unfortunately, that symbiotic state can be hard to achieve. For security teams, HR folks can be hard to understand. Sometimes they seem like a great advocate for security, and at other times they can seem more like a blocker of our efforts to better secure the organization.
For HR professionals, dealing with the security team can be a challenge. For example, the security team might send out an emotionally-triggering simulated phish to everyone in the organization, causing numerous employee complaints that HR has to manage. So what can you do if you don’t have the best relationship with the HR team?
This talk, based on years of experience navigating the relationship between HR and security teams, will cover the issues that cause the biggest disconnects between HR and security. We’ll look at the issues from both sides and cover proposed solutions for each. Improving the relationships for both departments can lead to happier HR and security professionals who are more effective in their roles, and a company that’s better protected and prepared against cyber threats.
11:45 amNetworking BreakRegistration Level:- Open Sessions
11:45 am - 12:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pmDrag Racing & Cybersecurity: The CrossoverAssociate CISO, St. Luke's University Health NetworkRegistration Level:- Open Sessions
12:00 pm - 12:45 pmYou’d be amazed what you can learn from everyday hobbies or obstacles to help you become a better practitioner. Krista Arndt shares a very personal story of survival after a bad drag racing accident in 2015. It was a life-altering experience and provided perspective on her personal and professional life that drives her every day as a loving mom and wife, volunteer, and successful CISO.
12:00 pmUncovering Blind Spots in Your NetworkField CISO, Critical StartRegistration Level:- Open Sessions
12:00 pm - 12:45 pmIt’s an unfortunate reality: cybersecurity professionals face threats they often can’t see. From unmonitored assets to incomplete telemetry, blind spots in your security infrastructure can open dangerous vulnerabilities.
In this presentation, Tim Bandos, Field CISO at Critical Start, shares insights into the most common security gaps and actionable strategies for closing them. Learn how to ensure full visibility across your IT and OT environments, monitor for log ingestion failures, and adopt automated asset discovery to reduce the risk of unseen threats.
Key Takeaways:
- Understanding the Invisible Threats: Explore how missed signals, shadow IT, and unmonitored assets can undermine your security efforts.
- Mitigating Security Gaps: Learn tactics such as comprehensive tooling audits, continuous log monitoring, and automated asset management to close these gaps.
- Optimizing Detection and Response: Discover how asset visibility can enhance SOC and MDR effectiveness and lead to faster threat detection and response.
- Real-World Case Studies: See how organizations improved their detection rates and SOC capabilities by closing critical security gaps.
If you’re looking to strengthen your threat detection and response capabilities, this is a can’t-miss session!
12:00 pm5 Things InfoSec Needs to Hear about QuantumSecurity ResearcherRegistration Level:- Open Sessions
12:00 pm - 12:45 pmThe quantum revolution is coming, and it will profoundly impact the cybersecurity landscape. This session cuts through the hype to deliver five essential takeaways about quantum technology and its implications for protecting digital assets. Learn about:
- Quantum Computing’s Power: Understand how quantum computers can break current encryption algorithms and render widely used security protocols obsolete.
- The Post-Quantum Cryptography Race: Explore the ongoing development of new cryptographic algorithms designed to withstand quantum attacks.
- Threat Timeline & Preparedness: Get a realistic assessment of when quantum threats are likely to materialize and how to prepare your organization.
- Quantum-Resistant Security Strategies: Discover practical steps you can take today to mitigate future risks, including adopting hybrid classical-post quantum approaches.
- Beyond Cryptography: Explore other cybersecurity applications of quantum technology, such as quantum key distribution and quantum-resistant blockchain.
This session is vital for CISOs, security architects, cryptography specialists, and anyone responsible for long-term cybersecurity strategy.
12:45 pmNetworking BreakRegistration Level:12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pmThreat Modeling 101: Star Wars EditionGaming Senior Cloud Security Architect, MicrosoftRegistration Level:- Open Sessions
1:00 pm - 1:45 pmSession description coming soon.
1:00 pmReading the Tea Leaves: What to Expect from Your 2025 Cyber Insurance RenewalVice President, Cyber Liability, Woodruff SawyerFocus Group Leader, E&O, Cyber Risks, BeazleyCISO, The Anschutz CorporationAdjunct Professor, Baylor School of Law; AVP, Cyber Solutions Team Leader, Crum & ForsterRegistration Level:- Open Sessions
1:00 pm - 1:45 pmThe claims environment remains fraught with cyber threats, particularly ransomware. At the same time, privacy concerns continue to escalate, with a heightened focus on data protection, biometric security, and non-breach privacy claims. Regulatory scrutiny from the FTC and State Privacy Regulators further emphasizes the need for robust cybersecurity measures.
To effectively mitigate risks, organizations must prioritize controls such as EDR, DLP, privileged account management, and technology product risk management. A proactive approach to third-party risk management and supply chain resilience is also essential. Culture and awareness training play a pivotal role in fostering a security-conscious workforce.
Maximizing cyber insurance efforts requires collaboration across departments. CISOs should engage with risk managers and legal teams to ensure alignment in coverage discussions and budget allocation. Cyber underwriting exercises can provide valuable insights for business impact assessments and audit committee reviews, fostering a shared understanding of risk and mitigation strategies.
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pm[Closing Session] Behavioral Profiling: Know Thine EnemyCyber Behavioral Profiler, FBI (Ret.) and Modus CyberandiRegistration Level:- Open Sessions
2:00 pm - 2:45 pmIn the ever-evolving landscape of cyber threats, understanding your adversary is paramount. This session delves into the dark arts of behavioral profiling, providing cybersecurity professionals with the tools to anticipate, analyze, and mitigate attacks. Learn how to:
- Profile Threat Actors: Identify the distinct behaviors, motivations, and tactics of different attacker groups, from script kiddies to sophisticated nation-state actors.
- Recognize Attack Patterns: Decipher the telltale signs of malicious activity by analyzing user behavior, network traffic, and system logs.
- Predict Future Attacks: Anticipate an attacker’s next move by understanding their goals, capabilities, and past behaviors.
- Strengthen Your Defenses: Develop proactive security measures and incident response strategies based on behavioral insights.
This session is crucial for security analysts, incident responders, threat hunters, and anyone involved in safeguarding digital assets.
2:00 pm[Closing Session] Cyber Intel BriefingCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)Registration Level:- Open Sessions
2:00 pm - 2:45 pmThis presentation will provide a comprehensive overview of the current cyber landscape, focusing on both global and domestic government-related threats and incidents. We will delve into recent high-profile attacks, explore emerging trends, and discuss the evolving tactics employed by cybercriminals and nation-states. Additionally, the presentation will examine the ongoing challenges faced by governments in protecting critical infrastructure, securing sensitive data, and mitigating the risks posed by cyber espionage. By understanding the latest developments in the cyber threat environment, attendees will gain valuable insights into safeguarding government networks and systems.
- AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- Critical StartBooth:
Critical Start Managed Cyber Risk Reduction solutions deliver continuous security cyber risk monitoring and mitigation enabling strong protection against threats. Combined with a team of expert risk mitigators, our platform provides maturity assessments, posture and event analytics, response capabilities, comprehensive threat intelligence, and security workload management capabilities. We help you achieve the highest level of cyber risk reduction for every dollar invested, leading to increased confidence in reaching your desired level of security posture.
- Semgrep, Inc.Booth:
Semgrep, Inc. is a cybersecurity company based in San Francisco. The company develops the Semgrep AppSec Platform (a commercial offering for SAST, SCA, and secrets scanning) and actively maintains the open-source static code analysis tool semgrep OSS.
- Tanya JancaHead of Community and Education, Semgrep
Tanya Janca, aka SheHacksPurple, is the best-selling author of "Alice and Bob Learn Secure Coding," "Alice and Bob Learn Application Security," and the "AppSec Antics" card game. Over her 28-year IT career, she has won countless awards (including OWASP Lifetime Distinguished Member and Hacker of the Year), spoken all over the planet, and is a prolific blogger. Tanya has trained thousands of software developers and IT security professionals via her online academies (We Hack Purple and Semgrep Academy) and her live training programs.
Having performed counter-terrorism, led security for the 52nd Canadian general election, developed or secured countless applications, Tanya Janca is widely considered an international authority on the security of software. Tanya currently leads education and community for Semgrep.
- Tammy KlotzCISO, Trinseo
Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.
- Kip BoylevCISO, Cyber Risk Opportunities LLC
Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.
- Jake Bernstein, Esq.Partner - Data Protection, Privacy & Security Group, K&L Gates
Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.
- Hemanth TadepalliCybersecurity and Compliance Engineer, May Mobility
Hemanth Tadepalli is a Cybersecurity Compliance Engineer at May Mobility, excelling in the realm of autonomous transportation services. With a rich professional background spanning roles at AlixPartners, Mandiant, Google, and SensCy, he specializes in ensuring compliance with stringent standards like ISO 27001, SOC 2, ISO/SAE 21434, and others. Hemanth co-founded MYCAP (Michigan Young Cybersecurity Analysts and Professionals), fostering budding talents in the cybersecurity domain. Appointed by the Michigan Department of State in 2022, he served on the Collegiate Advisory Task Force, determined and implemented recommendations to improve voter education and engagement among universities across the state of Michigan. The task force played an important role in election security, integrity, and combatting the result of misinformation being spread.
Hemanth has presented at the Detroit Automotive Cybersecurity Conference and various other prominent industry events, showcasing his expertise and thought leadership. He holds a Computer Science degree with a cybersecurity concentration and minors in Pre-Law, Innovation, and Entrepreneurship from Kettering University. Currently pursuing a Master's in Cybersecurity at the University of California, Berkeley, he continues to drive innovation and excellence in the cybersecurity landscape.
- Reanna SchultzTeam Leader of Information Security, Garmin
Reanna Schultz is from Kansas City, MO, and attended the University of Central Missouri (UCM). She graduated in 2018 with her Bachelor of Science in Cybersecurity: Secure Software Development and in 2020 for Master of Science in Cybersecurity: Information Assurance. While being in the industry, Reanna has been exposed to numerous SANS hosted classes. Reanna volunteers as a National Cyber League coach and provides her industry expertise by doing guest speaker talks for numerous colleges and high schools across the Midwest to STEM students. Reanna currently works as a Team Lead at Garmin and directly reports out of their SOC.
- Janet LawlessCEO & Founder, Center for Threat Intelligence
Janet is CEO and Founder of Center for Threat Intelligence. Janet established a team of intelligence experts to build a cutting-edge holistic threat intelligence program including assessments, consulting and training. Janet’s former leadership roles at Microsoft and Cisco, creating and managing global programs focused on compliance and security, in addition to her work at a cyber-security start-up, brings a wealth of knowledge in security services. Janet is currently the Chair for ASIS International Puget Sound Chapter, and former Committee Chair for Women in Security. She is Chair Emeritus for the Pacific Coast Analyst Roundtable and a former Board Member for the American Red Cross. She is also a member of InfraGard, the United States Secret Service Cyber Fraud Task Force and the Washington State Fusion Center.
- Lisa PlaggemierExecutive Director, National Cybersecurity Alliance
Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.
- Krista ArndtAssociate CISO, St. Luke's University Health Network
Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.
Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.
When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.
- Tim BandosField CISO, Critical Start
With close to 20 years of experience in cybersecurity, I am a passionate and visionary leader who strives to protect organizations from cyber threats and enhance their resilience. I have a strong background in security operations, incident response, threat hunting, and digital forensics, as well as product management, marketing, and public speaking. As the CISO and Executive VP of SOC Services at Xcitium, I am responsible for building and delivering world-class managed detection and response (MDR) services to clients across various industries and regions.
In my current role, I have successfully built a 24/7/365 security operation center (SOC) that provides endpoint detection and response, ransomware investigations, advanced digital forensics, and proactive threat hunting services. I also host the CISO Blend webinar series and speak at cybersecurity conferences to share my insights and best practices with the community.
- John O'MalleySecurity Researcher
With over 20 years of experience in information security, I am passionate about protecting data, systems, and networks from unauthorized access, threats, and attacks. I have a strong background in identity and access management, security tools, quantum cryptography, and disaster recovery, and I hold two certifications from The Linux Foundation and LinkedIn.
In my prior role as the Director of Cyber Security at American Binary, I was responsible for the security and data integrity of all systems in use at the County. I developed and implemented security standards and procedures, planned and led security and related functions, and served as the primary point of contact for internal and external resources on IT security issues. I also oversaw the use of security tools, reviewed technical designs, and served as the subject matter expert to top management. Previously, I worked as an Identity and Access Management Manager at Change Healthcare and Lifepoint Health, where I architected, built, scaled, and managed the centralized identity and access management structure, policies, and compliance framework for hundreds of thousands of users worldwide. I collaborated with various stakeholders to integrate new applications and cloud environments, set up privileged accounts, control user access, and reduce risk and cost. I also served as a COMSEC Manager and Custodian in the U.S. Army for over 15 years, where I gained valuable experience and skills in security, communication, and leadership.
- Audrey LongGaming Senior Cloud Security Architect, Microsoft
Audrey Long is a Senior Security Software Engineer at Microsoft. She is passionate about making security accessible both to software engineers and as a career for girls in STEM. She holds DoD secret clearance and a Master of Science degree in Cyber Security from Johns Hopkins University.
- David AndersonVice President, Cyber Liability, Woodruff Sawyer
David focuses on complex cyber, privacy, technology, and professional liability issues and is a dedicated and fierce advocate for his clients.
- Ashley HellerFocus Group Leader, E&O, Cyber Risks, Beazley
Ashley is responsible for the management of the Technology Liability portfolio at Beazley, a leading London-based specialty insurer. Prior to her time at Beazley, Ashley was an underwriting manager at AIG, where she underwrote Cyber for National Accounts.
- Sam MasielloCISO, The Anschutz Corporation
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Prior to The Anschutz Corporation, he served as the CISO at Gates Corporation, where he was responsible for the company's data security, risk, and global compliance initiatives. Before that, he was CISO at TeleTech, where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which included many Fortune 500 companies.
Sam has also been the Chief Security Officer, Head of Application Security, and Head of Security Research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA), and a member of the Anti-Phishing Working Group (APWG).
- Violet SullivanAdjunct Professor, Baylor School of Law; AVP, Cyber Solutions Team Leader, Crum & Forster
Violet Sullivan leads cyber consulting services at Crum & Forster. She works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.
Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.
As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.
As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.
- Cameron H. MalinCyber Behavioral Profiler, FBI (Ret.) and Modus Cyberandi
Cameron Malin, JD, CISSP, is the founder of Modus Cyberandi, a bespoke Cyber Behavioral Profiling consultancy specializing in the assessment of cyber threat actor decision making, adversary tradecraft, cyber deception, and cognitive vulnerabilities. As a retired Behavioral Profiler with the Federal Bureau of Investigation (FBI), he has more than 22 years of experience investigating, analyzing, and profiling cyber adversaries across the spectrum of criminal to national security attacks.
During his tenure in the FBI, he was the founder of both the FBI Behavioral Analysis Unit's (BAU) Cyber Behavioral Analysis Center (CBAC), the FBI BAU's methodology and application of science-based behavioral profiling and assessment to national security and criminal cyber offenders—and the BAU’s Deception and Influence Group (DIG), a uniquely trained and experienced cadre of Behavioral Profilers specialized in analyses and countermeasures to adversary cyber deception campaigns and influence operations.
He is a co-author of the authoritative cyber deception book, "Deception in the Digital Age: Exploiting and Defending Human Targets Through Computer-Mediated Communications" (published by Academic Press, an imprint of Elsevier, Inc.), and co-author of the Malware Forensics book series: "Malware Forensics: Investigating and Analyzing Malicious Code," "Malware Forensics Field Guide for Windows Systems," and "Malware
Forensics Field Guide for Linux Systems" (all published by Syngress, an imprint of Elsevier, Inc.). - Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- VJ ViswanathanFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.
With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.
VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.
VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes
Learn from cyber leaders on relevant, timely security topics. Reserve your spot today!