- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Wednesday, December 9, 20208:00 amExecutive Roundtable [VIP invite only]Discussion topic: NOW What Are You Including in Your Incident Response Plan?Partner - Data Protection, Privacy & Security Group, K&L GatesRegistration Level:
- VIP / Exclusive
8:00 am - 8:45 amThis session is for Advisory Council members only.
The current global threat landscape has shifted dramatically in the past several months due to the COVID-19 pandemic. Security professionals are being tasked with keeping the company’s data safe with an influx of remote workers that we’ve never had to account for. Inevitably something is going to happen. An incident WILL arise. You may have had a great plan in the past, and you probably continuously tested it. But have you tested it now that the IT and InfoSec departments are separated and the employees are everywhere? In either case, it’s time to reevaluate your Incident Response plan to accommodate for this unprecedented shift.
8:30 amExhibitor Hall openRegistration Level:- Open Sessions
8:30 am - 9:00 amLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] Chaos Creates Opportunity: Security as a Business EnablerHead of Information Security, Netflix DVDRegistration Level:- Open Sessions
9:00 am - 9:45 amWelcome to the new normal. Many, including me, praised the ideas of Rugged DevOps, Zero Trust, and the implementation of Artificial Intelligence, as well as other novel security practices. While many had plans on implementing some or all of these practices, a black swan event occurred, thus causing a category 5 disturbance to affect every person and every company in the world. Information Security was once considered by some to be a mandatory cost center for a company. Real-life examples are showing that chaos and opportunity are allowing security to show its true promise and enabling business to thrive.
9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amThe Three Most Crucial Words in Digital Transformation“Machine Identity Management” and How It Secures Our Digital Transformation JourneysDirector of Product, VenafiRegistration Level:- Open Sessions
10:00 am - 10:30 amNothing has been more disruptive to the landscape of the financial services industry than digital transformation, defined as “the process of using digital technologies to create new—or modify existing—business processes, culture, and customer experiences to meet changing business and market requirements.” In this session, we’ll demonstrate how all digital transformation efforts rely, ultimately, on machines, whether those are virtual and serverless systems, containers and applications, or IoT and end-user devices.
We’ll also show how a whole new security category has arisen—what Gartner calls Machine Identity Management—to instantly and dynamically protect the tens of thousands of machine identities driving digital transformation. Lastly, we’ll show how Visibility, Intelligence, and Automation are the building blocks you need to design and implement a Machine Identity Management program that bridges current practices and the emerging technologies of the future.
10:00 amBusiness Continuity Planning During the COVID-19 PandemicVP & CISO, Provation MedicalVice President, Human Resources, Provation MedicalRegistration Level:- Open Sessions
10:00 am - 10:30 amMilinda Rambel Stone, VP and CISO, and Susan Hanson, VP of Human Resources, of Provation Medical will share in this interview format led by SecureWorld’s Emmy Award winning journalist, Bruce Sussman.
Susan and Milinda are Provation COVID-19 Task Force members leading their organization through these challenging times. They will share their experience surrounding the daunting task of Business Continuity planning during the coronavirus pandemic. BC planning can be difficult enough during normal times. What are we missing now that we have a significant global scale event?
10:00 amHow an XDR Approach Helps Speed Response and Improve MITRE ATT&CK CoverageVP, Strategy, Trend MicroRegistration Level:- Open Sessions
10:00 am - 10:30 amXDR is an emerging industry approach that extends EDR’s insight to a broad range of sources (endpoint, servers, network, email; and more). Learn how the XDR approach takes advantage of detailed activity telemetry (not just alerts) from its sources, enabling more meaningful correlation and enabling rapid detection of subtle chains of malicious activity. Higher-fidelity correlated detections mean that alert volumes decrease, enabling faster response. See how network and email telemetry help XDR expand your coverage of MITRE’s ATT&CK frameworks, without resorting to painstaking manual correlation across security toolsets.
10:00 am[Panel] Threat Landscape in Flux: Emerging ThreatsCISO, CybereasonChief Evangelist & Sr. Director, Product Marketing, BlackBerryVP, Infrastructure Strategies, Trend MicroVice President, Western and LATAM Sales, EntrustEnterprise Architect, ReliaQuestRegistration Level:- Open Sessions
10:00 am - 10:30 amThe attack surface is shifting, threat actors are adapting, and security teams must also pivot. This panel will take a dive into various attack vectors, security gaps, and emerging threats organizations are now facing.
10:30 amNetworking BreakRegistration Level:- Open Sessions
10:30 am - 10:45 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:45 amConnected Devices Need Connected TeamsCISO, SPX CorporationRegistration Level:- Open Sessions
10:45 am - 11:15 amIoT security is a growing concern as the number of connected devices increases. California, Oregon, and the EU now regulate the security of IoT devices. Leveraging compliance to create IT/Security partnership with Engineering, Application, and R&D teams is an opportunity to create successes for your business.
Presentation level: MANAGERIAL (security and business leaders)
10:45 am[Panel] No Perimeter: Security in the CloudCTO, RedSeal NetworksPrincipal Solutions Engineer at Alert Logic, Alert LogicDirector of Technology - Office of the CTO, ImpervaSr. Sales Engineer, ExabeamSr. Product Marketing Manager, Cloud and App-layer Data Protection, Thales Cloud SecurityRegistration Level:- Open Sessions
10:45 am - 11:15 amWorldwide events have accelerated cloud adoption trends. Organizational reliance on the cloud is at an all-time high. This panel will explore cloud security risks, controls, and best practices to help ensure a secure cloud computing environment.
10:45 amIf Cryptography Is So Important, Why Is It So Misunderstood?Vice President, Western and LATAM Sales, EntrustRegistration Level:- Open Sessions
10:45 am - 11:15 amData encryption, Digital Signatures/Certificates, Application Encryption, and PKI are all technologies that use CRYPTOGRAPHIC functions, yet most of the companies that implement these technologies trust their vendors that their solutions provide the appropriate amount of security without questioning the specifics of their implementation. Why? It’s simple: Cryptography is hard to understand, and if the vendor says they’ll take care of it, most companies believe their vendor. This is a mistake, and companies need to start questioning their crypto vendors, and the only way to do this is to understand crypto. Crypto isn’t hard if you know what to look for and what questions to ask. Brad Beutlich will talk about these topics and provide a number of sample questions that every company should ask any vendor who says “Don’t worry, we’ve got your crypto covered.”
10:45 amHow SASE Is Solving Today's Remote Worker ChallengesGlobal Field CTO, Prisma Access, Palo Alto NetworksRegistration Level:- Open Sessions
10:45 am - 11:15 amIn this session, you’ll hear about how Prisma Access SASE is securely enabling the remote workforce; why most ZTNA vendors are not enough; and how the right cloud architecture delivers reliable scale while improving user experience.
11:15 amNetworking BreakRegistration Level:- Open Sessions
11:15 am - 11:30 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:30 am[Keynote] The Zero Trust You Don’t KnowVP, Security Strategy & Threat Intelligence, VenafiRegistration Level:- Open Sessions
11:30 am - 12:15 pmThink you know Zero Trust? You might have just half the story. In the new normal, Zero Trust is a part of your enterprise strategy. It’s about secure remote access for your employees and partners. It’s the model built on BeyondCorp. But, you’ve got just half the story. What’s beyond remote access, beyond people, beyond the datacenter? Welcome to the BeyondProd mode and the Zero Trust you don’t know: the fast-moving world of a perimeter-less, identity-based business of clouds, microservices, and service mesh your developers and architects know. Get ready for the other side of Zero Trust that opens new possibilities for security professionals.
12:15 pmNetworking BreakRegistration Level:- Open Sessions
12:15 pm - 12:30 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:30 pmApproaches to Justifying Cybersecurity Projects and SpendChief Information Security & Privacy Officer, WorkForce SoftwareRegistration Level:- Open Sessions
12:30 pm - 1:00 pmFeel like you’re not getting enough funding for your security projects or program? Learn to stack the deck in your favor by following four basic rules. Lots of examples will be presented!
12:30 pmExtortionware: Your Privacy Problems Made PublicHead of Infrastructure and Application Security, OneLoginRegistration Level:- Open Sessions
12:30 pm - 1:00 pmOver the last decade, ransomware has increasingly become the most popular option for hackers to monetize the access they’ve obtained to corporate computer systems around the world. Over the last few years, we’ve observed the ransomware software and techniques adapt and evolve to include the theft and exposure of private information, creating extortionware as a new breed of malicious software. This talk will provide an overview of these techniques and discuss the potential privacy and security impacts you may face as a result.
12:30 pmManaged Detection and Response (MDR): 5 Essential Questions to Ask Your VendorVice President and Industry Security Strategist, eSentireRegistration Level:- Open Sessions
12:30 pm - 1:00 pmAs sophisticated threat actors like state-sponsored and organized crime gangs use ever harder to detect attacks, many mid-sized firms are turning to Managed Detection and Response (MDR) vendors to provide continuous SOC services, including threat identification, investigation and containment. But like much in the security industry, not all MDR services are alike, and range from marketeering to advanced threat hunting capabilities. How can you know the difference? Join Mark Sangster as he walks you through five questions you can ask your vendor to determine if they are capable of stopping crippling attacks before they disrupt your business.
You will walk away with five questions you can ask your vendor to determine if they are capable of stopping crippling attacks before they disrupt your business.
12:30 pm[Panel] Remote Workforce: Lessons LearnedDirector of Information Security and Research, AutomoxDirector, Consulting Engineer, BitSightSr. Presales System Engineer, Arctic Wolf NetworksDirector of Solution Architecture, Perimeter 81Global Field CTO, Prisma Access, Palo Alto NetworksRegistration Level:- Open Sessions
12:30 pm - 1:00 pmCompanies had no real choice as we all moved to the “new normal” and a fledgling at home workforce due to the coronavirus outbreak. If you stop and think about it, it was quite the feat—a massive cloud migration the likes of which had never been seen before. Now that things are somewhat settled into a pattern, what are you discovering that should have been done differently? Realizing that a lot of the same things need to be done? How is the network perimeter now? How many devices are suddenly on your networks? IoT devices from the remote workers piggybacking on the home connections? What are the legal challenges now (think reasonable security)? Join us for a panel discussion of security experts.
1:00 pmNetworking BreakRegistration Level:- Open Sessions
1:00 pm - 1:15 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:15 pmCloud Encryption DynamicsExecutive Director, Data Management & Protection, JPMorgan ChaseRegistration Level:- Open Sessions
1:15 pm - 1:45 pmThe emergence of cloud computing resulted in a boom in attention on encryption. Where has encryption benefited cloud computing, and where have hopes been dashed? What are today’s models, and what impact will the latest technologies—confidential computing, privacy preserving encryption, homomorphic encryption, for example—have in the years ahead? This session will provide an overview of cloud encryption dynamics that probably contradicts at least one thing you believe on that topic. Come join this session and learn from someone that’s lived in the trenches and values constructive debate.
Paul Rich is the Executive Director of Data Management & Protection at JPMorgan Chase & Co. From 1998 to 2019, he worked at Microsoft where he worked with encryption technologies and developed new features in Office 365 for protecting customer data. Paul aspires to evangelize unfortunate truths and debunk popular myths regarding encryption and cloud computing.
1:15 pmThird Party Risk Management: Tips to Enhance and Scale Your TPRM ProgramDirector, Consulting Engineer, BitSightManaging Director - Federal, Third Party Risk, TevoraRegistration Level:- Open Sessions
1:15 pm - 1:45 pmEnhance your TPRM program with tips about what works and what doesn’t based on industry feedback from hundreds of companies nationwide. Industry experts Jeremiah Sahlberg and David Hawkins will cover topics that show up frequently in successful TPRM programs and which work in both large enterprise organizations as well as in smaller businesses that need to manage their risk despite not having large teams and extensive solutions to get the job done. We will also discuss how fourth parties and cloud services can have an impact on your third-party ecosystem.
1:15 pm[Panel] 2021 Predictions: A Glimpse into the FutureDirector of Product, VenafiSr. Solution Architect, CymulateSr. Director, Product Management, IvantiSolution Architect, SonatypeRegistration Level:- Open Sessions
1:15 pm - 1:45 pm2020 has been wrought with an unprecedented number of attacks and vulnerabilities, and a global pandemic. We saw the worst in some and best in others. Ransomware reared its ugly head like never before, and the cloud swelled with new users and data. So, what does the Magic 8-Ball hold for 2021? Our panelists will give their predictions on what you need to be prepared for as we enter the new year. Will you be ready, or become yet another statistic on a breach report?
1:15 pmRansomware Recovery with Speed and PrecisionDirector, Endpoint Recovery Services, CrowdStrikeRegistration Level:- Open Sessions
1:15 pm - 1:45 pmRansomware attacks cause major business disruptions resulting in significant time expenditures, technical resources, and related costs in order to return to full business operations. The traditional recovery approach using backups and reimaging or simply paying the ransom fails to address the root cause of the attack and remove persistent threats. This failure leaves organizations open to secondary attacks, negating initial efforts. Our experts from the front lines of incident response and endpoint recovery are helping organizations effectively recover from attacks with speed and precision to surgically remove ransomware. Join us for this informative session to learn just how we do it.
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pmWhy CISOs Need a 90-Day PlanCISO, DeserveRegistration Level:- Open Sessions
2:00 pm - 2:30 pm2:00 pmDetect Everything: Bringing Google Scale Threat Detection to Your SOCHead of Customer Experience Engineering, ChronicleChief Product Officer, CyCognitoRegistration Level:- Open Sessions
2:00 pm - 2:30 pmSkillful threat detection and investigation starts with a diverse hub of security telemetry to draw from. The Chronicle platform allows security teams to cost effectively store and analyze petabytes of security data in one place, and perform investigations in seconds. Join this session to learn all about what’s new in Chronicle and see it in action with a live demo.
2:00 pmWho Accessed Your Data in the Cloud? Your Bosses and Auditors Want to KnowDirector, Product Management, ImpervaRegistration Level:- Open Sessions
2:00 pm - 2:30 pmYour business is moving data to the cloud without all the security controls mandated for on-prem. After all, the promised economics and business agility are far too attractive for business leaders to ignore. But attackers are after data, auditors demand evidence, and Security is still responsible for protecting data. You need to catch up with that data before attackers and auditors find it, and you need to catch up right now.
Join Imperva to learn how to reconcile Security’s need for visibility with the business’s need for speed and agility—in minutes. This session will include:
- Learn the fast path to getting control of your data already in the cloud
- What capabilities you will have to bring to make cloud DBaaS secure and audit-ready
- How cloud-native data security can be frictionless to the business’s need for speed
2:00 pmBeyond Personal Data: Expanding Privacy Best Practices into Broader Data GovernanceOffering Manager, OneTrust DataGovernance, OneTrustRegistration Level:- Open Sessions
2:00 pm - 2:30 pmData can be a powerful tool, but also a major compliance risk. Most every function in the business is collecting data, but how do you know where that data is? How can you ensure personal data is properly collected, processed, and retained? How can you understand the risk associated with your data? In essence, how do you find the issues you don’t know about?
In this session, we’ll answer these questions and share how automation can help discover and quantify risk—for personal data and beyond.
2:30 pmNetworking BreakRegistration Level:- Open Sessions
2:30 pm - 2:45 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:45 pmTeaching Others to Hike in the Cybersecurity WildsDirector, Information Security, Risk & Compliance, Columbia SportswearSenior Manager, InfoSec Awareness and Analytics, Columbia SportswearRegistration Level:- Open Sessions
2:45 pm - 3:15 pmEvery hike takes you to new places, but the basics of hiking are the same: good shoes, a map, and a trailhead. Building a strong cybersecurity awareness program is no different. Let us take you on our journey of how we built a cybersecurity oriented culture, and how you know it’s working.
2:45 pmRational Approach to Zero TrustSenior Manager, Sales Engineering, BlackBerryRegistration Level:- Open Sessions
2:45 pm - 3:15 pmSecurity vendors and analysts are pushing the “Zero Trust” message, but Zero Trust is not a product that can be bought. It is an approach to security policy and processes. This brief talk discusses the “low-hanging fruit” in applying Zero Trust principles to an organization’s security program.
2:45 pmThe California Privacy Rights Act: What It Is, Why It Is Significant, and How to PrepareVP, Corporate Privacy, and General Counsel, SpirionRegistration Level:- Open Sessions
2:45 pm - 3:15 pm2:45 pmAddress the Skills Gap in CybersecuritySr. Solution Architect, CymulateRegistration Level:- Open Sessions
2:45 pm - 3:15 pmTo what degree does the cybersecurity skills shortage impact companies’ security posture? How can companies increase the security performance of their people and processes given this skills shortage? How can companies create an environment that encourages experimentation and validation to increase the professional skills of its security team members?
3:15 pmRapid Fire Briefings and Happy HourCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)Registration Level:- Open Sessions
3:15 pm - 3:45 pmPour your favorite beverage as we close out SecureWorld West Coast with a BYOB happy hour and two rapid fire briefings on critical topics.
Former Comcast VP & CISO VJ Viswanathan will brief us on specific methods being deployed by ransomware actors to pull off a successful attack. And CNN military analyst Col. Cedric Leighton (Ret.) will brief us on top nation-state cyber threats as we look ahead to 2021.
- Arctic Wolf NetworksBooth:
Arctic Wolf Networks provides SOC-as-a-service that is redefining the economics of security. The AWN CyberSOC™ service is anchored by Concierge Security™ teams and includes 24×7 monitoring, custom alerting, and incident investigation and response. There is no hardware or software to purchase, and the end-to-end service includes a proprietary cloud-based SIEM, threat intelligence subscriptions and all the expertise and tools required. For more information about Arctic Wolf, visit https://www.arcticwolf.com.
- Alert LogicBooth:
Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24/7 monitoring and expert guidance services from our security operations center. More than 1,500 enterprise customers trust Alert Logic to secure and protect their digital information, and rely on us for keeping in step with increasingly complex regulatory issues. In addition to our team of GIAC analysts dedicated to careful observation and assessment of threats to your data, our research team stays on top of emerging developments so we can stop potential security breaches before they strike. We also have a dedicated support team ready to answer any questions you have about our products and services.
- ARMA NW RegionBooth:
THIS IS YOUR ARMA! The Association of Records Managers and Administrators (ARMA) is the leading international not-for-profit association for Records Management and Information Governance, comprised of approximately 27,000 professionals in this field with chapters across the US, Canada, and internationally. Do you need guidance on records policy, compliance, and operations? We are here to help connect you with local professionals for networking, educational session, vendor contacts, meet-ups, and collaboration.
Bellevue Eastside Chapter
The Bellevue Chapter serves the greater eastside members providing opportunities for RIM professionals to connect and collaborate. RIM and IG areas include Utilities, Legal, Medical, Banking, Software, Engineering, Government, Energy, and Telecommunications. - AutomoxBooth:
Automox tackles one of today’s biggest cybersecurity challenges: misconfigured and out-of-date systems that can easily be exploited. Legacy tools simply cannot remediate known vulnerabilities as efficiently as modern IT demands. Automox is rewriting those rules with a cloud-native endpoint hardening platform that delivers unprecedented speed, simplicity, and automation—whether it is on-prem, in the cloud, or on the move.
- BitSightBooth:
BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog, or follow @BitSight on X.
- BlackBerry CybersecurityBooth:
BlackBerry Cybersecurity is a leader in endpoint security, endpoint management, encryption, and embedded systems, protecting enterprises and governments around the world. Our end-to-end approach is deeply rooted in Cylance® AI and machine learning, providing continuous preventative protection, detection, and instant response. We extend protection for your organization against current and future cyberthreats by combining network and endpoint telemetry and by delivering innovative solutions in the areas of cybersecurity, safety, and data privacy.
- Checkmarx Inc.Booth:
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
- Chronicle SecurityBooth:
Cybercrime now affects billions of people globally, and the organizations responsible for protecting critical information and systems need more help to keep up. Cybersecurity needed a moonshot.
Chronicle was born in 2016 as a project within X, Alphabet’s moonshot factory. As an Alphabet company, we bring unique resources and talent to the goal of giving enterprises, and the people within them, the tools to win the fight against cybercrime.
We see a future where enterprise security teams can find and stop cyberattacks before they cause harm. By applying planet-scale computing and analytics to security operations, we provide the tools teams need to secure their networks and their customers’ data. We turn the advantage to the forces of good.
- Cloud Security Alliance SeattleBooth:
The Greater Seattle Chapter of the Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing in the Pacific Northwest, and provide education on the uses of Cloud Computing to help service providers and customers be secure in the Cloud.
The Greater Seattle Chapter began in late 2010, led by Vivek Bhatnagar and Marc Pinotti, with our first Chapter Meeting held March 24th 2011. Our membership since then has grown to include corporate sponsors and over 1100 executive and senior level security, compliance, and IT professionals from throughout the entire Pacific Northwest, Western Canada, and Alaska.
The Chapter provides a venue for our Members to network, share ideas and research, as well as educational opportunities through quarterly seminars and monthly Chapter meetings that feature presentations by industry experts about Cloud issues, security, and technology.
- CobaltBooth:
Cobalt’s Pentest as a Service (PtaaS) platform is modernizing traditional pentesting. By combining a SaaS platform with an exclusive community of testers, we deliver the real-time insights you need to remediate risk quickly and innovate securely.
- CorelightBooth:
Corelight makes powerful network security monitoring solutions that transform network traffic into rich logs, extracted files, and security insights for incident responders and threat hunters. Corelight Sensors run on open-source Zeek (formerly called “Bro”) and simplify Zeek deployment and management while expanding its performance and capabilities. https://www.corelight.com
- CrowdStrikeBooth:
CrowdStrike sets the standard for cybersecurity in the cloud era. The CrowdStrike Falcon® platform protects and enables the people, processes, and technologies that drive modern enterprise, delivering superior protection, better performance, reduced complexity, and immediate time-to-value. CrowdStrike secures the most critical areas of enterprise risk—endpoints and cloud workloads, identity, and data—to keep organizations ahead of today’s adversaries and stop breaches.
- <CSO CouncilBooth:
The CSO Council is a non-profit corporation that supports a community of CSOs enabling the members to leverage experience and expertise of each other for the more effective and timely protection of their organization’s critical information assets. The CSO Council organizes conferences, panel discussions, webinars and special events to facilitate communications among its members and the information security community.
- CTINBooth:
CTIN has been providing high tech crime fighting training since 1996 in the areas of high-tech security, investigation, and prosecution of high-tech crimes for both private and public sector security and investigative personnel and prosecutors. CTIN sponsors training from experts world-wide for the benefit of private organizations and law enforcement agencies.
- CybereasonBooth:
Cybereason was founded in 2012 by a team of ex-military cybersecurity experts with the mission of detecting and responding to complex cyber-attacks in real time. Cybereason is the only Endpoint Detection and Response platform deployed in user space that detects both known and unknown attacks and connects isolated indicators of compromise to form a complete, contextual attack story. Cybereason’s behavioral analytics engine continuously hunts for adversaries and reveals the timeline, root cause, adversarial activity, related communication and affected endpoints and users of every attack. Cybereason provides security teams with actionable data, enabling fast decision making and proper response.
- CymulateBooth:
Cymulate SaaS-based continuous security validation makes it simple to measure and improve your security posture across the full attack kill-chain. Every assessment is scored and includes actionable remediation guidance to mitigate risk and optimize security control effectiveness. Cymulate enables you to take data-driven decisions and manage your security resources efficiently.
- EntrustBooth:
Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.
- eSentire, IncBooth:
eSentire is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business-disrupting events. Protecting more than $6 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.eSentire.com and follow @eSentire on Twitter.
- ExabeamBooth:
Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations.
- GigamonBooth:
Gigamon offers a deep observability pipeline that harnesses actionable network-level intelligence to amplify the power of observability tools. This powerful combination enables IT organizations to assure security and compliance governance, speed root-cause analysis of performance bottlenecks, and lower operational overhead associated with managing hybrid and multi-cloud IT infrastructures. The result: modern enterprises realize the full transformational promise of the cloud. Gigamon serves more than 4,000 customers worldwide, including over 80 percent of Fortune 100 enterprises, nine of the 10 largest mobile network providers, and hundreds of governments and educational organizations worldwide. To learn more, please visit gigamon.com.
- Global Cyber AllianceBooth:
The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org
- ImpervaBooth:
Imperva is a leading provider of data and application security solutions that protect business-critical information in the cloud and on-premises. Cybercriminals constantly change their tactics. But what they are after, and how they ultimately make money, doesn’t change. They are after data. They make their money through extortion, via DDoS and ransomware, and through theft via data breaches. Today, data and applications are the fundamental assets of any enterprise. Data are the intellectual property and apps are what run the business. Imperva has a singular purpose: protect these critical assets from the ever-changing attacks of the cybercrime industry.
- InfraGard San Francisco Bay Area Member AllianceBooth:
- Washington State InfraGardBooth:
InfraGard is a partnership of individuals representing businesses, academic institutions, state and local law enforcement agencies, and communities who are dedicated to collaborating and sharing information to prevent hostile acts against the United States.
The Evergreen InfraGard Members Alliance area of operation is Washington State and over 600 members. As part of the Western Region, we work closely with the IMAs in Los Angeles, San Diego, Oregon, and Idaho. Our chapter’s mission is, “To protect Washington State’s Infrastructure and critical services by providing a secure platform and trusted community to share experiences and information.”
- ISACA Puget Sound ChapterBooth:
The aim of the Chapter is to sponsor local educational seminars and workshops, conducts regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the area.
The association is one of individual members who are practitioners of information systems auditing, security, risk, and/or governance in his or her organization. The membership of the ISACA reflects a multiplicity of backgrounds and skills that make our profession challenging and dynamic.
This chapter is run by volunteers who are ISACA members nominated and elected through an established process. Please contact us if you are interested in serving on the board.
- ISACA Silicon Valley ChapterBooth:
ISACA-SV is proud to serve our Bay Area constituents. Our mission is to serve those involved with various aspects of information security, assurance, risk management, privacy, audit, and similar topics associated with IT control and governance related activities.
The Silicon Valley Chapter of ISACA® was started in 1982, and has grown to over 800 members. Our members reside throughout the Bay Area centering in the Silicon Valley. We are a very active chapter, and have won multiple awards over the years, including two worldwide awards.
- Institute of Internal Auditors (IIA)Booth:
Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Florida, USA. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Generally, members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.
- ISC2 Silicon ValleyBooth:
- ISSA Puget Sound ChapterBooth:
ISSA is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk and protecting critical information and infrastructure.
The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. Join today.
- ISSA San Francisco Bay AreaBooth:
Whether you are exploring a career in cybersecurity, honing your technical expertise or an established security executive, the ISSA offers you a network of 10,000 colleagues worldwide to support you in managing technology risk and protecting critical information and infrastructure. Enhance your professional stature, expand your peer network and achieve your personal career goals. Your local chapter and ISSA International will provide you with a wealth of resources to keep you current with industry trends and developments in our ever-evolving field.
- ISSA Silicon ValleyBooth:
The Information Systems Security Association (ISSA) is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
Our chapter is comprised of over 250 Silicon Valley Information Security Staff, Consultants, Managers, Executives, and other business professionals. Our members come from Small Businesses and Fortune 100 companies. Our demographics are diverse, yet we share the common thread that we understand the criticality of Information Security as an enabler of today’s key business objectives and the improvements that will come tomorrow.
- IvantiBooth:
Ivanti Supply Chain helps organizations leverage modern technology in the warehouse and across the supply chain to improve delivery without modifying backend systems. The company also unifies IT and Security Operations to better manage and secure the digital workplace. From PCs to mobile devices, VDI and the data center, Ivanti discovers IT assets on-premises and in the cloud, improves IT service delivery, and reduces risk with insights and automation. Ivanti is headquartered in Salt Lake City, Utah and has offices all over the world.
- New Tech SeattleBooth:
Seattle’s largest ongoing monthly event with more than 5,600 members. New Tech Seattle is the place where you’ll always make great connections, enjoy great food and drinks, learn about new companies doing cool things, laugh, smile, and have a fun night out. And most importantly, you’ll discover the people, partners, organizations, and resources to help you to build your dreams.
It’s your community, we just love it and give everyone a place to play together. New Tech Seattle happens on the 2nd or 3rd Tuesday of every month. You can also join us on the 1st or 2nd Tuesday of every month at New Tech Eastside if you spend more time in Kirkland, Bellevue, Redmond, and the surrounding cities.
- Northwest Tech Alliance (NWTA)Booth:
The Northwest Tech Alliance (NWTA) is an independent technology association dedicated to bringing together some of the brightest minds from the technology industry.
NWTA events are focused on helping attendees:
· Network with other technology industry professionals
· Provide education and information relative to the latest technologies and industry trends
· Generate opportunities for personal, professional and business growth
· Promote the Puget Sound area as a desirable place to start and grow successful technology companies
· Learn about local food/chefs, wineries, breweries, and distilleries
· Support local businesses and give back to the community
· Build lifelong relationships - OktaBooth:
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
- OneLoginBooth:
OneLogin manages and secures millions of identities around the globe by bringing speed and integrity to the modern enterprise with an award-winning Identity & Access Management (IAM) solution. Our Trusted Experience Platform secures connections across users, devices, and applications, helping enterprises drive new levels of business integrity, operational velocity, and team efficiency across all their cloud and on-premise applications.
- OneTrustBooth:
OneTrust is the leading and fastest growing privacy management software platform used by hundreds of organizations globally to comply with data privacy regulations across sectors and jurisdictions, including the EU GDPR and Privacy Shield.
- Online Trust Alliance (OTA)Booth:
The Online Trust Alliance (OTA) is a non-profit with the mission to enhance online trust, while promoting innovation and the vitality of the internet. OTA’s goal is to help educate businesses, policy makers and stakeholders while developing and advancing best practices and tools to enhance the protection of users’ security, privacy and identity. OTA supports collaborative public-private partnerships, benchmark reporting, meaningful self-regulation and data stewardship.
- OWASP Bay AreaBooth:
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.
- Palo Alto NetworksBooth:
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world’s greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before.
- Perimeter 81Booth:
Perimeter 81 is an Israeli cloud and network security company that develops secure remote networks, based on the zero trust architecture, for organizations. Its technology replaces legacy security appliances like VPNs and firewalls.
- RedSealBooth:
By focusing on cybersecurity fundamentals, RedSeal helps government agencies and Global 2000 companies measurably reduce their cyber risk. With RedSeal’s cyber terrain analytics platform and professional services, enterprises improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritizes mitigation based on each vulnerability’s associated risk. The company is based in San Jose, Calif.
- ReliaQuestBooth:
ReliaQuest, the force multiplier of security operations, increases visibility, reduces complexity, and manages risk with its cloud native security operations platform, GreyMatter. ReliaQuest’s GreyMatter is built on an open XDR architecture and delivered as a service anywhere in the world, anytime of the day, by bringing together telemetry from tools and applications across cloud, on-premises and hybrid cloud architectures. Hundreds of Fortune 1000 organizations trust ReliaQuest to operationalize security investments, ensuring teams focus on the right problems while closing visibility and capability gaps to proactively manage risk and accelerate initiatives for the business. ReliaQuest is a private company headquartered in Tampa, Fla., with multiple global locations. For more information, visit www.reliaquest.com.
- Secure DiversityBooth:
Seecure Diversity is an innovative non-profit organization with leaders that think out of the box who have created strategies & solutions in placing qualified women and underrepresented humans into cybersecurity roles. We foster gender diversity, equity, and inclusion in the cybersecurity industry through conferences, networking, mentoring, professional development, and community outreach. One of our primary goals is to raise awareness and increase the number of women and underrepresented humans in the cybersecurity workforce. Founded in 2015 by Deidre Diamond; our mission is the equal representation of women and men in the cybersecurity workforce by engaging and collaborating with organizations and businesses to improve the recruitment and retention of women; utilize marketing and social media platforms to raise awareness of women in cybersecurity careers; remove cybersecurity institutional barriers and innovate new strategies to leverage existing resources.
- SonatypeBooth:
Every day, developers rely on millions of third party and open source building blocks – known as components – to build the software that runs our world. Sonatype ensures that only the best components are used throughout the software development lifecycle so that organizations don’t have to make the tradeoff between going fast and being secure. More than 120,000 organizations use Sonatype’s Nexus solutions to support agile, Continuous Delivery, and DevOps practices globally
- SpirionBooth:
Spirion is a leading enterprise data management software solution that provides high-precision searches and automated classification of unstructured and structured data with unparalleled accuracy. Spirion helps businesses reduce their sensitive data footprint and proactively minimize risks, costs and reputational damage of cyberattacks by discovering, classifying, monitoring and protecting sensitive data.
- ThalesBooth:
As the global leader in cloud and data protection, we help the most trusted brands and largest organizations in the world protect their most sensitive data and software, secure the cloud and achieve compliance through our industry-leading data encryption, access management, and software licensing solutions.
- Trend MicroBooth:
Trend Micro, a global leader in cybersecurity, is passionate about making the world safe for exchanging digital information, today and in the future. Artfully applying our XGen™ security strategy, our innovative solutions for consumers, businesses, and governments deliver connected security for data centers, cloud workloads, networks, and endpoints. www.trendmicro.com.
- TripwireBooth:
Tripwire is the trusted leader for establishing a strong cybersecurity foundation. Partnering with Fortune 500 enterprises, industrial organizations and government agencies, Tripwire protects the integrity of mission-critical systems spanning physical, virtual, cloud and DevOps environments. Tripwire’s award-winning portfolio delivers top critical security controls, including asset discovery, secure configuration management, vulnerability management and log management. As the pioneers of file integrity monitoring (FIM), Tripwire’s expertise is built on a 20+ year history of innovation helping organizations discover, minimize and monitor their attack surfaces.
Learn more at https://www.tripwire.com.
- University of WashingtonBooth:
The Office of the Chief Information Security Officer (CISO) promotes a culture of shared responsibility to safeguard personal and institutional data. Services are designed to assist the UW community by monitoring, analyzing, and forecasting threats to information assets, advising on risk management and on contracts related to data security, providing in-person and online education, consulting on incident management, and developing and managing University policies related to information security.
- VenafiBooth:
Venafi is the cybersecurity market leader in machine identity management, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT—at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.
With more than 30 patents, Venafi delivers innovative solutions for the world’s most demanding, security-conscious Global 5000 organizations and government agencies, including the top five U.S. health insurers; the top five U.S. airlines; the top four credit card issuers; three out of the top four accounting and consulting firms; four of the top five U.S. retailers; and the top four banks in each of the following countries: the U.S., the U.K., Australia and South Africa. Venafi is backed by top-tier investors, including TCV, Foundation Capital, Intel Capital, QuestMark Partners, Mercato Partners and NextEquity.
For more information, visit: www.venafi.com.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Jake Bernstein, Esq.Partner - Data Protection, Privacy & Security Group, K&L Gates
Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.
- Jimmy SandersHead of Information Security, Netflix DVD
Jimmy has spent the better part of two decades securing data and systems from cyber threats. In addition to his duties at DVD.com, Jimmy has served as the San Francisco Bay Area chapter president of the Information Systems Security Association (ISSA) since 2014. He is also on the ISSA International Board of Directors. Furthermore, he has been a speaker at BlackHat, SecureWorld, InfoSec World, as well as other notable events. Prior to DVD.com, Jimmy has also held senior security management roles at organizations that include Samsung, Fiserv, and SAP. He is a Cyber Security Committee advisor for Merritt College, Ohlone College as well as on advisory board for other colleges and non-profit movements. Jimmy Sanders maintains the certifications of Certified Information Systems Security Professional (CISSP), Certified in Risk Information and Information Systems Control (CRISC), and Certified Information Systems Manager (CISM). He holds degrees in Psychology and Behavioral Science from San Jose State University.
- Michael ThelanderDirector of Product, Venafi
Michael has a 20-year history in product marketing and product management, with a focus over the last seven years on cybersecurity. He held senior product marketing and product management roles at security leader Tripwire, and has other career highlights that include co-founding a successful startup and receiving patents for network technology. He loves to educate markets, tell stories that demonstrate value, play music, and on occasion fly small airplanes into active volcanoes.
- Milinda Rambel StoneVP & CISO, Provation Medical
Milinda Rambel Stone is an executive security leader with extensive experience building and leading security programs, including Information Security Governance, Vulnerability Management, Incident Investigation & Response, Security Awareness, and Risk Management & Compliance. With significant experience in creating and managing large-scale information security programs in technology, healthcare, and financial services, today Milinda puts this expertise to work as a VP and CISO at Provation Medical.
- Susan HansonVice President, Human Resources, Provation Medical
Susan has over 20 years of healthcare experience in Human Resources and Compliance. Susan joined the Provation team in 2017 and brings her experience of building and growing high-performing teams with a dynamic, results-oriented culture and strong leadership. Susan also has experience in healthcare compliance specifically in HIPAA and HITECH by building a healthcare compliance program in her previous career. Susan has a Bachelor of Science degree in Human Resource Management as well as a Master of Science degree with an emphasis in Leadership, along with an MBA from Capella University in Minneapolis, Minnesota.
- Eric SkinnerVP, Strategy, Trend Micro
Eric Skinner is VP of Market Strategy at Trend Micro, helping shape Trend’s solution offerings, growth plans and go-to-market approach. Previously at Trend Micro, Eric has been responsible for global product marketing. Prior to Trend Micro, Eric held senior management positions in a health care mobile startup and at digital identity solutions provider Entrust (where he was CTO and VP Product Management). Eric’s experience covers advanced threat detection, endpoint and mobile security, detection & response approaches, machine learning as applied to cyber-security, and identity / authentication technologies. Eric is based in Ottawa, Canada.
- Israel BarakCISO, Cybereason
Israel Barak, Chief Information Security Officer at Cybereason, is a cyber defense and warfare expert with a background developing cyber warfare infrastructure and proprietary technologies, including that of proprietary cryptographic solutions, research and analysis of security vulnerabilities. Israel has spent years training new personnel, providing in-depth expertise related to cyber warfare and security, threat actor’s tactics and procedures. As Cybereason’s CISO, Israel is at the forefront of the company’s security innovation, research and analysis of advanced threats.
- Brian RobisonChief Evangelist & Sr. Director, Product Marketing, BlackBerry
Brian Robison is the Senior Director, Product Marketing and Chief Evangelist at BlackBerry (formerly Cylance), where he educates the world that preventing cybersecurity threats is actually possible and a much better approach than detecting and responding after an attack. With over 20 years' of cybersecurity experience, Robison is a regular speaker at industry events such as RSA, Black Hat, and thought leadership forums. Prior to joining BlackBerry, Robison worked to defend organizations from mobile security threats—three years as a director at Citrix XenMobile and two years driving enterprise strategy at Good Technology. Robison also spent over six years at McAfee with a special focus on end-point security leading efforts. During this time, he also managed vulnerability and policy compliance solutions.
- William J. Malik, CISAVP, Infrastructure Strategies, Trend Micro
William Malik helps clients structure their IT environments to minimize the loss, alternation, or inadvertent exposure of sensitive information. His information technology career spans over four decades. Prior to Trend Micro, he worked at Gartner for twelve years where he led the information security strategies service and the application integration and middleware strategies service. Before Gartner, William was CTO of Waveset, an identity management vendor. He also co-authored the Cobit version 3 standard. In addition, he spent 12 years at IBM, where he worked in MVS development, testing, and business planning. William is a Certified Information Systems Auditor (CISA).
- Brad BeutlichVice President, Western and LATAM Sales, Entrust
Brad Beutlich is an information security professional who has worked with numerous U.S. based companies over the past 20 years, providing security solutions ranging from end-point to data security. The last 13 years, he has worked for Entrust providing security solutions that protect customer data, financial transactions, and IoT device manufacturing. Brad holds a B.S. in Electrical Engineering Technology from Bradley University, and is an award-winning writer and speaker on numerous security topics. His passion as a historian is on brass-era (pre 1913) automobiles, of which he owns a 120-year-old car that runs on steam. As an avid skier, he hits the slopes on the weekends when possible. Brad resides with his wife and three children in Southern California.
- Jonathan EchavarriaEnterprise Architect, ReliaQuest
Jonathan Echavarria is an Enterprise Architect at ReliaQuest that has spent his career building and breaking a variety of environments. In his current role, Echavarria leverages this experience to orchestrate business strategy alignment with technological enablement. During his time at ReliaQuest, Jonathan has held various positions with responsibilities ranging from penetration testing, red teaming, security operations enablement, devops, automation, malware analysis, and security architecture. He also previously worked for Facebook as an Offensive Security Engineer, where he conducted a variety of offensive operations targeting the organization. Jonathan is very involved in the cybersecurity community, often speaking at conferences on topics such as cybercrime, state-sponsored operations, and smart home security.
- Lisa TuttleCISO, SPX Corporation
Lisa Tuttle has served as an executive leader of global organizations, managing technology teams with her engaging enthusiasm and unique combination of information security, privacy, legal, compliance, project management and business management expertise. As CISO of SPX Corporation, she provides technology vision and strategic leadership for the company's IT security, directory services, privacy/compliance, project/change management, and contracts/vendor management programs. She excels at partnering with IT and Business teams, mentoring Women in Technology and encouraging STEM education.
- Mike LloydCTO, RedSeal Networks
Dr. Mike Lloyd has more than 25 years of experience in the modeling and control of fast-moving, complex systems. He has been granted 21 patents on security, network assessment, and dynamic network control. Before joining RedSeal, Mike Lloyd was Chief Technology Officer at RouteScience Technologies (acquired by Avaya), where he pioneered self-optimizing networks. Mike served as principal architect at Cisco on the technology used to overlay MPLS VPN services across service provider backbones. He joined Cisco through the acquisition of Netsys Technologies, where he was the senior network modeling engineer.
Dr. Mike Lloyd holds a degree in mathematics from Trinity College, Dublin, Ireland, and a PhD in stochastic epidemic modeling from Heriot-Watt University, Edinburgh, Scotland.
- Eric WolffSr. Product Marketing Manager, Cloud and App-layer Data Protection, Thales Cloud Security
Eric Wolff is a Senior Product Marketing Manager for Thales application-layer data protection and solutions for public cloud security. He has over 20 years’ experience in threat intelligence management, network security, application acceleration, enterprise-class storage area networking, storage virtualization, data-management applications, and storage subsystems.
- Brad BeutlichVice President, Western and LATAM Sales, Entrust
Brad Beutlich is an information security professional who has worked with numerous U.S. based companies over the past 20 years, providing security solutions ranging from end-point to data security. The last 13 years, he has worked for Entrust providing security solutions that protect customer data, financial transactions, and IoT device manufacturing. Brad holds a B.S. in Electrical Engineering Technology from Bradley University, and is an award-winning writer and speaker on numerous security topics. His passion as a historian is on brass-era (pre 1913) automobiles, of which he owns a 120-year-old car that runs on steam. As an avid skier, he hits the slopes on the weekends when possible. Brad resides with his wife and three children in Southern California.
- Jason GeorgiGlobal Field CTO, Prisma Access, Palo Alto Networks
Jason is an accomplished technology executive with over 25 years of experience driving innovation and transformation initiatives across global organizations. Jason collaborates with CIOs, CTOs, and other technology leaders on strategies aimed at enabling business outcomes.
Jason is currently the Global Field Chief Technology Officer for Prisma Access at Palo Alto Networks. Recent previous experience includes; leading Zscaler’s global business consulting practice, and eight years at GE; enabling GE’s cloud journey through delivering network transformation solutions.
- Kevin BocekVP, Security Strategy & Threat Intelligence, Venafi
Kevin Bocek is a leading subject matter expert in machine identity protection. With more than 16 years in the IT security industry, Kevin has been featured in The Wall Street Journal, The New York Times and The Washington Post, among many others. Before joining Venafi in 2012, Kevin spent almost two decades working for several leading IT security companies, including RSA Security, Thales, IronKey, CipherCloud, NCipher, and Xcert.
- Michael Muha, PhD, CISSP, CISM, CIPM, Certified GDPR PractitionerChief Information Security & Privacy Officer, WorkForce Software
Mike drove the global expansion of WorkForce Software’s cloud-based workforce management products from one data center to eight across the US, Europe, Canada, and Australia, and directed all compliance efforts (starting with SAS 70 and moving onto SOC 1, ISAE 3402, SOC 2, ISO 27001 certification, and EU-US Privacy Shield certification). Having led the company’s GDPR journey, he’s currently implementing a “Personal Information Management System” and additional global security controls to protect company and customer data.
- Mark SangsterVice President and Industry Security Strategist, eSentire
Mark Sangster is the author of "NO SAFE HARBOR: The Inside Truth About Cybercrime and How to Protect Your Business." He is an award-winning speaker at international conferences and prestigious stages including the Harvard Law School and RSA Conference, and author on various subjects related to cybersecurity. His thought provoking work and perspective on shifting risk trends has influenced industry thought leader, and is a go-to subject matter expert for leading publications and media outlets including the Wall Street Journal when covering major data breach events.
- Christopher HassDirector of Information Security and Research, Automox
Chris Hass is an extremely driven and proven information security professional with extensive experience in Malware Reverse Engineering, Threat Intelligence, and Offensive Security Operations. In his current role, Chris serves as Director of Information Security and Research at Automox. In addition to being a former cybersecurity analyst for the NSA, he also served as a principal research engineer at LogRhythm and helped fight off malware authors using AI/ML at Cylance. His unique experience makes him adept at understanding today's current threat landscape, and works passionately to secure Automox and its customers from today's cyber attacks.
- David HawkinsDirector, Consulting Engineer, BitSight
David Hawkins has been in the security industry for just over 20 years. His background includes both IT security as well as physical security. David has served as the Technical Vice Chair of the Open Security Exchange, co-authoring the PHISBITs security protocol which was intended to help integrate physical and IT security.
On the Information Security side, David has been part of the engine behind responding to security questionnaires, writing security product and procedural documentation, and speaking on various topics to include identity management, secure file sharing, and advanced threat protection. As a consulting engineer with BitSight, he is focused on helping companies with risk, compliance, technology, and program development. His goal is to promote the continued maturity of the security ratings industry into a discipline that holistically considers information security, data protection, technology, and business risk as a unified concept.
- Sivan TehilaDirector of Solution Architecture, Perimeter 81
Sivan Tehila is the Director of Solution Architecture at Perimeter 81, a leading Secure Access Service Edge (SASE) provider, and a cybersecurity expert with over 14 years of industry experience. Sivan served in the IDF as an Intelligence Officer and then in various field positions, including Information Security Officer, CISO of the Research and Analysis Division, and Head of the Information Security Department of the Intelligence Corps. After being honorably discharged as Captain, Sivan joined the Israeli defense technology company, RAFAEL, as an Information Security Officer and worked as a cybersecurity consultant for the Israel Railways. For the past two years, Sivan has dedicated herself to promoting women in cybersecurity and founded the Cyber Ladies community in NYC. She is also an Adjunct Professor of Cybersecurity at Yeshiva University.
- Jason GeorgiGlobal Field CTO, Prisma Access, Palo Alto Networks
Jason is an accomplished technology executive with over 25 years of experience driving innovation and transformation initiatives across global organizations. Jason collaborates with CIOs, CTOs, and other technology leaders on strategies aimed at enabling business outcomes.
Jason is currently the Global Field Chief Technology Officer for Prisma Access at Palo Alto Networks. Recent previous experience includes; leading Zscaler’s global business consulting practice, and eight years at GE; enabling GE’s cloud journey through delivering network transformation solutions.
- Paul RichExecutive Director, Data Management & Protection, JPMorgan Chase
Paul Rich joined JPMorgan Chase & Co. in 2019 as Executive Director, Data Management & Protection, with the mission of tackling the management of all unstructured data within the company. Paul is passionate about data security, privacy, principle-based design and goal-setting, and has over thirty years of technology experience. During the more than twenty years Paul spent working for Microsoft he was on the team that launched the company’s first iterations of commercial cloud services—what would eventually become Office 365. He oversaw the design and development of key security and compliance features of Office 365 as well as the integration of encryption to the Exchange and SharePoint Online cloud services. Paul has been a regular speaker at Microsoft and industry events on the topics of cloud security, privacy, encryption, trust, and transparency.
- David HawkinsDirector, Consulting Engineer, BitSight
David Hawkins has been in the security industry for just over 20 years. His background includes both IT security as well as physical security. David has served as the Technical Vice Chair of the Open Security Exchange, co-authoring the PHISBITs security protocol which was intended to help integrate physical and IT security.
On the Information Security side, David has been part of the engine behind responding to security questionnaires, writing security product and procedural documentation, and speaking on various topics to include identity management, secure file sharing, and advanced threat protection. As a consulting engineer with BitSight, he is focused on helping companies with risk, compliance, technology, and program development. His goal is to promote the continued maturity of the security ratings industry into a discipline that holistically considers information security, data protection, technology, and business risk as a unified concept.
- Jeremiah SahlbergManaging Director - Federal, Third Party Risk, Tevora
Jeremiah Sahlberg has more than 20 years of security experience. Sahlberg is an executive security consultant and advises clients on establishing security programs and compliance management. He holds CISSP, CISM, PCI QSA and HITRUST certifications.
Previously, Sahlberg held the Senior Director of Protect Operations at NBCUniversal and was the CISO for Tekmark Global Solutions. Sahlberg has presented at Evanta (2019), NCUA-ISAO (2018), NCTA (2017), SINET (2016), New York State Cyber Security Conference (2014 & 2012), and Nevada Digital Government Summit (2010). He guest lectures at NPower and sits on various Boards.
- Michael ThelanderDirector of Product, Venafi
Michael has a 20-year history in product marketing and product management, with a focus over the last seven years on cybersecurity. He held senior product marketing and product management roles at security leader Tripwire, and has other career highlights that include co-founding a successful startup and receiving patents for network technology. He loves to educate markets, tell stories that demonstrate value, play music, and on occasion fly small airplanes into active volcanoes.
- Mike DeNapoliSr. Solution Architect, Cymulate
Mike DeNapoli has spent over two decades working with companies from mom and pop shops to Fortune 100 organizations;advising on issues from Business Continuity Planning, to Cloud Transformation, to Real-World Cybersecurity. He is currently a Senior Solution Architect with Cymulate Breach and Attack Simulation;helping customers and partners know that their security controls are defending the organization, without speculation.
- Chris GoettlSr. Director, Product Management, Ivanti
Chris Goettl is the Director of Product Management for security products at Ivanti. Chris has over 15 years of experience working in IT, where he supports and implements security solutions for Ivanti customers and guides the security strategy and vision for Ivanti security products. He is also a security evangelist speaking at security events globally where he gives guidance around modern cyber threats and how to combat them effectively. Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. You can find contributed articles as well as commentary from Chris in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security, and more.
- Eric BodkinDirector, Endpoint Recovery Services, CrowdStrike
Eric Bodkin leads the delivery of Endpoint Recovery Services for CrowdStrike. Based out of the greater Denver area, Eric leads service engagements focused on the rapid recovery and remediation of endpoints in response to a cyber incident. Eric has more than 15 years of experience in incident response, forensic investigation, cybersecurity operations, endpoint recovery and remediation. Prior to joining CrowdStrike Eric was a Senior Manager for a Big 4 consulting firm and is a military veteran of 9 years.
- Shreyas KumarCISO, Deserve
Chief Information Security Officer Shreyas Kumar has spent more than 18 years in cybersecurity related roles. He most recently built the security program at Fintech startup Deserve, from the ground up. This follows previous roles which included securing Uber's global payments and the operational security and compliance of the Adobe Doc Cloud set of products and services. He is a member of the FBI's InfraGard and a partner of the San Francisco Economic Crimes Task Force (ECTF) run by the United States Secret Service. He is also a visiting Professor of Computer Science at San Jose State University. He holds multiple security certifications, an MS degree in Computer Science from Texas A&M University, and a Bachelor's degree from IIT Roorkee. He has spoken in multiple international conferences and has been an invited speaker at universities.
- Ansh PatnaikChief Product Officer, CyCognito
Ansh Patnaik, Chief Product Officer, has over 20 years of cross functional experience in cybersecurity and data analytics. Most recently, Ansh was Director, Cloud Security Products for Google Cloud Platform, and Chief Product Officer for Chronicle, prior to the acquisition of Chronicle by Google. Previously, he was VP of Product Management at Oracle Cloud where he defined and launched their security analytics cloud service offering. Ansh has held product management, product marketing and sales engineering leadership roles at several market leading software companies including Delphix, ArcSight (acquired by HP), and BindView (acquired by Symantec).
- Ran RosinDirector, Product Management, Imperva
Ran Rosin Joined Imperva two years ago and is currently leading the Cloud Data Security solution. Prior to joining Imperva, Ran founded and lead two start-ups in the area of mobile Application and IoT.
- Sam GillespieOffering Manager, OneTrust DataGovernance, OneTrust
- Brennan O'BrienDirector, Information Security, Risk & Compliance, Columbia Sportswear
Brennan is the head of Information Security for Columbia Sportswear Company and a 20-year veteran of cybersecurity in verticals including apparel, logistics, healthcare, and financial services.
- Rori PerkinsSenior Manager, InfoSec Awareness and Analytics, Columbia Sportswear
Rori is an expert in organizational change management with a focus on security awareness and driving human behavior.
- Chris PittmanSenior Manager, Sales Engineering, BlackBerry
Chris Pittman has worked in enterprise information technology since 1993 and has specialized in cyber security for the last 14 years. He worked in security and controls and incident response for the Ford Motor Company before moving to the security vendor space in 2008. As a sales engineer at BlackBerry Cylance, he provides technical and security guidance to global enterprises interested in implementing AI-based endpoint security solutions. He holds SEC+, CISSP and a Master of Information Assurance in Digital Forensics, which he also teaches at Eastern Michigan University.
- Scott M. GiordanoVP, Corporate Privacy, and General Counsel, Spirion
Scott M. Giordano is an attorney with more than 25 years of legal, technology, and risk management consulting experience. IAPP Fellow, CISSP, CCSP, Scott is also former General Counsel at Spirion LLC, where he specialized in global data protection, tech, compliance, investigations, governance, and risk. Scott is a member of the bar in Washington state, California, and the District of Columbia.
- Mike DeNapoliSr. Solution Architect, Cymulate
Mike DeNapoli has spent over two decades working with companies from mom and pop shops to Fortune 100 organizations;advising on issues from Business Continuity Planning, to Cloud Transformation, to Real-World Cybersecurity. He is currently a Senior Solution Architect with Cymulate Breach and Attack Simulation;helping customers and partners know that their security controls are defending the organization, without speculation.
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
- VJ ViswanathanFounding Partner, CYFORIX (Former CISO & Sr. Executive at Keurig Dr Pepper, Comcast, HD Supply, and GE)
VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.
With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.
VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.
VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes