- Open Sessions
- Conference Pass
- SecureWorld Plus
- VIP / Exclusive
- Thursday, December 8, 20228:30 amExhibitor Hall openRegistration Level:
- Open Sessions
8:30 am - 3:00 pmLocation / Room: Exhibitor FloorYour opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.
9:00 am[Opening Keynote] BEC Attacks, Crypto, and the Investigative Powers of the Secret ServiceFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret ServiceRegistration Level:- Open Sessions
9:00 am - 9:45 am9:45 amNetworking BreakRegistration Level:- Open Sessions
9:45 am - 10:00 amLocation / Room: Exhibitor FloorVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
10:00 amUber CSO Trial & Drizzly Proposed OrderCSO Liability and What Security Professionals Need to Know to Sleep Better at NightMember, Data Privacy & Cybersecurity, Clark Hill LawCo-Chair, Cybersecurity, Data Protection & Privacy Team, Clark Hill LawRegistration Level:- Open Sessions
10:00 am - 10:45 amThe presentation will go behind the headlines to understand the facts of recent CISO indictment and whistleblower complaints, and discuss risks associated with failure to report data incidents or adhere to security standards. We will discuss a model for collaboration between legal and IT, the importance of defined governance structures and infosec policies, and the potential for D&O or other insurance products to protect security professionals, as needed.
10:00 amAddressing Modern-Day Data BreachesField CISO, CohesityRegistration Level:- Open Sessions
10:00 am - 10:45 am10:45 amNetworking BreakRegistration Level:- Open Sessions
10:45 am - 11:00 amVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
11:00 amOnline Consumer Privacy Is Too Complicated for ConsumersBusiness Information Security Officer (BISO), T-Mobile USARegistration Level:- Open Sessions
11:00 am - 11:45 amAre you using basic tools to protect yourself, your company, and your family? The consumer has no idea what personal information they are sharing or how they’re tracked online. Let’s talk about how our industry can address this challenge to protect the consumer from themselves.Presentation Level: GENERAL (InfoSec best practices, trends, solutions, etc.)11:00 amModern Threat Detection, Investigation, and Response with Google Cloud's SecOps SuiteEngineer, Google Cloud SecurityRegistration Level:- Open Sessions
11:00 am - 11:45 amTo stay secure in today’s growing threat landscape, organizations must uncover and remediate cyber threats at unprecedented speed and scale. This demonstration will showcase how Google Cloud’s Chronicle, Siemplify, and VirusTotal products are coming together to provide a holistic approach to modern threat detection, investigation, and response. Join us and discover how to:
- Uncover and analyze new and evolving threats at petabyte scale.
- Decrease alert fatigue and caseload by as much as 80% working threat-centric cases.
- Automate up to 98% of Tier 1 tasks with custom dynamic playbooks.
- Reduce mean time to detection (MTTD) and mean time to response (MTTR) with actionable threat intel and context-driven investigations.
- Hunt for new and advanced threats 90% faster than traditional SOC tools.
11:00 amIncredible Email Hacks You'd Never Expect and How You Can Stop ThemData-Driven Defense Evangelist, KnowBe4Registration Level:- Open Sessions
11:00 am - 11:45 amIf you think the only way your network and devices can be compromised via email is phishing, think again!
A majority of data breaches are caused by attacks on the human layer, but email hacking is much more than phishing and launching malware. From code execution and clickjacking to password theft and rogue forms, cybercriminals have more than enough email-based tricks that mean trouble for your InfoSec team.
In this webinar Roger A. Grimes, KnowBe4’s Data-Driven Defense Evangelist and security expert with over 30-years of experience, explores many ways hackers use social engineering and phishing to trick your users into revealing sensitive data or enabling malicious code to run.
Roger will show you how hackers compromise your network. You’ll also see incredible demos including a (pre-filmed) hacking demo by Kevin Mitnick, the World’s Most Famous Hacker and KnowBe4’s Chief Hacking Officer.
Roger will teach you:
- How remote password hash capture, silent malware launches and rogue rules work
- Why rogue documents, establishing fake relationships and tricking you into compromising your ethics are so effective
- The ins and outs of clickjacking
- Actionable steps on how to defend against them all
Email is still a top attack vector cybercriminals use. Don’t leave your network vulnerable to these attacks.
11:45 amNetworking BreakRegistration Level:- Open Sessions
11:45 am - 12:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
12:00 pm[Closing Keynote] Transforming Information Security for Businesses of All SizesCTO, Center for Internet SecurityRegistration Level:- Open Sessions
12:00 pm - 12:45 pmIn order to combat cyber threats for organizations of all sizes and the supply chain, how information security is delivered and managed requires transformation. The burden of securing systems and networks has long been placed on the end organization, resulting in a distributed management requirement that does not scale. Requirements placed on the end organization exacerbate the burden, whereas “shift left,” setting requirements on the vendor, can alleviate it. Industry has a unique opportunity to aid a positive transformation to better scale security for solutions, with an aim towards improving the overall security posture and reducing the security professional deficit. Innovation to deploy security following scalable architectural patterns for security management is paramount.
12:00 pmWhat Is the State of the Cybersecurity Job and Career Market in the U.S.?Founder and CEO, CyberSN and Secure DiversityRegistration Level:- Open Sessions
12:00 pm - 12:45 pmHave security professionals been impacted by the economic change? Is remote work going to stay? What is hybrid work? Do professionals mostly want remote work or hybrid work? Are there certain security jobs that are growing or retracting? Are we retaining talent longer or shorter than the years before? Are professionals more burnt out or less than before? Are salaries increasing or decreasing? Why is it so hard to job search? Are we less secure with everyone working remote? These questions will be answered in detail. Join Deidre Diamond, Founder and CEO of CyberSN and Founder of SecureDiversity.
12:45 pmNetworking BreakRegistration Level:- Open Sessions
12:45 pm - 1:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
1:00 pmInterview with the CISO: Cyber Insurance StrategiesRegional CISO, MimecastRegistration Level:- Open Sessions
1:00 pm - 1:45 pm1:00 pm1Password Masterclass: Proven Security Tactics vs. Security TheatreSolutions Architect, 1PasswordRegistration Level:- Open Sessions
1:00 pm - 1:45 pmMany password myths and security policies make things less secure for everyone and harder to stay safe online. Learn how to spot and avoid security theatre.
1:00 pm[Panel] Prioritizing the Current ThreatscapeIncident Response & Data Privacy Compliance AttorneyCISO, AutomoxVP, Information Security, AuditBoardRegistration Level:- Open Sessions
1:00 pm - 1:45 pmRansomware, business email compromise, cloud misconfigurations, social engineering, insider threats, third-party coding… the list goes on and on. The threats are everywhere. Some are new, but the old ones work just as well. How do you decide which threats are of the most concern to your organization? Do you report all of these to the Board? How do you provide the resources necessary to minimize the risks and still enable the business? Join our experts as they tackle how to identify and prioritize the current threats.
1:45 pmNetworking BreakRegistration Level:- Open Sessions
1:45 pm - 2:00 pmVisit the Exhibitor Hall to network with attendees and connect with our vendor sponsors and association partners.
2:00 pm[Closing Keynote] Ukraine vs. Russia: The Cyber War, 8 Month UpdateCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLCRegistration Level:- Open Sessions
2:00 pm - 2:45 pmFor a preview of Col. Cedric’s Leighton’s presentation, read the SecureWorld News article, “World’s First Hybrid War in Ukraine Holds Important Cyber Lessons.”
- 1PasswordBooth:
1Password is a privacy-focused password manager that keeps you safe online. 1Password is the world’s most-loved password manager. By combining industry-leading security and award-winning design, the company provides private, secure, and user-friendly password management to businesses and consumers globally. More than 80,000 business customers, including IBM, Slack, PagerDuty, and GitLab, trust 1Password as their enterprise password manager.
- AuditBoard, IncBooth:
AuditBoard is the leading cloud-based platform transforming how enterprises manage risk. Its integrated suite of easy-to-use audit, risk, and compliance solutions streamlines internal audit, SOX compliance, controls management, risk management, and security compliance. AuditBoard’s clients range from prominent pre-IPO to Fortune 50 companies looking to modernize, simplify, and elevate their functions. AuditBoard is the top-rated audit management and GRC software on G2, and was recently ranked for the second year in a row as one of the 100 fastest-growing technology companies in North America by Deloitte.
- Cohesity, IncBooth:
We believe that simplicity is the foundation of modern data management. Our mission is to radically simplify how organizations manage their data and unlock limitless value. The company develops software that allows IT professionals to backup, manage, and gain insights from their data across multiple systems or cloud providers.
- Google CloudBooth:
Google Cloud Security provides organizations with leading infrastructure, platform capabilities and industry solutions to help them solve their most critical business problems. Google Cloud Security helps customers protect their global operations with solutions such as zero trust security, application and data protection, fraud prevention, and threat detection and response.
- KnowBe4Booth:
We are a leader in the Gartner Magic Quadrant and the fastest-growing vendor in this space.
KnowBe4 is the world’s largest security awareness training and simulated phishing platform that helps you manage the ongoing problem of social engineering.
The KnowBe4 platform is user-friendly and intuitive. It was built to scale for busy IT pros that have 16 other fires to put out. Our goal was to design the most powerful, yet easy-to-use platform available.
Customers of all sizes can get the KnowBe4 platform deployed into production twice as fast as our competitors. Our Customer Success team gets you going in no time, without the need for consulting hours.
- MimecastBooth:
Mimecast empowers our customers to help mitigate risk and manage complexities across a threat landscape driven by cyberattacks, human error, and technology fallibility. Our advanced solutions provide the proactive threat detection, brand protection, awareness training, and data retention capabilities that evolving workplaces need today.
- Women in CyberSecurity (WiCyS)Booth:
Women in CyberSecurity (WiCyS) is the premier nonprofit organization with international reach dedicated to bringing together women in cybersecurity. Founded by Dr. Ambareen Siraj from Tennessee Tech University through a National Science Foundation grant in 2013, WiCyS offers opportunities and resources for its members and collaboration benefits for its sponsors and partners. The organization’s founding partners are Cisco, Facebook and Palo Alto Networks. WiCyS’ strategic partners include Amazon Web Services, Bloomberg, Cisco, Equifax, Facebook, Google, HERE Technologies, IBM, Lockheed Martin, Nike, Optum, Palo Alto Networks, PayPal, SANS Institute, Target, and University of California San Diego. To learn more about WiCyS, visit https://www.wicys.org.
- Stephen DoughertyFinancial Fraud Investigator, Global Investigative Operations Center, U.S. Secret Service
Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.
- Myriah V. Jaworski, Esq., CIPP/US, CIPP/EMember, Data Privacy & Cybersecurity, Clark Hill Law
Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.
- Jeffrey R. WellsCo-Chair, Cybersecurity, Data Protection & Privacy Team, Clark Hill Law
Jeffrey R. Wells is the Co-chair of the Cybersecurity, Data Protection & Privacy team, and is a cybersecurity professional responsible for keeping organizations safe and protecting the privacy of employees around the world.
With over 25 years of global experience leading cybersecurity engagement, Jeffrey engages clients by leveraging existing infrastructure and talent, establishing effective cyber resilience strategies and responding to immediate incidents and emerging cyber threats.
Recently, Jeffrey led a Joint Inter-Agency Task Force countering transregional organized cyber-crime and violent extremism while addressing current and emerging risks impacting national security, commerce and critical infrastructure. Jeffrey has advised and consulted with cyber startups as well as venture, private equity and angel investment organizations on cybersecurity-related strategies including cyber-due diligence and the commercialization of cybersecurity technologies and ideas.
Appointed “Cyber Czar” by two Maryland governors, he was responsible for aligning commercial, federal and military cybersecurity initiatives with NIST, NSA, U.S. Cyber Command and other military and government entities. Jeffrey also served as vice-president of the Maryland Cybersecurity Roundtable, was a founding partner of the NIST – National Cybersecurity Center of Excellence and the BENS Cyber & Tech Council.
Prior to joining Clark Hill, Jeffrey founded a White Hat cyber advisory firm, Innovation Intelligence. Jeffrey began his cyber career in the military intelligence community for the United States Department of Defense and intelligence agencies and is a member of Military Cyber Professionals Association. Jeffrey has been a participant in numerous U.S. government-sponsored security advisory and trade missions and has attended the World Economic Forum in Davos, Switzerland, and the Forbes Global CEO Conference.
He is a graduate of Colorado State University and Harvard University’s Kennedy School of Government and has Certificates from the Massachusetts Institute of Technology; Harvard University, London School of Economics, Tel Aviv University, Oxford University, George Washington University School of Business; and KTH Royal Institute of Technology.
- Dale 'Dr. Z' Zabriskie, CISSP CCSKField CISO, Cohesity
Known for his ability to communicate both technically and conceptually in an authoritative yet entertaining style, Dale “Dr. Z” Zabriskie has consulted with IT professionals across the globe, advising on implementing effective cyber security strategies. He is a CISSP (Certified Information Systems Security Professional), and certified in Cloud Security Knowledge (CCSK).
In his 20-year cybersecurity career, Dr. Z has advised major healthcare, public sector, finance, retail, entertainment, and manufacturing organizations in over fifty countries. He has also been a popular moderator and participant in numerous industry panels. His expertise is supported by career experience in information technology, regulatory compliance, research and development, marketing, and sales.
Before joining Cohesity, Dr. Z was an Evangelist with Symantec for over 16 years. Prior companies include Proofpoint, Veritas, SunGard, and IBM.
- Kevin MurphyBusiness Information Security Officer (BISO), T-Mobile USA
Kevin has more than 25 years of experience in threat intelligence and information security. He was the VP of cybersecurity operations and governance at IOActive.com, a retired NSA intelligence officer, the former director of Windows security architecture at Microsoft, and shipped Windows 10 (not by myself). He holds the CISM, CISSP, CGEIT security certifications.
- Severin SimkoEngineer, Google Cloud Security
Severin worked at Siemplify for nearly 3 years, 2.5 years of which were spent at TIP where he was team led for a team that was responsible for all integrations that Siemplify had. Nowadays he is focusing his work on Sales Engineering at Google Cloud Security and has been doing so for nearly half a year. Prior to that, Severin was working for a company in the Czech Republic where he designed, implemented and maintained SOCs mostly for customers from central Europe - banks and insurance companies.
- Roger GrimesData-Driven Defense Evangelist, KnowBe4
Roger Grimes is a 30-year computer security consultant, instructor, holder of dozens of computer certifications and an award-winning author of 10 books and over 1,000 magazine articles on computer security. He has worked at some of the world’s largest computer security companies, including Foundstone, McAfee and Microsoft. Grimes holds a bachelor’s degree from Old Dominion University. He has been the weekly security columnist for InfoWorld and CSO magazines since 2005.
- Kathleen MoriartyCTO, Center for Internet Security
Kathleen Moriarty, Chief Technology Officer, Center for Internet Security, has over two decades of experience. Formerly as the Security Innovations Principal in Dell Technologies Office of the CTO, Kathleen worked on ecosystems, standards, and strategy. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS.
Kathleen achieved over 20 years of experience driving positive outcomes across Information Technology Leadership, IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet.
Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Published work: "Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain," July 2020.
- Deidre DiamondFounder and CEO, CyberSN and Secure Diversity
Deidre Diamond is the founder and CEO of CyberSN, the largest cybersecurity talent acquisition technology and services firm in the U.S., transforming job searching and hiring for the cybersecurity industry. Standardizing all cybersecurity job functions into a common taxonomy of 45 roles, the CyberSN platform allows professionals to make anonymous, public profiles that match with employer-posted job descriptions using the same taxonomy. This innovation is disruptive and solves a serious national security issue. Deidre’s leadership style combines 25 years of experience working in technology and staffing, her love of the cybersecurity community, and a genuine enthusiasm for people. She has led large-scale sales and operations and built high-performance teams at Rapid7 and Motion Recruitment prior to founding her own organizations. She believes a company-culture established on ‘anything is possible’ attitudes and open communication frameworks, along with positive energy, career advancement, and kindness, enables her teams to have fun at work and reach beyond peak performance. She also encourages the use of EQ (Emotional Intelligence) skills: self-awareness, self-regulation, motivation, social skills, and empathy. Deidre has also founded SecureDiversity.org, a non-profit organization working to raise awareness for, and increase the hiring of, women and underrepresented humans in the cybersecurity workforce. She has also spoken at some of the biggest tech summits, conferences, and podcasts in the world including ISC2 Congress, RSA, ISSA International, and Hacker Halted.
- Neil ClausonRegional CISO, Mimecast
Neil has 25+ years of experience building and securing complex IT and Security solutions. He's led Security Operations teams at Mimecast and other enterprises which face a variety of threats and challenges, and has built and enhanced cybersecurity programs to support and achieve business outcomes.
- Adam PikeSolutions Architect, 1Password
Adam Pike is a solutions architect at 1Password (and former 1Password account administrator in a previous life) with two decades of IT experience focused on privacy and security, working at the intersection of people and technology. He spends most of his workdays helping customers integrate 1Password into their tech stack. When he’s not at his desk, you can usually find him enjoying the beauty of Newfoundland on a hiking trail.
- Naimah J. Duporte, Esq.Incident Response & Data Privacy Compliance Attorney
Experienced Data Privacy and Compliance Attorney, with a focus on Incident Response, and data analysis and classification standards. Background in criminal law, European Union law, and international law.
- Jason KiktaCISO, Automox
Jason Kikta is the Chief Information Security Officer at Automox. He previously served for over 20 years in the United States Marine Corps, which included seven years at U.S. Cyber Command designing and managing the national counter-APT and counter-ransomware missions.
- Richard MarcusVP, Information Security, AuditBoard
Richard is the VP of Information Security at AuditBoard, where he leads product, infrastructure, and corporate IT security functions as well as AuditBoard’s own internal risk and compliance initiatives. In this capacity, he has become an AuditBoard product power user, leveraging the platform’s robust feature set to help achieve SOC 2, GDPR, ISO 27001 certification, and many other GRC initiatives. In his spare time, he enjoys exchanging insights with his information security leader peers in the AuditBoard Community and participating in the AuditBoard product development process. Prior to joining AuditBoard, Richard led global GRC at Verizon Media and Security Operations at EdgeCast Networks.
- Col. Cedric LeightonCNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC
Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.
• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes