Presidio presents:

The Red Sky Security Conference 2019

May 21 - 22, 2019
Mountain America Exposition Center

Salt Lake City, UT

There has never been a time where Cybersecurity has had so much to consider; from big data, artificial intelligence, and machine learning to cybercrime, intelligent malware, and global compliance. It’s clear that every IT role is now a security role.

The purpose of the Red Sky Security Conference is to educate, elevate, and influence the discussion and practice of information security in this ever-changing landscape. Expect top security speakers, expert education, peer interactions, and both established and emerging technology demonstrations.

More Details

Why Attend?

Best Practices
Come learn from the experts who are here to share stories and lessons learned. From CISO to CTO to Whitehat Hacker, we've assembled an incredible cross-section of cyber-security talent.
Security Trends
It is an ever growing and changing landscape. Learning the latest threats and trends helps you and your organization be more prepared for them.
 
Top & Emerging Technologies
We have brought together a fantastic collection of established and emerging technology companies - All ready to discuss cutting-edge tools that better secure and protect your company data.
SHOW
YOUR EXPERTISE.
BUILD
YOUR NETWORK.
DISCOVER
THE LATEST TRENDS.
FREE LUNCH & SNACKS
DON'T MISS IT.

Keynote Speakers

Speakers

Expo Sponsors

Experience the Hacker Lounge

Join us at the Hacker Lounge where you can rest, recharge, learn, and have some fun. We will be hosting a number of self-paced workshops to hone an existing skill or maybe learn a new one. Presidio’s security engineers will be on hand for mingling or Q&A. We’ll be having a contest with prizes for the winners (hint – work on your typing skills).

Schedule

  • 21 May
  • 22 May

Location

9575 State St Sandy, UT 84070

Brian Krebs

Leading Cybercrime Journalist & New York Times Bestselling Author of Spam Nation
KrebsOnSecurity.com
When a computer worm - a malicious software program that can spread quickly - locked Brian Krebs out of his home computer in 2001, he felt exposed, vulnerable and utterly fascinated. Since then, Krebs, a seasoned investigative journalist, has dedicated his career to uncovering a particularly dark corner of the Internet and is widely recognized by security experts and criminals alike as the preeminent authority on cybercriminal syndicates and their tools. On his popular security blog, KrebsOnSecurity.com, Krebs exposes information that can’t be found anywhere else, shedding light on the digital underground and dangerous activities of profit-seeking cybercriminals who make billions off of pharmaceutical sales, malware, spam, heists and data breaches, like the ones at Adobe, Target and Neiman Marcus that Krebs was the first to uncover. Previously, as a longtime reporter for The Washington Post, Krebs authored hundreds of stories, including eight front-page reports and more than 1,300 posts for the Security Fix blog. The author of the New York Times bestseller and 2015 PROSE Award winner, Spam Nation: The Inside Story of Organized Cybercrime - from Global Epidemic to Your Front Door, Krebs provides unprecedented access to the well-hidden world that few outsiders have seen up close. Krebs has been featured on leading media outlets, including 60 Minutes, CNN, FOX, ABC News, and in the Wall Street Journal, Forbes and Bloomberg's BusinessWeek. Entrenched in the criminal underbelly of the Internet, with an innate journalistic drive, Krebs delivers fascinating insights into the inner workings of some of the world’s most significant (and dangerous) cybercriminal syndicates, breaking down their operations and mindsets to provide prevention and detection strategies that individuals and organizations can’t afford to miss.

21 May

Kevin Mitnick

World's Most Famous Hacker
Mitnick Security Consulting
Kevin Mitnick is the world's most famous hacker, bestselling author, and the top cybersecurity keynote speaker. Once one of the FBI's Most Wanted because he hacked into 40 major corporations just for the challenge, Kevin is now a trusted security consultant to the Fortune 500 and governments worldwide. Kevin and The Global Ghost Team™ now maintain a 100 percent successful track record of being able to penetrate the security of any system they are paid to hack into using a combination of technical exploits and social engineering. As a one-of-a-kind, public speaker, Kevin's presentations are akin to "technology magic shows", which include live demonstrations of the latest hacking techniques that educate while keeping people on the edge of their seats to help raise "security awareness" of individuals and organizations worldwide.

22 May

Ankur Shah

VP, Product for Public Cloud Security
Palo Alto Networks
Ankur has spent 15+ years bringing innovative security, collaboration and virtualization technologies to market. He is passionate about building products from the ground up into market leaders. He joined Palo Alto Networks through the acquisition of RedLock where he ran product management for securing public clouds. In his current role as a VP of products, he is responsible for driving product strategy, roadmap and execution for public cloud security. In his previous role, he built and led go-to-market efforts for the CASB solution at CipherCloud. Ankur has also held leadership positions at Symantec, Citrix and Cisco. He holds a B.S. in electrical engineering and an MBA from the UCLA Anderson School of Management.

22 May

Arnie Shimo

Sr. Director Global Solution Architectures
Crowdstrike
Arnie has over 25 Years experience in Cyber and Computer Security and is currently the Senior Director for Global Solution Architectures at CrowdStrike. He’s responsible for leading a team of solution architects working to enable CrowdStrike Partners, globally, to deploy and integrate CrowdStrike solutions to protect their customer’s environments. Prior to joining CrowdStrike, Arnie spent 15 Years working in increasingly senior roles in Cyber Security and IT Solution Architecture within Lockheed Martin’s Information Systems and Global Solutions division designing innovative Cyber Security solutions for various government agencies including the FAA, DHS, FBI, and DoD. He was the Chief Technologist at LM’s NexGen Cyber Innovation and Technology Center in Gaithersburg, MD and his last assignment at LM was as CTO and Chief Architect under contract to the Department of Energy and the National Nuclear Security Agency (NNSA) redesigning the IT Architecture for the Y12 National Security Complex in Oak Ridge, TN and the Pantex Plant in Amarillo TX. Arnie began his career in the US Navy and got his first Cyber Security experience as a Terminal Area Security Officer for his command’s computerized maintenance system in 1991. Arnie currently hails from Kingston, TN just outside Knoxville and spends what little free time he has, boating and fishing on the lakes of East TN.

21 May

Bob Bentley

Senior Product Marketing Manager
Duo Security / Cisco
As a Senior Product Marketing Manager at Duo, Bob helps define and deliver Duo's go-to-market strategy. Prior to joining Duo, Bob has more than 15 years of experience guiding products in security, identity and access management with organizations such as NetIQ, Micro Focus, Novell and IBM. He holds a Bachelor's of Science in Electrical and Computer Engineering, and an MBA from Brigham Young University. Outside of work, Bob enjoys fly fishing, camping and hiking.

22 May

Bob Burwell

CTO - State, Local Government and Education
Netapp
Bob Burwell is the Chief Technology Officer for U.S. Public Sector State, Local Government and Education (SLED) at NetApp. His responsibilities include setting future technology and product directions for the U.S. Public Sector group and managing key customer relationships.Bob has been in the storage industry for over 25 years with a focus on State and Local Government, Education and US Federal markets including; Army, Navy, Air Force and Intelligence Agencies. Bob speaks regularly at key Industry and customer events, has written multiple industry papers and sits on key working groups.

21 May

Brad Dispensa

Principal Security Specialist
AWS
Brad is a Principal Security Specialist for Amazon Web Services in worldwide public sector group. Brad works as subject matter expert in the AWS security group and specializes in security and compliance based workloads.

Cameron Williams

Co-Founder & CTO
OverwatchID
For more than 25 years, Cameron Williams has helped enterprise clients like IBM, Wells Fargo, Sony, BP, and dozens others keep their data safe and secure from data breaches, hacks, ransomware, and spear-phishing. As OverWatchID’s CTO, Cam leads all product design and product development, and is responsible for ensuring that that OverWatchID’s cloud-based converged identity security platform is meeting existing and future threats to identity security.

22 May

Carbon Lundgren

Data Center Infrastructure Administrator
Intermountain Healthcare
Carbon Lundgren, CISA, brings a unique perspective to securing IT assets that carry your data. With a background of 50 years in physical security, his career has now taken him to the position of lead security specialist for a world-renowned health care company with over 600 areas to secure. Carbon has been heard to say, “I have a criminal mind”. Using the criminal mindset, Carbon has developed a best practices protocol that is becoming widely accepted by industry and governments. Some of the skills Carbon has learned is lock picking, and that of a professional safe-cracker. These skills directly relate to establishing physical barriers that will prevent hackers and terrorists from beginning their attacks inside the firewall. Carbon’s knowledge directly relates to several areas of COBIT and NIST. Chiefly, Appendix A: Mapping Pain Points to COBIT Processes and NIST Table D-1: Mapping Access Control Requirements to Security Controls.

22 May

Chris Roberts

Chief Security Strategist
Attivo Networks
Chris is currently the Chief Security Strategist for Attivo Networks, and is working on a number of projects within the deception and services space. Over the years, he's founded or worked with a number of companies specializing in DarkNet research, intelligence gathering, cryptography, deception technologies, and providers of security services and threat intelligence. Since the late 90’s Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against cyber attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. (Before that he managed to get various computers confiscated by a number of European entities.) Roberts is considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. Roberts has led or been involved in information security assessments and engagements for the better part of 20 years, and has a wealth of experience with regulations such as GLBA, HIPAA, HITECH, FISMA, and NERC/FERC. He has also worked with government, state and federal authorities on standards such as CMS, ISO, and NIST.

21 May

22 May

Chris Tsilipounidakis

Enterprise Sales Engineer
Zerto
Chris has been instrumental in the success of some of the industry’s most key companies over the past 15 years in IT. Chris’ background includes Sun Microsystems, EMC, Dell/Compellent and Tegile. He’s held various roles in technical marketing, sales engineering, product marketing and evangelism. At Zerto, Chris’ primary focus is to provide technical pre-sales to global enterprise accounts. Chris received his BS in Management Information Systems (MIS) at San Jose State University.

22 May

Cody Cornell

CEO & Co-Founder
Swimlane
As Swimlane’s Cofounder and CEO, Cody is responsible for the overall strategic direction of Swimlane and their Security Automation and Orchestration platform. As an advocate for the open exchange of security information and deep technology integration, he constantly strives to enable organizations to maximize the value of their investments in security technology and staff. Cody began his career in the U.S. Coast Guard and has spent 15 years in IT and security including roles with the U.S. Defense Information Systems Agency, the Department of Homeland Security (DHS), American Express and IBM Global Business Services. He has also had the pleasure of presenting at information security at forums such as the U.S. Secret Service Electronic Crimes Task Force, the DHS Security Subcommittee on Privacy, and National Public Radio.

21 May

Craig Sanderson

VP Product Management
Infoblox
Craig Sanderson is the Vice President of Product Management for Infoblox. Craig has been in the security industry for 19 years in variety of roles including: Technical Consultant, Solution Architect, Product Manager, and Business Development Manager. Having worked on a range of security technologies, Craig is now focused on developing solutions that prevent the abuse of DNS and enabling customers to leverage their network infrastructure to better secure their data, assets, and people.

21 May

Dimitri Capetz

Senior Systems Engineer
Arista
Dimitri Capetz has been in the network engineering field for 10 years. He started in a network operations role as has worked his way up through campus, data center and core networking over his career. He's had a somewhat unorthodox career path, having no formal background in Information Technology. He obtained an Associates Degree in the field of Audio Production and Engineering. Since there were no openings for Rockstars, he found himself starting a job in IT consulting and hasn't looked back since. With no formal training to fall back on, Dimitri has always tried to stay on top of changing landscapes in IT infrastructure and networking and loves to expand horizons into adjacent fields, such as public and private cloud infrastructure and network automation. He still plays guitar and goes to concerts in his spare time, thereby keeping the dream of becoming a rockstar somehow alive. In addition, he spends most of his time hanging out with his wife and playing video games with his two kids.

21 May

Eileen Thomas

Transformation Consultant
Presidio
Technology is not what's failing us; it’s the oversight of people, process and planning that inhibits the adoption of technology. I'm passionate about technology and am intrinsically motivated to help people while striving to increase the adoption of technology.
Over the last 15 years I have designed, implemented and supported unique IT environments with a vast array of multi-vendor solutions. I strive to completely understand my customers' business challenges and how those challenges relate back to IT. Emphasis on helping organizations build business requirements allows us to design solutions that can transform the way our customers have traditionally done IT in the past.

21 May

Frank Lento

Global Director; Cyber-Security
Cisco / Duo
Frank is presently a Director in Cisco’s Global Cyber-Security Sales Organization. He leads Sales, Cloud Security, Operations, Strategy and Planning for the $2B+ Global Security Partner/Channel organization. Prior to his present role Frank spent three years in Cisco’s Global Enterprise Theater responsible for the $1.4B Global Partner & Channel Organization, Software sales and the Virtual and Inbound Sales teams, globally. Frank created and grew the Theater’s Partner Organization resulted in 80% growth. Frank was the Global Client Director for the Citi account from 2007 to 2013. Key responsibilities were to develop a strong relationship with the Citi executive team, drive innovative solutions and global account expansion. Frank joined Cisco in 1999 and led the NY Financial, Healthcare and Insurance teams. Prior to joining Cisco, Frank spent ten years with Verizon in sales and operations management as a Verizon Sales Director and a Senior Operations Manager and ten years at Grumman Aerospace as a Mechanical Engineer in Aeronautical Advanced Design. Frank holds an Executive Masters of Business Administration degree from C.W. Post College and a Bachelor of Humanities Degree from the New York Institute of Technology.

21 May

Jay Chintaram

Senior Manager
Deloitte & Touche
Jay Chintaram is a Senior Manager in the Cyber Risk Services practice of Deloitte & Touche LLP, bringing over 15 years of experience in cyber security and privacy processes and methodologies. Over the course of his career he has directly led and performed numerous client consultations on cloud migration and technology transformation initiatives. Jay has a strong background in planning, implementation, organizational design and management of cyber operations. His focus lies in strategic cloud security, digital identity and access management, data protection and IT risk and privacy compliance. Jay has been applying evolving technologies, techniques, and frameworks to create and deliver innovative solutions for his clients.

22 May

Jeff Reed

Senior Vice President of Product, Security Business
Cisco / Duo
Jeff Reed is Senior Vice President of Product for Cisco’s Security Business. In this role he oversees product management, customer success, and technical marketing for the industry’s leading security portfolio. Previously, Reed was SVP of Cisco’s Enterprise Infrastructure and Solutions Group (EISG), encompassing a $16B networking product portfolio, where his focus was on delivering Cisco’s Digital Network Architecture (DNA). Prior to that, Reed had responsibility for the company’s SDN solutions and architectures for enterprise customers. Additionally he was General Manager for Cisco’s largest switching business unit, the Unified Access Group. Prior to joining Cisco, Reed held a number of senior positions in large-scale enterprise software businesses, covering storage product development, alliances, and business development. He also served as president and cofounder of an e-commerce start-up venture. Reed holds a Bachelor of Science degree in industrial engineering (with distinction) and a master’s degree in business administration, both from Stanford University.

21 May

Jim Packer

Specialist Master
Deloitte & Touche
Jim is a Specialist Master in Deloitte & Touche’ LLP’s Privacy and Data Protection practice with over 15 years of hands-on client facing experience within multinational / cross-border Fortune 500 organizations across the globe. He has a track record of helping clients design, build and implement global privacy programs and support initiatives related to various domestic and foreign privacy and data protection regulation (e.g., Global Data Protection Regulation [GDPR], California Consumer Privacy Act [CCPA], New York State Department of Financial Services [NY-DFS 500], Health Information Portability and Accountability Act [HIPAA]). Jim has a track record of assisting clients navigate the intersection of technology, business (MBA), and regulatory requirements (JD) of global organizations; while assessing readiness, designing, building, remediating, operationalizing and drafting global privacy policies, procedures and programs which limit risk, provide a long-term roadmap, and promote compliance (CIPP). Over the past two years, Jim has been involved in managing and / or assisting 16 engagements as a Privacy Manager / Specialist Master for various clients, including: a leading consumer business products and services organization with a presence in over 100 countries, a top 5 global pharmaceutical organization with a presence in over 47 countries and a major financial products and services institution with a presence in over 210 countries. In his various roles, Jim was responsible for overseeing the transformation of privacy and security programs within several business functions, and provided day-to-day support to Global Privacy Officers, Data Protection Officers, corporate executives, in-house counsel, and staff.

22 May

Joel Ebrahimi

Senior Security Specialist
Splunk
Joel Ebrahimi has over 20 years’ experience working in cyber security. In his career has worked in several different areas including security research, programming security systems, and integrating technologies. In his current role at Spunk Joel is a Security Specialist, using all the skills he has learned over his career to help Splunk drive its vision of being the leading security nerve system in the market.

21 May

Jonathan Nguyen-Duy

Vice President, Strategy & Analytics
Fortinet
Jonathan Nguyen-Duy leads Strategy and Analytics Programs at Fortinet where he focuses on emerging technologies and partnerships. With extensive experience working with global enterprises and nation-states, Jonathan is responsible for developing innovative security solutions addressing the challenges of digital transformation – from the IoT edge to the cloud. Prior to joining Fortinet, Jonathan served as the Security CTO at Verizon Enterprise Solutions where he was responsible for strategic technology partnerships, the Verizon Cyber Intelligence Center, and the data science team that produces the annual Verizon Data Breach Investigations Report. Before that role, he led the Security Services line-of-business and was responsible for data analytics and solutions supporting military-grade continuous diagnostics and mitigation. Jonathan also led the development of Verizon’s hosting services and business continuity practice. His research experience spans more than 10,000 data breach investigations and dozens of published reports. Before Verizon, Jonathan served with the U.S. Foreign Service in Central America working on economic development and disarmament initiatives. He has more than 20 years of cybersecurity and BCDR/COOP experience – working through many business challenges including armed conflict, civil strife, labor strikes, natural disasters, terrorist attacks, network outages and a wide range of cyber attacks. Jonathan is a widely published security expert and frequent speaker at industry conferences. He holds a BA in International Economics, as well as an MBA in IT Marketing and International Business from the George Washington University. Specialties: Cybersecurity, SIEM, Data Analytics, Artificial Intelligence, Machine Learning, Continuous Monitoring, Physical Security, Business Continuity/COOP, Managed Services, Risk Management and Digital Transformation.

21 May

22 May

Jon Calalang

Sr Specialist Sales Engineer - ADC/Automation
F5
Jon Calalang is a Sr Specialist Systems Engineer with F5 Networks. He's been a speaker at Microsoft Technology Expo, F5 Agility, Red Sky Security Summit, Utilities Technology Council, and ISSA Conferences; he is also a content creator and contributor to the F5 Super-NetOps program. Presentations and content from Jon focus on perspective learning, covering relevant topics like DevOps, Security, and Efficiencies, learned from examples and stories. Follow Jon on his travels through Cloud and Security and all his enjoyments on LinkedIn and Twitter (@jmcalalang).

21 May

Jon Greene

VP and Chief Technologist for Security
Aruba
Jon Green is VP and Chief Technologist for Security at Aruba, a Hewlett Packard Enterprise Company. He is responsible for providing technology guidance and leadership for all security solutions including authentication and network access control, UEBA, encryption, firewall, and VPN. He also manages Aruba’s Product Security Incident Response Team (PSIRT) and Aruba Threat Labs, an internal security research group. Jon joined Aruba in 2003 and helped it grow from a small startup to today’s position as a leading provider of network mobility solutions. Prior to Aruba, Jon held product management, marketing, and sales positions with Foundry Networks, Atrica, Nortel Networks, and Bay Networks. Jon holds a B.S. in Information Security from Western Governor’s University and a M.S. in Computer Science/Information Security from James Madison University. When not playing with technology, he enjoys flying airplanes, learning to play the banjo, and cooking competition barbecue.

21 May

22 May

Joseph Carson

Cybercecurity Professional
Thycotic
Joseph Carson is a cyber security professional and ethical hacker with more than 25 years’ experience in enterprise security specializing in blockchain, endpoint security, network security, application security & virtualization, access controls, and privileged account management. Joseph is a Certified Information Systems Security Professional (CISSP), active member of the cyber security community frequently speaking at cyber security conferences globally, often being quoted and contributing to global cyber security publications. He is a cyber security advisor to several governments, critical infrastructure, financial, transportation, and maritime industries. Joseph is regularly sharing his knowledge and experience giving workshops on vulnerabilities assessments, patch management best practices, the evolving cyber security perimeter, and the EU General Data Protection Regulation. Joseph serves as Chief Security Scientist at Thycotic and author of Privileged Account Management for Dummies and Least Privilege for Dummies.

21 May

22 May

Lorin Ball

Director of Information Security
Young Living Essential Oils
Lorin has worked in technology going on 20 years. Most of this time has been spent building information security programs from the ground up for medium-large enterprises. Lorin started his career as a very average systems/network engineer. As an attempt to kick start the next-level of his career, he got a Computer Science degree only to realize he was a terrible software developer. Having a mile-wide and an inch deep exposure to many areas of IT has helped Lorin see the big picture when it comes to the InfoSec world. Lorin has a passion for helping businesses become more security aware and constantly finding ways to improve.

21 May

Matt Christensen

Director, Cybersecurity
Intermountain Healthcare
Matt Christensen is a Cybersecurity and Risk Thought Leader, Listener and Problem Solver. He has provided risk-based cybersecurity consulting services, program implementation, and program management for over 10 years. He traveled internationally for one of the world's largest private sector employers as the lead Cybersecurity Fraud Examiner performing security risk assessments and fraud investigations for several Fortune clients. Industry experience includes Healthcare, Insurance, Business Process Outsourcing (BPO), and Non-Profit. He has owned and operated several businesses and is passionate about bridging the Technological gap with the Business and the Business gap with Technologists. Matt received his Bachelor and Master degrees in Information Systems from the University of Utah and currently holds the following designations: CISSP – Certified Information Systems Security Professional | ISC2; ITPM – Insider Threat Program Manager | SEI - Carnegie Mellon; CRISC – Certified in Risk and Information Systems Control | ISACA; SANS GSLC – GIAC Security Leadership Essentials | SANS Institute; SANS GSEC – GIAC Security Essentials | SANS Institute; CFE – Certified Fraud Examiner | Association CFE; CCSK – Certificate of Cloud Security Knowledge | Cloud Security Alliance; ITIL v3 – Information Technology Infrastructure Library | EXIN. When not fighting cyber criminals, Matt is found spending time outdoors with his family, trail running, doing photography, traveling, consulting with small business start-up’s, and eating diverse food.

21 May

Mike Carney

Threat Intelligence Consultant
Recorded Future
Mike Carney joined Recorded Future as a Threat Intelligence Consultant in April 2018 after 26 years of service as a Criminal Investigator with the U.S. Department of Justice and U.S. Department of Homeland Security. Mike spent the last 12 years of his career as the Deputy Special Agent in Charge of the Homeland Security Investigations office in San Diego, California where he supervised numerous complex investigations of transnational criminal enterprises. As the Deputy Special Agent in Charge, Mike also successfully led an initiative to recruit, train and equip a specialized unit to investigate threat actors, conduct incident response/threat hunting and share intelligence within the critical infrastructure sector. As a Threat Intelligence Consultant with Recorded Future, Mike assists Fortune 500 companies address critical intelligence gaps to better conduct active defense and reduce risk to company infrastructure and brand.

21 May

22 May

Nate Chessin

Senior Director, Americas Sales Engineering
Proofpoint
Nate is an 18 year technology and sales professional with extensive leadership and technical sales experience. As Senior Director, Americas Sales Engineering at Proofpoint, he is providing the most effective security and compliance solutions to respond to cyber attacks in every channel including email, the web, the cloud, and social media. Prior to Proofpoint, Nate held various leaderships positions at Cisco Systems and Glue Networks delivering Software Defined Networking, Collaboration, Security, Mobility and Service Provider architectures. Nate holds a BA in Computer Science from Pomona College in Southern California and is CCIE #12034.

22 May

Nicholas Serrecchia

National Solutions Architect
Veeam
Nicholas Serrecchia is a National Solutions Architect for North America that specializes in Azure and AWS. He has been with Veeam Software for over 3 years and loves sharing information and how to provision cloud resources in a secure and cost-effective manner.

22 May

Oliver Schuermann

Sr. Director, Product Marketing
Juniper Networks
Oliver is a recognized technology leader who has a unique background in software and networking. Working with a wide variety of customers over his 25-year career, he has held positions in software integration, systems engineering, and technical leadership in both the Enterprise, as well as in the Service Provider space. Oliver has the ability to identify as well as deliver scalable solutions to meet customers’ technical and business needs.

Throughout Oliver's career, the underlying theme has been Automation. Starting early in his career in the service provider space, Oliver developed monitoring systems to ensure uptime and customer satisfaction. During his time at Juniper this moved on to expertise in automated deployment systems such as zero-touch and phone-home for multi-branch enterprises such as retail and evolving, to current times of Event Driven systems and Software Defined Networking.

Oliver Schuermann is a 15-year veteran of Juniper Networks joining as a security engineer via the NetScreen acquisition in 2004. Since then he has held multiple technical leadership positions within the company. Currently, Oliver is the Sr. Director for the Enterprise Marketing team focused on security.

21 May

Phillip Maddux

Trusted AppSec Advisor and Senior Solutions Engineer
SignalSciences
Phillip Maddux is a Trusted AppSec Advisor and Senior Solutions Engineer at Signal Sciences. He has over 10 years of experience in information security, with the majority of that time focused on application security in the financial services sector. In his spare moments he enjoys converting ideas to code and committing them to Github.

22 May

Preston Hogue

Sr Director, Security Marketing
F5
Preston Hogue (@prestonhogue) is the Sr. Director of Security Marketing at F5 Networks and serves as a worldwide security evangelist for the company. Previously, he was a Security Product Manager at F5, specializing in network security Governance, Risk, and Compliance (GRC). He joined F5 in 2010 as a Security Architect and was responsible for the initial design of F5’s current Information Security Management System (ISMS). Preston has a proven track record building out Information Security Management Systems with Security Service Oriented Architectures (SSOA) and enabling enhanced integration, automation, and simplified management for Application Security architectures. Before joining F5, he was Director of information Security at social media provider Demand Media where he built out the information security team and the company’s ISMS, which included PCI, SOX, OFAC, DDoS, and DMCA programs. Preston’s career began 24 years ago when he served as a security analyst performing operational security (OPSEC) audits for the U.S. Air Force. He currently holds CISSP, CISA, CISM, and CRISC security and professional certifications.

22 May

Rich Bakos

Director of Solutions Engineering
LogRhythm

21 May

Rich Spilde

Technology Transactions and Data Security Attorney
Holland & Hart

21 May

Romaine Marshall

Cybersecurity and Privacy Attorney
Stoel Rives LLP
Romaine Marshall helps clients protect their data, businesses, and reputations from cybersecurity and privacy incidents.
As a cybersecurity and privacy lawyer, he works with clients to properly secure and use electronic data, develop industry-specific cybersecurity programs, conduct risk assessments and internal privacy audits, and respond to regulatory investigations.
He has represented clients in more than 100 incidents involving data breaches, malware attacks, security misconfigurations, wire fraud, software vulnerabilities, social engineering, and other exploits.
Romaine is also an experienced business litigation and trial lawyer. Within the last two years, in addition to successfully defending clients against alleged violations of cybersecurity and privacy standards, he obtained successful outcomes in three jury trials that included claims for breach of contract, trade secret misappropriation, negligence, and fraud.
Romaine frequently presents and publishes on the business continuity and reputational impacts of cybersecurity incidents, and the legal and regulatory standards that govern. He has also directed workshops and initiatives analyzing the implications of emerging technologies such as blockchain, cryptocurrency, artificial intelligence, the Internet of Things, drones, and self-driving cars, and their intersection with cybersecurity, privacy, and other business laws.
Before joining Stoel Rives, Romaine was a partner at Holland & Hart LLP, an associate at Kirton McConkie PC, and a law clerk for Judge J. Thomas Greene of the U.S. District Court for the District of Utah.

21 May

Ryan Pinga

VP of Cyber Security Solutions
Presidio
Technology is not what's failing us; it’s the oversight of people, process and planning that inhibits the adoption of technology. I'm passionate about technology and am intrinsically motivated to help people while striving to increase the adoption of technology. Over the last 15 years I have designed, implemented and supported unique IT environments with a vast array of multi-vendor solutions. I strive to completely understand my customers' business challenges and how those challenges relate back to IT. Emphasis on helping organizations build business requirements allows us to design solutions that can transform the way our customers have traditionally done IT in the past.

21 May

Sam Masiello

CISO
Gates Corporation
Sam Masiello has been working with email, messaging, and fighting internet pollution for over 25 years. Mr. Masiello currently serves as the CISO at Gates Corporation where he is responsible for the company's data security, risk, and global compliance initiatives. Prior to Gates, he served as the CISO at TeleTech where he oversaw the protection of employee, consumer, and customer data for all of the organization's clients, which includes many Fortune 500 companies. Sam has also been the Chief Security Officer, head of Application Security, and head of Security research at companies such as Groupon, Return Path, and McAfee. He currently serves as Director-at-Large of The Coalition Against Unsolicited Commercial Email (CAUCE), National Advisory Board Member for SecureWorld, and is an Executive Board Member of Colorado Cyber. He has previously served as a member of the Board of Directors for the Messaging, Malware, and Mobile Anti-Abuse Working Group (M3AAWG), the Steering Committee of the Online Trust Alliance (OTA) and a member of the Anti-Phishing Working Group (APWG)

21 May

Tim Woods

VP of Technology Alliances
Firemon
Tim Woods brings more than 20 years of security experience to his role as VP of Technology Alliances at FireMon. His global engagements have given him great insights across virtually every market sector and enterprises of all sizes. Tim believes his most important task is education and raising awareness to build strong organizational security postures. According to Tim, “fighting complacency in security should be everyoneʼs top priority if we are to win the war on cybercrime and itʼs very gratifying to work somewhere you know is making an impact.” Timʼs passion for security grew quickly during his eight years serving the Naval Intelligence Community and continued to advance as he assumed strategic roles at several successful security startups through his nearly 12-year tenure at FireMon.

22 May

Tommy Hui

Sr. Director of Solutions Engineers
SentinelOne
Tommy Hui serves as a Sr. Director of Solutions Engineers for SentinelOne where he is responsible for managing technical sales activities for the western half of the US. Previously, Tommy was the Director of Sales Engineering for Fidelis, also overseeing activities for the Western US and supporting cross functional activities related to product management and development. Prior to Fidelis, he worked as a civil service employee for the Federal Government supporting the United States Air Force Cyber Weapon System Programs as a Lead Defensive Cyber Systems Engineer. Tommy is also a Certified Information Systems Security Professional (CISSP).

22 May

TT

Tyler Theys

VP of Security Consulting
Presidio
As the Vice President of Security Services at Presidio, Tyler is responsible for the Information Security consulting services direction. Tyler has been in the Information Security industry for over 20 year and has spent over 15 years in the Security Solutions Provider space. As part of the early Accuvant team, Tyler helped pioneer the information security consulting industry. Recently, Tyler has been involved as the development owner of Presidio's Threat and Vulnerability Management program and tools to provide control mapping adherence to CSC 1, 2 and 4, to help organizations create a firm foundation and good security hygiene.

21 May

22 May

Zach Forsyth

Security Architect
Juniper Networks
Zach Forsyth is a security specialist with over twenty years of experience and thrives on solving complex security problems. His primary love is cyber security and advanced malware prevention; but he fully understands in order to be successful at securing an organization, you must have a detailed understanding of firewalls, networking, malware delivery and weaponization, intrusions, exploits, social engineering and related fields.

Zach has appeared on the AT&T ThreatTraq show, and as a speaker and panelist at leading security conferences such as RSA, Interop, Blackhat, and Secureworld. In addition, he has been published by CNN, DarkReading, Defend Magazine, SC Magazine, CSO Online, Technewsworld and Infosecurity Magazine.

22 May

Presidio

Host
Presidio is a leading North American IT solutions provider focused on Digital Infrastructure, Business Analytics, Cloud, Security & Emerging solutions. We deliver this technology expertise through a full life cycle model of professional, managed, and support services including strategy, consulting, implementation and design. By taking the time to deeply understand how our clients define success, we help them harness technology advances, simplify IT complexity and optimize their environments today while enabling future applications, user experiences, and revenue models.

Amazon Web Services

Diamond Sponsor
Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow. Explore how millions of customers are currently leveraging AWS cloud products and solutions to build sophisticated applications with increased flexibility, scalability and reliability.

Palo Alto Networks

Diamond Sponsor
Palo Alto Networks offers the world’s most innovative and effective, complete Next-Generation Security Platform that protects our way of life in the digital age by preventing successful cyberattacks.

Aruba Networks

Platinum Sponsor
Aruba securely delivers the enterprise network to users, wherever they work or roam, with unified mobility networks that significantly expand the reach of traditional port-centric networks. Unified mobility networks integrate adaptive WLANs, identity-based security, and application continuity services into a cohesive, high-performance system that can be easily deployed as an overlay on top of existing network infrastructure. Adaptive WLANs deliver high-performance, follow-me connectivity so users are always within reach of mission-critical information. Identity-based security associates access policies with users, not ports, to enable follow-me security that is enforced regardless of access method or location. Application continuity services enable follow-me applications that can be seamlessly accessed across WLAN and cellular networks. The cost, convenience, and security benefits of unified mobility networks are fundamentally changing how and where we work. Listed on the NASDAQ and Russell 2000 Index, Aruba is based in Sunnyvale, California, and has operations throughout the Americas, Europe, Middle East, and Asia Pacific regions.

LogRhythm

Platinum Sponsor

Juniper Networks

Gold Sponsor
Juniper Networks is a news network that designs, develops, and sells products and services, which together provide its customers with network infrastructure. Its aim is to create innovative products and solutions that meet the growing demands of the connected world. The company has 9,000 employees in 70 countries and nearly 5 billion U.S. dollars in revenue. Its customers include the top 100 global service providers and 30,000 enterprises, including the Global Fortune 100 as well as hundreds of federal, state, and local government agencies and higher educational organizations.

F5

Gold Sponsor
F5 Networks delivers solutions that make applications fast, secure, and available.
F5 Networks delivers unified application delivery through its application delivery network. Its core product, BIG-IP, is a modularized application delivery controller offering load balancing, high-availability, application acceleration, application and network security, WAN optimization, and remote access solutions for enterprises and service providers.
Unique to F5 is its extensible application delivery platform, iRules, which allows application and security architects the ability to offload and implement commodity features and proactively deploy security and application related functionality that improves application deployments without requiring changes to those applications.

Cisco / Duo

Gold Sponsor

Attivo

Silver Sponsor
Attivo Networks® is the leader in deception for cyber security defense. Founded in 2011, Attivo Networks provides a comprehensive deception platform that in real-time detects inside-the-network intrusions in networks, public and private data centers, and specialized environments such as Industrial Control System (ICS) SCADA, Internet of Things (IoT), and Point of Sale (POS) environments.

Fortinet

Silver Sponsor

Recorded Future

Silver Sponsor

Thycotic

Silver Sponsor

Arista

Bronze Sponsor

Crowdstrike

Bronze Sponsor

Firemon

Bronze Sponsor

Infoblox

Bronze Sponsor

Netapp

Bronze Sponsor

OverWatchID

Bronze Sponsor

Proofpoint

Bronze Sponsor

SentinelOne

Bronze Sponsor
SentinelOne is shaping the future of endpoint security with a uniquely integrated platform that combines behavioral-based detection, advanced mitigation, and forensics to stop threats in real-time. Specializing in attacks that utilize sophisticated evasion techniques, SentinelOne is the only vendor who offers complete protection against malware, exploit and insider-based attacks. This led Gartner to recognize SentinelOne as a Visionary in their recent Endpoint Protection Magic Quadrant.

Splunk

Bronze Sponsor

Swimlane

Bronze Sponsor

Veeam

Bronze Sponsor
As the leader in Availability across multi-cloud environments, Veeam® is uniquely positioned to help customers along their journey to Intelligent Data Management.

Zerto

Bronze Sponsor

A10

Expo Sponsor
A10 Networks provides appliances for accelerating web application delivery, bandwidth management and network identity issues

Agari

Expo Sponsor

APC

Expo Sponsor

Apcon

Expo Sponsor

AppViewX

Expo Sponsor

Armis

Expo Sponsor

BeyondTrust

Expo Sponsor
BeyondTrust is a global cyber security company dedicated to proactively eliminating data breaches from insider privilege abuse and external hacking attacks. Corporate and government organizations rely on BeyondTrust solutions to shrink attack surfaces and identify imminent threats. The company’s integrated risk intelligence platform presents a unique competitive advantage in its ability to reveal critical risks hidden within volumes of user and system data. This unifies IT and security departments, empowering them with the information and control they need to jointly prevent breaches, maintain compliance, and ensure business continuity. BeyondTrust’s privileged account management and vulnerability management solutions are trusted by over 4,000 customers worldwide, including over half of the Fortune 100.

Carbon Black

Expo Sponsor

Carbonite

Expo Sponsor

Checkpoint

Expo Sponsor

Citrix

Expo Sponsor

Contrast Security

Expo Sponsor

Darktrace

Expo Sponsor

Databank

Expo Sponsor

Exabeam

Expo Sponsor

ExtraHop

Expo Sponsor
ExtraHop provides real-time operational intelligence for complex, dynamic production environments. The world’s best-run IT organizations use ExtraHop to manage more than a quarter-million devices and monitor billions of transactions daily. Unlike legacy monitoring tools that provide narrow views into technology silos, the ExtraHop system equips all IT groups with real-time visibility across the entire application delivery chain comprising the network, web, VDI, API and middleware, database, and storage tiers—down to individual sessions, flows, and transactions. An open, extensible platform, ExtraHop deploys in 15 minutes without agents, provides immediate value, and scales to cover all applications with zero overhead.

Guardicore

Expo Sponsor

Idaptive

Expo Sponsor
Idaptive Next-Gen Access Cloud protects your organization through a zero trust approach — greatly reducing user friction and freeing you to deliver awesome customer experiences.

Imperva

Expo Sponsor

Ixia / Keysight

Expo Sponsor

KnowBe4

Expo Sponsor

Kenna Security

Expo Sponsor

Lightstream

Expo Sponsor

Mcafee / Skyhigh

Expo Sponsor

Mimecast

Expo Sponsor

Netscout

Expo Sponsor

Netskope

Expo Sponsor

Opengear

Expo Sponsor

Open Systems

Expo Sponsor

Ping Identity

Expo Sponsor

Pure Storage

Expo Sponsor

Rapid7

Expo Sponsor

RedCanary

Expo Sponsor

Redseal

Expo Sponsor

Riverbed

Expo Sponsor

RSA

Expo Sponsor

Rubrik

Expo Sponsor

Ruckus

Expo Sponsor

Securonix

Expo Sponsor

Signal Sciences

Expo Sponsor

Silver Peak

Expo Sponsor
Silver Peak software unifies the cloud, the Internet and the enterprise WAN on a single fabric. This provides IT with complete visibility and control over the new cloud-driven network while ensuring consistent performance for every enterprise and Software as a Service (SaaS) application.
Silver Peak solves network bandwidth, distance and quality challenges, which helps customers backup and recover more data in less time, gain faster access to cloud and enterprise applications, and safely migrate enterprise apps from costly, complex private links to the Internet.

Skybox

Expo Sponsor

Tenable

Expo Sponsor

ThreatX

Expo Sponsor

Tufin

Expo Sponsor
Tufin is a network security company specializing in the management of network layer firewalls, routers, switches, load balancers, and other network security devices.
Its product portfolio includes Tufin SecureTrack, a platform offering firewall operation management, and auditing and compliance; Tufin SecureChange, a security change automation service; and Tufin SecureApp, a connectivity management application.
Tufin’s products also help companies to manage and automate the daily configuration changes to network security devices. It was founded by Reuven Harrison in 2004.

Unitrends

Expo Sponsor

Verodin

Expo Sponsor
Verodin is a business platform that provides organizations with the evidence needed to measure, manage, and improve their cybersecurity effectiveness

Vertiv

Expo Sponsor

Vmware

Expo Sponsor

Western Digital

Expo Sponsor

Zscaler

Expo Sponsor

Registration / Check-in | Expo

08:00 AM 09:00 AM

Keynote: Primetime Cybercrime

09:00 AM 10:00 AM Main Stage

Why so many hacking intrusions? Why so many card breaches? Also, can it actually get much worse? The banks blame the retailers, the retailers blame the banks, and consumers blame everyone. We try to learn from our mistakes, but the perspective we hear the least about comes from the cyber criminals themselves — many of whom are growing increasingly organized, networked, financed and politically connected. This talk will examine the answers to those “Why” questions from the perspective of profit-seeking online crooks.

Speakers

Expo

10:00 AM 10:30 AM

LogRhythm: A Roadmap to Security Operations Maturity

10:30 AM 11:30 AM 200 AB

Effective security operations are the first line of defense when it comes to preventing cyberattacks. To accomplish this, organizations need mature and measurable programs that leverage people, process, and technology to rapidly detect and respond to sophisticated attacks. A model for Security Operations maturity will be outlined in this keynote. Public sector organizations can use this model as a basis to evaluate their current security operations maturity level and develop a roadmap to achieve the level that is appropriate in the light of their specific resources, budget, and risk tolerance.

Speakers

Juniper: Connected Security

10:30 AM 11:30 AM 200 CD

The two trends that continue to drive complexity in security are explosion of IoT devices in organizations and the proliferation of multicloud as the norm versus an emerging trend. Both of these will continue to add pressure on already understaffed security teams. By 2022, we will be spending $8 billion to fight cybercrime, yet will we feel any safer? Current spending patterns would indicate we won’t. On average, organizations have already invested in 8 to 12 best-of-breed to solve this problem and still lack the visibility and enforcement to keep up with the exacerbating pressures explosive network growth has created. What if you could do something different? Join the discussion and learn about Juniper Connected Security to learn how.

Speakers

Cisco / Duo:

10:30 AM 11:30 AM 300 AB

Speakers

Splunk: A Tale of Two A-Teams

10:30 AM 11:30 AM 300 CD

When dealing with cyber threats and breaches we want to have our A-team responding. A team of experts knowing best practices, adversary tactics, and with the abilities to respond quickly. But what happens when A-Team of experts is having 100% of their time used up and are still not able respond to a majority of incidents. Even worse is when they are being used often times their skills are wasted doing repetitive task. This is a job for the A-Team! No not the one was just described but Automation technology. This presentation with cover how Automation technology has multiple benefits in improving the efficacy of our cyber security team and improving our overall cyber security posture in general. 

Speakers

Holland & Hart/Stoel Rives: The State of Play for Cybersecurity and Privacy Laws: the GDPR and CCPA as Case Studies

10:30 AM 11:30 AM 400

Advances in data technology and the value of personal information has led to the rapid passage of new laws, including the European Union’s General Data Protection Regulation (“GDPR”) which became effective May 25, 2018. A primary aim of the GDPR is for European consumers to control the use of their personal information and to encourage businesses to properly use and secure personal information. We will discuss how the GDPR achieves theseaims, operational challenges relating to GDPR adherence, and guidance provided during this first year of the GDPR’s passage. We will also discuss California’s Consumer Privacy Act, also known as GDPR lite, which becomes effective on January 1, 2020, its main requirements, practical guidance on how to prepare, and the advent of other states’ regulations relating to cybersecurity and privacy.

Speakers

F5: API Security Methodologies and Efficiencies

11:30 AM 12:30 PM 200 AB

A perspective view on the API security today; how we got here, what it takes to participate, and how to be effective in keeping up. This presentation will be through the lens of a Security Professional interacting with other teams to protect a service API.

Speakers

Attivo: Security Lessons From The Woofmutt…

11:30 AM 12:30 PM 200 CD

These security lessons and more will be covered, dissected AND somehow related to us as humans and us as security tech folk: 
  • Curiosity killed the cat, but in OUR world, that’s the job of an OSINT analyst. 
  • Speaking of cats, plan ahead, they are faster and more agile… think BEFORE acting. Puppy eyes, drool AND sideway looks work…social engineering IS a good skill to have.  
  • Try everything at least once, even if it means sticking your head in the trashcan. 
  • Always be upfront, that way there’s no miscommunication.  
  • If at first you fail, try again; eventually you will get the chew toy on top of the bookcase. 
  • Never underestimate the need for a good hug. 
  • Nothing is forever; live every moment as if it were your last.

Speakers

Crowdstrike: Adversary Tradecraft and the Importance of Speed

11:30 AM 12:30 PM 300 AB

Getting Ahead of the Threat: Emerging Threats and Lessons Learned for the Digital World What are the latest emerging threats targeting your endpoints, public and private cloud computing assets, and non-traditional devices across IoT? And what strategic assets do you need to protect as your organization continues its digital transformation journey? Join us for this session as we explore answers to these questions -- and share cybersecurity intelligence and lessons learned to help you protect endpoints, cloud assets, and IoT attack surfaces. We’ll also reveal security strategies that leverage predictive intelligence, artificial intelligence and hyperscale technologies.

Speakers

Gates Corp: IoT Security Risks in a Still Largely Disconnected World

11:30 AM 12:30 PM 300 CD

IoT devices make our lives easier at home and at work. Smart, connected devices can turn our lights on and off, smart medical devices help manage patient care, and smart sensors on manufacturing equipment can help predict failure before machines break down allowing for preventative maintenance and the avoidance of costly downtime for repairs. Even though the IoT landscape looks different for each industry, as the ecosystem continues to expand, so does the attack surface for cyber criminals to exploit. The more we rely on technology to manage our personal and professional lives, the more vulnerable we and the devices that we rely on are to threats that are targeted specifically towards these devices. In this session attendees will walk away with an understanding as to how they need to be considering the expansion of IoT in their environments, how it affects security and privacy, and how to increase awareness of IoT security within their organizations.

Speakers

Swimlane: The 12-step SOAR model: Breaking your old school SecOps addiction

11:30 AM 12:30 PM

Automation is sweeping through security operations, but many teams are stuck trying to figure out how to break from their existing security operations models. By assessing years' worth of lessons learned, best practices and real-world use cases, we will provide not only a glimpse of what your security operation program could be but also how to get there.

Speakers

Lunch Keynote - Aruba Networks: Tales from the PSIRT: 10 Years of Bugs, Vulnerabilities and CVEs

12:30 PM 01:30 PM Main Stage

The Product Security Incident Response Team (PSIRT) is a critical part of keeping your IT infrastructure secure, by finding, fixing and reporting product vulnerabilities. But how do they function, and what do they see? We’ll go beyond the lawyer-approved response policies and SLAs and see how a mid-sized IT product company goes from vulnerability discovery to CVE number.

Speakers

Expo

01:30 PM 02:00 PM

Fortinet: Intent-based Segmentation – Going Beyond Network Segmentation & Zero Trust

02:00 PM 03:00 PM 200 AB

Cybersecurity is becoming more and more challenging – with threats and operational requirements growing in complexity and fewer skilled professionals available to fill gaps. Everyone agrees that digital transformation is rapidly changing the nature of computing and security. Yet, many of our strategies are based on flat networks, perimeters and implicit trust. Jonathan Nguyen-Duy will draw on his 20 years of experience in cyber – running one of the industry’s largest MSSPs and one of the most highly regarded studies in data breaches – to outline practical cyber approaches for today’s digital enterprise.

Speakers

Recorded Future: Working Smarter in Security Operations With Threat Intelligence

02:00 PM 03:00 PM 200 CD

Security operations centers today are often overwhelmed with constant alerts — so much so that nearly half go completely uninvestigated on average. In this talk, Recorded Future’s Michael Carney will look at how real-time, automated threat intelligence provides fast context and external threat visibility, helping security practitioners prioritize alerts by severity, avoid alert fatigue, and reduce false positives.

Speakers

Arista: Updating Network Security with Arista in Your Data Center

02:00 PM 03:00 PM 300 AB

Security and privacy has always been a concern of organizations large and small. With the growing number of attack vectors and potential breach points in ever expanding enterprise networks, this concern has grown from an application level consideration to all levels of IT infrastructure. Network architects and operators today are being asked and required by an increasing number of regulatory bodies, both internal and external, to encrypt data in transit not only across public or shared networks, but even across private network infrastructure. To further add to the necessity of this, organizations are increasingly placing key pieces of their infrastructure in shared collocation environments and public clouds. Access to these locations may not be fully controlled by the enterprise in questions and concerns of bad actors gaining access to data as it traverses the physical and virtual network infrastructure is a very real possibility. On the other hand, traditional network encryption approaches, while valid, have become costly while the amount of data traversing networks continues to increase exponentially. New approaches should be considered, including IPSec via NFV, MACSec and even MACSec tunneled over layer 3 networks.

Speakers

Infoblox: Bridging Islands of Security

02:00 PM 03:00 PM 300 CD

To handle their network security needs, most organizations rely on many different products and services from multiple vendors. Often these solutions lack integration and are not able to quickly and easily share critical security information. The resulting silos can create costly delays, hinder agility and visibility, and result in a diminished security posture. Join Infoblox for a session on how to bridge the islands of security that expose your network to ongoing risk. During this discussion, you’ll see firsthand how solutions from Infoblox empower your security teams to: - Enhance visibility across your extended network regardless of infrastructure complexity - Automatically share indicators of compromise across multivendor security systems - Get the most out of your cyber threat intelligence and network data to prioritize responses using rich context - Detect, contain, and remediate threats faster through response integration Attend this session to learn how to unify your threat response and find ways to more rapidly and efficiently respond to cyber threats.

Speakers

Presidio: Security Framework

02:00 PM 03:00 PM 400

Speakers

NetApp: How the Cloud Powers Disaster Recovery

03:00 PM 04:00 PM 200 AB

Without access to your data, you’re dead in the water. Productivity could come to a grinding halt, resulting in lost time, wasted resources, and in some cases, security risks. Ensure you stay up and running—even in the event of a disastrous outage using a leading-edge cloud disaster recovery solution. And cross “DR” off your to-do list. In this session we will explore the benefits of moving DR to the cloud and how to do it, as well as best practices that organizations at all levels should consider when implementing their DR strategy.

Speakers

Intermountain Healthcare: Fraud Prevention & Detection – The Missing Security Domain

03:00 PM 04:00 PM 200 CD

Within Cybersecurity programs across most industries, we somehow implement hundreds of controls and a variety of security frameworks to prevent the loss of data but forget how many of these same controls can help prevent and detect fraud. Most organizations have the data needed to prevent and detect fraud but fail to share or integrate across business units. Combatting fraud is not left to just the auditors and accountants but should be part of our overall cyber defense strategy. And if you don't believe an Auditor and someone in Cyber can get along, you don't know my background.

Speakers

Young Living Essential Oils: Socially Awkward Penguin's Guide to Building and Leading a Successful Security Program

03:00 PM 04:00 PM 300 AB

It's no secret the technology industry is full of introverted and socially awkward individuals. If you are unbearably uncomfortable at a party, how can you possibly expect to influence the culture of an entire enterprise? How can you expect to work alongside business leaders who are extroverted, gregarious leaders who can dominate a room? We will discuss some of the challenges of being an introvert in a business world full of extroverted leaders and how to overcome those challenges while building/maintaining an InfoSec program. We will also discuss practical, general tips for getting support and buy-in from business leaders that everyone (introvert and extrovert alike) can use.

Speakers

Presidio: The Importance of Security in Your Transformation Program

03:00 PM 04:00 PM 300 CD

Presidio’s Strategic consulting group is the tip of the spear of our engineering pillars, with cyber security at the forethought of all technologies. Strategic Consulting focuses on business outcomes, identifying and mitigating business, application and operational impact during your transformation journey. Presidio’s Cyber Security team is the most critical component in a transformation program so security is injected into the transformation journey from day one. In today’s ever evolving technology platforms a security first mindset needs to be embedded into your culture.

Speakers

Thycotic: The POWER HACK – Don’t Let the Lights go out – A look Inside the MIND of a Hacker

03:00 PM 04:00 PM 400

Hacking into a Power Station is something that is a scary thought about the possibility of someone being able to turn off the power or damage systems. We have seen major incidents in previous years in which the Ukrainian energy sector was hit by a cyber-attack that caused a power outage for more than 86,000 homes. This session is a real-world hack into a power station that explains the process on planning and preparation, the major challenges of hacking into a power station, adapting to the risks, the perimeter security, engines and SCADA controls. The session will reveal some of the amazing security as well as some of the most shocking findings that will surely see people put hands on their face. It will share the challenges on reporting the findings to the board and the lessons learned. It is critically important to know how cybercriminals target their victims, what you can do to reduce the risk and make it more challenging for the attackers who steal your information, your identity or your money or even turn off the power. This session explains how outside attackers or malicious insiders can exploit vulnerabilities using examples such as a compromised email account password that escalates into a full-blown breach of network security.

Speakers

Expo

04:00 PM 05:00 PM

Registration / Check-in | Expo

08:00 AM 09:00 AM

Keynote: Fireside Chat with Live Hacking

09:00 AM 10:00 AM Main Stage

Speakers

Expo

10:00 AM 10:30 AM

Aruba: NetOps and SecOps: Are We Really So Different?

10:30 AM 11:30 AM 200 AB

It’s difficult to generalize about modern IT organizations, but in almost all cases the network operations team is separate from the security operations team. In some cases, they report to the same CIO but in other cases they have completely different reporting relationships. It’s no wonder that we commonly find an adversarial relationship between the two teams – one of them is measured on keeping the packets flowing while the other would achieve much better results if NO packets flowed at all. But given the modern threat landscape, we can no longer afford this artificial dividing line. The network has a role to play in detecting and stopping security threats, and that means the two sides must work together. This session explores the issue and proposes practical solutions.

Speakers

F5: Making Application Threat Intelligence Practical

10:30 AM 11:30 AM 200 CD

The daily volume of cyber-attacks targeting applications and frequency of associated breaches is overwhelming to even the most experienced security professionals. In this session we cover the most important lessons learned from F5 Labs’ analysis of global attack data and breach root causes attributed to application threats to help you understand attackers’ top targets, their motives, and the changing application security landscape of systems they use to launch application attacks from. Addressing these application threats requires practical controls that every organization can be successful with. We close the session out with some tips and tricks you can start working on immediately to address the most common application threats, and appropriately prioritize your application security controls in the areas you are most likely to get attacked.

Speakers

SentinelOne: Active EDR vs Passive EDR – A Simple Automated Approach to Visibility and Protection

10:30 AM 11:30 AM 300 AB

Passive EDR tools were designed to focus on the detection of suspicious activities on endpoints. These tools were different from earlier security solutions in that they did not necessarily focus on identifying specific malware but instead looked for anomalous activities. However, increased visibility means an increased amount of data that requires an increased amount of analysis and resources – time, money, bandwidth, a skilled workforce – that are in short supply. In addition, EDR, as it is known today, requires cloud connectivity, and as such will always be late with protecting endpoints. There will inevitably be some dwell time. A successful attack can compromise a machine, exfiltrate or encrypt data, and remove traces of itself in seconds. Waiting for a response from the cloud or for an analyst to take action in a timely manner is simply not feasible in the modern threat landscape.

These drawbacks led SentinelOne to develop ActiveEDR, a technology that is capable of correlating the story in real-time on the device itself. ActiveEDR is an automated capability that takes the burden off the SOC team. It allows security teams to quickly understand the story and root cause behind a threat. ActiveEDR can autonomously attribute each event on the endpoint to its root cause alleviating any manual searching, hunting, correlating, and in some cases - guessing. This revolutionizes enterprise security. It can be used by businesses regardless of resources, from advanced SOC analysts to novice security teams, providing them with the ability to automatically remediate threats and defend against advanced attacks.

In this session –

- Discover the value and effectiveness of ActiveEDR
- See a Live Attack Demonstration, Investigation and Remediation

Speakers

Firemon: Current State of Hybrid Cloud

10:30 AM 11:30 AM 300 CD

In this session we will share our perspective on the state of hybrid cloud security and explore the key findings enterprises are experiencing as they move to the hybrid cloud. Here is just a sample of the areas we will explore; - 60% of respondents stated that deployment of their business services in the cloud has accelerated past their ability to adequately secure them in a timely manner. - A rising trend of enterprises deploying multiple, disparate solutions on-premises as well as across multiple cloud environments. - 57.5% of respondents indicated they spend less than 25% of their total security budget on the cloud. - The inconsistent relationship between DevOps and security teams can impact the coordination of security policies across the hybrid cloud.

Speakers

OverwatchID: Three Privilege Security Challenges with Modern IT

10:30 AM 11:30 AM 400

Modern IT environments have three major challenges with traditional privilege security products. IT organizations evolved and embraced hybrid IT deployments and cloud services, traditional privilege security vendors failed to evolve with them. Organizations are left vulnerable to privilege abuse, insider threats and external attackers.

Speakers

Duo / Cisco: Past the Perimeter - Earned Access Through a Zero-Trust Model

11:30 AM 12:30 PM 200 AB

Users whose digital lives are increasingly mobile don’t want to be tied to their desks, and an effective security strategy must be flexible enough to protect access from boardrooms and bars, cubicles and coffee shops alike. To do this, companies must ensure that users and their devices meet the same security controls, whether they’re outside or inside the network perimeter. Duo adopted the “zero-trust network” model to solve this challenge. The perimeter is disappearing, and it’s not coming back… find out how you can get a head start on what’s next.

Speakers

Thycotic: Privileged Access Uncovered: Back to the Basics

11:30 AM 12:30 PM 200 CD

With so many recent high-profile breaches accomplished through compromising passwords on privileged accounts, Privileged Access Management is now everyone’s priority (Gartner put it at the top of the list for 2018) and will continue to be a priority in 2019. But where do you get started? And how do you know which PAM solution will work best to protect your organization without sacrificing productivity?

Speakers

Attivo: A Hackers A Hacker's Perspective, where do we go from here?

11:30 AM 12:30 PM 300 AB

For 25 years or more we have fought the battle of passwords and patches while all around us, the world has developed, data has exponentially increased, attack surfaces are everywhere and technology had quite simply forced the human race to consider the evolution cycle in single lifespans as opposed to millennia. During the last 25 years we have done little to protect the charges we are responsible for, we have failed to secure systems, allowed financial attacks, infrastructure attacks, and now attacks directly against humans. At what point will we be able to stem the bleeding and actually take charge of our realm? Have we left it too late, or are we still able to claw back out of the abyss and face our adversary in a more asymmetrical defensive manner? Can we actually provide safety and security to our charges or will we continue to fail? And, critically, how do we communicate this, and educate a population that is content to watch from the sidelines, while they are being digitally eviscerated?

Speakers

Veeam: Data Mobility for AWS

11:30 AM 12:30 PM 300 CD

Veeam’s Data Management Capabilities for AWS allows seamless backup and restoration operations for AWS workloads and transformations workloads from VMWare, Hyper-V, Physical, Azure & Acropolis to AWS thus providing complete cloud mobility for our customers. Veeam provides a platform that will mesh the boundaries between On-Premises / Cloud data and will grant administrators / IT managers with flexibility in their data locality decisions. Come see this session where we will showcase these capabilities.

Speakers

Recorded Future: Working Smarter in Security Operations With Threat Intelligence

11:30 AM 12:30 PM 400

Security operations centers today are often overwhelmed with constant alerts — so much so that nearly half go completely uninvestigated on average. In this talk, Recorded Future’s Michael Carney will look at how real-time, automated threat intelligence provides fast context and external threat visibility, helping security practitioners prioritize alerts by severity, avoid alert fatigue, and reduce false positives.

Speakers

Lunch Keynote - Palo Alto:

12:30 PM 01:30 PM Main Stage

Speakers

Expo

01:30 PM 02:00 PM

Juniper: Social Media, the Gateway for Malware

02:00 PM 03:00 PM 200 AB

Social Media is typically outside of enterprise control, extremely easy to access, and widely used on your networks, and while you were opening up access, and looking the other way, cybercriminals have honed their craft, and are weaponizing Social Media platforms to launch devastating attacks that are breaching even seemingly hardened Security Architectures.

To safeguard your evolving network and cloud environment from today’s advanced threats, you need security solutions that can automatically identify and analyze threats, and then respond at machine speeds to utilize the entire network to provide rapid protective measures.

Speakers

Fortinet: Cybersecurity Threats Update

02:00 PM 03:00 PM 200 CD

Fortinet:
Past is definitely prologue in cybersecurity. This session will outline the findings from Fortinet threat research covering emerging trends in exploits, malware, botnets and a host of threat and compliance issues. The discussion will review new and recurring challenges, practical approaches identify, mitigate and remediate vulnerabilities as well as what a reasonable level of due care looks like in 2019.

Speakers

Zerto: A New Era for Data Protection - Converged DR and Backup

02:00 PM 03:00 PM 300 AB

In today's always-on, information-driven organizations, business continuity depends completely on IT infrastructures that are up and running 24/7. Being prepared for any data related disaster is key! The cost and business impact of downtime and data loss can be immense. Data loss is not only caused by natural disasters, power outages, hardware failure and user errors, but more and more by software problems and cyber security related disasters. Having a plan and process in place will help you mitigate the impact of an outage on your business. In this presentation we will address the challenges, needs, strategies, and solutions.

Speakers

Proofpoint: Protecting your organizations’ Very Attacked People

02:00 PM 03:00 PM 300 CD

Your people do business well beyond the bounds of traditional network perimeters and connected endpoints. Email, social media, and mobile devices are the new tools of the trade—and for cyber criminals, the new tools of attack. We’ve long known that phishing and social engineering are the ways most organizations get compromised. Attackers know it’s much easier to find someone who will click than to find a working exploit for a modern operating system or browser. However, most organizations have very little idea which of their people receive sophisticated threats, targeted threats, or even large volumes of threats. We call these targets VAPs (Very Attacked People), and they may not be who you would expect. Using research across thousands of organizations around the world, this presentation will focus on how to identify who the Very Attacked People (VAP) are within your organization (hint: it’s probably not your VIPs), why they are targeted, and how they are being attacked. We will then provide meaningful steps a security professional can take to protect their VAPs.

Speakers

Presidio: Vulnerability and Threat Management

02:00 PM 03:00 PM 400

Speakers

Signal Sciences: Application Security for the Modern Web

03:00 PM 04:00 PM 200 AB

Over the last several years we’ve witnessed, and experienced, an advance towards new approaches in web technologies and the processes to deploy web applications. In this talk, we’ll explore and describe the “Modern Web”, discuss observations on the evolution of the Secure SDLC, recognize existing challenges in achieving real-time threat visibility once web applications are deployed to production, and finally, walk through the concepts such as: Visibility, Attack traffic, Anomalous traffic, Dynamic Detection, Application Instrumentation, Reduction in mean time to response, Integrations which all help to address the challenges in fast paced “agile” development cycles.

Speakers

Deloitte & Touche: California Consumer Privacy Act (CCPA) readiness: Thought GDPR readiness was tough?

03:00 PM 04:00 PM 200 CD

The purpose of this presentation is to provide the audience with a basis of the California Consumer Privacy Act (CCPA), if and how it will apply, and how it may impact their business. The presentation will summarize the evolution of Privacy Regulation in California, and explain why the CCPA is important in today’s regulatory climate. The presentation will outline the differences and similarities between the CCPA and the General Data Protection Regulation (GDPR), provide the audience with specifics of how to leverage GDPR readiness for the purpose of CCPA, approach various in-scope control areas, challenges, leading practices, suggest a path to CCPA readiness, illustrate the benefits of technology enablement, and summarize time-tested Deloitte methodologies.

Speakers

TBD

03:00 PM 04:00 PM 300 AB

TBD

03:00 PM 04:00 PM 300 CD

IHC: Physical Security - It’s worse than you think. What can you do about it?

03:00 PM 04:00 PM 400

How vulnerable is your data? With all the emphasis on cyber security, has physical security taken a back seat? Is a loss of data caused by a breakdown in physical security any less damaging than a loss caused by a breakdown in cyber security? The purpose of this session is to discuss vulnerabilities of critical infrastructure and present easily implemented mitigation. Learn how physical security directly relates to COBIT and NIST. Learn types of hardware and software. Understand why the camera on a smart phone could be your worst nightmare.

Speakers

Expo

04:00 PM 05:00 PM