Day 1: Sunday, March 11th

11:00 AM - 11:45 AM Welcome Brunch & Registration

11:45 AM - 12:00 PM Sponsor Orientation

11:45 AM - 12:00 PM Delegate Orientation

12:00 PM - 12:15 PM Ice Breaker

Ed Hudson

Chief Information Security Officer
California State University

Opening Keynote

12:20 PM - 1:00 PM Nine Habits of Highly Effective Cybersecurity People

George Finney, Chief Security Officer, SMU
Cybersecurity is a behavior, not a skill. We’ve taught cybersecurity awareness for years as though it were a skill to be learned like any other technology. To change behaviors, we need to understand the underlying habits that govern our responses. This presentation will explore the 9 Cybersecurity Habits and will look at how you can use those habits to focus on changing behaviors in your security training and how to tailor your approach to have the greatest impact for all your employees.

George Finney

Chief Security Officer


1:00 PM - 1:30 PM Say Goodbye to Vulnerability Backlogs: Using RASP to Reclaim Control and Reduce Risk

Chris Prevost, Vice President of Solutions, Prevost
Knowing is half the battle when it comes to protecting applications and their sensitive data.
Application security testing tools scan your code to reveal the long lists of known vulnerabilities, but not all are remediated before the next release-even with mature secure software development practices. Enterprises resort to using theoretical levels of criticality — not actual risks-to prioritize which accumulated vulnerabilities to fix and in what order. Many vulnerabilities often undergo an exception process and make it into protocol.
This session will review real-life case studies about enterprises that are adopting a savvy, new approach to protecting sensitive data and mitigating threats real-time. Explore available game-changing tools that are placed at the front of the line—directly in the application’s operating environment—to immediately lower risk and act as a compensating control at runtime.
In the case studies, explore ways to improve forensics, see 98%+ of their known vulnerabilities mitigated instantly, reducing backlogs and expediting an otherwise cumbersome release process. Through a demonstration observe live production attacks and generation of real-time security event logs and reports. Security teams can then correlate pre-production vulnerability scan results with runtime attack logs to go back, remediate based on actual risk—not just hypothetical threats. The result? Improved forensics.

Chris Prevost

Vice President of Solutions

1:35 PM - 2:05 PM Business Meetings

2:05 PM - 2:35 PM Business Meetings

2:35 PM - 2:50 PM Networking Break


2:50 PM - 3:35 PM When Shrinkage is Good—Reduce Incident Response Times from Hours to Minutes

Rishi Bhargava, Co-Founder & VP Marketing, Demisto
Is your security team challenged with alert fatigue, a shortage of skilled staff, and maximizing the company’s product arsenal investment?

Solving such challenges isn’t easy and requires a delicate balance of people, processes, and tools. Investing in a comprehensive platform that enables security operation teams to reduce MTTR, create consistent and audited incident management process and increase analyst productivity is a step in the right direction.

Attend this discussion to learn how a security orchestration platform can automate manual-intensive tasks and reduce response times from hours to minutes. See how the product’s machine learning suggestions can help your team become smarter with every incident and resolve complex threats faster and more accurately.

Benefits from shrinking your time to respond for every incident include:
•Improve your overall security posture,
•Enhance analyst productivity (from Tier 1-3)
•Future-proof security operations.

Rishi Bhargava

Co-Founder & VP Marketing

Master Class

2:50 PM - 3:35 PM Best Practices and Future Direction of Security Awareness Training

Erich Kron, Security Awareness Advocate, KnowBe4
Ignoring the human side of cybersecurity will leave your organization vulnerable. Reported numbers may fluctuate from industry study to industry study, but they all agree on one thing: cybercriminals are successfully and consistently exploiting human nature to accomplish their goals. Employees are often the last line of defense between a sophisticated cyber-scam and your systems, data, and customers.
Prudent security leaders know that security awareness and training is key to strengthening their ‘human firewall’ – but they often don’t know where to start. This session will provide practical security awareness and behavior management tips, outline how and where tools are helpful, and discuss emerging industry trends.

Erich Kron

Security Awareness Advocate

3:40 PM - 4:10 PM Business Meetings

4:10 PM - 4:40 PM Business Meetings

4:40 PM - 5:10 PM Business Meetings

Ignite Session

5:15 PM - 5:25 PM Securely Share Files Beyond Your Enterprise Borders with Full Governance and Control

Cliff White, Chief Technology Officer, Accellion

Cliff White

Chief Technology Officer

Ignite Session

5:25 PM - 5:35 PM Advancing Automation Confidence via Identity-Defined Security

Joe Gottlieb, Senior Vice President, Corporate Development, SailPoint
Big data, analytics and automation technologies are here, but progress is hampered by immature technology, staffing challenges, and the fear of false positives. By driving collaboration, alignment and integration of their identity and security people, process and technology, enterprises can overcome these obstacles and extract a greater return from existing investments. This presentation will identify how to:
•Combine identity and security context to maximize situational awareness
•Leverage serialized identity to increase the precision of security analytics and enforcement
•Execute workflows across the organizational hierarchy to verify business context and accelerate automation confidence

Joe Gottlieb

Senior Vice President, Corporate Development

Ignite Session

5:35 PM - 5:45 PM Aligning Business Practices and the Security Framework

Eric Chiu, Co-Founder and President, HyTrust

Eric Chiu

Co-Founder and President

Ignite Session

5:45 PM - 5:55 PM Secure the Unsecurable: 3 Tips for CISOs to Control for Employee Behavior

Michael Madon, CEO, Ataata

Michael Madon


Ignite Session

5:55 PM - 6:05 PM It’s Hard to Hit What You Can’t Find

Andy Anderson, Director of Sales and Marketing, Dispel

Andy Anderson

Director of Sales and Marketing

Roundtable Discussions

6:05 PM - 6:40 PM A. Instilling Security Awareness, Attitudes and Actions

Eduardo Ortiz, Director Information Security, The GEO Group, Inc.

Eduardo Ortiz

Director Information Security
The GEO Group, Inc.

Roundtable Discussions

6:05 PM - 6:40 PM B. Examining the Security Risks in Vendor Services and Relationships

Ed Hudson, Chief Information Security Officer, California State University

Ed Hudson

Chief Information Security Officer
California State University

6:40 PM - 7:40 PM Networking Cocktail Discussion