Shaun Parmassar is a Solutions Engineer at Pentera. He was previously focused on defensive technology; helping organizations develop a full defense in depth stack specifically around endpoints controls. In addition he led certification classes for various partners on security hygiene which gave him experience handling the varying challenges that plague organizations. Over the time Shaun has developed skill sets with various tools including endpoint protection, EDR, SIEM/SOAR, Vulnerability Management, IDS/IPS, Cloud Security and hands on experience leveraging red teaming TTPs. Finding an interest in offensive security he joined Pentera where they empower security teams to combine their defensive strategies leveraging an offensive perspective.
Meghan is a passionate GRC evangelist, DIBs champion, and acronym enthusiast with over 15 years supporting audit, governance, security, risk, and compliance activities in highly regulated markets. Prior to joining Reciprocity, she worked with mobile application and SaaS platform developers designing, executing, and managing GRC programs- including the deployment of Reciprocity ZenGRC at multiple companies. Meghan specializes in process improvement and program iteration to resolve issues, drive innovation, and produce sustainable solutions.
Jim has spent the past 35 years of his career in Information Technology and Cybersecurity management with several non-profit organizations in the Washington, DC area. He is currently Chief Information Officer for the American Gas Association (www.aga.org), and has worked there for the past twenty years. Prior to that he spent eight years as IT Director for the Chemical Manufacturers Association. He planned IT projects and set technical direction for both of these organizations. In addition, he is a Certified Chief Information Security Officer, Certified Information Systems Security Professional, Certified Association Executive, Certified Information Systems Auditor, Certified Protection Professional, and holds many other industry certifications.
In recent years Jim has split his time between internal IT responsibilities and industry responsibilities. Jim is the information technology cybersecurity subject matter expert for AGA’s Cybersecurity Strategy Task Force and Natural Gas Security Committee. In these capacities he has administered cybersecurity reviews with a number of natural gas utilities and also serves as Executive Director for the Downstream Natural Gas ISAC (https://www.dngisac.com/). He is the staff executive for AGA’s Customer Service Committee and Technology Advisory Council. In these capacities he serves senior leaders in the fields of Customer Service and Information Technology within the natural gas distribution industry. The Customer Service area includes an annual benchmarking effort, two workshops and a large conference. The Information Technology area includes two council meetings annually.
Jim has a B.S. degree in Computer Systems Management from Drexel University and an M.B.A. from Drexel University.
Jim has been married to his wife, Marianne, for the past 34 years and lives in Gaithersburg, Maryland. They have three children and three grandchildren.
Chad Bailey is a sales engineer at Neosec and brings with him a wealth of experience working in various cyber security companies including Palo Alto Networks and Carbon Black.
Prior to those roles, Chad was an incident response lead in both Oil & Gas and Higher Education. He loves hacking/purple teaming and anything pertaining to the vast field of cyber security.
Since passing his CCNA at age 17, Nate Johnson has been fascinated with technology and its impact on organizations. With over 20 years of experience, Nate has worked with organizations of all sizes and verticals, to help make informed decisions on their technology roadmaps as well as showing how cybersecurity can be a business enabler for them. Nate’s passion for security drives his desire to educate the community in an effort to make technology safer for all.
Phil has a background in Computer Science from Western University, Canada. With over 12 years of experience in the Networking, Embedded Development, IoT, and Cybersecurity domains, Phil uses his expertise to help customers identify and map effective solutions that enrich security and technology program rollouts.
Rebecca Herold, CDPSE, FIP, CISSP, CIPM, CIPP/US, CIPT, CISM, CISA, FLMI, Ponemon Institute Fellow, has over 25 years of IT, info sec, & privacy experience; CEO & Founder (2004) of Rebecca Herold, LLC, aka The Privacy Professor(R); CEO & Founder (2020) of Privacy & Security Brainiacs; and host of the radio/podcast show “Data Security & Privacy with the Privacy Professor” https://www.voiceamerica.com/show/2733/data-security-and-privacy-with-the-privacy-professor. Founder (2014) & Engineer/Architect, and Owner of all IP for content, specifications and architecture of SIMBUS, LLC and all derivatives thereof.
Rebecca is an entrepreneur, author & was an Adjunct Professor for the Norwich University Master of Science in Information Security & Assurance Program for 9 years where she also created program curriculum. Rebecca led the NIST Smart Grid privacy group for 7 years and is a founding member of the IEEE P1912 Privacy and Security Architecture for Consumer Wireless Devices Working Group (June 2015). Rebecca has received numerous awards and recognitions for her work throughout the course of her career. Rebecca has is currently finishing her 20th published book to date, plus chapters in many books and hundreds of articles. Some of Rebecca’s books include:
* Security & Privacy when Working from Home & Travelling
* The Practical Guide to HIPAA Privacy and Security Compliance (2 editions)
* Data Privacy for the Smart Grid
* The Privacy Papers
* Managing an Information Security and Privacy Awareness and Training Program (2 editions)
Rebecca has a B.S. in Math & Computer Science & an M.A. in Computer Science & Education. Rebecca is a longtime member of ISACA, Infragard, IAPP, ISSA, (ISC)2, IEEE & ACM.
Other activities include:
IANS Research Faculty member
NIST IoT Cybersecurity Development SME team member since January, 2020. Supporting development of the NIST 8259 family of controls capabilities documents.
Specialties: Global privacy & security governance & compliance programs; IoT; AI; privacy laws; data flow analysis; privacy impact assessments (PIAs), performing and teaching classes since 2005 for how to perform; data subject access requests (DSARs); incident & breach response; vendor security & privacy management; security & privacy awareness & training; information security & privacy risk assessments; data & systems security engineering
Andy is a strategic leader with over 25 years in cybersecurity. His qualifications include a BS in Cybersecurity and the CISSP, C|CISO, CRISC, and CCE certifications. He has extensive experience in helping organizations securely transition to the cloud in highly regulated environments. He focuses on best-in-class security through the creation of sound security programs; ensuring governance and regulation compliance, and IT security risk management strategies that enable delivery of secure solutions for business stakeholders.
I entered the cyber security field, not as a result of a traditional path, but because one of my first mentors saw the potential in my interpersonal skills and core values. I’m the leader I am today because of my life experiences, exceptional mentors, and desire to succeed.
Early Career
After joining the Air Force as a teenager, I was an exceptionally hard worker with a drive to turn any challenge into a win. However, the transition to a civilian career wasn’t easy. A pivotal moment in my life was receiving an offer to gain experience as a junior network administrator.
Since that opportunity, I’ve remained passionate about helping organizations achieve strategic goals through effective IT and security solutions. I’m also energized by providing career advancement opportunities to others.
Executive Leadership
I’ve consistently delivered strategic results surrounding large-scale initiatives, leading to rapid promotions. Most recently, I was the CISO for BreachQuest, a digital forensics and incident response cyber-security firm, where I was a virtual CSO and incident commander resolving complex security threats for clients.
Known as a person who gets things done, I leverage resources and relationships to find solutions to security challenges. As a strategic business partner, I make an impact by mitigating risk, while supporting business needs.
Leadership Philosophy
I build highly-engaged and diverse global teams, optimize processes, and expand organizational capabilities. I’m a dedicated mentor and inspire teams to respectfully challenge the status quo.
Experienced Administrator, Project Manager, Educator and Technology Professional with over 30 years of experience.
Proven security leader overseeing cybersecurity policies and risk management procedures possessing a doctoral degree focused on networking and traffic shaping.
Des Moines CyberSecurity Conference
Thursday, September 8, 2022 CT
Live in Person @ Marriott Downtown
In Person | Virtual | Hybrid
Earn up to 10 CPE credits
About the Event
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
“Cybersecurity is no longer just an IT problem”
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.
For sponsorship opportunities email sales@futureconevents.com
Keynote Speaker
“Cybersecurity in the natural gas industry”
Jim Linn
Chief Information Officer American Gas Association
Jim has spent the past 35 years of his career in Information Technology and Cybersecurity management with several non-profit organizations in the Washington, DC area. He is currently Chief Information Officer for the American Gas Association (www.aga.org), and has worked there for the past twenty years. Prior to that he spent eight years as IT Director for the Chemical Manufacturers Association. He planned IT projects and set technical direction for both of these organizations. In addition, he is a Certified Chief Information Security Officer, Certified Information Systems Security Professional, Certified Association Executive, Certified Information Systems Auditor, Certified Protection Professional, and holds many other industry certifications.
In recent years Jim has split his time between internal IT responsibilities and industry responsibilities. Jim is the information technology cybersecurity subject matter expert for AGA’s Cybersecurity Strategy Task Force and Natural Gas Security Committee. In these capacities he has administered cybersecurity reviews with a number of natural gas utilities and also serves as Executive Director for the Downstream Natural Gas ISAC (https://www.dngisac.com/). He is the staff executive for AGA’s Customer Service Committee and Technology Advisory Council. In these capacities he serves senior leaders in the fields of Customer Service and Information Technology within the natural gas distribution industry. The Customer Service area includes an annual benchmarking effort, two workshops and a large conference. The Information Technology area includes two council meetings annually.
Jim has a B.S. degree in Computer Systems Management from Drexel University and an M.B.A. from Drexel University.
Jim has been married to his wife, Marianne, for the past 34 years and lives in Gaithersburg, Maryland. They have three children and three grandchildren.
CISO/Industry Leader Panel
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Rebecca Herold
The Privacy Professor
CEO, Privacy & Security Brainiacs | Expert Witness & Author
Jim Linn
Chief Information Officer
American Gas Association
Andy Neller
Deputy Chief Information Security Officer
Wellmark Blue Cross and Blue Shield
Ryan Cummings
CISO
Meru Health
Andrew King
Chief Information Security Officer | Incident Commander | Cyber Security SME | Global IT Executive
Hunter Strategy
Loni Abbas
Assistant VP for ITS & Chief Information Officer
Wartburg College
Gold Sponsors
Reciprocity® is pioneering a first-of-its-kind approach to IT risk management that ties an organization’s risk directly to its business strategy. The fully integrated and automated Reciprocity ROAR Platform, which underpins the Reciprocity ZenRisk and ZenComply applications, enables security executives to communicate the direct impact of risk on high-priority business initiatives to key stakeholders, helping them make smarter, more informed decisions. With Reciprocity, InfoSec teams can strategically support their organization and foster company growth by optimizing resources and mitigating expensive data breaches, system failures, lost opportunities and vulnerabilities with their customers’ data.
Darktrace is the world’s leading cyber AI company and the creator of Autonomous Response technology. It provides comprehensive, enterprise-wide cyber defense to over 4,000 organizations worldwide, protecting the cloud, email, IoT, traditional networks, endpoints and industrial systems.
A self-learning technology, Darktrace AI autonomously detects, investigates and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss and supply chain vulnerabilities.
The company has 1,300 employees and 44 office locations, with headquarters in Cambridge, UK and San Francisco. Every 3 seconds, Darktrace AI fights back against a cyber-threat, preventing it from causing damage.
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io.
Cloudflare, Inc (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world’s 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, Boston, MA, Washington, DC, London, and Singapore.
Information Technology has become a vital part of today’s business. Technology enables you to operate in ways that were impossible a generation ago. Modern technology does more than keep your business running smoothly, it connects customers, employees, suppliers and partners to communicate better, plus enables business leaders to manage costs more efficiently, and sell products and services in new and different ways.
IP Pathways believes capital investments in technology should help businesses grow revenue, increase customer satisfaction, drive efficiencies, lower costs and create a competitive advantage. At IP Pathways, our mission is to be an expert provider of hybrid IT solutions by delivering world-class engineering services supported by high-touch customer service.
We were founded on a simple philosophy—do whatever it takes for the customer. We do this using a simple formula—deliver best-in-class technology and focus on the customer.
IP Pathways provides IT hardware and software, data center, cloud, professional and managed services, and hybrid IT solutions to small, medium-sized and enterprise customers throughout the Midwest. Our award-winning engineering team architects, implements, monitors, supports and manages private and hybrid cloud solutions for your data center, our data center or any data center. Named by CRN Magazine in 2015 as one of the 250 most certified, 500 largest and 100 fastest growing IT service providers in North America, IP Pathways helps IT move at the speed of business.
Our integrated open source governance platform (Nexus) helps more than 1,000 organizations and 10 million software developers simultaneously accelerate innovation and improve application security.
Our machine learning engine (Nexus Intelligence) has analyzed more than 65 million open source components. We continuously feed this intelligence to our customers so they make better innovation decisions early and everywhere across their development lifecycle.
DevOps teams eliminate friction associated with manual governance and ship secure software faster than ever — which makes everyone happy: developers, security professionals, and IT ops.
Cybereason is the champion for today’s cyber defenders providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop (malicious operation). The result: defenders can end cyber attacks from endpoints to everywhere. Cybereason is a privately held, international company headquartered in Boston with customers in more than 40 countries.
Cavelo helps businesses achieve attack surface management with automated data discovery, classification and reporting. Its cloud compatible cyber asset attack surface management (CAASM) platform continuously scans, identifies, classifies and reports on sensitive data across the organization, simplifying compliance reporting, vulnerability management and risk remediation.
Silver Sponsors
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.
Our award-winning, user-centric SaaS solution incorporates the Zero Trust and Software-Defined Perimeter models and offers greater network visibility, seamless onboarding and automatic integration with major cloud providers.
Perimeter 81 ensures unified network security – whether employees are working in or out of the office. We serve a wide range of businesses, from midsize companies to Fortune 500s, and have established partnerships with the world’s foremost integrators, managed service providers and channel resellers.
Built from scratch and based on input from security leaders needing a change from legacy technology, Perimeter 81’s unique API integration and centralized cloud architecture gives companies of all industries and sizes the power to realize the full virtues of the cloud and be truly mobile.
Unlike traditional VPN technology which is costly, hardware-based and both difficult to install and manage, our innovative, Zero Trust Network as a Service platform simply secures access to your local networks, cloud infrastructures, and business applications, with one unified platform.
Red Canary stops cyber threats no one else does, so organizations can fearlessly pursue their missions. We do it by delivering managed detection and response (MDR) across enterprise endpoints, cloud workloads, network, identities, and SaaS apps. As a security ally, we define MDR in our own terms with unlimited 24×7 support, deep threat expertise, hands-on remediation, and by doing what’s right for customers and partners.
Over the past 20 years, we’ve been recognized as a leader with 50 percent market share in core network services, which includes Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and IP address management (IPAM), collectively known as DDI. Building upon this proven foundation, we’re bringing DDI and core network services to the next level with our Secure Cloud-Managed Network Services. This enables all customers to go to the next level that’s right for them—whether their networks are completely on-premises, full cloud or hybrid cloud.
SolCyber, a ForgePoint company, is the first modern MSSP to deliver a curated stack of enterprise strength security tools and services that are streamlined, accessible and affordable for any organization. SolCyber is disrupting the status quo, by providing a new standard of managed security services that work to reduce cyber risk, wastage and complexity. We believe in a secure environment for all. For more information about SolCyber, visit www.solcyber.com or follow us at @SolCyberMss or here on LinkedIn.
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology – to build a future we can all trust, which is vital to the development of our societies. The company provides solutions, services and products that help its customers – businesses, organisations and states – in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions, by placing humans at the heart of the decision-making process.
Visore simplifies your organizations security operations with a Single pane-of-glass SecOps Platform that solves interoperability, built to address the #1 challenge plaguing IT and cyber teams: comprehensive & up-to-date asset inventory. Asset inventory, consolidated data and threat intelligence, all in one place enable valuable insights with just one click.
The Akeyless Vault Platform is SOC2 certified and operates across a highly distributed environment, delivering Just-in-Time secrets and access to humans and machines (i.e., applications, microservices) efficiently and at infinite scale. To learn more, or schedule a demo, visit www.akeyless.io.
SafeBreach’s mission is to change the way the industry deals with security and risk, and enable companies to use the security technologies they have invested in to the fullest. By validating those technologies against attacks, from the known to the latest emerging threats, they will drive risk down — on a continuous basis. Companies will be able to invest smart and protect more. They will be able to quantify risks to the business and drive a security strategy aligned with the company’s business growth. Changing the mindset of defenders to offensive and proactive will help us build a safer world.
Pratum is an information security services firm with headquarters in Ankeny, Iowa. We help clients solve information security challenges based on risk, not fear. We have an expansive client portfolio which extends across the nation, ranging from small businesses to large corporations. The industries we serve are diverse: healthcare and life sciences, banking, technology and SaaS providers, retail, entertainment, local government critical infrastructure, and manufacturing. We do not sell hardware or software, which enables us to focus on security and remain objective in our consulting services. We help organizations find the right balance of information security, IT risk management, and compliance. By arming our clients with knowledge and understanding, we empower them to protect critical data while continuing business operations.
Partners
The Pan Asian American Business Council (“PAABC”) is a non-profit organization consisting of Asian American businesses that would like to promote and grow their own and other Asian American businesses.
To enable Asian American owned businesses to develop and grow.
Founded in 2012, the Women’s Society of Cyberjutsu (WSC) is a National 501(c)3 non-profit community, focused on empowering women to succeed in the cybersecurity industry. WSC’s mission is to advance women in cybersecurity careers by providing programs and partnerships that promote hands-on training, networking, education, mentoring, resource-sharing and other professional opportunities.
WSC serves thousands of women across the globe by bringing awareness to, and advancing careers in, cybersecurity. The WSC community includes information security professionals, IT professionals, programmers, computer scientists and engineers, as well as women wanting to explore and join the field. Recognizing the importance of encouraging girls to embrace a future in STEM-related professions through its Cyberjutsu Girls Academy, WSC provides a unique hands-on curriculum focused on securing information technology. For more information, visit http://www.womenscyberjutsu.org.
We put our heart and soul into this Cybersecurity Conference directory.
Way back in 2013 we had another website called “Concise Courses” which used to market and sell InfoSec training courses. We published a blog post listing all the upcoming InfoSec Conferences of that year, and Google loved the resource and put us right to the top of the search engines. That ‘accidental’ occurrence spawned this directory which is maintained by a small team comprising of Henry Dalziel and Charles Villaneuva and a bunch of freelance programmers.
What We Do:
We list, literally, every single Information Security conference, event and seminar within every niche in Cybersecurity.
We have a dedicated team that maintains our in-house tech stack, directory, and data curation.
Agenda
Times are subject to change
Opening Introductions | Check In | Networking
Presentation
Is Your Defensive Stack Ready For A Targeted Attack?
Presentation
Stopping Attacks, Not Your Business: AI & Autonomous Response
Presentation
It Takes More than Automated Compliance to Get Ahead of Threats
In a 2021 survey of CIOs, respondents cited limited resources, new or changing regulations and tracking and maintaining compliance as the top three challenges keeping them up at night. With teams stretched thin trying to keep up with compliance requirements and growing numbers of threats and stakeholder demands, manual processes can no longer keep up.
Automation is a strong first step in reducing manual work and freeing up your team’s workload. However, it is insufficient if it doesn’t help your InfoSec leaders clearly communicate the risk associated with the organization’s business priorities so they can make informed, data-driven investment decisions.
The ability to focus on strategic business priorities helps optimize the talents of small InfoSec teams. When you automate the more tactical and routine work, a more reliable and comprehensive approach to GRC is created while optimizing your teams’ talent by freeing them from manual work.
Join us as we discuss how taking a strategic approach to risk management combined with automation can ensure that businesses stay ahead of the threats they face every day.
Attend this webinar and learn how to:
- Focus your planning efforts around your organization’s strategic business priorities
- Be more proactive by automating evidence collection, risk scoring and monitoring
- Gain actionable insights to help you clearly communicate with key stakeholders
Keynote
“Cybersecurity in the natural gas industry”
Presentation
Everything You Should Know About API Security
This learning session is designed to help organizations understand the security problems within APIs. With APIs being the connective tissue of digital transformation, many incorrectly assume that traditional security products are enough. The reality is that most organizations have an API blind spot and have no visibility into how many they use. Ultimately, you cannot protect what you cannot see.
Presentation
Open Source Developers Are Security’s New Front Line
Bad actors have recognized the power of open source and are now beginning to create their own attack opportunities. This new form of assault, where OSS project credentials are compromised and malicious code is intentionally injected into open source libraries, allows hackers to poison the well. In this session, Sonatype will explain how both security and developers must work together to stop this trend. Or, risk losing the entire open source ecosystem.
- Analyze, and detail, the events leading to today’s “all-out” attack on the OSS industry
- Define what the future of open source looks like in today’s new normal
- Outline how developers can step into the role of security, to protect themselves, and the millions of people depending on them
Presentation
Defend Forward: A Proactive Model for Cyber Deterrence
As the lines between nation-state sponsored and financially motivated cybercrime attacks continue to blur, and as government officials around the world warn businesses to prepare for cyberattacks stemming from geopolitical conflicts, Defend Forward seeks to empower organizations with the proactive strategies and bias for action they need to confront motivated adversaries. This session will arm organizations with the concepts key to not only defending themselves from cyberattacks, but essential in deterring them as much as possible.
Presentation
The First Step to Security Maturity: Owning Your Data
Data protection, security maturity and regulatory compliance go hand in hand. A variety of initiatives can help teams align to best practices while building on their security maturity. Knowing what types of data you have, who has access to it and how it’s used provides data-driven evidence that better supports decision making and demonstrates to stakeholders and auditors that you’re taking appropriate steps to protect your business’s sensitive data – and the privacy of your customers.
This session will review:
- Identifying a Critical Path through security frameworks like the NIST Cybersecurity Maturity Model
- Understanding the evolution of Data Complexity
- Leveraging core security initiatives to achieve greater security maturity, whether you’re getting started establishing your baseline or scaling your strategy
Panel Discussion
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Rebecca Herold
The Privacy Professor CEO, Privacy & Security Brainiacs | Expert Witness & Author
