Jeff brings more than 30 years of hands-on cybersecurity intelligence and cybersecurity operations experience including engagements with the Department of Defense (DOD), Department of Energy (DOE), and NASA. More recently Jeff has served as CISO at Blue Team Alpha, where he educated customers on the current threat landscape and served as an advocate for the need of a strong cybersecurity practice.
Wanda Miles, Senior Security and Compliance Program Manager at Exabeam is an information security professional with more than ten years of providing program and project management for compliance programs, risk operations and security vulnerability management. Wanda worked as a consultant for Microsoft Azure helping them build their compliance program and obtain several certifications. Ms. Miles has also managed data center migrations from on-premises to the cloud, risk management assessments for clients, and assisted companies obtain, SOC 2, ISO, PCI, FedRAMP and other third-party assessments including penetration testing.
Jamion served 7 years as CIO for a Nebraska Critical Access Hospital prior to joining IP Pathways as a Solution Architect in 2021. His 18 years of experience has led him to positions ranging from Network Engineer, Systems Administrator and IT Director for multiple Midwest companies. His years of experience give Jamion the tools to help growing companies strategically maneuver through the ever-changing technology landscape.
Michael has nearly a decade of experience helping enterprise clients solve challenging security, networking, and infrastructure problems. He currently serves as a Solutions Architect with Avertium, an industry-leader in security and compliance services. He holds numerous industry certifications including the CISSP, AWS SAA, AZ-500, Net+ & Sec+ and is currently pursuing a Master’s Degree in Cybersecurity from Georgia Tech.
A nationally recognized expert, David is a Senior Vice President in Marsh’s Emerging Risks Group. Prior to Marsh, David served at ReSource Pro, a global insurance services firm, as their global security executive after a 23-year career with Werner Enterprises.
In his role, David actively advises numerous enterprise CISOs, security teams, technology leaders, business executives, and Boards, with particular emphasis on cyber strategy and risk issues. The Emerging Risks Group sits at the intersection of strategy and risk deploying advanced quantitative methods to understand, measure, and manage complex risks.
In his previous position at ReSource Pro, David established a global security program across the U.S., India, and China and worked with insurance industry clients. David ensured secure delivery of services for over 6,000 offshore employees via an ISO 27001 and SSAE18 certified security program. Key initiatives included establishing global security culture, expanded internal SOC services and rapid increases in program maturity required by Fortune 500 clients.
David served as the enterprise security leader for Werner Enterprises, a nation-wide transportation services and global logistics provider. He established core security processes and underlaying technology/security systems to support complex, business aligned growth strategies. Some of his key initiatives included quantitative risk management, enterprise Identity & Access Management (IAM), vulnerability risk management, third party risk management, and board-level reporting. During this time he was also a part-time member of the SANS Institute, implementing and delivering courses.
Prior to his IT and security career, he served as an operational team member and Flight Operations Director at Goddard Space Flight Center. David also served in the U.S. Air Force as part of the Defense Meteorological Satellite Program (DMSP).
David holds a Bachelor of Science degree from the University of Maryland University College, is a Certified in Risk and Information Systems Control (CRISC) and Open FAIR.
Paul has been coding and hacking since 1987. As a security researcher, he has performed offensive security testing of facilities ranging from nuclear energy plants to hospitals to tent-pole film sets. He’s presented to countless audiences the realities of cyberattacks, the hacker mindset, and new paradigms to address the potentially life-impacting threats we are faced with today.
He is currently the Senior Director of the Cybersecurity Strategy & Research Team at Illumio, where he works across industries to help organizations understand how to protect their critical assets in the “assume breach” mentality of zero trust.
Christopher Hencinski is a Solutions Architect at managed security provider Expel. In this role, he’s responsible for ensuring Expel delivers world-class service to a growing number of new prospects and customers, from pre-sale through onboarding and the first 90 days—owning the technical side of the pre-sales process and creating the bridge between sales and delivery.
Comparatively new to security, Chris has over a decade of experience in digital sales for notable brands, including Sony Music Entertainment. A “career-changer,” he began his journey with Expel as a phishing analyst, where he applied learnings on investigative process and security technology before transitioning to the managed detection and response (MDR) team. There, he grew not only as an analyst but as an overall security professional.
Chris joined the solutions architecture team following his time in the Expel security operations center (SOC) to roundout his entire skillset, both past and present. Now, he works across the org with a combination of sales, engagement management, service delivery, and engineering teams to coordinate and offer solutions and strategies that consistently meet prospects where they are for the best possible customer experience.
Stephen Mozia is the Sr. Practice Manager for the OT/IoT Security business at Optiv. Mozia has spent his careerworkinginengineering,businessdevelopment,andsalescapacitieswith theautomationvendors, Rockwell Automation and Emerson. In these roles, Mozia’s focus has always surrounded digitally transforming organizations through supporting innovative technologies around asset management, data management, analytics, augmented/virtual reality, and automation. Stephen joined Optiv in 2021 to lead engagements in cloud security, data analytics in OT security. He currently manages delivery in OT Security Practice. He is also deemed an Olympian for competing at the 2016 Olympics.
I am an experienced engineering leader demonstrating technical expertise, mainly focused on modernization, cloud transformation, resiliency, stability, security, governance and cost savings. I’ve been responsible for architecting, designing, and implementing cybersecurity systems into cutting edge, cloud platform by transforming applications into scalable, elastic systems capable of processing billions of security events per day by utilizing technologies such as GKE (Kubernetes), Kafka, GCP/AWS/Azure etc.
Overall breadth and depth understanding of professional & technical skills and capabilities in cloud, technology & cybersecurity. Working directly with CEO and executive leadership to develop and direct the long-term strategy for the Technology team that involves multiple verticals such as, cloud, security, IT, back-office, data, and others in a multi cloud environment specially focusing on GCP.
Currently acting as an overall technology leader in transformation to building, inspiring, governing, and guiding the teams to deliver best precision farming technology strategy & architecture focused on observability, governance and reliability.
I’ve built and led rock-solid development teams from the ground-up by coaching, developing, and motivating engineers to solve challenging problems. Moreover, I’ve been a part of the agile movement by focusing mainly on collaboration, innovation, transparency and trust.
Dr. Lisa McKee, Ph.D., CISA, CDPSE, CRISC, has 20 years of industry experience in Cybersecurity, Information Technology, Privacy, US and International Data Privacy Laws, Vendor Management, Software Development, IT Audit, Compliance, PCI, Risk and Governance. Lisa assists companies conducting security and privacy assessments, implementing security and privacy programs, and managing PCI compliance. She is a highly regarded consultant in the Midwest IT industry and a regular featured speaker at IAPP, ISACA, IIA, ISC2 and NEbraskaCERT. She speaks at conferences locally, nationally, and globally for IAPP, ISACA and RSA. Lisa is also a member of the Accredited Standards Committee X9 providing input on industry standards, a member of the IAPP National Privacy Engineering Advisory Board, a leader for the NIST Privacy Workforce Working Group task force for Risk Assessments and Director of Programs and Events for the WiCyS South Dakota Chapter. She is passionate about privacy and security.
Information Security Leader
Customer-focused, risk-based, Information Security Professional and Enterprise Application Security Architect with nearly 20 years of experience leading and contributing to Information Security Solutions, Risk Management, Secure Information Systems and Technology Solutions, Business and System Operations, Security and Compliance, Disaster Recovery, Capacity Planning, and User Productivity.
Recognized among peers as a leader that has the ability to tackle large complex issues, direct resourceful alternatives, synthesize knowledge from a wide variety of business and technical disciplines, and effectively communicate key technical risks at senior executive levels. Team-focused, integrity driven, and results oriented leader with a solid determination to drive customer satisfaction.
Omaha Cybersecurity Conference
Wednesday, April 19, 2023
Live in Person @ Embassy Suites Downtown
In Person | Virtual | Hybrid
Earn up to 10 CPE credits
About the Event
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
“Cybersecurity is no longer just an IT problem”
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.
For sponsorship opportunities email sales@futureconevents.com
Keynote Speaker
"Information security, it's time to ask why"
David Elfering
Information Security Strategy | CISO | Identity Management | Security Governance | Enterprise Risk Management Marsh
A nationally recognized expert, David is a Senior Vice President in Marsh’s Emerging Risks Group. Prior to Marsh, David served at ReSource Pro, a global insurance services firm, as their global security executive after a 23-year career with Werner Enterprises.
In his role, David actively advises numerous enterprise CISOs, security teams, technology leaders, business executives, and Boards, with particular emphasis on cyber strategy and risk issues. The Emerging Risks Group sits at the intersection of strategy and risk deploying advanced quantitative methods to understand, measure, and manage complex risks.
In his previous position at ReSource Pro, David established a global security program across the U.S., India, and China and worked with insurance industry clients. David ensured secure delivery of services for over 6,000 offshore employees via an ISO 27001 and SSAE18 certified security program. Key initiatives included establishing global security culture, expanded internal SOC services and rapid increases in program maturity required by Fortune 500 clients.
David served as the enterprise security leader for Werner Enterprises, a nation-wide transportation services and global logistics provider. He established core security processes and underlaying technology/security systems to support complex, business aligned growth strategies. Some of his key initiatives included quantitative risk management, enterprise Identity & Access Management (IAM), vulnerability risk management, third party risk management, and board-level reporting. During this time he was also a part-time member of the SANS Institute, implementing and delivering courses.
Prior to his IT and security career, he served as an operational team member and Flight Operations Director at Goddard Space Flight Center. David also served in the U.S. Air Force as part of the Defense Meteorological Satellite Program (DMSP).
David holds a Bachelor of Science degree from the University of Maryland University College, is a Certified in Risk and Information Systems Control (CRISC) and Open FAIR.
CISO/Industry Leader Panel
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Marc Johnson
Sr. Advisor / vCISO / vCIO
Impact Advisors
Manoj Regmi
VP, Technology
Farmers Edge
David Elfering
Information Security Strategy | CISO | Identity Management | Security Governance | Enterprise Risk Management
Marsh
Dr. Lisa McKee
Founding Partner, American Security and Privacy |
Creator of ComPriSec and Zero Trust Privacy
Joshua Fugate
Director, Cybersecurity Architecture & Strategy
Charles Schwab
Platinum Sponsors
Lumu Technologies is a cyber-security company that illuminates threats, attacks, and adversaries affecting enterprises worldwide. Using actionable intelligence, Lumu provides a radical way to secure networks by enhancing and augmenting existing defense capabilities established over the past 25 years.
Gold Sponsors
Exabeam is a global cybersecurity leader that created New-Scale SIEMTM for advancing security operations. Built for security people by security people, we reduce business risk and elevate human performance. The powerful combination of our cloud-scale security log management, behavioral analytics, and automated investigation experience gives security operations an unprecedented advantage over adversaries including insider threats, nation states, and other cyber criminals. We Detect the UndetectableTM by understanding normal behavior, even as normal keeps changing – giving security operations teams a holistic view of incidents for faster, more complete response. Learn more at www.exabeam.com.
Cloudflare, Inc (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world’s 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, Boston, MA, Washington, DC, London, and Singapore.
Information Technology has become a vital part of today’s business. Technology enables you to operate in ways that were impossible a generation ago. Modern technology does more than keep your business running smoothly, it connects customers, employees, suppliers and partners to communicate better, plus enables business leaders to manage costs more efficiently, and sell products and services in new and different ways.
IP Pathways believes capital investments in technology should help businesses grow revenue, increase customer satisfaction, drive efficiencies, lower costs and create a competitive advantage. At IP Pathways, our mission is to be an expert provider of hybrid IT solutions by delivering world-class engineering services supported by high-touch customer service.
We were founded on a simple philosophy—do whatever it takes for the customer. We do this using a simple formula—deliver best-in-class technology and focus on the customer.
IP Pathways provides IT hardware and software, data center, cloud, professional and managed services, and hybrid IT solutions to small, medium-sized and enterprise customers throughout the Midwest. Our award-winning engineering team architects, implements, monitors, supports and manages private and hybrid cloud solutions for your data center, our data center or any data center. Named by CRN Magazine in 2015 as one of the 250 most certified, 500 largest and 100 fastest growing IT service providers in North America, IP Pathways helps IT move at the speed of business.
Illumio enables organizations to realize a future without high-profile breaches by preventing the lateral movement of attackers across any organization. Founded on the principle of least privilege in 2013, Illumio provides visibility and segmentation for endpoints, data centers or clouds. The world’s leading organizations, including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite, trust Illumio to reduce cyber risk. For more information, visit https://www.illumio.com/what-we-do and engage us on LinkedIn and Twitter.
Expel is a security operations provider that offers managed detection and response (MDR), remediation, phishing support, and threat hunting. Our platform and people work together to make sense of your security signal—with your business in mind—to detect, understand, and fix issues fast.
Optiv is a security solutions integrator – “one-stop” trusted partner with a singular focus on cybersecurity. Our end-to-end cybersecurity capabilities span risk management and transformation, cyber digital transformation, threat management, security operations, identity and data management, and integration and innovation, helping organizations realize stronger, simpler and more cost-efficient cybersecurity programs that support business requirements and outcomes. At Optiv, we are modernizing cybersecurity to enable clients to innovate their consumption models, integrate infrastructure and technology to maximize value, achieve measurable outcomes, and realize complete solutions and business alignment. For more information about Optiv, please visit us at www.optiv.com.
Thales is a global high technology leader investing in digital and “deep tech” innovations – connectivity, big data, artificial intelligence, cybersecurity and quantum technology – to build a future we can all trust, which is vital to the development of our societies. The company provides solutions, services and products that help its customers – businesses, organisations and states – in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions, by placing humans at the heart of the decision-making process.
Silver Sponsors
With over 35 years of experience in the tech industry, we offer a comprehensive range of Technology Services with a focus on the latest Cloud Innovations. We’re on a mission to help organizations build business value by using their existing technology investments in a way that harmonizes the balance of productivity, efficiency, and security. Our methodology enables teams to deploy cloud solutions rapidly while monitoring and enforcing security and compliance in real-time. We specialize in coaching teams to adopt public cloud safely when they have specific compliance requirements such as HIPAA, NIST and PCI DSS.
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
InNet partners with customers to design, deploy, and support a full suite of advanced technology solutions focusing upon enterprise and mid-market IT organizations and assisting in regards to networks, information security, business continuity, storage, cloud migration, virtualization and performance monitoring. As one of the most trusted solution providers in the Central and Eastern USA, InNet brings many years of valuable experience from a myriad of customer perspectives working with leading enterprise and corporate customers to deliver technology that meets business objectives.
ThreatX is managed API and application protection that lets you secure them with confidence, not complexity. It blocks botnets and advanced attacks in real time, letting enterprises keep attackers at bay without lifting a finger. Trusted by companies in every industry across the globe, ThreatX profiles attackers and blocks advanced risks to protect APIs and applications 24/7. Learn more at https://www.threatx.com.
ZeroFox delivers proactive external cybersecurity to outfox the adversary and disrupt, identify, and dismantle threats outside the traditional corporate perimeter. The ZeroFox Platform combines advanced AI-driven analysis to detect complex threats on the surface, Deep, and Dark Web with fully managed threat intelligence services and threat analysts who become an extension of your team – all while providing automated remediation to effectively disrupt threats.
trackd.com is a modern patch management platform with a unique twist. Our solution records the experience of vulnerability remediation practitioners after they’ve applied a given patch (i.e. did it break something?), anonymizes that data, and then shares it in real-time with all other trackd platform users. The data enables remediation teams to identify the small percentage of patches that are likely to break something, as well as those with little or no history of disruption that can be considered strong candidates for auto-patching.
Recorded Future delivers the world’s most advanced security intelligence to disrupt adversaries, empower defenders, and protect organizations. With proactive and predictive intelligence, Recorded Future’s platform provides elite, context-rich, actionable intelligence in real time that’s ready for integration across the security ecosystem.
SecureSky is a continuous Cloud Security Posture Management (CSPM) provider, supporting eXtended Detection and Response (XDR) and security consulting services. SecureSky delivers full security visibility, from workloads to the application layer, and assists organizations in incorporating cloud risk management into their unified security program. SecureSky’s CSPM platform provides cloud-native, automated, and integrated protection, as the rapid adoption of IaaS and SaaS accelerates cloud-based attacks.
Partners
Welcome to the ISACA Omaha Chapter. The aim of the Chapter is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the region.
ISACA (previously the Information Systems Audit and Control Association) is a world wide association of IS governance professionals. The association currently focuses on assurance, security, and governance and provides globally recognized certification in assurance (Certified Information Systems Auditor), security (Certified Information Security Manager), and governance (Certified in the Governance of Enterprise IT).
The association is one of individual members, often the sole practitioner of information systems auditing, security, and/or governance in his or her company. The membership of the ISACA reflects a multiplicity of backgrounds and skills that make the information systems governance field challenging and dynamic.
This chapter is run by volunteers who are ISACA members nominated and voted upon by membership. ISACA members’ participation in running the chapter are highly encouraged.
We hold regular meetings at the Scott Conference Center (6450 Pine Street Omaha, NE 68106) and have various other events throughout the chapter year. Please see the Events Page for further details.
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 168,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry.
The Pan Asian American Business Council (“PAABC”) is a non-profit organization consisting of Asian American businesses that would like to promote and grow their own and other Asian American businesses.
To enable Asian American owned businesses to develop and grow.
We put our heart and soul into this Cybersecurity Conference directory.
Way back in 2013 we had another website called “Concise Courses” which used to market and sell InfoSec training courses. We published a blog post listing all the upcoming InfoSec Conferences of that year, and Google loved the resource and put us right to the top of the search engines. That ‘accidental’ occurrence spawned this directory which is maintained by a small team comprising of Henry Dalziel and Charles Villaneuva and a bunch of freelance programmers.
What We Do:
We list, literally, every single Information Security conference, event and seminar within every niche in Cybersecurity.
We have a dedicated team that maintains our in-house tech stack, directory, and data curation.
Founded in 2012, the Women’s Society of Cyberjutsu (WSC) is a National 501(c)3 non-profit community, focused on empowering women to succeed in the cybersecurity industry. WSC’s mission is to advance women in cybersecurity careers by providing programs and partnerships that promote hands-on training, networking, education, mentoring, resource-sharing and other professional opportunities.
WSC serves thousands of women across the globe by bringing awareness to, and advancing careers in, cybersecurity. The WSC community includes information security professionals, IT professionals, programmers, computer scientists and engineers, as well as women wanting to explore and join the field. Recognizing the importance of encouraging girls to embrace a future in STEM-related professions through its Cyberjutsu Girls Academy, WSC provides a unique hands-on curriculum focused on securing information technology. For more information, visit http://www.womenscyberjutsu.org.
Agenda
Times are subject to change
Opening Introductions | Check In | Networking
Presentation
The Future of Cybersecurity Operations
Cybersecurity can be a complex operation, but at its core, it’s made up of two components: people and technology. Although we’ve seen incredible advances in the technology side of things, we need to ensure that that technology acquisition doesn’t amount to another ‘shiny thing’ but empowers the people that operate it. Join Lumu’s Jeffrey Wheat as he shares his vision of what makes up an ideal cybersecurity operation.
Presentation
How to Build an Insider Threat Program
Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.
Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything changes so quickly. Insider threat initiatives require a new, more focused approach.
This presentation will explore:
- The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
- Four attributes of a successful insider threat program
- How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
Networking
Networking
Presentation
CYA WITH CIA: Covering Your Assets with a Holistic Data Security Approach
Is your organization doing what it should to protect the confidentiality, integrity, and availability of your data? Join us for a comprehensive look at the latest strategies and technologies for safeguarding your environment. From SASE to Zero Trust, we’ll help make sense of the latest buzzwords, as well as discuss established best practices on topics ranging from firewalls to frameworks. Throughout the presentation, we will address the importance of a programmatic approach to security and provide guidance on how to avoid common pitfalls. Attendees will leave with a better understanding of what is involved in a holistic approach to data security and how they can CYA with CIA.
Networking
Lunch
Keynote
"Information security, it's time to ask why"
The core theme is that our focus on all the “hows” have led us to solve the wrong problems for our businesses. While security budgets have grown, so have insurance claims due to breaches, business interruptions, and regulatory impacts.
David Elfering
Information Security Strategy | CISO | Identity Management | Security Governance | Enterprise Risk Management Marsh
Networking
Networking
Presentation
Anatomy of a Disaster: Why We’re Still Losing to Ransomware
In this talk, you’ll hear stories from a 30+ year career hacker that highlight key commonalities in today’s successful attacks, why our past efforts have failed, and the shift in thinking we need to embrace before the inevitable cyber disaster impacts our lives and society as a whole.
Presentation
Great eXpeltations: cyber defense trends for 2023
We know that 2022 was fraught with security threats. But wrapping your head around what they were, what’s trending, and what to do about it is essential for your security strategy going into 2023.
Expel’s annual threat report, Great eXpeltations, compiles data, trends, and recommendations from the incidents our security operations center (SOC) saw in 2022, based on our full customer base: from small and midsize companies to enterprise orgs, at every phase of the security journey, across every industry Expel serves.
Join Chris Hencinski, Solutions Architect, Expel, for a deep dive into the numbers and their real-world incident counterparts, including examples of pre-ransomware, business application compromise, credential harvester phishing, SaaS compromise, and an attack against cloud infrastructure.
Networking
Networking
Presentation
Operational Technology Examined: Learning from OT attacks in the past
Networking
Networking
Panel Discussion
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
David Elfering
Information Security Strategy | CISO | Identity Management | Security Governance | Enterprise Risk Management Marsh
