Known for his ability to communicate both technically and conceptually in an authoritative yet entertaining style, Dale “Dr. Z” Zabriskie has consulted with IT professionals across the globe, advising on implementing effective cyber security strategies. He is a CISSP (Certified Information Systems Security Professional), and certified in Cloud Security Knowledge (CCSK).
In his 20-year cybersecurity career, Dr. Z has advised major healthcare, public sector, finance, retail, entertainment, and manufacturing organizations in over fifty countries. He has also been a popular moderator and participant in numerous industry panels. His expertise is supported by career experience in information technology, regulatory compliance, research and development, marketing, and sales.
Before joining Cohesity, Dr. Z was an Evangelist with Symantec for over 16 years. Prior companies include Proofpoint, Veritas, SunGard, and IBM.
As Chief Marketing Officer at Phosphorus Cybersecurity, John’s achieved more than 25 years of experience in high-tech security marketing, strategy, product marketing, product management, and consulting. A serial CMO and security visionary, he has helped build and lead some of the biggest brands in enterprise security, including Solera Networks, Blue Coat Systems, Check Point Software, McAfee, Zscaler, Anitian, ColorTokens, and Anonyome Labs. Throughout his career, John’s been featured at events and conferences worldwide, built an award-winning security podcast titled “Security on Cloud,” and wrote as a featured columnist at SECURITYWEEK, writing about advanced threats and big data security.
Jackie McGuire is a Senior Market Strategy Manager at Cribl, focused on the security market. Prior to joining Cribl, Jackie was a Research Analyst with S&P Global, writing, speaking, and providing thought leadership on information security and Web3. Jackie has also worked as a data scientist in cybersecurity, developing behavior analysis and anomaly detection models, been co-founder, CEO, and CFO for several startups, and before her work in technology, was a licensed securities broker and SEC Registered Investment Advisor.
Santhosh is a Senior Technical Evangelist for unified endpoint management solutions at ManageEngine. He brings more than 10 years of experience in the broadly defined categories of endpoint security, technical support, and product implementation and training. His speciality is guiding customers to make the best choices while selecting and implementing endpoint management and security solutions for enterprise environments.
A 30 year veteran of IT infrastructure and its growth from client-server to today’s cloud and how security transformed over time.
Mr. Ohanian is a highly accomplished and experienced Information Security Officer with 25 years of experience in information technology, cybersecurity, and defense strategies in both the private and public sectors. He currently serves as the Information Security Officer for the Los Angeles County Department of Children and Family Services (DCFS), the largest child welfare institution in the nation. At DCFS, Mr. Ohanian has successfully architected and implemented cybersecurity and privacy programs from the ground up, interwoven cybersecurity into the business culture, and created a security-conscious enterprise. He has also achieved the organization’s mission of service excellence through outstanding leadership, governance, strategic planning, business acumen, and cost-saving transformation initiatives.
Mr. Ohanian is an innovative and visionary leader who has chaired the Countywide Risk Management Cybersecurity Team responsible for developing and implementing administrative, technical, and tactical strategies to assess and reduce cybersecurity risks to County information assets. He is also an innovation advisory council member of various Cybersecurity taskforces and workgroups.
As an accomplished keynote speaker and panel member, Mr. Ohanian has participated in numerous international and national private and public sector conferences, including Interop, CISO 360 USA, Arab International Cybersecurity Summit, Los Angeles Government Summit, and National Cybersecurity Awareness seminars. In addition, he serves as a Ph.D. Dissertation Committee Member for Cybersecurity using Artificial Intelligence at Center for Information Systems & Technology Claremont Graduate University. Mr. Ohanian’s accomplishments in improving organizations’ cybersecurity posture have led to various excellence awards, including multiple Information Security Officer of the Year awards.
He holds a bachelor’s degree in computer science from Cal Poly Pomona (magna cum laude) and obtained his dual Master’s Degree in Cybersecurity and Business Administration at the University of Maryland (UMUC). He is pursuing a Ph.D. in the Industrial/Organizational Psychology program, demonstrating his passion for continuous learning and growth.
Wanda Miles, Senior Security and Compliance Program Manager at Exabeam is an information security professional with more than ten years of providing program and project management for compliance programs, risk operations and security vulnerability management. Wanda worked as a consultant for Microsoft Azure helping them build their compliance program and obtain several certifications. Ms. Miles has also managed data center migrations from on-premises to the cloud, risk management assessments for clients, and assisted companies obtain, SOC 2, ISO, PCI, FedRAMP and other third-party assessments including penetration testing.
Christopher Hencinski is a Solutions Architect at managed security provider Expel. In this role, he’s responsible for ensuring Expel delivers world-class service to a growing number of new prospects and customers, from pre-sale through onboarding and the first 90 days—owning the technical side of the pre-sales process and creating the bridge between sales and delivery.
Comparatively new to security, Chris has over a decade of experience in digital sales for notable brands, including Sony Music Entertainment. A “career-changer,” he began his journey with Expel as a phishing analyst, where he applied learnings on investigative process and security technology before transitioning to the managed detection and response (MDR) team. There, he grew not only as an analyst but as an overall security professional.
Chris joined the solutions architecture team following his time in the Expel security operations center (SOC) to roundout his entire skillset, both past and present. Now, he works across the org with a combination of sales, engagement management, service delivery, and engineering teams to coordinate and offer solutions and strategies that consistently meet prospects where they are for the best possible customer experience.
Rob McBride is the Head of Americas Channels, Solution Architects and Pre-Sales Engineering at Versa Networks. Rob has spent the last 20+ years designing, marketing, and delivering to customers and partners a wide range of solutions and products covering SDN/NFV, SD-WAN, Voice (TDM/VoIP), and DC virtualization. He brings a wide range of experience from senior roles in sales engineering, field support, product management and marketing.
Prior to Versa Networks, Rob held senior positions at Viptela, Brocade Communications, Enterasys Networks, Alcatel-Lucent and Enterprise Data Solutions (EDS).
He spends his spare time in the multi-verse fighting virtual demons and legendary creatures with his side kick – Lucy the Meatball (his pet)
Detail-oriented, results-driven security leader with a proven record of leading teams for complex cross-functional hardware, software, network, services projects and products through full project/product lifecycle, fully integrating security into every step of the process, and, achieving the required levels of compliance certifications, such as CIS Benchmarks, NIST, FIPS, STIG and Common Criteria.
Proven leader in defining strategic IT alignment with enterprise goals, delivering complex IT projects and managing dynamic teams. Accustomed to working directly with all levels of management. Produce results by collaborating and building consensus with cross-functional teams and customers. Thrives with the challenges of Technology Management, leading strategic program development and delivery, optimizing processes, managing budgets, and building high-performance teams. Develops strong teams that continually seek opportunities for business improvement, benefits imperatives, risks, and innovation.
Take charge leader, strategist, and decision maker with proven ability to take on “problem projects” and turn them around to achieve objectives on time and on budget. Establishes frameworks for success by choosing the right resources, establishing clear roles and responsibilities, and implementing strong and effective procedures for change management and communication. The “Go To” person for out-of-the-box, impromptu technology solutions, not only across the different departments within the organization but also for customers and partners.
Passionate cyber security practitioner with extensive experience in building information security programs for financial and healthcare organizations.
Led Information Security Program for a healthcare organization starting with a 3-member team and finishing with more than 30 in 3 years. The program improved information security pasture for the organization by more than 2 points.
Responsible for developing and executing an enterprise-wide information security and risk management strategy that balances protection of critical assets, compliance with applicable regulatory laws and standards while enabling successful execution on the company’s strategic objectives.
Creating innovative strategies where risk management and security support business goals while reducing overall cyber risk.
Excellent staff management and leadership skills in developing customer and business focused initiatives, cyber security strategies, enterprise risk methodologies, information security awareness, and corporate governance to achieve strong enterprise support and initiative adoption in various organizations and lines of business.
Keen on providing strategic and technical guidance and assistance in the design and implementation of appropriate security processes for the organizations information systems; recommending and monitoring computing practices to prevent and to recover from security breaches; and coordinating the handling of security incidents when such breaches occur.
Formerly served as a Chairman for FS-ISAC Mortgage Risk Council, Board of Directors Member for H-ISAC, Co-Chair for CISO Executive Forum, Leadership Council Member for Cybersecurity Collaborative, and Governing Body Member for CISOs Connect.
Orange County Cybersecurity Conference
Wednesday, July 12, 2023
Live in Person @ DoubleTree by Hilton Hotel Santa Ana – Orange County Airport
In Person | Virtual | Hybrid
Earn up to 10 CPE credits
About the Event
FutureCon Events brings high-level Cyber Security Training discovering cutting-edge security approaches, managing risk in the ever-changing threat of the cybersecurity workforce.
Join us as we talk with a panel of C-level executives who have effectively mitigated the risk of Cyber Attacks.
Educating C-suite executives and CISOs (chief information security officers) on the global cybercrime epidemic, and how to build Cyber Resilient organizations.
“Cybersecurity is no longer just an IT problem”
Gain the latest knowledge you need to enable applications while keeping your computing environment secure from advanced Cyber Threats. Demo the newest technology, and interact with the world’s security leaders and gain other pressing topics of interest to the information security community.
The FutureCon community will keep you updated on the future of the Cyberworld and allow you to interact with your peers and the world’s security leaders.
For sponsorship opportunities email sales@futureconevents.com
Keynote Speaker
"Cyberpsychology and Its Impact on Cyber Crime"
Allen Ohanian
Information Security Officer- Los Angeles County Department of Children and Family Services
Mr. Ohanian is a highly accomplished and experienced Information Security Officer with 25 years of experience in information technology, cybersecurity, and defense strategies in both the private and public sectors. He currently serves as the Information Security Officer for the Los Angeles County Department of Children and Family Services (DCFS), the largest child welfare institution in the nation. At DCFS, Mr. Ohanian has successfully architected and implemented cybersecurity and privacy programs from the ground up, interwoven cybersecurity into the business culture, and created a security-conscious enterprise. He has also achieved the organization’s mission of service excellence through outstanding leadership, governance, strategic planning, business acumen, and cost-saving transformation initiatives.
Mr. Ohanian is an innovative and visionary leader who has chaired the Countywide Risk Management Cybersecurity Team responsible for developing and implementing administrative, technical, and tactical strategies to assess and reduce cybersecurity risks to County information assets. He is also an innovation advisory council member of various Cybersecurity taskforces and workgroups.
As an accomplished keynote speaker and panel member, Mr. Ohanian has participated in numerous international and national private and public sector conferences, including Interop, CISO 360 USA, Arab International Cybersecurity Summit, Los Angeles Government Summit, and National Cybersecurity Awareness seminars. In addition, he serves as a Ph.D. Dissertation Committee Member for Cybersecurity using Artificial Intelligence at Center for Information Systems & Technology Claremont Graduate University. Mr. Ohanian’s accomplishments in improving organizations’ cybersecurity posture have led to various excellence awards, including multiple Information Security Officer of the Year awards.
He holds a bachelor’s degree in computer science from Cal Poly Pomona (magna cum laude) and obtained his dual Master’s Degree in Cybersecurity and Business Administration at the University of Maryland (UMUC). He is pursuing a Ph.D. in the Industrial/Organizational Psychology program, demonstrating his passion for continuous learning and growth.
CISO/Industry Leader Panel
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Haral Tsitsivas
Principal Product Security Engineer, Arlo Technologies
Chapter President, OWASP Orange County
Antonella Commiato
Chief Technology Officer / Chief Information Security Officer
Extend Resources
Nikolay Chernavsky
Chief Information Security Officer
ISSQUARED, Inc.
Allen Ohanian
Information Security Officer-
Los Angeles County Department of Children and Family Services
Dale “Dr. Z” Zabriskie CISSP CCSK
Field Chief Information Security Officer
Cohesity
Premier Platinum Sponsors
Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit www.cribl.io or our LinkedIn, Twitter, or Slack community.
Gold Sponsors
Phosphorus Cybersecurity® is the leading xTended Security of Things™ platform designed to secure the rapidly growing and often unmonitored Things of the enterprise xIoT landscape. We fully automate the remediation of the biggest IoT, OT, and network device vulnerabilities—including unknown and inaccurate asset inventory, default device credentials, out-of-date device firmware, and out-of-date certificates.
Arctic Wolf® is the market leader in security operations. Using the cloud-native Arctic Wolf® Platform, we help organizations end cyber risk by providing security operations as a concierge service. Highly-trained Concierge Security® experts work as an extension of internal teams to provide 24×7 monitoring, detection and response, as well as ongoing risk management to proactively protect organizations while continually strengthening their security posture.
ManageEngine crafts the industry’s broadest suite of IT management software. We have everything you need—more than 90 products and free tools—to manage all of your IT operations, from networks and servers to applications, service desk, Active Directory, security, desktops, and mobile devices. Since 2002, IT teams like yours have turned to us for affordable, feature-rich software that’s easy to use. You can find our on-premises and cloud solutions powering the IT of over 180,000 companies around the world, including nine of every ten Fortune 100 companies. As you prepare for the IT management challenges ahead, we’ll lead the way with new solutions, contextual integrations, and other advances that can only come from a company singularly dedicated to its customers. And as a division of Zoho Corporation, we’ll continue pushing for the tight business-IT alignment you’ll need to seize opportunities in the future.
Exabeam is a global cybersecurity leader that created New-Scale SIEMTM for advancing security operations. Built for security people by security people, we reduce business risk and elevate human performance. The powerful combination of our cloud-scale security log management, behavioral analytics, and automated investigation experience gives security operations an unprecedented advantage over adversaries including insider threats, nation states, and other cyber criminals. We Detect the UndetectableTM by understanding normal behavior, even as normal keeps changing – giving security operations teams a holistic view of incidents for faster, more complete response. Learn more at www.exabeam.com.
Expel is a security operations provider that offers managed detection and response (MDR), remediation, phishing support, and threat hunting. Our platform and people work together to make sense of your security signal—with your business in mind—to detect, understand, and fix issues fast.
Versa is the modern secure network. Available via the cloud, on-premises, or as a blended combination of both, Versa SASE connects Enterprise branches, teleworkers, and end users securely and reliably to applications in the cloud or data centers around the world.
Cloudflare, Inc (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare protects and accelerates any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all traffic routed through its intelligent global network, which gets smarter with each new site added. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was recognized by the World Economic Forum as a Technology Pioneer, named the Most Innovative Network & Internet Technology Company for two years running by the Wall Street Journal, and ranked among the world’s 50 most innovative companies by Fast Company. Headquartered in San Francisco, CA, Cloudflare has offices in Austin, TX, Champaign, IL, Boston, MA, Washington, DC, London, and Singapore.
Silver Sponsors
Rubrik, the Zero Trust Data Security Company™, delivers data security and operational resilience for enterprises. Rubrik’s big idea is to provide data security and data protection on a single platform, including: Zero Trust Data Protection, ransomware investigation, incident containment, sensitive data discovery, and orchestrated application recovery. This means data is ready at all times so you can recover the data you need, and avoid paying a ransom. Because when you secure your data, you secure your applications, and you secure your business.
AuditBoard is the leading cloud-based platform transforming audit, risk, and compliance management. More than 30% of the Fortune 500 leverage AuditBoard to move their businesses forward with greater clarity and agility. AuditBoard is top-rated by customers on G2 and Gartner Peer Insights, and was recently ranked for the third year in a row as one of the fastest-growing technology companies in North America by Deloitte. To learn more, visit: AuditBoard.com.
LogRhythm empowers more than 4,000 customers across the globe to measurably mature their security operations program. LogRhythm’s award-winning NextGen SIEM Platform delivers comprehensive security analytics; user and entity behavior analytics (UEBA); network detection and response (NDR); and security orchestration, automation, and response (SOAR) within a single, integrated platform for rapid detection, response, and neutralization of threats. Built by security professionals for security professionals, LogRhythm enables security professionals at leading organizations like Cargill, NASA, and XcelEnergy to promote visibility for their cybersecurity program and reduce risk to their organization each and every day. LogRhythm is the only provider to earn the Gartner Peer Insights’ Customer Choice for SIEM designation three years in a row. To learn more, please visit logrhythm.com.
Cofense® is the leading provider of phishing detection and response solutions. Designed for enterprise organizations, the Cofense Phishing Detection and Response (PDR) platform leverages a global network of over 25 million people actively reporting suspected phish, combined with advanced automation to stop phishing attacks faster and stay ahead of breaches. When deploying the full suite of Cofense solutions, organizations can educate employees on how to identify and report phish, detect phish in their environment and respond quickly to remediate threats. With seamless integration into most major TIPs, SIEMs, and SOARs, Cofense solutions easily align with existing security ecosystems. Across a broad set of Global 1000 enterprise customers, including defense, energy, financial services, healthcare and manufacturing sectors, Cofense understands how to improve security, aid incident response and reduce the risk of compromise.
Okta is the World’s Identity Company. As the leading independent Identity partner, we free everyone to safely use any technology—anywhere, on any device or app. The most trusted brands trust Okta to enable secure access, authentication, and automation. With flexibility and neutrality at the core of our Okta Workforce Identity and Customer Identity Clouds, business leaders and developers can focus on innovation and accelerate digital transformation, thanks to customizable solutions and more than 7,000 pre-built integrations. We’re building a world where Identity belongs to you. Learn more at okta.com.
Datalink Networks is your trusted managed service provider We are a leader in managed IT services, with over 30 years of experience serving small to medium-sized organizations in both the private and public sectors throughout the United States. Datalink Networks can plan, design, build, deploy, support, and monitor IT solutions for your organization. Our team is available to meet your requirements and provide customized solutions to meet your business objectives and reporting needs. Our people are passionate about solving IT problems and delivering unrivaled support to your organization. When you call us you’re reaching someone who is experienced, who cares about delivering great service and great value, and who is dedicated to helping you out. Datalink Networks can be your IT staff (Managed Service Provider) or fill in a specific role: network security, cloud security, system administration, engineering, support, etc.
Endace specializes in high-speed, scalable packet capture for cybersecurity, network and application performance.
The open, EndaceProbe Analytics Platform lets customers record a 100% accurate history of activity on their network and integrates with a range of security and performance tools for fast, accurate incident investigation and resolution. Endace’s Fusion Partners – including Cisco, Darktrace, IBM, Micro Focus, Palo Alto Networks, Plixer, Splunk and others – offer pre-built integration with the EndaceProbe platform to accelerate and streamline incident investigation and resolution.
EndaceProbes can also host network security and performance monitoring tools that need to analyze real-time or historical traffic. This hosting capability enables agile deployment and reduces cost by consolidating analytics solutions on a common hardware platform.
Endace’s global customers include banks, healthcare, telcos, broadcasters, retailers, web giants, governments and military.
trackd.com is a modern patch management platform with a unique twist. Our solution records the experience of vulnerability remediation practitioners after they’ve applied a given patch (i.e. did it break something?), anonymizes that data, and then shares it in real-time with all other trackd platform users. The data enables remediation teams to identify the small percentage of patches that are likely to break something, as well as those with little or no history of disruption that can be considered strong candidates for auto-patching.
Azul, provider of the Java platform for the modern cloud enterprise, is the only company 100% focused on Java. Millions of Java developers, hundreds of millions of devices, and the world’s most highly regarded businesses trust Azul to power their applications with exceptional capabilities, performance, security, value, and success. Azul’s customers include 27% of the Fortune 100, 50% of Forbes Top 10 World’s Most Valuable Brands, all 10 of the world’s Top 10 financial trading companies, and leading brands like Avaya, Bazaarvoice, BMW, Credit Suisse, Deutsche Telekom, LG, Mastercard, Mizuho, Priceline, Salesforce, Software AG, and Workday. Learn more at azul.com and follow us @azulsystems.
Sprocket Security was founded to improve the way we approach cybersecurity. Currently the industry performs services in a timeboxed, or point-in-time approach. We think this is fundamentally flawed. We protect your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.
LogicGate offers modern risk management technology empowering businesses to proactively transform risk enterprise-wide. Because risk is a team sport, we created the Risk Cloud Platform® — the most nimble and collaborative GRC solution out there. Rapidly adapt to changing business conditions. Confidently innovate and build new processes as you go. Collaborate on risk across your entire organization. Risk Cloud® gives you an interconnected view of risk across the organization that you just can’t get from point solutions. After all, great companies are built not by avoiding risks — but by choosing the right ones.
We are more than just a name – we are on a quest to make your information technology work harder for you. Our solutions simplify IT operations at more than 100,000 organizations worldwide. Rely on us to help you turn data into insights quicker, modernize your infrastructure faster for the cloud, optimize the application experience and get control of every device that touches your network.
KACE® by Quest supports your unified endpoint management (UEM) strategy by helping you discover and track every device in your environment, automate administrative tasks, keep compliance requirements up-to-date and secure your data from a range of cyberthreats.
Unsure what endpoint management solution is right for you? Use our KACE Solution Designer tool (on the right) to quickly and easily find the right fit within your existing environment.
ReliaQuest is the force multiplier of security operations. Our security operations platform, GreyMatter, automates detection, investigation and response across cloud, endpoint, and on-premise tools and applications. GreyMatter is cloud native, built on an open XDR architecture and delivered as a service any time of the day, anywhere in the world. With over 700 customers worldwide and 1,000+ teammates working across six global operating centers, ReliaQuest is driving outcomes for the most trusted enterprise brands in the world. We exist to make security possible.
Fastly is upgrading the internet experience to give people and organizations more control, faster content, and more dynamic applications. By combining the world’s fastest global edge cloud network with powerful software, Fastly helps customers develop, deliver, and secure modern distributed applications and compelling digital experiences. Fastly’s customers include many of the world’s most prominent companies, including Pinterest, The New York Times, and GitHub. For more information on our mission and products, visit https://www.fastly.com.
TPx is a leading managed services provider, redefining the way enterprises grow, compete and communicate. Offering a full suite of managed IT, unified communications, network connectivity and security services, TPx has the experience and know-how to solve even the most complicated IT challenges. TPx’s team of experts help businesses simplify operations, optimize networks, improve productivity, reduce costs and keep environments secure. TPx makes IT easy. For more information, go to www.tpx.com.
Big Data Supply, Inc. specializes in data storage supplies, cloud backup services, data destruction and e waste recycling. We buy and sell big data IT equipment. Our company was launched and incorporated to meet the ever-evolving demands of organizational data centers worldwide. Our core business is acquiring surplus new and used corporate data storage equipment and peripherals; data tape media, servers, tape drives, tape libraries, disk array and telecom equipment from large corporations, banks, hospitals, law-firms, government agencies, ETC. We currently buy and sell into over 80 countries.
IGEL’s world-leading software offers a secure, efficient, and cost-effective endpoint OS and management platform across nearly any x86 device. IGEL’s latest solution, COSMOS, is a new, highly secure endpoint platform that has fully separated the IGEL OS from local and cloud-delivered apps. With a further reduced footprint, IGEL OS not only updates faster but provides a reduced attack surface. IGEL allows enterprises to save money by extending the life of existing endpoint devices, while precisely controlling all devices running IGEL OS from a single dashboard. For more information on IGEL, visit www.igel.com.
Horizon3.ai’s mission is to help you find and fix attack vectors before attackers can exploit them. NodeZero, our autonomous penetration testing solution, enables organizations to continuously assess the security posture of their enterprise, including external, identity, on-prem, IoT, and cloud attack surfaces. Like APTs, ransomware, and other threat actors, our algorithms discover and fingerprint your attack surface, identifying the ways exploitable vulnerabilities, misconfigurations, harvested credentials, and dangerous product defaults can be chained together to facilitate a compromise. NodeZero is a true self-service SaaS offering that is safe to run in production and requires no persistent or credentialed agents. You will see your enterprise through the eyes of the attacker, identify your ineffective security controls, and ensure your limited resources are spent fixing problems that can actually be exploited. Founded in 2019 by industry, US Special Operations, and US National Security veterans, Horizon3.ai is headquartered in San Francisco, CA, and made in the USA.
Partners
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 168,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry.
Founded in 2012, the Women’s Society of Cyberjutsu (WSC) is a National 501(c)3 non-profit community, focused on empowering women to succeed in the cybersecurity industry. WSC’s mission is to advance women in cybersecurity careers by providing programs and partnerships that promote hands-on training, networking, education, mentoring, resource-sharing and other professional opportunities.
WSC serves thousands of women across the globe by bringing awareness to, and advancing careers in, cybersecurity. The WSC community includes information security professionals, IT professionals, programmers, computer scientists and engineers, as well as women wanting to explore and join the field. Recognizing the importance of encouraging girls to embrace a future in STEM-related professions through its Cyberjutsu Girls Academy, WSC provides a unique hands-on curriculum focused on securing information technology. For more information, visit http://www.womenscyberjutsu.org.
We put our heart and soul into this Cybersecurity Conference directory.
Way back in 2013 we had another website called “Concise Courses” which used to market and sell InfoSec training courses. We published a blog post listing all the upcoming InfoSec Conferences of that year, and Google loved the resource and put us right to the top of the search engines. That ‘accidental’ occurrence spawned this directory which is maintained by a small team comprising of Henry Dalziel and Charles Villaneuva and a bunch of freelance programmers.
What We Do:
We list, literally, every single Information Security conference, event and seminar within every niche in Cybersecurity.
We have a dedicated team that maintains our in-house tech stack, directory, and data curation.
The Pan Asian American Business Council (“PAABC”) is a non-profit organization consisting of Asian American businesses that would like to promote and grow their own and other Asian American businesses.
To enable Asian American owned businesses to develop and grow.
Agenda
Times are subject to change
Opening Introductions | Check In | Networking
Presentation
Treat Your Data Like It’s Currency
You’ve heard that “data is the new oil”. More accurately, “data is your currency”. It gives you the ability to conduct business. Mismanage it and there can be serious consequences. Lose it and you lose your business.
With your “bills” spread across your environment, managing and protecting the “money” can be a monumental task. $100s, $50s, $20s, $10s, $5s, and lots of $1s are strewn about. Knowing where your most valuable bills are is foundational to any data security process. This session will explore the key steps in identifying the most important data in your organization. Using real-world examples, we will examine the impact of placing appropriate controls to protect your most important business asset: your data.
Presentation
Cameras, CACs & Clocks: A Story of Millions of Interrogated and Hacked xIoT Devices
We’ve unleashed our dark allies from the nightmare dimension on an unholy crusade to demonstrate cyberattacks for your enlightenment. If you love seeing devices compromised as much as we do, join us for a real hacking demonstration, detailed security research findings, and threat mitigation techniques that will disappoint bad actors. Share your new knowledge around the water cooler, apply these preventative security strategies within your own organization, and become the cool person at the office party everyone wants to hang out with regardless of that cat sweater you insist on wearing.
We’ll share stories from the trenches involving cybercriminals, nation-state actors, and defenders. Our presentation will detail findings from over six years of xIoT threat research spanning millions of production devices in enterprises and government agencies around the world. We’ll identify various steps organizations can take to mitigate risk while embracing a Things-connected world. We’ll also demonstrate a hack against an xIoT, or Extended Internet of Things, device. For those who would say, “But they’re just security cameras monitoring the parking garage, wireless access points in the cafeteria, or PLCs controlling robotic welding arms; what harm can they cause?” – this will illuminate that harm.
xIoT encompasses four disparate but interrelated device groups that operate with purpose-built hardware and firmware, are typically network-connected, and disallow the installation of traditional endpoint security controls. The first group contains enterprise IoT devices such as VoIP phones, security cameras, wireless access points, network attached storage, and printers. The second group includes OT devices such as PLCs, building automation systems, and industrial control systems. The third group consists of IoMT assets such as infusion pumps, patient monitors, and wireless vital monitors. The fourth group contains IIoT devices like robotics, smart factory systems, and temperature sensors.
There are over 50 billion xIoT devices in operation worldwide. Most of these devices run well-known operating systems like Linux, Android, BSD, and various real-time operating systems like VxWorks. Additionally, many xIoT devices have open ports, protocols, storage, memory, and processing capabilities similar to your laptop. But there is a major difference. Even though most enterprises and government agencies have tens to hundreds of thousands of these devices in production, they go largely unmanaged and unmonitored. These xIoT devices typically operate with weak credentials, old, vulnerable firmware, extraneous services, and problematic certificates. This massive, vulnerable xIoT attack surface is being successfully exploited by bad actors engaging in cyber espionage, data exfiltration, sabotage, and extortion, impacting xIoT, IT, and cloud assets.
Nation-states and cybercriminals have shifted their focus to xIoT attacks. Why? Because they work. Military-grade xIoT hacking tools are in use, cybercrime for hire that’s predicated on compromised xIoT devices has been monetized, and organizations worldwide are already “pwned” without even knowing it. Bad actors are counting on you being passive by not mitigating xIoT security risks. They want you to fail so they can continue to evade detection and maintain persistence on your xIoT devices. Disappoint them! Take your xIoT devices back by understanding how to hack them, recognizing where they’re most vulnerable, and employing strategies to successfully protect them at scale.
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Presentation
Solving Security's (Big) Data Problem
Security teams are struggling to manage high volume, high velocity data and threats are lost in an endless list of alerts. We’ll demonstrate how effective use of data pipelines reduces volume, amplifies signal to noise ratio, saves countless hours and dollars, and may even save the planet.
Key Takeaways:
- Most organizations ingest data inefficiently, resulting in duplicate, redundant, or useless information and false positives.
- The cost of inefficient data is far greater than monetary. it impacts security, engineering, and even the environment.
- Using data pipelines and effective data processing saves time, money, and frustration. Better data means stronger signal to noise and more effective threat detection.
Presentation
Risk to Resilience: Ensuring optimum cyberhygiene with Endpoint Security
In today‘s threat landscape, digital transformation is crucial for organizations looking to stay ahead of threat actors. To achieve this, IT and Security teams must work together to ward off cyberattacks and ensure a positive employee experience. In this session, we’ll highlight the endpoint security strategies for your IT stack against known and unknown vulnerabilities.
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Lunch
Presentation
Security Operations: Going from InfoSec-Checklist to InfoSec-Culture
A brief overview of cyber trends and first steps towards NIST compliance
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Keynote
"Cyberpsychology and Its Impact on Cyber Crime"
Allen Ohanian
Information Security Officer- Los Angeles County Department of Children and Family Services
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Presentation
How to Build an Insider Threat Program:
Sometimes just having a SOC isn’t enough to address insider threat issues. Security operations teams are managing massive amounts of data across billions of events from on premises to the cloud. Looking for specific needles like insider threats in this complex haystack has special requirements that encompass both searching historic data and seeing evolving credential behavior changes as they happen.
Whether from downsizing or expanding the business, employees, vendors, contractors, and more are moving in and out of your environment. And often, it is during turbulent times that insider threats go unobserved as everything changes so quickly. Insider threat initiatives require a new, more focused approach.
This presentation will explore:
- The common scenarios that indicate you need an insider threat team, how to build a mission statement, and tools
- Four attributes of a successful insider threat program
- How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
Presentation
Great eXpeltations: cyber defense trends for 2023
A look at cybersecurity trends from 2022, how Expel caught these attacks in the wild, and how these trends can inform your security strategy in 2023.
We know that 2022 was fraught with security threats. But wrapping your head around what they were, what’s trending, and what to do about it is essential for your security strategy going into 2023.
Expel’s annual threat report, Great eXpeltations, compiles data, trends, and recommendations from the incidents our security operations center (SOC) saw in 2022, based on our full customer base: from small and midsize companies to enterprise orgs, at every phase of the security journey, across every industry Expel serves.
Join Chris Hencinski, Solutions Architect, Expel, for a deep dive into the numbers and their real-world incident counterparts, including examples of pre-ransomware, business application compromise, credential harvester phishing, SaaS compromise, and an attack against cloud infrastructure.
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Presentation
How Can WE Become Unhackable
Every business desires to be unhackable. Even air-gapped environments have data leakage, but there are proven steps that can significantly limit your exposure without causing undue irritation to your staff. In this session, we will review current security methods, discuss current flaws, and understand why a Zero Trust solution is the best solution.
Rob McBride
Head of Americas Channels, Solution Architects and Pre-Sales Engineering Versa Networks
Networking
Sponsor Networking Time
Visit Sponsor Booths – find amazing people, information, and prizes! Get updated on the latest technologies!
Panel Discussion
“Cybersecurity Leaders and Experts on Current Cyberthreats and Practices”
Haral Tsitsivas
Principal Product Security Engineer, Arlo Technologies Chapter President, OWASP Orange County
Antonella Commiato
Chief Technology Officer / Chief Information Security Officer Extend Resources
