Event Schedule

Times for this Event are in Central Time (CDT/CST).

The Conference will be open from 8:00 AM to 6:30 PM Thursday, April 13th.

• Welcome / Introductions
• The Cybersecurity Skills Shortage 8:30 am
  Add to Calendar20230413 8:30 am20230413 8:50 amAmerica/ChicagoThe Cybersecurity Skills Shortage

  There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

  This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  There are currently 310,000 unfilled cybersecurity jobs in the United States, and millions around the world. However, there is no shortage of cybersecurity hopefuls – millions of students, career changers, and people from all walks of life hoping to break into cybersecurity. 

  This session will explore the issues around cybersecurity jobs.  Breaking into the field, the relative need for certifications, formal education, on-the-job training and more.  The discussion will explore the supply and demand disconnect that has been created – resulting in both a ton of great candidates looking for roles, and a cybersecurity skills shortage.

  Click to Expand

  Collapse This Item

• The Evolution of the Threat: Hunting, Detection, & Response 8:50 am
  Add to Calendar20230413 8:50 am20230413 9:10 amAmerica/ChicagoThe Evolution of the Threat: Hunting, Detection, & Response

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  Presented by SecureWorks

  Nation-State attacks are not always focused on political or military adversaries. Recently, below-military-grade action can create havoc or destabilize adversaries, or manipulate markets.  Hard to trace and even harder to convict, they may affect stock price or even influence the outcome of elections. 

  Attend to talk about the problem, and see what US enterprises are doing to prepare themselves for these situations.

  Click to Expand

  Collapse This Item

• The Risk Management “Balance Sheet” 9:30 am
  Add to Calendar20230413 9:30 am20230413 9:50 amAmerica/ChicagoThe Risk Management “Balance Sheet”

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  Presented by Darktrace

  Managing risk has always been a part of the CISO responsibility set; however, the ways in which it is managed has no clear definition. With new ransomware threats, supply chain attacks, and third-party risk in the mix – perhaps a new way to budget risk is required.  Is there an effective way to have a “risk balance sheet” – a way in which the CISO could communicate risk to the rest of the C-suite in a consistent language they would understand? 

  Attend this session to get these questions answered and more.

  Click to Expand

  Collapse This Item

• Operational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns 9:50 am
  Add to Calendar20230413 9:50 am20230413 10:10 amAmerica/ChicagoOperational Technology (OT) & Industrial Control Systems (ICS): Cybersecurity Concerns

  Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

  This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Since the Stuxnet worm was first discovered back in 2010, attacks related to SCADA systems have been of concern. While manufacturing and utility organizations tend to talk about them more, there are wide implications across the cybersecurity landscape that touch on ICS and OT systems of all kinds. 

  This session will talk about why these types of attacks represent a primary concern, and what state-of-the-art looks like in terms of building protections.

  Click to Expand

  Collapse This Item

• Protecting Against Cyber Attacks 10:10 am
  Add to Calendar20230413 10:10 am20230413 10:30 amAmerica/ChicagoProtecting Against Cyber Attacks

  We’ve seen the real-world consequences of cyberattacks – from the shutdown of the Colonial Pipeline to the slowing of care for hospital patients, to major disruptions in the food supply lines. The impact of a single attack can be far-reaching and devastating to all those affected. When paired with unprecedented geopolitical uncertainty, it’s never been more important for organizations to be vigilant against bad actors.

  Learn the latest techniques for developing your security posture with this expert panel discussion. Come prepared with your thoughts and questions and gain an insider’s perspective on the latest threats and most effective security strategies during this thoughtful, interactive session.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  We’ve seen the real-world consequences of cyberattacks – from the shutdown of the Colonial Pipeline to the slowing of care for hospital patients, to major disruptions in the food supply lines. The impact of a single attack can be far-reaching and devastating to all those affected. When paired with unprecedented geopolitical uncertainty, it’s never been more important for organizations to be vigilant against bad actors.

  Learn the latest techniques for developing your security posture with this expert panel discussion. Come prepared with your thoughts and questions and gain an insider’s perspective on the latest threats and most effective security strategies during this thoughtful, interactive session.

  Click to Expand

  Collapse This Item

• FedRAMP for the Rest of Us: Secure Your Supply Chain by Leveraging FedRAMP Providers 10:55 am
  Add to Calendar20230413 10:55 am20230413 11:15 amAmerica/ChicagoFedRAMP for the Rest of Us: Secure Your Supply Chain by Leveraging FedRAMP Providers

  The compliance acronym soup can be a challenge to keep up with (ISO, FedRAMP, GDPR, etc.), but there are certainly ones out there that have a real impact on risk reduction and cybersecurity ROI. FedRAMP is among these that have the potential amongst many organizations to significantly reduce organizational risk and bring about cybersecurity ROI not always common in the cybersecurity market.

  Though sometimes not well understood in the private sector community, FedRAMP (Federal Risk and Authorization Management Program) is the program for externally validated security baselines of security for Cloud Service Providers (CSPs). FedRAMP, though required for many US Federal agencies, has value extending out to many areas in the private sector including financial, healthcare and other regulated markets.

  This session will focus on understanding not just what FedRAMP is, but also who can and should be using it. This session will additionally outline the value to CSP consuming enterprises when they are using the non-FedRAMP services of a CSP with FedRAMP service offerings.

  Those attending the session will benefit with both a better understanding of FedRAMP and ready to use strategies to leverage FedRAMP CSPs for faster
  risk reduction in your supply chain as well as better cybersecurity ROI for the enterprise.

   

  410 Rep John Lewis Way S
  Nashville, TN 37203

  Presented by Saviynt

  The compliance acronym soup can be a challenge to keep up with (ISO, FedRAMP, GDPR, etc.), but there are certainly ones out there that have a real impact on risk reduction and cybersecurity ROI. FedRAMP is among these that have the potential amongst many organizations to significantly reduce organizational risk and bring about cybersecurity ROI not always common in the cybersecurity market.

  Though sometimes not well understood in the private sector community, FedRAMP (Federal Risk and Authorization Management Program) is the program for externally validated security baselines of security for Cloud Service Providers (CSPs). FedRAMP, though required for many US Federal agencies, has value extending out to many areas in the private sector including financial, healthcare and other regulated markets.

  This session will focus on understanding not just what FedRAMP is, but also who can and should be using it. This session will additionally outline the value to CSP consuming enterprises when they are using the non-FedRAMP services of a CSP with FedRAMP service offerings.

  Those attending the session will benefit with both a better understanding of FedRAMP and ready to use strategies to leverage FedRAMP CSPs for faster
  risk reduction in your supply chain as well as better cybersecurity ROI for the enterprise.

   

  Click to Expand

  Speaker:

  Andrew Whelchel

  Andrew Whelchel

  Senior Solutions Engineer at Saviynt

  Collapse This Item

• Cyber Ready: Overview on Zero Trust, What Come Next and What You Can Do Now. 11:15 am
  Add to Calendar20230413 11:15 am20230413 11:30 amAmerica/ChicagoCyber Ready: Overview on Zero Trust, What Come Next and What You Can Do Now.

  What does it mean to be in a constant state of Cyber Readiness? What is Zero Trust architecture and how do you get there from a state of legacy networks and security? How can Battle-Tested Systems convert your organization from defense to offense?

  The new era of Cyber Security requires an organization to be Cyber Ready, not just passively prepared. We will present what that journey looks like and how it is driven by a Zero Trust framework and Battle-Tested Systems. Continuous improvement is key, and, on too many occasions, organizations believe they are protected and do not try to improve their systems until an actual, potentially catastrophic breach has occurred. This moment of epiphany is entirely avoidable, and we will show you that path to being proactive.

  Posture Matters, and in this presentation, we will answer all these questions as well as some of your own. We will show you the why, the how, and what you can do right now to fortify your perimeter against the increasingly sophisticated attacks of today and tomorrow while in any stage of your Zero Trust Journey.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  Presented by Ridge IT

  What does it mean to be in a constant state of Cyber Readiness? What is Zero Trust architecture and how do you get there from a state of legacy networks and security? How can Battle-Tested Systems convert your organization from defense to offense?

  The new era of Cyber Security requires an organization to be Cyber Ready, not just passively prepared. We will present what that journey looks like and how it is driven by a Zero Trust framework and Battle-Tested Systems. Continuous improvement is key, and, on too many occasions, organizations believe they are protected and do not try to improve their systems until an actual, potentially catastrophic breach has occurred. This moment of epiphany is entirely avoidable, and we will show you that path to being proactive.

  Posture Matters, and in this presentation, we will answer all these questions as well as some of your own. We will show you the why, the how, and what you can do right now to fortify your perimeter against the increasingly sophisticated attacks of today and tomorrow while in any stage of your Zero Trust Journey.

  Click to Expand

  Speaker:

  Chad Koslow

  Chad Koslow

  CEO and Co-Founder at Ridge IT Corporation

  Collapse This Item

• Lunch Break
• Keynote Presentation: Donna Gregory 12:10 pm
  Add to Calendar20230413 12:10 pm20230413 12:50 pmAmerica/ChicagoKeynote Presentation: Donna Gregory

  Since 2000, the FBI’s Internet Crime Complaint Center (IC3) has received complaints crossing a wide array of cybercrime matters. Cybercrime data collection and analysis not only identifies trends, but enables efforts to control, reduce, mitigate, and prevent cybercrime.  In this discussion, Donna Gregory, Unit Chief for the FBI Cyber Division, IC3 will explain more about their mission to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI, the categories of cybercrime, types of cybercrime data collected, criteria used to measure cybercrime, and how these crimes interoperate with other cybercrime activities.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  FBI IC3: US Cybercrime Reporting (a.k.a. Follow the Money)

  Since 2000, the FBI’s Internet Crime Complaint Center (IC3) has received complaints crossing a wide array of cybercrime matters. Cybercrime data collection and analysis not only identifies trends, but enables efforts to control, reduce, mitigate, and prevent cybercrime.  In this discussion, Donna Gregory, Unit Chief for the FBI Cyber Division, IC3 will explain more about their mission to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI, the categories of cybercrime, types of cybercrime data collected, criteria used to measure cybercrime, and how these crimes interoperate with other cybercrime activities.

  Click to Expand

  Speaker:

  Donna Gregory

  Donna Gregory

  Unit Chief at FBI Cyber Division, IC3

  Collapse This Item

• Why Small and Mid-Size Businesses Need XDR 1:10 pm
  Add to Calendar20230413 1:10 pm20230413 1:30 pmAmerica/ChicagoWhy Small and Mid-Size Businesses Need XDR

   In this talk, we will explore why small and mid-size businesses (SMBs) need Extended Detection and Response (XDR) solutions to improve their cybersecurity posture. XDR provides a holistic approach to threat detection and response, combining data from multiple sources to identify and remediate threats more efficiently. SMBs face similar security threats as larger organizations, and XDR can help them achieve the necessary level of protection while remaining cost-effective.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  Presented by Blumira

   In this talk, we will explore why small and mid-size businesses (SMBs) need Extended Detection and Response (XDR) solutions to improve their cybersecurity posture. XDR provides a holistic approach to threat detection and response, combining data from multiple sources to identify and remediate threats more efficiently. SMBs face similar security threats as larger organizations, and XDR can help them achieve the necessary level of protection while remaining cost-effective.

  Click to Expand

  Speaker:

  Kate Drews

  Kate Drews

  Senior Director of Operations at Blumira

  Collapse This Item

• Supply Chain & Third Party Risk Management 1:30 pm
  Add to Calendar20230413 1:30 pm20230413 1:50 pmAmerica/ChicagoSupply Chain & Third Party Risk Management

  A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

  Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  A supply chain encompasses the entire network of all the individuals, organizations, resources, activities and technology involved in the creation and sale of a product.  The ultimate goal of an effective supply chain is lower costs of doing business thus resulting in higher profits and improved customer satisfaction.  The process of bringing in a third party involves identifying, assessing and controlling all the various risks that can develop over the entire lifecycle of such relationships. 

  Join this session to drive into how sophisticated attackers can live quietly inside even organizations with significant expertise and mature security processes. 

  Click to Expand

  Collapse This Item

• 2023 Trends & Directions 1:50 pm
  Add to Calendar20230413 1:50 pm20230413 2:15 pmAmerica/Chicago2023 Trends & Directions

  If 2022 taught us anything, it’s that cybercriminals are still coming up with new ways to cash in. But with a new year upon us, what can we anticipate for 2023? 

  Get insights on the latest in security from experts who live on the leading edge of cybersecurity technology. You’ll hear from industry luminaries on some of the newest tactics for defending against unprecedented attacks. Get a better sense of how your organization can spend the rest of 2023 with a security strategy that will set you up for success during this insightful discussion.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  If 2022 taught us anything, it’s that cybercriminals are still coming up with new ways to cash in. But with a new year upon us, what can we anticipate for 2023? 

  Get insights on the latest in security from experts who live on the leading edge of cybersecurity technology. You’ll hear from industry luminaries on some of the newest tactics for defending against unprecedented attacks. Get a better sense of how your organization can spend the rest of 2023 with a security strategy that will set you up for success during this insightful discussion.

  Click to Expand

  Collapse This Item

• Cloud Clarity in 2023: Strategy, Execution & Alignment 2:35 pm
  Add to Calendar20230413 2:35 pm20230413 2:55 pmAmerica/ChicagoCloud Clarity in 2023: Strategy, Execution & Alignment

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Securely optimizing the cloud for better business outcomes is the product of clear communication of terms and expectations, alignment with business processes and functions, and partnerships among multiple internal and external stakeholders. “Activity” does not equal “progress.”  In this session, attendees will hear about creating definitional clarity, building adaptability, and creating cross-functional, business-wide alignment. 

  Click to Expand

  Collapse This Item

• Managing Risk: Seek Forward Accountability and Assume a Stormy Seas 2:55 pm
  Add to Calendar20230413 2:55 pm20230413 3:15 pmAmerica/ChicagoManaging Risk: Seek Forward Accountability and Assume a Stormy Seas

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  While managing risk has always been a part of the CISO office, most resources turn to stopping new ransomware threats, managing supply chain attacks and mitigating third-party vulnerabilities. How can CISOs truly move to managing risk? And by extension, how can they clearly communicate risk, and measure the efficacy of mitigation activities? 

  Join this session to learn how to facilitate the risk conversation with non-technical leaders, determine priorities, and counterbalance cybersecurity considerations against business requirements. This session will also address risk quantification, accounting, budgeting and resourcing, and building more resilience rather than taller walls.

  Click to Expand

  Collapse This Item

• Guest Keynote Presentation: Steve Shelton 3:15 pm
  Add to Calendar20230413 3:15 pm20230413 3:45 pmAmerica/ChicagoGuest Keynote Presentation: Steve Shelton

  Cyber Security is a high-stress and high turnover industry with a seemingly ‘no-fail’ mission. There are countless complexities to manage. 

  How do you manage the complexities and expectations of your role? How do you find a work life balance? How do you know when you are in burnout? How do you deal with difficult team members? How do you effectively manage your time? How do you build a positive, innovative culture? 

  This discussion will highlight how to develop the mental performance skills needed to manage these complexities effectively and perform your best.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  How Do You Perform Your Best in a World With a Seemingly "No Fail" Mission

  Cyber Security is a high-stress and high turnover industry with a seemingly ‘no-fail’ mission. There are countless complexities to manage. 

  How do you manage the complexities and expectations of your role? How do you find a work life balance? How do you know when you are in burnout? How do you deal with difficult team members? How do you effectively manage your time? How do you build a positive, innovative culture? 

  This discussion will highlight how to develop the mental performance skills needed to manage these complexities effectively and perform your best.

  Click to Expand

  Panel Participants:

  Steve Shelton

  Steve Shelton

  CEO at Greenshoeconsulting

  Collapse This Item

• Cyber Inter-Agency Collaboration Panel 3:45 pm
  Add to Calendar20230413 3:45 pm20230413 4:15 pmAmerica/ChicagoCyber Inter-Agency Collaboration Panel

  Submit your bio for consideration to participate in one of our Cyber Executive Panels

  to [email protected] or fill out our Call for Speakers form here.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Submit your bio for consideration to participate in one of our Cyber Executive Panels

  to [email protected] or fill out our Call for Speakers form here.

  Click to Expand

  Panel Participants:

  Kevin M. Varpness

  Kevin M. Varpness

  Supervisory Special Agent for the Cyber and Counterintelligence Squad at Infragard MO (FBI partner)

  Matt Stephenson

  Matt Stephenson

  Technical Staff Assistant - Electronic Crimes Special Agent Program United States Secret Service, Nashville Field Office

  Jeremy Baker

  Jeremy Baker

  ASAC at Infragard (FBI Agency)

  Collapse This Item

• Cyber Executive Panel 4:35 pm
  Add to Calendar20230413 4:35 pm20230413 5:15 pmAmerica/ChicagoCyber Executive Panel

  Submit your bio for consideration to participate in one of our Cyber Executive Panels

  to [email protected] or fill out our Call for Speakers form here.

  410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Submit your bio for consideration to participate in one of our Cyber Executive Panels

  to [email protected] or fill out our Call for Speakers form here.

  Click to Expand

  Panel Participants:

  Vladimir Svidesskis

  Vladimir Svidesskis

  Director, Head of Security, Compliance and Risk (CISO) at Vaco

  Jon Bowker

  Jon Bowker

  Chief Information Security Officer at NCONTRACTS

  Collapse This Item

• Conference Closing Session 5:20 pm
  Add to Calendar20230413 5:20 pm20230413 5:30 pmAmerica/ChicagoConference Closing Session410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Collapse This Item

• Networking Reception and Happy Hour 5:30 pm
  Add to Calendar20230413 5:30 pm20230413 6:30 pmAmerica/ChicagoNetworking Reception and Happy Hour 410 Rep John Lewis Way S
  Nashville, TN 37203

  .

  Collapse This Item