The SINC Northeast IT & Security Leaders Forum brings together top leaders for three days of engagement geared specifically towards our IT executives.
Forum speakers and presentations will focus on topics most directly impacting attendee resource challenges, which will in turn drive regional industry growth. Executives and service providers alike will engage through one-on-one engagements and open-discussion group meetings, all while creating valuable networking and community-building opportunities to foster regional development.
The Mayflower Hotel, Autograph Collection
The Mayflower Hotel is a capital classic, a landmark hotel and Washington, D.C. original since 1925. Exactly like nothing else, the Mayflower Hotel brings timeless elegance, integrity and contemporary style to its role as the city’s past and present-day social hub – for business or for pleasure. As Harry S. Truman said – it is “Washington’s second-best address”.
Forum Agenda
Agenda may be subject to change. Check back regularly for Updates.
2:00 PM - 5:00 PM EST
FORUM REGISTRATION & APP DEMONSTRATION
Get familiar with SINC Staff and the event layout. Secure your complimentary Swag Bag and learn how to use the Onsite Application for Peer Engagement and win great prizes!
5:30 PM - 7:00 PM EST
SINC WELCOME NETWORKING RECEPTION
Engage your Peers over canapes and cocktails
7:00 PM - 9:00 PM EST
SINC NETWORKING & ENGAGEMENT DINNER
Open seating buffet meal serving 5-star food and great Peer engagement before Day 1 kick’s off
7:00 AM - 7:55 AM EST
SINC IT LEADERS NETWORKING BREAKFAST
Full breakfast and lots of coffee available!
8:00 AM - 8:05 AM EST
SINC OPENING REMARKS
A Thank You from SINC – setting the tone for a great day!
8:05 - 8:55 AM EST
KEYNOTE PRESENTATION - Exposing Adversarial Conversations
The latest snapshot of your network traffic logs may look innocent enough, but hidden within your common ports and protocols are the movements of a cybercriminal who has secretly breached your systems and is now trying to expand its foothold within your virtual walls in multi-cloud environments.
It’s this east-west infiltration that turns what could be just a relatively minor breach into a damaging data exfiltration incident or a full-scale ransomware attack. That’s why reducing attacker dwell time, curbing lateral movement and detecting advanced threats are essential components to any network security strategy, whether you operate largely on premises, in private clouds or multi-cloud architectures.
Gain key insights and strategies related to the defense against post-breach lateral movement:
- Research, statistical analysis and threat reports that underscore the threat that lateral movement represents
- Key metrics, strategies and solutions for detecting post-exploitation east-west movement, including behavioral analysis and identifying threat signatures
- A Guide To Detecting & Restricting Lateral Movement
Speaker: Chad Skipper, Global Security Technologist, VMware
Presented by: VMware
9:00 - 9:30 AM EST
PRESENTATION - Drive the Needed Alignment Between Your Organizational Vision, Strategy, Execution, and Outcomes
Are your technology plans and resources fully aligned to your strategy, and are you achieving the expected outcomes? We will review the end-to-end strategy execution lifecycle, and we will discuss key aspects of how organizations truly connect vision to strategy, portfolio plans, execution, and outcomes. We will examine recommended practices and the pitfalls organizations face when developing and translating their strategy into actionable and successful plans. Finally, we will review the three critical pillars of adaptive strategy execution and discuss the related obstacles most organizations face.
Speaker: Morten Sorensen, VP System IT Portfolio Management Office, Federal Reserve System
9:40 - 10:10 AM EST
WORKSHOP 1 - How Organizations Can End the Era of Security Control Failure
Imagine a World Cup qualifying team that made it to the first match but had failed to prepare for its opponents. Stepping out on the pitch, the opposing team would run circles around them. This is the story in cybersecurity today. The impact of a lack of continuous security control validation is that security programs fail and breaches occur constantly. Only by testing controls against known threats can teams generate the data they need to understand performance, tune-up, and improve effectiveness.
In this talk, Jose will cover how the research team discovered that EDR controls in AttackIQ’s customer environments only stopped top adversary techniques 39 percent of the time, and outline recommendations for how to improve cybersecurity program performance at scale.
In their analysis, the AttackIQ Adversary Research Team selected real-world adversary techniques from MITRE ATT&CK under the following criteria, including: (1) they needed to be common techniques (not edge cases); (2) they needed to have had pronounced historical impacts, including in recent Russian operations in Ukraine; and (3) most importantly, the EDR solution providers needed to consistently block these key techniques in AttackIQ’s lab environment. The goal in selecting these techniques was to find a sweet spot for realistic and popular techniques that could be prevented by recommended security configurations but are not currently being prevented most of the time in customer environments.
Attendees will leave the talk with a deeper understanding of why advanced cyberdefenses fail against threats and how organizations can use automated testing and the MITRE ATT&CK framework to improve their overall security program performance
Speaker: Jonathan Reiber, Vice President for Cybersecurity Strategy and Policy, AttackIQ
Presented by: AttackIQ
9:40 - 10:10 AM EST
WORKSHOP 2 - Bridging the Gap Between Tech and Business Leadership to Enable Innovation and Transformation
How do you create alignment between Tech and Business Leaders in your organization to develop a digital transformation strategy that includes analytics modernization, cloud migration, or data democratization to enable innovation and transformation in your organization? In this session, Steve discusses why, despite the strategic and competitive advantages of a data-centric approach, it may take a lot of effort to get others to see that it is the right thing to do for the corporation.
- Understand the perceived gap between business, leadership, and IT.
- Discover methods to become business-centric in your approach to IT.
- Evaluate case studies where companies have benefited from taking a different approach to communicating value.
- Learn from others’ mistakes and successes in the best ways to work with business and IT
Speaker: Steve Sarsfield, Director of Product Marketing, Vertica
Presented by: Vertica
10:10 - 10:25 AM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
10:30 - 11:00 AM EST
WORKSHOP 1 - Shift-Left, Shield Right: The Role of Real-Time CWPP in a CNAPP World
The cloud is big business, and so is increasingly targeted by threat actors. The challenge comes down to this: how do we secure our cloud-enabled business without throttling innovation? After all, no one went to the cloud to slow down. Join SentinelOne as we speak plainly about cloud defense in depth. From build time to runtime, we will discuss the complementary roles of agentless (“shift-left”) and agent-based (“shield right”) security layers. We will cover both CNAPP (Cloud-Native Application Protection Platforms) and real-time cloud workload protection (CWPP), sharing insights which hopefully help you to accelerate innovation while operating securely.
Speaker: Rick Bosworth, Director of Cloud Marketing, SentinelOne
Presented by: SentinelOne
10:30 - 11:00 AM EST
WORKSHOP 2 - Accelerating Software Delivery and Ensuring Compliance through Value Stream Management
In the fast-paced world of IT and Security, optimizing software delivery and ensuring compliance are essential for organizations looking to remain competitive and meet ever-evolving customer demands. This presentation will explore the role of Value Stream Management (VSM) in accelerating software delivery, enhancing digital transformation efforts, and ensuring compliance within the IT & Security industry. Attendees will learn how VSM can drive innovation, efficiency, and compliance within their organizations by providing a comprehensive overview of VSM, discussing challenges and opportunities in the global context, and sharing best practices for successful implementation.
Speaker:Hope Lynch, Product Evangelists, Cloudbees
Presented by: CloudBees
11:10 - 11:40 AM EST
WORKSHOP 1 - Cultivating Developer Security Adoption
Security programs have undergone major changes in recent years, to adapt to the changes that Agile development, DevOps pipelines, and faster deployments bring. New DevSecOps programs and models have resulted in a significant security ownership shift to the development teams. But in order for development teams to truly take responsibility for security, they need to embrace and adopt the new security practices. This is no easy feat! It introduces many organizational, process, and tooling challenges. In this session, we will discuss how others have successfully achieved this, and talk about tips and best practices on how you can improve the developer adoption of your security needs, as well as common pitfalls or problems to avoid.
Speaker: Ravi Maira, Vice President, Product Marketing, Snyk
Presented by: Snyk
11:10 - 11:40 AM EST
WORKSHOP 2 - Introduction to Data Lineage: A New Methodology to Data Protection
- Identifies how data comes into existence in an organization
- Monitors data behavior in all the places users create, handle, and distribute data
- Provides visibility into all the operations and transformations that occur, providing a complete picture of the lifecycle of data and its derivatives
- Can ultimately be extended to support use cases such as tracking data sprawl and identifying risk across the enterprise within insider risk programs
In this talk, Chris Saucier, Solutions Architect at Cyberhaven, will provide a history of data protection, an overview of data lineage, how the data model can be used to discover data in your environment and how it can be used to discover risk, and how data lineage can be extended beyond visualization.
Speaker: Chris Saucier, Solutions Architect, Cyberhaven
Presented by: Cyberhaven
11:45 - 12:35 PM EST
ROUNDTABLE + PANEL: Driving The Business Through Technology
It is no secret that technology is changing the fabric of business operations and outcomes, and collaboration between IT and the business is more important than ever before. The conversation is no longer about how to align IT with the business, however in many cases technology is still viewed as a commodity rather than an enabler. So what can we do to successfully change this mindset both within our own organizations and across the industry as a whole? During this session, we will discuss the various challenges IT and digital leaders face when undergoing this cultural shift.
Moderator: Lorenzo Hines, SVP of Information Technology, Citi
Panelists:
Parveen Malik, VP of IT Security, Charles River Development
Mitesh Patel, VP, JP Morgan & Chase
Steve Demeritt, VP, Global Head of IT Service & Delivery, Black & Veatch
Paul Cao, Global Head of Data Platform, Wells Fargo
12:35 - 1:30 PM EST
SINC NETWORKING LUNCH
Open seating, Buffet-style lunch. Serving food for all tastes, pallets, and preferences. Vegan, vegetarian, and halal options available
1:35 - 2:15 PM EST
PRESENTATION - How to Maximize ROI on Digital Investments with Value Stream Management and FinOps
As macro-economic concerns increase in 2023, organizations are looking to drive higher ROI from digital investments. Value Stream Management helps DevOps teams accelerate time to market and build on success by unifying your organization’s business and technology objectives. But accelerating revenue must be accompanied by optimized operational expenditures in order to maximize ROI. That’s where FinOps comes in.
In this session, you’ll learn how OpenText simplifies Value Stream Management by helping organizations track, analyze, and predict resourcing, reduce risk, and identify waste to help you increase value as a product flows from “strategy to delivery” to achieve superior business outcomes. Then you’ll learn how FinOps can help you optimize the cloud costs that are driven by agile development through a three-step approach: Inform, Optimize, and Operate. This will enable you to:
- Maximize Business Value and Effectiveness: Discover, visualize and manage the flow of value from “strategy to delivery” powered by AI and analytics that is easy to deploy.
- Accelerate Delivery and Efficiency: Integrate with your existing toolchains to improve productivity and remove friction in the value stream with smart automation.
- Gain Competitive Advantage: Differentiate customer experience with high-quality value stream insights to manage risk and streamline delivery. Empower continuous feedback, learning, and improvement.
Join OpenText to learn why the time for a joint VSM/FinOps approach is now and how to capitalize on it the easy way.
Speakers:
Steve Williams, Director, Solutions Engineering, OpenText
Walid Hbeika, Chief Technologist – Application Delivery Management – Professional Services, OpenText
Presented by: OpenText
2:25 - 2:55 PM EST
WORKSHOP 1 - Top 3 Cloud Security Efforts to Focus on in 2023
As cloud data volumes grow, so does cloud complexity. Traditional security infrastructure is no match for the constant changes, updates, and shifts that come with the cloud – let alone the rapid rise of sophisticated, malicious threats. That’s a lot to get your teams’ arms around! We’ve got three things you can focus on this year to ease that complexity and keep your business safe in the cloud.
Join this session to discuss how:
- Shifting left will be essential
- Supply chain risk will be a major concern
- Securing your cloud will be impossible without comprehensive visibility
Speaker: Alan Thatcher, Senior Manager, Field Architects, Lacework
Presented by: Lacework
2:25 - 2:55 PM EST
WORKSHOP 2
Check back for updates on this session.
Speakers:
Dane Zielinski, Information Security Manager, TransAm Trucking
Craig Guymon, Lead Solutions Architect, Binalyze
Presented by: Binalyze
3:05 - 3:35 PM EST
WORKSHOP 1 - Lessons Learned from 1.7 Million Hours of Security Validation in One Year
The Cymulate security effectiveness report captured over 1.7m hours of customer assessments over a 12-month period. In this session, you’ll find out the top 10 attacks launched by customers and whether the security teams were focused on the right attacks to protect against. We’ll also share some disturbing insights, such as older exploits (over 2 years old) that were not being mitigated. Lastly, we will go over innovative ways to assess exposures, check attack path viability, and validate security control efficacy.
Five benefits for delegates attending this session:
- Find out what we discovered from over 1.7 million hours of assessments
- Hear real-life customer testing trends and which real-world breaches are tested the most
- Understand that current state of legacy vulnerability patching and how to validate the efficacy of patches and controls
- Learn about gaps in security testing and what the trends tell us
- Discover how Cymulate safely uses threat actor attack techniques and automation to validate security controls
Speakers:
Carolyn Crandall, Chief Security Advocate and CMO, Cymulate
Mike Denapoli – Director of Technical Messaging, Cymulate
Presented by: Cymulate
3:05 - 3:35 PM EST
WORKSHOP 2 - Software Liability and a Path Forward
As a research and advisory organization, we have a unique perspective on key trends in technology. This talk will cover the key trends such as generative AI, zero-trust security, recession preparation, Metaverse, digital processes, industry-based data models, recession preparation, environmental/social governance, and their applicability to IT organizations.
Join Sonatype’s Maury Cupitt as he discusses how companies can achieve digital transformation by delivering safer and faster applications, and the shift that needs to happen with companies becoming proactive in securing their Software Supply Chain.
Presented by: Sonatype
3:35 - 3:50 PM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
3:55 - 4:25 PM EST
PRESENTATION - Systems of Experience: The CIO's Role in the Future of Work
The definition of work-life balance has changed, and the nature of work has changed. Life, family, and work are all integrated, we need software solutions that allow us the flexibility to live our lives and attract a diverse talent. Solutions that improve experience locally while allowing us to operate globally removing the friction, increasing productivity improving employee experience and in turn positively impacting the customer experience. Focused on retention and customer satisfaction.
Presented by: RingCentral
4:30 - 5:20 PM EST
ROUNDTABLE & PANEL - Diving into Talent Acquisition, Diversity and Retention
In most markets, there is an abundance of open IT jobs with fewer people able to fill them – and the positions are getting more expensive. Working remotely is the norm, but not optimal (usually). There is less off-shoring and more resources are focused locally or within the same hemisphere.
Additionally, we are still not recruiting enough women and minorities into the rank and file, especially senior IT roles, and we’re losing talent to major tech hubs.
Join us at the roundtable with your peers as we dive into solutions to tackle the following challenges:
- How do you scale staff/team without losing them to major tech hubs?
- How do you create more diversity – not only among race and gender – but diversity of thought Old vs New Thinking?
- How do we mentor universities to implement actionable steps for supplying more IT talent?
Moderator: Dr. Sue Tripathi, Partner, Data, Analytics, Technology, Transformation, IBM
Panelists:
Shayn Spingler, SVP Global Information Technology, Hill International
Davin Darnt, CISO, Confidential
Deshard Stevens, CIO/CISO, NYC Commission on Human Rights
Helen Knight, Transformation Consultant, Helen Knight Consulting
5:45 - 7:00 PM EST
SINC NETWORKING RECEPTION
Engage your Peers over canapés and cocktails
7:00 - 9:00 PM EST
SINC NETWORKING & ENGAGEMENT DINNER
Open seating buffet meal serving 5 star food and great Peer engagement
7:00 - 8:00 AM EST
SINC IT LEADERS NETWORKING BREAKFAST
Full Breakfast and lots of coffee available!
8:05 - 8:55 AM EST
ROUNDTABLE & PANEL - Engaging Remote Employees And The Platforms To Create A Happier, Healthier Enterprise
In today’s increasingly digital world, remote work has become a common practice, particularly in light of recent events that have led to a rise in remote work. However, while remote work has its benefits, it can also lead to disengaged employees and reduced productivity, making it essential for companies to find ways to keep their remote workers engaged and happy.
This presentation will focus on the various platforms available to companies to keep their remote employees engaged, healthy, and happy. From communication tools to project management software, there are many options to choose from to facilitate effective collaboration and communication between remote workers and the rest of the team. We will also discuss the importance of wellness programs, such as mental health initiatives, fitness challenges, and other employee wellness programs, in creating a happy and healthy work environment for remote employees.
The presentation will offer practical tips and strategies for managers and employers to create a positive remote work culture that fosters engagement, productivity, and well-being among their remote workers. By leveraging the right tools and implementing employee-focused initiatives, companies can build a happier, healthier enterprise that not only attracts and retains top talent but also ensures the continued success of the organization in the long term.
Moderator: Mark Hoeting, Executive Counselor, Info-Tech Research Group
Panelists:
Pradeep Mannakkara, CIO, Cvent
Michael Onuoha, Head of Engineering & Architecture, Risk, Fraud, Collections & Recovery, Citi
Cynthia Dixon, Sr. Director of IT, PepsiCo
Bill Boudreaux, CTO, City of Rochester
9:00 - 9:40 AM EST
PRESENTATION - In The Know: Coping with Recession Concerns on IT Spending
Concerns of a Recession looms whether there results in one or not. With a war raging across the ocean, a potential European energy crisis this winter, and inflation numbers in the US refusing to subside, the macroeconomic environment has caused enterprise IT leaders to rethink their strategies. Learn how your peers are changing their plans to deal with the recession.
Speaker: Eric Helmer, Chief Technology Officer, Rimini Street
Presented by: Rimini Street
9:50 - 10:20 AM EST
WORKSHOP 1 - Why the Nonprofit Sector Needs CIOS & How You Can Help
Building a compelling business case for digital transformation is a challenge faced by many technology leaders. It becomes even more complicated when the change beneficiaries are not the funders, and the choice to invest in technology feels like it is taking services from our most vulnerable citizens. Helen Knight, an award-winning leader of non-profit digital transformations will share how she modernized emergency shelters and food banks, and how she uses technology to optimize services for people struggling with poverty. Helen will also share ways technology leaders can use their skills to help people today, and invite you to help solve the challenges ahead.
Speaker: Helen Knight, Transformation Consultant, Helen Knight Consulting
9:50 - 10:20 AM AM EST
WORKSHOP 2 - Revolutionized Cybersecurity – AI/ML Based Cybersecurity Model
As cyberattacks grow in volume and complexity, artificial intelligence (AI) is helping under-resourced security operations analysts stay ahead of threats. Curating threat intelligence from millions of research papers, blogs and news stories, AI technologies like machine learning and natural language processing provide rapid insights to cut through the noise of daily alerts, drastically reducing response times.
The session covers real life practical use cases that have been deployed and wherein AI helps analysts connect the dots between threats and shape up the modern day Cybersecurity programs.
Speaker: Rahul Bhardwaj, Deputy CISO, Kroll
10:20 - 10:35 AM EST
SINC NETWORKING & REFRESHMENT BREAK
Circle back with your Peers on the content so far while grabbing a coffee and a snack
10:35 - 11:05 AM EST
WORKSHOP 1 - Why Traditional Application Security Is No Longer Enough
Modern software presents unique challenges that traditional application security measures cannot effectively handle. In this session, we will explore three of these challenges. First, we will examine the use of modern building blocks in software development. The abundance of new technologies and the fact that we often lack complete control over these building blocks can cause us to overlook the glue that keeps them together. Second, we will discuss the challenge of context in application security. Shifting left or right can only take us so far; taking a step back to see the context of the whole picture is necessary for adequate security. Finally, we will consider the use of open-source software and how it can lead to misplaced trust. Traditional application security tools are unable to compute trust in these situations. Join us to learn how to address these challenges and enhance your application security in today’s complex software landscape.
Speaker: Erez Yalon, VP of Appsec Research, Checkmarx
Presented by: Checkmarx
10:35 - 11:05 AM EST
WORKSHOP 2 - Deploying Cloud Security Controls
Topics addressed will include:
- Cloud Security Checklist
- 7 Critical Cloud Security Controls
- Common mistakes Open for discussion and sharing ideas
Speaker: Nish Majmudar, VP & Chief Information Security Officer, Mathematica
11:15 - 11:45 AM EST
WORKSHOP - Proactive Cyber Risk Management – Be “in-front” of your Risks. Not Behind them!
In order to deliver value to our customers, patients, employees, communities and shareholders, we Healthcare organizations must understand and manage the risks faced across our entire organization. This seminar will outline a “proactive” approach to defining, categorizing and remediating cyber risks within your organization.
Speaker: Tim Swope, , Catholic Health Services
11:50 - 12:30 PM EST
PANEL - Building an Effective CIO-CISO Relationship
The CISO and CIO have different focuses across the IT organization – the CIO is focused on operations, keeping things running, and developing ROI. While the CISO is tasked with return on risk, focusing on security tools and processes that reduce risk across the organization. By definition, the two can immediately be in an adversarial relationship as security is often lost to tight budgets, office politics, and the drive of the organization.
This session will discuss:
- Ways to work in tandem with the CIO to drive the business forward while still respecting organizational security
- Effective strategies to build trust and unite all departments under one security umbrella
- Future structural changes – how the CIO reporting to the CISO will change organizational culture
In this session, we will speak to a Panel of your Peers to better understand this new proposed policy change and how it affects you.
Moderator: Keith Donnelly, VP, Global Head of Risk Managment, Broadridge Financial
Panelists:
Gary Szukalski, SVP, Field, Partner, and Customer Marketing, Darktrace
Peter Rosario, CISO, USI
Bradley Schaufenbuel, CISO, Paychex
Pennie Turgeon, CIO/CISO, New York Institute of Technology
12:30 - 1:30 PM EST
SINC NETWORKING LUNCH
Open seating, Buffet-style lunch. Serving food for all tastes, pallets, and preferences. Vegan, vegetarian, and halal options available. Serving to-go boxes for those in a hurry!
East Executive Advisory Council
Michael Marsillio
CISO
Paradies Lagardere
Ashok Narayan
Global Director of Applications and Emerging Technology
Tosca Services
Gina Bennett
Director of Enterprise Solutions
YMCA of Metropolitan Atlanta
Kenneth Foster
VP of IT Governance, Risk and Compliance
FLEETCOR
Kenneth Viciana
VP, Global Data & Analytics Products
TSYS
Lorenzo Hines
Global SVP of Information Technology
Citi
Bradley Schaufenbuel
VP & CISO
Paychex, Inc
Stephen Demeritt
Global Head of IT Services & Delivery
Black & Veatch
Mitesh Patel
VP of IT
JP Morgan
John Whiting
Global Director Cyber Risk
Omnicon
Michael Onuoha
Head of Engineering & Architecture, Risk, Fraud & Collections
Citi
Nish Majmudar
VP & Chief Information Security Officer
Mathematica
Robert Field
Vice President of Global Information Technology and Digital Solutions
Precipart
Andy Flatt
SVP & CIO
National Healthcare
Deena Swatzie
SVP of Cyber Security Strategy & Digital Innovation
Truist
Karl Forsberg
Senior Director IT, Infrastructure and Operations
North America Partners in Anesthesia
Forum Speakers
Nish Majmudar
VP & Chief Information Security Officer
Mathematica
Shayn Spingler
SVP Global Information Technology
Hill International
Keith Donnelly
VP, Global Head of Risk Managment
Broadridge Financial
Steve Sarsfield
Director of Product Marketing
Vertica
Dr. Sue Tripathi
Partner, Data, Analytics, Technology, Transformation
IBM
Dane Zielinski
Information Security Manager
TransAm Trucking
Craig Guymon
Lead Solutions Architect
Binalyze
Chad Skipper
Global Security Technologist
VMware
Maury Cupitt
Regional Vice President, Sales Engineering
Sonatype
Pradeep Mannakkara
CIO
Cvent
Rick Bosworth
Director of Cloud Marketing
SentinelOne
Chris Saucier
Solutions Architect
Cyberhaven
Mark Hoeting
Executive Counselor
Info-Tech Research Group
Jonathan Reiber
Vice President for Cybersecurity Strategy and Policy
AttackIQ
Morten Sorensen
VP System IT Portfolio Management Office
Federal Reserve System
Steve Williams
Director, Solutions Engineering
OpenText
Walid Hbeika
Chief Technologist – Application Delivery Management – Professional Services
OpenText
Helen Knight
Transformation Consultant
Helen Knight Consulting
Tim Swope
Chief Information Security Officer
Catholic Health Services
Rahul Bhardwaj
Deputy CISO
Kroll
Davin Darnt
CISO
Confidential
Hope Lynch
Product Evangelists
CloudBees
Peter Rosario
CISO
USI
Bradley Schaufenbuel
CISO
Paychex
Parveen Malik
VP of IT Security
Charles River Development
Deshard Stevens
CIO/CISO
NYC Commission on Human Rights
Mitesh Patel
VP
JP Morgan & Chase
Erez Yalon
VP of Appsec Research
Checkmarx
Cynthia Dixon
Sr. Director of IT
PepsiCo
Michael Onuoha
Head of Engineering & Architecture, Risk, Fraud, Collections & Recovery
Citi
Pennie Turgeon
CIO/CISO
New York Institute of Technology
Steve Demeritt
VP, Global Head of IT Service & Delivery
Black & Veatch
Carolyn Crandall
Chief Security Advocate and CMO
Cymulate
Ravi Maira
Vice President, Product Marketing
Snyk
Eric Helmer
Chief Technology Officer
Rimini Street
Alan Thatcher
Senior Manager, Field Architects
Lacework
Gary Szukalski
SVP, Field, Partner, and Customer Marketing
Darktrace
Bill Boudreaux
CTO
City of Rochester
Paul Cao
Global Head of Data Platform
Wells Fargo
Lorenzo Hines
SVP of Information Technology
Citi
Interested in speaking? Please submit a request.
Submit RequestInterested in sponsoring? Please submit a request.
Submit RequestForum Sponsors
- diamond Sponsor
- platinum Sponsor
- gold Sponsor
- silver Sponsor
- networking Sponsor
diamond
VMware
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.
As the trusted foundation to accelerate innovation, VMware meets customers where they are. Instead of tradeoffs and compromise, VMware’s software offers businesses the flexibility and choice they need to build the future.
Learn More
platinum
RingCentral
RingCentral, Inc. (NYSE: RNG) is a leading provider of business cloud communications and contact center solutions based on its powerful Message Video Phone (MVP ) global platform. More flexible and cost-effective than legacy on-premises PBX and video conferencing systems that it replaces, RingCentral empowers modern mobile and distributed workforces to communicate, collaborate, and connect via any mode, any device, and any location.
RingCentral offers three key products in its portfolio including RingCentral MVP , a Unified Communications as a Service (UCaaS) platform including team messaging, video meetings, and cloud phone system; RingCentral Video , the company’s video meetings solution with team messaging that enables Smart Video Meetings; and RingCentral Cloud Contact Center solutions. RingCentral’s open platform integrates with leading third-party business applications and enables customers to easily customize business workflows. RingCentral is headquartered in Belmont, California, and has offices around the world.
platinum
platinum
Rimini Street
More than 4,900 Fortune 500, Fortune Global 100, midmarket, public sector and other organizations from a broad range of industries have relied on Rimini Street as their trusted application enterprise software products and services provider. To learn more, please visit www.riministreet.com.
Learn More
gold
AttackIQ
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free AttackIQ Academy, open Preactive Security Exchange, and partnership with the MITRE Engenuity.
Learn More
gold
Snyk
Snyk is the leader in developer security. They empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world. Their developer-first approach ensures organizations can secure all of the critical components of their applications from code to cloud, leading to increased developer productivity, revenue growth, customer satisfaction, cost savings and an overall improved security posture. Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and is purpose-built for security teams to collaborate with their development teams. Snyk is used by 1,200 customers worldwide today, including industry leaders such as Asurion, Google, Intuit, MongoDB, New Relic, Revolut and Salesforce.
Learn More
gold
SentinelOne
SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity. SentinelOne unifies prevention, detection, response, remediation, and forensics in a single platform powered by artificial intelligence. With SentinelOne, organizations can detect malicious behavior across multiple vectors, rapidly eliminate threats with fully-automated integrated response and to adapt their defenses against the most advanced cyberattacks.
Learn More
gold
Vertica by OpenText
Vertica by OpenText is the fastest, most advanced SQL analytics database, available on-premise, on Hadoop, and multiple clouds – all delivered via one unified platform. With tight integration with Hadoop, Kafka, and Spark, and built-in advanced analytics and Machine Learning, Vertica delivers the highest performance at extreme scale.
Vertica. Built for fast. Built for freedom.
Learn More
gold
Cymulate
Designed for companies that want to manage their security posture against the evolving threat landscape. Cymulate’s SaaS-based platform deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cybersecurity posture end-to-end across the MITRE ATT&CK® framework.
The platform provides threat intelligence-led risk assessments that are simple to deploy out-of-the-box, and for all maturity levels. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies.
Cymulate allows professionals to manage, know and control their dynamic environment.
Learn More
gold
Lacework
Lacework is the data-driven security platform for the cloud. The Lacework Polygraph Data Platform automates cloud security at scale so our customers can innovate with speed and safety. Only Lacework can collect, analyze, and accurately correlate data across an organization’s AWS, Azure, GCP, and Kubernetes environments, and narrow it down to the handful of security events that matter. Customers all over the globe depend on Lacework to drive revenue, bring products to market faster and safer and consolidate point security solutions into a single platform.
Learn More
gold
CloudBees
Every business is a software business, and is under pressure to innovate constantly. This increased velocity introduces new business risks. CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.
Learn More
gold
Darktrace
Darktrace, a global leader in cyber security AI, delivers world-class technology that protects over 6,500 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. The company’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it.
Learn More
gold
Binalyze
Binalyze is the world’s fastest and most comprehensive DFIR solution. Our software remotely, securely, and automatically collects more than 280 digital forensics artifacts in under 10 minutes.
With evidence collected, our Timeline, Triage and Drone features help you to collaborate and complete incident response investigations quickly and dramatically reduces dwell time.
Binalyze saves you time, reduces cybersecurity operational costs and helps you prevent the financial and reputational losses associated with cyber attacks.
Learn More
gold
Cyberhaven
Your important data is always in motion, spreading to new people, applications, and devices that are outside traditional security controls. Cyberhaven protects data anywhere it goes in the extended enterprise. You can’t protect what you can’t see. We classify data by analyzing billions of events, not just patterns in the content, assembling a data lineage to identify and protect what other tools can’t.
More from Cyberhaven:
Learn More
gold
Sonatype
The Sonatype journey started 15 years ago, just as the concept of “open source” software development was gaining steam. From our humble beginning as core contributors to Apache Maven, to supporting the world’s largest repository of open source components (Central), to distributing the world’s most popular repository manager (Nexus), we’ve played a meaningful role in helping the world embrace the power of open innovation.
Over time, we witnessed the staggering volume and variety of open source libraries that began flowing into every development environment in the world. We understood that when open source components are properly managed, they provide a tremendous energy for accelerating innovation. Conversely, when unmanaged, open source “gone wild” can lead directly to security vulnerabilities, licensing risks, enormous rework, and waste.
Our vision today is simple.
We are laser focused on helping organizations continuously harness all of the good that open source has to offer, without any of the risk. In order to do this, we have invested in knowing more about the quality of open source than anyone else in the world. This investment takes the form of machine learning, artificial intelligence, and human expertise, which in aggregate produces highly curated intelligence that is infused into every Nexus product. Organizations equipped with Nexus products make better decisions, innovate faster at scale, and rest comfortably knowing that their applications always consist of the highest quality open source components.
Learn More
gold
Checkmarx
Checkmarx is the global leader in software security solutions for modern application development. Checkmarx delivers the industry’s most comprehensive software security platform in Checkmarx One. It’s a platform that unifies with DevOps and provides static and interactive application security testing, software composition analysis, and developer application security awareness and training programs to reduce and remediate risk from software vulnerabilities.
Checkmarx is trusted by more than 40 percent of the Fortune 100 and half of the Fortune 50, including leading organizations such as SAP, Samsung, and Salesforce.com.
Learn More
silver
Okta
Okta is the leading independent identity provider. The Okta Identity Cloud enables organizations to securely connect the right people to the right technologies at the right time. With more than 7,000 pre-built integrations to applications and infrastructure providers, Okta provides simple and secure access to people and organizations everywhere, giving them the confidence to reach their full potential. More than 10,000 organizations, including JetBlue, Nordstrom, Siemens, Slack, T-Mobile, Takeda, Teach for America, and Twilio, trust Okta to help protect the identities of their workforces and customers.
Learn More
networking
Nametag
Nametag is a leading provider of identity verification services, helping businesses of all sizes to protect themselves from fraud and ensure the authenticity of their customers. The company’s advanced technology and rigorous processes make it a trusted partner for businesses in a range of industries, from finance and healthcare to retail and e-commerce. For more information, visit www.getnametag.com.
Learn More
