Breakout Agenda: RMISC 2022

Thursday, September 22, 2022
8:00 AM - 9:00 AM	Keynote Keynote: The CISO Evolution: Business Knowledge for Cybersecurity Executives with Rock Lambros and Matthew Sharp Rock Lambros - RockCyber, LLC Matthew Sharp - Logicworks
9:15 AM - 10:15 AM	Emerging Trends A1: Staying Alive: What It Means to Be Cyber Resilient Douglas Brush - Splunk	Security Management B1: Strategically Integrating Cybersecurity and Enterprise Risk Management Keyaan Williams - Cyber Leadership and Strategy Solutions, LLC	Risk & Compliance C1: Cybersecurity Maturity Model Certification (CMMC) – You May Need It Anders Erickson - Eide Bailly LLP	AppSec & DevSecOps D1: 101 Ways Dependencies Can Wreck Your Day Free Wortley - LunaSec Chris Thompson - LunaSec	Incident Response & Threat Intelligence E1: InfraGard: Incident Response Tabletop Panel Chris McLaughlin - Johns Manville (JM) Dave Sonheim - DHS/CISA Chad Alvarado - FBI		Architecture & Operations F1: The Four Dimensions of Building a Security Program Andy Ellis - Orca Security	Vendor G1: Demystifying Gen V Attacks: Ransomware, Nation State, and Supply Chain Grant Asplund - Check Point Software	Vendor H1: A Hacker's View On Why Your Endpoint Security Is Broken David Parker - Novacoast, Inc. Pedro Sosa - Novacoast
10:25 AM - 10:55 AM	Exhibit Hall Presentation Top Active Directory Attacks and How to Prevent Them Alexandra Weaver - Semperis					Exhibit Hall Presentation Zero Days Should Not Be A Crisis Steve Winterfeld - Akamai Technologies, Inc. Steven Schiffer - Akamai Technologies, Inc.
11:00 AM - 12:00 PM	Emerging Trends A2: Cyber Annos Quadraginta: What a Long Strange Trip Jack Callaghan - TTR Research Group	Security Management B2: Board Level and Executive Reporting – How the SEC Cybersecurity Guidelines Will Impact Us Laz . - Blue Lava	Risk & Compliance C2: Analyst View: A Data-Driven Insiders Guide to Accelerating CyberSec/Risk/Privacy/Governance Careers David Foote - Foote Partners, LLC	AppSec & DevSecOps D2: How to Effectively Manage a Developer Security Operations Program Evan Gertis - IGTS	Incident Response & Threat Intelligence E2: Threat Hunting in Practice: How to Protect Critical Assets Through Systematic, Proactive Threat Intelligence Michael-Angelo Zummo - Cybersixgill		Architecture & Operations F2: Achieving Zero Trust at VMware Craig Savage - VMware	Vendor G2: Anatomy of a Ransomware Attack Steve Allison - CDW	Vendor H2: Getting Testy: Making Sure Your Defenses Will Work When It Matters Most Keith McCammon - Red Canary
12:45 PM - 1:15 PM	Exhibit Hall Presentation Centralized Identity Driven Zero Trust Chris Hills - BeyondTrust					Exhibit Hall Presentation Understanding and Defending Against Cyber-enabled Information Operations Sam Riddell - Mandiant
1:30 PM - 2:30 PM	Soft Skills A3: The Cyber Entrepreneur Terry Bradley - Mile High Cyber	Security Management B3: Deploying Risk Quantification at Scale Michael Ruehmkorff - Kaiser Permanente Eng-Wee Ethan Yeo - Kaiser Permanente	Risk & Compliance C3: Adaptive Assurance: Implementing an Automated Control Testing Program Christie Gross - Delta Dental of California David Carter - Delta Dental of California	AppSec & DevSecOps D3: SBOMs. It’s the Least We Can Do… John Dickson - Coalfire	Incident Response & Threat Intelligence E3: Becoming the Threat Sherrod DeGrippo - Proofpoint		Architecture & Operations F3: Vulnerability Management in OT Environments - A Playbook J. Pamela Robinson - McKesson	Vendor G3: Overcoming Ransomware Threats From Your Vendor Ecosystem Neal Roylance - Riskrecon	Vendor H3: The Future of Vulnerability Management Jerry Gamblin - Cisco
2:45 PM - 3:45 PM	Emerging Trends A4: Open Source for Growing the Cyber Workforce Matthew Kaar - Software Engineering Institute - Carnegie Mellon University	Security Management B4: Using Science Fiction to Teach Cybersecurity Brad Rhodes - Accenture Federal Services	Risk & Compliance C4: Managing Authorization Sprawl in a Cloud-native World Sameer Sait - BalkanID Alex Wood - Uplight Mustapha Kebbeh - UKG Rishi Singh - Arrow Electronics, Inc.	AppSec & DevSecOps D4: Open Source Developers Are Security’s New Front Line Paul Meharg - Sonatype	Incident Response & Threat Intelligence E4: Don’t Let Your Incident Become a Forest Fire Carlin Dornbusch - American Cyber Security Management		Risk & Compliance F4: Don't Lose Your CyberInsurance Jim Gerken - Novacoast, Inc.	Vendor G4: Cyber Security Challenges of Today & the Emerging Threats of Tomorrow Todd Felker - CrowdStrike	Vendor H4: Identity-First Security in a World Without Perimeters Josh Clark - Okta Dina Falzarano - Okta
3:45 PM - 4:15 PM	Exhibit Hall Presentation SASE: Securely Enable Your Business with Simplicity Evin Safdia - Cato Networks					Exhibit Hall Presentation Why an IAM Program May Be The Key to Your Company’s Existence Anthony Naples - Cyderes
4:15 PM - 5:00 PM	Keynote Keynote: CISO Panel Paul Kay - Echostar Julie Chickillo - Guild Alex Wood - Uplight Erica Boyle - Alterra Mountain Company Joshua Saunders - Otter Products Craig Hurter - State of Colorado

Friday, September 23, 2022
8:00 AM - 8:15 AM	Keynote Special Guest Speaker: Colorado Attorney General Phil Weiser Phil Weiser - Colorado Attorney General
8:15 AM - 9:00 AM	Keynote Keynote: Blockbuster Security in a Zero Trust World with John Sileo John Sileo - The Sileo Group
9:00 AM - 9:30 AM	Exhibit Hall Presentation API Security: How Are You Securing the #1 Attack Vector? Matt Tesauro - Noname Security					Exhibit Hall Presentation Software Deployments: Visibility at Scale Drew Miranda - Graylog
9:30 AM - 10:30 AM	Vendor G5: Sustainable & Consistent Application of ZTNA Elton Fontaine - Palo Alto Networks	Vendor H5: Extend Advanced Threat Protection Across Endpoint and Cloud Environments Paul Kellett - Netskope	Emerging Trends A5: JWT or Not: Personally Insecure Reflections on Software (In)Security Brian Campbell - Ping Identity	Security Management B5: Using the Cyber Kill Chain to Prevent Ransomware Impacts Steve Winterfeld - Akamai Technologies, Inc.	Risk & Compliance C5: So Many Standards.... So Little Time Paige Needling - Needling Worldwide, LLC		AppSec & DevSecOps D5: "The Web is APIs!!!" (apologies to Soylent Green) Greg Sternberg - Evotek	Incident Response & Threat Intelligence E5: Using Digital Forensics to Enhance Internal Investigations Stewart Deken - RubinBrown	Privacy F5: Designing Privacy Into Your Smart System R. Jason Cronk - Enterprivacy Consulting Group Janelle Hsia - Privacy SWAN Consulting
10:45 AM - 11:45 AM	Vendor G6: Panel: How Does Economic Instability Impact Your Ability to Continue to Secure and Enable Your Organization? Todd White - Optiv Karen Mayerik - Zscaler Gary Symes - Zscaler Tim McCain - City of Aurora, Colorado James Carder - iOffice+SpaceIQ	Vendor H6: The Top 5 Cloud Threats and How to Protect Against Them Nicole Jacques - Wiz	Emerging Trends A6: Blockchain Technology: Under the Covers Mike Smith - Salesforce	Security Management B6: Return on Intelligence Andrew Scott - Crowdstrike	Risk & Compliance C6: Staying Ready: What to Expect with the ISO 27001 & ISO 27002 Updates Danny Manimbo - Schellman		AppSec & DevSecOps D6: Cloud Threat Actors: No Longer Cryptojacking for Fun and Profit Nathaniel Quist - Palo Alto Networks	Incident Response & Threat Intelligence E6: BOT Battles: Defense Against the Basic Opportunistic Threat Greg Foss - Lacework	Privacy F6: Have You Found Your Privacy North Star? Melissa Cooper - Sovrn Susan Hubard - Ping Identity
12:35 PM - 1:05 PM	Exhibit Hall Presentation Attack Surface Vs Blast Radius Kristina Rith - Varonis					Exhibit Hall Presentation Building the SOC of the Future Joseph Reichenauer - Expel
1:30 PM - 2:30 PM	Vendor G7: Private Eyes, They’re Watching You: How Malware-Infected Devices Make Your Organization a Target CW Walker - SpyCloud	Vendor H7: Operationalizing Threat Intelligence in your Incident Response Program Isaac Hannagan - ReliaQuest	Emerging Trends A7: Secure App Design Patterns Can Save the World! Joe Gerber - SecurityPatterns.net	Security Management B7: Surviving a Ransomware Apocalypse Alex Holden - Hold Security, LLC	Risk & Compliance C7: CMMC: Where We've Been, Where We Are Now, and Where We're Going Marci Womack - Schellman		AppSec & DevSecOps D7: FAIR STRIDE - Building Business Relevant Threat Models for AppSec Arthur Loris - Ping Identity	Incident Response & Threat Intelligence E7: Research Reveals Best Practices in Ransomware Response & Negotiation Jon Clay - Trend Micro	Risk & Compliance F7: Seeing Beyond the Fog of Cybersecurity Through Agile GRC Daniel Izquierdo - Expel, Inc.
2:45 PM - 3:45 PM	Vendor G8: The Science Behind Phishing Attacks: Partnering BEC Prevention Technology and CyberPsychology to Provide Novel Protection Methodologies Jacob Rubin - EVOTEK DJ Sampath - ArmorBlox	Vendor H8: Stopping Attacks, Not Your Business: AI & Autonomous Response Sppencer Eppstein - Darktrace	Emerging Trends A8: Talent Retention Amidst the Great Resignation- What You Should Be Doing Differently Rob Dubin - RD Creative LLC	Security Management B8: SIM Swapping - How My Friend Lost Over $1 Million Worth of Crypto Jacques Lucas - Avertium	Risk & Compliance C8: CMMC: An Authorized C3PAO's Point of View Matthew Titcombe - Peak InfoSec		AppSec & DevSecOps D8: Practical Cloud Security Serge Borso - SpyderSec	Soft Skills E8: How CISOs Can Better Connect with Their Boards and Make the Case for Cybersecurity Lucia Milica - Proofpoint	Privacy F8: The Intersection of Privacy and Security Programs Barry Weber - Assured SPC
4:00 PM - 5:30 PM	Keynote Closing Keynote: Extreme Social Engineering with Gary S. Chan Gary S. Chan - Alfizo LLC

Breakout Sessions (Subject to Change)