Speakers

Keynote Speakers:

Bio:

As President & CEO of The Right Place, Randy leads economic development strategy through
collaboration with local, State, and national organizations and stakeholders.

His role is central to the organization’s core work of business retention, expansion, and attraction within the community, while aligning with The Right Place’s mission of driving sustainable
economic growth and shared prosperity for all in the Greater Grand Rapids Region.

Randy Thelen

President/CEO @The Right Place

Brian Vecci

Field CTO @Varonis

Bio:

As Field CTO at Varonis, Brian supports a wide range of security and technology initiatives by helping Varonis’ customers and partner get the most out of the company’s products. In his 20-year technical career, Brian served as a developer, tech architect, engineer and product manager for companies in financial services, legal, and cybersecurity. Brian joined Varonis in 2010 in technical marketing, led education and development, and now serves as the company’s Field CTO. He holds a CISSP certification and frequently speaks on topics related to security and technology. He has been quoted in news sources ranging from The Financial Times to Dark Reading and has made multiple appearances on CNBC. Brian holds a Bachelor’s Degree from The New School in New York City and graduated from The Lakeside School in Seattle, Washington.

Presenting:

The Data-First Approach; Managing the Tension Between Security and Productivity

Synopsis:

Join me for my keynote presentation covering risks and threats we’re seeing across the industry, what security would look like if it started with data, and how to reduce your ransomware blast radius or the damage a compromised user can do.

Main Stage Presenters:

Bio:

Kyle Nordby (GCFE, GCFA, GCIH, GCIA) is an information security professional that has years of experience in a large retail Security Operations Center (SOC), and works in an Incident Response (IR) focused role. He is currently working on his Master's with an IR focus. His work ranges in threat hunting, IR, SOC operations, and endpoint triage. He is survived by his two cats, Lina and Jupiter.

Presenting:

Automating Forensic Triage in Free Tiers of Azure, GCP, and AWS

Synopsis:

As individuals and companies look for ways to save money, cloud providers incentivize choosing their service over others. Unless they are demoing a security project, security isn't a forethought until an incident happens. Free cloud tiers are the focus, as there may not be money invested by the individual/organization, especially in something like a project demo. There are two simulated threats, and we look at options to automate and have a strong set of tasks to best secure the environment.

Kyle Nordby

Threat Hunter @Arista

Mike Roman

Senior Sales Engineer @Orca

Bio:

Mike Roman is a Senior Sales Engineer at Orca Security who is responsible for helping organizations identify risks in their cloud environments and enhance their cloud security posture. Prior to joining Orca, Mike spent five years at Splunk where he partnered with organizations on their cloud journey in areas that included Security and Observability strategy. Outside of tinkering in the Clouds, Mike enjoys golfing with friends and playing guitar.

Presenting:

Why the Cloud Requires a Platform-Centric Approach

Bio:

Sean has more than 25 years of experience as an infrastructure technologist. He’s held architecture roles at Arista Networks, Riverbed Technology, Jostens, and Target Corporation. At Aeritae Consulting Group, he consulted at Ameriprise, Best Buy, Medtronic, USBank, as well as co-authored a CCIE-prep book published by Macmillan. Sean earned his Bachelor of Music from the University of Miami.

Presenting:

API MythBusters: Crushing Five Security Myths that are Crushing Your Safety

Synopsis:

Digital transformation and application modernization are driving exponential growth in the use of APIs. While APIs are more functional than ever before, organizations are hanging onto old ways of thinking about API security and it's making them an attractive target to hackers. Join our session on the top five common industry myths surrounding API security. You’ll learn the pitfalls of some misguided API security approaches, cut through the hype around a few security trends, and get recommendations on how to improve your organization’s API security strategy.

Sean Boulter

Principal Security Engineer @Salt

Derek Smith

Director Cloud Strategic Alliances @Trace3

Bio:

Derek Smith works as the Director of Cloud Strategic Alliances and Brand at Trace3. As part of the Cloud Solutions team, he engages with clients to help transform their business applications, operations and initiatives to the Public Cloud. Additionally, Derek also regularly serves within the Azure Community as a Mentor, Public Speaker, Content Creator, and Enthusiast for all things Azure Public Cloud.

Bio:

The sweet, discordant screech of her first 4800 dial up experience still fresh in her ears, Tina has been firmly attached to computers and all things technology from a young age. Having no idea of what she wanted to do when she grew up, Tina studied psychology and cognitive science in college before spending a decade plus wearing various hats in state government and higher education before transitioning to the private sector to continue building on her experience in operations, program management, security, and service delivery.

Since joining the team at Expel, Tina has continued her multi-hat approach, working first as an Engagement Manager with Expel's customers before pivoting to Solutions Architecture, discovery analysis, and all things technical presales. Serving as a Rosetta Stone at the intersection of business and technology, she is very interested in helping organizations of all sizes develop and mature their security operations and programs, and ensuring organizations understand the value and import of security. When not on the clock, Tina may be found exploring new places, searching for the perfect chef's tasting menu, and moving heavy things from point A to point B. She still doesn't know what she wants to do when she grows up, but finds security to be a super fun and challenging adventure for now.

Tina Velez

Solutions Architecture Manager @Expel

Steven Barnes

Systems Engineer @Fortinet

Bio:

Steve is a Systems Engineer at Fortinet based in Ferrysburg MI, and started in the Army in the Signal Core, worked outside plant at AT&T, did some TAC Call Center stuff, and has been working in the field with Customers for years. He has been working on Cloud DC builds and DevOps, and likes to talk about Fortinet’s Veterans group, FortiVet’s work with separating servicepersons entering the security workforce with education and mentoring.

Presenting:

Application Delivery in a Hybrid World

Synopsis:

With the shift to private, public, and hybrid multi-cloud deployments, teams are working to secure the developing attack surface. A fabric with integrations and automated responses provides the best defense and remediation for protecting applications and data. We will have a look at available integrations, cloud architectures with Application and Content Firewalling & Web Application Security, and Cloud focused tools like Workload Protection.

Presenting:

Your Executives at Home Are Not Alright

Synopsis:

Pre-pandemic, suggesting that one of the greatest digital risks to the enterprise was the home networks of
corporate executives, Board Members, and high-access employees would have been dismissed as hyperbolic or FUD. Post-pandemic, the expansion of the attack surface into the home is enterprise security’s new reality.

Within this presentation we will be covering why the home networks of many corporate executives are more vulnerable to cyberattack than those of the average dwelling, how home network vulnerabilities present new digital risks to both individuals and the enterprise, and real-world scenarios of home network compromise and their impact on business continuity.

Join us to learn more about strategies to reduce risks originating in home networks of corporate executives and why a Purple Team-like approach is necessary.

Scott Anderson

Cybersecurity Analyst @Blackcloak

Elon Bendet

Senior Threat Researcher @Proofpoint

Bio:

Elon Bendet is a threat researcher with over 10 years of experience in intelligence, cyber operations, and threat analysis. For the last 5 years he’s been uncovering the dynamic ecosystem of Cloud threats, gaining a deep understanding of malicious actors’ methods and aims, while developing detection & protection solutions. Currently, Elon leads Proofpoint’s Cloud Security Response team, which is tasked with conducting forensic investigations (Incident Response), and helping organizations remediate, or better yet – prevent, advanced security risks.

Presenting:

Attackers Paradise: An In-Depth Review of the Cloud Threat Landscape

Synopsis:

In this session, I’ll discuss the everchanging Cloud threat landscape, focusing on prominent threat vectors, attacks, and techniques. From diverse email threats to targeted precision attacks, widespread brute-force campaigns and malicious 3rd-party applications - bad actors (both independent and state-sponsored) are always inventing new ways to compromise and exploit SaaS environments. Join me for a comprehensive discussion about the current and future state of Cloud security risks, as observed from a holistic threat research perspective.

Bio:

Kelvin has over 20 years’ of experience spanning system engineering, networking, security engineering, auditing, and IT operations, working on large-scale projects for Big 4, Fortune 500 companies, and Government agencies to design and deliver top class IT and cybersecurity solutions. He has a masters degree from UMUC in Information Technology with a specialization in Information Assurance and holds a multitude of certifications to include CISSP-ISSAP, CISM, and MCSE.

Kelvin Green

Senior Solutions Engineer @Sumo Logic