| KEYNOTE | |
| Greg Brock (Firefli) | |
| A graduate of Virginia Tech, Greg spent almost 14 years at a CBS affiliate station in Roanoke, Virginia helping to lead the company through a transition into digital. As online content continued to transform the media landscape, Greg founded Firefli, an award-winning digital products, branding, and content strategy agency in 2010 and along with his two partners John Cornthwait and Matthew Sams, they’ve grown to be one of the largest agencies in Southwest Virginia. Firefli has been recognized alongside CNN, Time Warner Cable, and Hubspot at the Webby Awards. In addition, Firefli has won numerous other honors from the American Advertising Awards and the Public Relations Society of America. In 2021, Recently, Firefli was ranked as a “Top 20 Best Places to Work” by Virginia Business Magazine for a commitment to company culture and employee growth. Greg carries almost 25 years experience in advertising, marketing, management, entrepreneurship, and business development; and has spent time in print, radio, television, and most recently, digital media. Named Advertising Person of the Year by the Roanoke chapter of the American Advertising Federation, Greg also sits on the boards of the Roanoke Regional Chamber and the Jefferson Center. Greg lives in Roanoke, VA with his wife Donna and has two children, both attending VCU. |  |
| TRACK 1 | |
| Mr. Oak -“Spy Games: Psyber Misinformation” His name & title isn’t important, what he does is. He’s a multi-discipline, Senior Prinicipal level Architect that does pentesting & full stack development. He’s a push it till it breaks, stack it till it screams, No Limit Architect that makes Honey Badger look like a Sunday School Nurse. He’s an active cyberwarfare operator with verified campaigns against China, Russia, North Korea, and is currently actively involved in campaigns in the Ukraine/Russia conflict. In simple terms, he’s John Wick’s Tech Support. |  |
| Jeremy Straub – “Penetration Testing Automation as a Secret Weapon in the Spy vs. Spy Battle of Cybersecurity” Dr. Jeremy Straub is the Director of the North Dakota State University Cybersecurity Institute. He has over 20 years of experience in the design, development and security of IT solutions. A former technology industry executive, Straub was the founding associate director of the NDSU Cyber Security Institute. He holds a Ph.D. in Scientific Computing, an M.S., an M.B.A. and two B.S degrees. In the software and electronics industry, Straub held executive, strategic leadership and software and technology development management positions at multiple firms in the United States and the Asia-Pacific Region; however, long-term technology development was always his passion, leading to his return to academia. Straub has published over 80 journal articles and 250 full conference papers. He is a team member recipient of the North Dakota Governor’s Award for Excellence in Public Service Roaming Bison Award. Straub is also a Fellow of the Inter-University Seminar on Armed Forces and Society and has served as lead inventor on two issued U.S. patents. His work has been funded by the U.S. National Science Foundation, U.S. Department of Defense, the National Security Agency and the National Aeronautics and Space Administration, among others. His research includes technology development and technology policy. |  |
| FBI Panel – These are not the droids you’re looking for. | |
| Will Baggett – “Digital Forensics and Voting Machine Security” Will Baggett has a background in the U.S. Intelligence Community and also in NATO SOF as a cyber instructor His experience in the Intelligence Community provided a foundation for Insider Threat, Digital Forensics, and Cyber Intelligence consulting to pharmaceutical, financial, and technical entities. He is a graduate of Georgia Tech, holds multiple digital forensic certifications as well as that of a Certified Fraud Examiner and has appeared on several news broadcasts discussing cybersecurity issues. Will is also the Director of Digital Forensic services for Operation Safe Escape, a volunteer-run non-profit assisting domestic abuse victims as they begin new lives. |  |
| Max Rogers – “Defense Evasion: Forcing Threat Actors to Evolve” Over the past decade Max has focused in Digital Forensics, Incident Response, Detection Engineering, Managed Threat Hunting, and Security Operations. He spent 8 years with Mandiant & FireEye working in their 24×7 Managed Detection & Response organization before joining Huntress as the Director of their Threat Operations Center. His experience at Mandiant & Huntress has given him unique insights into real world intrusions from small mom & pop businesses to fortune 500 enterprises. |  |
| Alan Cook – “The Hacks that Made Us” Alan Cook is a Sr. AppSec Engineer for a financial institution performing penetration testing, red-teaming, and purple-teaming with experience in product security, security engineering, security administration, infosec governance, and auditing. |  |
| Jinisha Norwood & Tamisha Dixon – “Untraditional Paths to Cyber Security” Jinisha Norwood – Jinisha is a Vice President and Cyber Security Engineer within Bank of America’s Global Information Security Innovation and Strategy organization where she conducts market research and evaluates market leading security products. She enjoys bringing people, processes and technology together using her app development, infrastructure management and information security background. She is also an avid supporter of encouraging young women in the field of technology. Her passion in technology, social work and changing the gender disparity in tech inspired her to give back and speak at the United Nations, TEDxNJIT and other platforms. She believes that having more women in technology will take our society and marketplace to new, excited and unexplored territories. She currently resides in Charlotte, NC, with her husband and 3 fur babies. Tamisha Dixon – Tamisha Dixon is Assistant Vice President and Product Evaluation Engineer at Bank of America. She’s been with the bank for almost 3 years, with more than 15 years’ experience managing global teams, developing talent, and solving problems. Tamisha has more than a decade of experience as an entrepreneur, mentor, live coach, and a therapeutic foster parent helping people of all backgrounds reach their full potential. Tamisha is currently mentoring computer sience students at the University of North Carolina Charlotte. Tamisha is a phenomenal speaker and workshop facilitator passionate about leadership development, emotional intelligence awareness, and corporate life 101. While taking a break in attaining her master’s in cyber security technology management, she is also a wife and bonus mom to two amazing 16 and 17 year olds living in the beautiful city of Charlotte, NC. |   |
| TRACK 2 | |
| Adam Bowen – “Vulnerability Management Misunderstandings” Adam has over 20 years working on computers and security from basic systems, to large scale networking, to security solutions and penetration testing. He has a passion for learning new things and helping others. There are 3 children (14, 12, 9), an amazing wife, 1 dog and 2 cats keeping it interesting at home. In his spare time he enjoys reading and writing Fantasy, playing games (board and video), walking/hiking, etc. |  |
| Jason D. Christopher – “OT vs. IT: Securing Complex Cyber-Physical Systems” Jason D. Christopher is the Director of Cyber Risk at Dragos, an ICS/OT/IIoT security firm, where he helps clients manage cybersecurity capabilities in industrial environments. He is also a Certified Instructor and Author for the SANS Industrial Control Systems curriculum and has testified before the United States Congress on OT-specific security concerns. He has held multiple roles within industry, including as an operator, federal regulator, security researcher, and technology executive. Jason specializes in scaling security programs across multiple critical infrastructure sectors, with a specific focus on linking OT practitioners with executive leadership. He is a GICSP and GCIP certified professional and has been involved in several industry standards and guidelines, including NERC CIP, the NIST CSF, and the DOE C2M2. Jason has a Bachelor’s in Computer Engineering from Binghamton University and a Master’s in Electric Engineering from Cornell University. |  |
| Chris Horner – “Protecting Yourself From People Like Me” Chris Horner is a Security Engineer with local consultancy Triaxiom Security. He is also an active member of the business community, having sat on multiple Boards for non-profit organizations and routinely volunteers to support initiatives for local artists and entrepreneurs. He is also a self-proclaimed walking talking encyclopedia about all things related to cars and dares anyone to challenge that. |  |
| Dahvid Schloss – “How to Stop Your Cybersecurity Program from Failing (through the eyes of a threat actor)” Dahvid is the Managing Lead, Offensive Security at Echelon Risk + Cyber and a content creator for The Cyber Idiots. As an experienced cybersecurity leader with over 12 years of cyber-attack and defense experience, Dahvid has previously worked as a Red Team Operator with a Big 4 consulting firm leading and conducting Adversarial Emulation (red team) exercises as well as served in the military, leading, conducting, and advising on special operations offensive cyber operations. He has a wide background in cybersecurity including logical, social, and physical exploitation as well as incident response and system/network device hardening. Dahvid is also a Malware Development Instructor, growing Adversarial Emulation knowledge to those looking to expand their skills in the highly specialized space. |  |
| Sahan Fernando – “Attack Path Management” Sahan Fernando is the Chief Information Security Officer for Rady Children’s Hospital–San Diego, the largest children’s hospital on the West Coast and one of the nation’s top pediatric health care systems. His experience includes security operations, incident response, systems engineering and architecture, and IT and Information Security Program Development at several institutions across multiple sectors. In addition to industry certifications, he is a member of the Tribe of Hackers: Blue Team organization. In his personal time, he volunteers with several organizations including as an assistant rowing coach with his alma mater Gonzaga University. He hopes to continue helping organizations develop IT and Information security programs that empower their goals. |  |
| Alexander Rubin – “Confused deputy problem for databases: a method for privilege escalation in MySQL and PostgreSQL” Alexander was working as MySQL principal consultant/architect for over 15 years, started with MySQL AB in 2006 (company behind MySQL database), Sun Microsystems, Oracle and then Percona. His security pentest/red teaming interest started with playing CTFs and performing opensource security research. Alexander is leading the RDS Red Team at Amazon Web Services. |  |
| Michael Burch – “A tactical look at Application Security | A Green Berets perspective” Michael is an Ex-Army Green Beret turned application security engineer. Currently, he serves as the senior enlisted Cyber Network Defender for the North Carolina National Guard. In his civilian career, he is the Director of Application Security and content team lead for a SaaS based application security training platform. He leverages his security knowledge and experience as a developer to educate and challenge other developers to be a part of the security team. |  |
| TRACK 3 (Virtual) | |
| Carlos Rodriguez & Ben Finke – “Delivering Control Assurance Through Purple Teaming” Carlos Rodriguez – Carlos Rodriguez is a senior technology and security officer with a proven track record of identifying critical problems and risks, which he translates into programs that support the urgent and long-term needs of the business. He achieves this by building trust and cooperation with peers and executive leadership through engagement and open communications. One of Carlos’ passions is transforming teams into highly engaged, collaborative, agile, and business-oriented units that focus on delivering business value while relying on each other to achieve the team’s objectives. Over the last ten years of his career, Carlos has led and built security programs and teams in the legal, financial services, and insurance sectors while being an active member and thought leader within those communities. During his time in the legal industry, he spearheaded and built the strategy for LegalSEC™, the first information security sharing organization in the legal sector. He was also active in the FS-ISAC and local CISO communities, where he collaborated with industry peers to deliver value to the industry. Today Carlos functions as a Fractional Chief Information Security Officer for various organizations by building and leading the execution of a long term continuous, adaptable, and actionable security strategy. Carlos has certifications in CISSP, CISM, Security+, Certified SAFe 4 DevOps Practitioner, Certified Business Agility Foundations, ITIL Foundation v2011. Ben Finke Ben Finke is a managing partner and Chief Technology Office at OnDefend. OnDefend is a leading national provider of preventative cyber security testing services and solutions. Ben also leads the Research and Development at OnDefend, building tools that make the OnDefend team deliver better results and tools that our customers use to directly improve their security posture, such as Blindspot. Ben has a Bachelor of Science degree in Computer Science from Florida State University and currently holds multiple professional certifications. Ben is not only passionate about protecting his clients from a successful cyber-attack but enjoys sharing his knowledge with others. As part of this, Ben speaks regularly at public and industry events throughout the southeast and is a co-organizer of the B-Sides JAX information security conference. |   |
| Jessie Misico – “Privacy for College Students” Jessie is a first-generation college student majoring in Information Security. She’s actively involved in campus activities, such as her school’s cybersecurity competition team and founding of the upcoming Women in Cybersecurity chapter. She’ll also be finishing up her first cybersecurity apprenticeship at the end of the year. |  |
| Mark Orlando – “Secrets, Lies, and Half-Truths in Cyber Defense” Mark is the Co-Founder and CEO of Bionic, a cyber defense firm. He is also a Certified Instructor and course author at the SANS Institute specializing in blue team and security leadership. In this talk, he’ll be drawing from over 20 years of experience as a SOC analyst, operations lead, CTO, and startup founder focused on security operations and cyber defense. |  |
| Ali Kabeel – “Breaking the Giants with Logic” Ali Kabeel is a security and privacy engineer in the Italian mobile application developer “Bending Spoons”. He is also a security researcher with more than 5 years of expertise in web & network security, bug hunting and security research. During his journey, Ali found and exploited vulnerabilities in gigantic companies including Facebook, Google, Microsoft, Snapchat, Apple and many more! His research interests revolve around business logic vulnerabilities, microservices’ security, and network security. Ali can be found on social media @l0gicbreaker on Twitter and @kabeel on LinkedIn. |  |
| Tommy (jinksto) Jinks – “Innovation, The Enterprise, and YOU.” Tommy Jinks is a Senior Vice President and Principle Infosec Researcher at a major American bank. After misspending his youth in a multitude of roles with the US military, the US government and the US offshore oil industry he met and married his wife of 28 years. Finding “True Love” led to a partiality for roles in which getting blown up at work was less certain. With more than 20 years working with innovation and research teams across the financial industry where he attempts to get fired by making mundane things do more interesting things, Tommy has a keen understanding of building and deploying innovative technologies in risk averse and highly regulated environments. Tommy loves sharing his experiences with others and facilitating opportunities for them to succeed. In his free time, he creates handmade furniture with traditional woodworking tools, chases script kiddies off of his digital lawn and builds his own electronics from scratch. He lives in the woods near Charlotte, North Carolina with his wife, dog, cockatiel, 4 cats, 11 chickens, 30,000 honey bees and a Weller soldering iron. |  |
