Meet Our Speakers
Security Congress always attracts the best. Familiarize yourself with the accomplished speakers, duos
and panels who will present their expert insights across a wide range of topics and share their professional development experiences with you.
Speakers are listed alphabetically by first name.
Dr. Adriana Sanford – Acting-Director of Executive Education & Senior Fellow at OU CINS, University of Oklahoma
Dr. Adriana Sanford
JD, Dual LLM
Dr. Adriana Sanford is an award-winning Chilean American cybersecurity and global privacy law expert, an international corporate lawyer, educator, author, and international television commentator, who appears regularly as a CNN Español analyst to over 90 million viewers throughout the United States and Latin America. With multiple law degrees and fluency in four languages, Dr. Sanford works with diverse audiences, leading think tanks, and multinationals around the world. Her expertise is on global threats and laws at the international level, where the costs of non-compliance can present potentially enormous risk and expose executives to lengthy prison sentences in foreign territories.
She is a Senior Fellow with the Center for Intelligence and National Security (CINS) and the Assistant Director of Executive Education at the University of Oklahoma.
View Sessions with Adriana Sanford
Alan Rynarzewski – Undergraduate Faculty, Purdue Global University
BS – IT, MS – IS, PhD (ABD) – Critical Infrastructure
Worked in the government for 15 years in various security organizations. Was part of an incident response, forensic and cyber network defense teams throughout my tenure. Currently a faculty member at Purdue Global University teaching cybersecurity.
View Sessions with Alan Rynarzewski
Alex Haynes – CISO, CDL
Alex Haynes is an independent researcher with a background in offensive security. He is credited for discovering vulnerabilities in products by Microsoft, Adobe, Pinterest, Amazon Web Services and IBM. He is a former top 10 ranked researcher on Bugcrowd and a member of the Synack Red Team. Alex is also a frequent contributor to publications like the United States Cyber Security Magazine, Cyber Defense Magazine and Infosecurity magazine and speaks regularly at conferences on the topics of offensive security, vulnerability management and crowdsourced security. He is currently CISO at CDL.
View Sessions with Alex Haynes
Andrew Boyle – Director and Distinguished Cyber Technologist, Booz Allen Hamilton
CISSP, CEH, PMP, PMI-ACP, SPC/SA, PRINCE2
Andrew Boyle (CISSP, CEH, PMP, PMI-ACP, SPC/SA, PRINCE2) is a Distinguished Technologist with Booz Allen Hamilton and responsible for technical strategy for the National Agencies market space. He has provided the technical vision and successfully executed numerous enterprise scale advanced analytic capabilities across Defense, Intelligence Community, and Commercial clients. As an ardent proponent for open source solutions and open specifications for interfaces, and recognized industry expert on cybersecurity tools, he brings a holistic architectural mindset towards achieving best-of-the-best balanced solutions.
View Sessions with Andrew Boyle
Andrew Neal – VP – Research, Gartner
Andrew Neal is an executive, researcher and practitioner in the information technology and security community. He has developed strategy and executed projects for a corporations, law firms and government agencies around the world. With decades as a services provider and consultant specializing in data-centric issues around compliance, security and organizational management, he is in demand as an adviser and partner. Andrew frequently shares his experience as a speaker, adviser, board member and mentor, and is active in several security-related professional organizations. Andrew currently works for a global IT research organization, helping the world largest companies attain their mission critical IT priorities.
View Sessions with Andrew Neal
Ben Tomhave – Principal Consultant, Falcon’s View Consulting
BA (Computer Science), CISSP
Ben is a security industry veteran, progressive thinker, and culture warrior. He holds an MS in Engineering Management from The George Washington University, a BA in Computer Science from Luther College, is a CISSP, DevOps and DevSecOps certified through DevOps Institute, and is a graduate of the BJ Fogg Behavior Design Boot Camp. He’s previously held positions with Gartner, AOL, Wells Fargo, ICSA Labs, LockPath, and E&Y. He is former co-chair of the ABA InfoSec Committee, a senior member of ISSA, former board member for the Society of Information Risk Analysts, and former board member for OWASP NoVA. He is a published author and experienced public speaker, including engagements with the RSA Conference, MISTI, ISSA, RMISC, Secure360, RVAsec, DevOps Connect, as well as Gartner events.
View Sessions with Ben Tomhave
Brandon Dunlap – Managing Director, Brightfly, Inc
Brandon Dunlap has over 20 years of experience managing business technology risk in large and small organizations across a variety of regulated industries. Having played almost every position on the field of information security across his career trajectory, Dunlap uses his unique background to guide research agendas, cultivate communities in a variety of professional and industry associations, & deliver presentations on security topics for leaders across the globe
View Sessions with Brandon Dunlap
Caitlin Fennessy – Research Director, IAPP
Caitlin Fennessy is the Research Director at the International Association of Privacy Professionals. Caitlin also leads the IAPP’s privacy engineering initiative and serves as an in-house privacy expert. Prior to joining the IAPP, Caitlin was the Privacy Shield Director at the U.S. International Trade Administration. Caitlin joined ITA in 2009 and spent the next ten years working on international privacy and cross-border data flow policy issues. Caitlin served an adjunct professor of international privacy law at the University of Maine School of Law in 2016 and 2015 and at the University of New Hampshire School of Law in 2014.
View Sessions with Caitlin Fennessy
Caroline E. Saxon – Chief of Staff / Senior Advisor to CIO, Technology, TSYS
Caroline E. Saxon
CISSP, CCME, KCP
Experienced Cyber professional and Chief of Staff with a demonstrated history of working within the financial services industry. Skilled in Cyber Governance, Financial Services legal and regulatory affairs, contract drafting and negotiations, developing technology strategy and goals.
View Sessions with Caroline E. Saxon
Catherine Chapman – Security Journalist
Catherine Chapman is a journalist reporting on cybersecurity, data policy, and web hacking techniques. She is interested in new media theory, the relationship between high and low-tech warfare, and currently serves as board member for the Manchester-based skills and diversity group, the InfoSec Hoppers. Her work can be found in other publications such as Vice, NBC, MailOnline, the Lancet Psychiatry, and the International New York Times.
View Sessions with Catherine Chapman
Dr. Casey Marks – Chief Product Officer & Vice President, (ISC)²
Dr. Casey Marks
Casey’s responsibilities are inclusive of (ISC)² product vision, strategy, design, development and delivery. He serves as the lead executive developing psychometrically sound and legally defensible information security certifications that advance the mission and vision of (ISC)².
With 20 years of experience in large-scale assessment, Casey has published and presented extensively. He is recognized as an expert on issues related to adoption and vendor transition of Computer-Based-Testing for high-stakes, large-scale testing programs, international program expansion and examination security.
Casey has a long history of involvement and volunteer service with testing-related organizations such as:
– American Education Research Association (AERA)
– American National Standards Institute (ANSI)
– Council on Licensure, Education, and Regulation (CLEAR)
– Institute for Credentialing Excellence (ICE)
– International Test Commission (ITC)
– The National Council on Measurement in Education (NCME)
Casey served as an invited expert for the International Organization for Standardization (ISO) Working Group for the Revision of ISO/IEC 17024 and is a past president of the Association of Test Publishers (ATP).
Casey holds a B.S. degree from the University of Illinois and a PhD in Measurement, Evaluation and Statistical Analysis from the University of Chicago. He is a Certified Association Executive (CAE).
View Sessions with Dr. Casey Marks
Charles G. Yarbrough – Senior Engineer, Software Engineering Institute
Charles G. Yarbrough
With over 30 years in the IT industry and 12 years in information security roles, I now help guide and support the Department of Defense Vulnerability Disclosure Program (VDP) at the Defense Cyber Crime Center (DC3). This highly successful program was born out of the 2016 Hack the Pentagon effort, and acts as the DoD’s ‘front door’ between cybersecurity researchers and the DoD Enterprise IT shop. My role is to assist the DoD to design and grow the program to discover, track, mitigate, and close vulnerabilities on publicly-available DoD resources.
View Sessions with Charles G. Yarbrough
Christopher Romeo – CEO, Security Journey
Chris Romeo is CEO and co-founder of Security Journey where he creates and deploys security culture influencing training, consults, and speaks. His passion is to bring security culture change to all organizations large and small through the creation and design of gamified security education. He was the Chief Security Advocate at Cisco for five years, where he empowered engineers to shift security left in all products at Cisco and led the creation of Cisco’s security belt program. Chris has twenty years of experience in security, holding positions across the gamut, including application security, penetration testing, and incident response. Chris holds the CISSP and CSSLP certifications. For more information, see linkedin.com/in/securityjourney/.
View Sessions with Christopher Romeo
Clar Rosso – Chief Executive Officer, (ISC)²
Clar Rosso has more than two decades of experience helping global professional associations and certifying bodies grow and strengthen member value. As CEO of (ISC)², she is responsible for the overall strategic direction and management of the association.
Prior to joining (ISC)², Clar served as the executive vice president, engagement and learning innovation for the Association of International Certified Professional Accountants (AICPA) where she led the development and execution of strategy to support global competency development and lifelong learning for the finance and accounting profession.
Previously, Clar worked as the Chief Operating Officer of the California Society of CPAs (CalCPA) and the CalCPA Education Foundation where she drove membership growth of more than 30 percent and developed and executed a strategic vision to transition the Education Foundation to a digitally focused business model.
Prior to CalCPA, Clar worked as an educator, magazine writer and sports reporter.
Clar holds a bachelor’s degree in rhetoric and communications from the University of California, Davis and a master’s degree in special education from San Francisco State University.
View Sessions with Clar Rosso
Corina Encarnacion – Associate, Booz Allen Hamilton
Corina Encarnacion is an Associate for Booz Allen Hamilton. She is responsible for guiding, developing, and applying cyberspace capabilities while conducting strategic and operational-level planning across the full range of operations for integrated information and cyberspace operations.
As part of U.S. Cyber Command’s first Army National Guard Cyber Protection Team, she focused on protecting information systems by developing technical intelligence reports, conducting vulnerability assessments and penetration testing. She continues to serve, committed to developing solutions to address the challenge of protecting and safeguarding the confidentiality, integrity, and availability of sensitive data and assets. Corina earned her Bachelor of Science in Cybersecurity from University of Maryland University College and her Master of Science in Cybersecurity Risk and Strategy from New York University.
View Sessions with Corina Encarnacion
Craig Olsen, Cybersecurity Architect, Liberty Mutual Insurance Company
Craig Olsen has been working in Cybersecurity for over thirteen years at Liberty Mutual Insurance. The last five years he has been the Lead Security Architect guiding the migration of Liberty Mutual’s infrastructure to the AWS Cloud. He also has expertise in Application, Identity, Mobile, and Network security. He holds a Bachelor’s degree in Information Systems, a Master’s degree in Information Technology, and has maintained the CISSP certification since 2011.
View Sessions with Craig Olsen
David Koh – Chief Executive, Cyber Security Agency of Singapore and Commissioner for Cybersecurity
David Koh is Chief Executive of Singapore’s Cyber Security Agency and will serve as Singapore’s expert on the UN Group of Governmental Experts 2019–2021. Previously Koh was Deputy Secretary (Technology) and Deputy Secretary (Special Projects) of the Ministry of Defence. Koh also held senior command roles in the Singapore Armed Forces.
View Sessions with David Koh
Deidre Diamond – Founder And CEO, CyberSN
Deidre Diamond has combined her 25 years of experience working in technology and staffing with her love for the cyber security community to create CyberSN, a company transforming the way cybersecurity professionals approach job searches. Deidre is also the Founder of Secure Diversity, a 501(c)3 non-profit organization dedicated to addressing the cybersecurity talent shortage.
View Sessions with Deidre Diamond
Derrick A. Butts – Chief Information and Cybersecurity Officer, Truth Initiative
Derrick A. Butts
As Truth Initiative’s Chief Information Officer and Cybersecurity Officer (CIO/CO), Derrick A. Butts oversees a team of specialists supporting access control, cybersecurity, VoIP, wireless, and other information technologies along with enterprise and cloud-based applications. In 2015, he introduced a transitional engineering and logistics plan (TELP) to migrate 75% of Truth Initiative’s applications and services platforms to the cloud. He has reduced operational cost by 25% while seeing an 40% increase in productivity, satisfaction, and security awareness aptitude in end-users experience within a two-year period. In 2019, Truth Initiative’s culture experienced over 95% compliance during security awareness and phishing campaigns. He has been a panelist/guest_speaker/presenter for the last three (ISC)2 Security Congress and IDG_SecureIT Conference discussing topics from cybersecurity and risk management strategies to professional development.
View Sessions with Derrick A. Butts
Elad Ben-Meir – CEO, SCADAfence
Elad Ben-Meir is the Chief Executive Officer of SCADAfence. Elad brings over 15 years of experience in various executive business roles in the field of ICS Security. Recently, Elad spearheaded a complex research campaign to undercover industrial ransomware at manufacturing plants. As a result, Elad’s Incident Response teams, Cyber Research teams and Reverse Engineering teams discovered a pattern of how cyberattackers plant Ransomware in industrial facilities and how to proactively thwart cyberattackers’ plans. This research has been compiled and is now ready to present to IT & OT leaders at (ICS)2. Elad will discuss the findings of the report with the audience and will offer best practices & tips on how to prevent these cyber incidents in the future.
View Sessions with Elad Ben-Meir
Eric Gauthier – Information Security Officer, Scout Exchange
Eric Gauthier is a technology leader with twenty years’ experience architecting solutions for and managing teams within Information Security, IT infrastructure, and DevOps environments. Eric has worked for a range of organizations in various settings including corporate, academic, and service provider. He has built security programs and successfully led PCI, SOC, and GDPR compliance projects in eCommerce and cloud-first environments. Eric’s current focus is driving the adoption of DevSecOps – the integration of security into traditional IT, Development and Operations teams.
Eric is currently the Information Security officer for Scout Exchange. He is also a principal consultant for Side Channel Security and a member of the Cloud Security Alliance’s DevSecOps working group.
View Sessions with Eric Gauthier
Erik Von Geldern – CISO, FXCM
Erik Von Geldern
Erik has a prolific background working in Information Security. Working in Incident Response, Consulting, Architecture, and Management, Erik has seen companies at their best and at their worst. His ability to read into situations, develop a path back to the light, and execute on that plan have shown Erik to be a strong expert in our industry.
View Sessions with Erik Von Geldern
Faranak Firozan – Incident Response, NVIDIA
Faranak is an experienced incident commander and investigator, currently responsible for Uber’s Post Incident Review Program. In this role she is focused on helping the security industry rediscover the forgotten phase of incident reviews and extracting important learnings into the incident cycle to avoid repeated attacks. Throughout her career, Faranak has also led anti-money laundering initiatives for private banks and wealth management firms, managed incident response, and developed a unique approach to address the converging fields of financial fraud and traditional information security.
View Sessions with Faranak Firozan
Forrest R. Foster – Collaboration Compliance Program Lead, Cisco Systems, Inc.
Forrest R. Foster
CISSP, CISA, & CNSS-I. B.S. (Information Security & Assurance).
Forrest R. Foster serves as the Compliance Program Leader for the Collaboration business at Cisco Systems, where he manages a team that obtains & maintains external certifications for the Webex services product line, the 5th largest SaaS provider on the planet.
Forrest is an active volunteer member of (ISC)², having served as co-founder and former president of the (ISC)² Austin Chapter, and former president of the (ISC)² Silicon Valley Chapter. Additionally Forrest contributed as developer of the CCSP certification and exam tracks, and item writer/developer of the CISSP education track.
Forrest’s professional certifications include: CISSP, CISA, and CNSS-I. Forrest holds a B.S. in Information Security & Assurance. Forrest has over 30 years of experience in Information Security, Enterprise Risk Management, & IT Operations.
View Sessions with Forrest R. Foster
Jake King – CEO & Cofounder, Cmd
– Senior Security Operations, Hootsuite (3 years)
– Murdoch University, Bachelor of Science, School of Information Technology, Cyber Forensics, Information Security Management
– Communications Executive Group, Vancouver Security SIG and (ISC)² Vancouver Chapter – Live event streaming and communications for the VanSecSIG group, ISC² and ISACA meetings in Vancouver.
View Sessions with Jake King
James Packer, Head of Cyber Security, EF EDUCATION FIRST
I’ve spent 12 years working in multiple industries including Education, Professional Services, Financial Services, M&A and Insurance.
I’ve now been in Information Security for over 7 years and am the Head of Cyber Security at Education First, having moved from KPMG. My areas of specialisation include Security Strategy, Cloud Security, Incident Management, Security Awareness, Risk Management and Technical Security Training. I am the 2019 recipient of the ISLA EMEA award of Senior Information Security Professional.
As the Chapter President of the (ISC)2 London Chapter; I aim to drive the Chapter towards taking action to address problems we face as an industry and society as a force for good. I am a huge advocate for breaking down the barriers around the Cyber Profession.
View Sessions with James Packer
Jarrod Lynn – Graduate Student, NYU
I have a background in information security, security management, international relations, law, and law enforcement. While studying in the MS in Cybersecurity Risk and Strategy program at NYU Law and Tandon School of Engineering, my capstone group and I decided to focus on this topic. We drew on our various professional backgrounds. My unique contribution to the group came from my experience with international relations and the law of armed conflict, both of which are central to our topic. With respect to technical aspects, in addition to education and certifications, I work in the field of computer investigations and forensics.
View Sessions with Jarrod Lynn
Jennifer Sosa – Director, Information Security & Compliance Services, TransPerfect
Jennifer J. Sosa, Esq. is an experienced litigator and adviser on issues where technology and the law intersect. Ms. Sosa advises a broad range of clients on issues relating to privacy and information governance. She consults with multinational organizations on how to assess and mitigate the risks associated with the collection, use and disclosure of personal information and assist with the development of comprehensive privacy programs to address the requirements of constantly evolving regulatory schemes in the United States and abroad.
View Sessions with Jennifer Sosa
Jessica Gulick – CEO, Katzcy
Jessica (PMP, CISSP) partners with clients to design go to market strategies in cybersecurity that align to their business plans. She is the CEO of Katzcy – a certified women-owned VA business dedicated to helping cybersecurity firms grow. She brings 20+ years in IT & cybersecurity market as a security engineer, project manager, and CMO. She has a MBA from Virginia Tech. She has co-authored a number of NIST Special Publications and directed a number of cyber games. Jessica sits on the cyber education board at Bay Path University. She is president of the Women’s Society of Cyberjutsu nonprofit organization.
View Sessions with Jessica Gulick
Jim Turchek – Manager, Identity and Access Management, Progressive Casualty Insurance
View Sessions with Jim Turchek
John Bandler – Principal, Bandler Law Firm PLLC
John Bandler is a lawyer, consultant, speaker, teacher, and author in the areas of cybersecurity, cybercrime, investigations, law, and more. He runs legal and consulting practices that help corporations and individuals with cybersecurity, governance, and the prevention and investigation of cybercrime and other criminal activity. Prior to joining the private sector John served in government for twenty years as a prosecutor, police officer, and military officer. He investigated and prosecuted a wide variety of crime, including the global trafficking of stolen data and virtual currency money laundering. John’s new book is “Cybercrime Investigations, A Comprehensive Resource for Everyone”, and his first book is “Cybersecurity for the Home and Office”. He teaches law, graduate, and undergraduate level courses, and holds many certifications including CISSP.
View Sessions with John Bandler
John Carnes – Executive Adviser, Anthem, Inc
Having worked in Information Security for 20+ years as a consultant, manager, and SME, John has found what it takes to be successful, and what the chain of failure can look like. Having been with Anthem for the past 16 years, he now works as an SME in IAM.
View Sessions with John Carnes
John Esparza – Data Center Software Consultant, Schneider-Electric
Data Center Software Consultant 14 years with Schneider-Electric. Information Security Analysis for State of North Carolina ITS, Systems Engineer and Product Manager for AppGate Inc. IBM Network Engineer. Software industry for 37 years, CISSP and ISSAP. MS in Telecommunications Systems Engineering NC State, BS in Computer Science UT San Antonio
View Sessions with John Esparza
John G. Bates – Senior Counsel of Cybersecurity and Data Protection, Axiom Legal
John G. Bates
John G. Bates is currently with Axiom Legal as Senior Counsel of Cybersecurity and Data Protection. He was formerly General Counsel and Chief Information Security Officer for Clarity Insights (Accenture) in Chicago, IL. He was responsible for all legal, risk, IT security, and compliance functions and has led HITRUST and ISO 27001 certification programs.
Previously, he was part of a cross-functional team within U.S. Cellular’s IT Strategic Sourcing and Vendor Management group. He was also GC of Akta Web Studio (UI/UX consulting) supporting the leadership from inception to acquisition by Salesforce.
Mr. Bates received a BA in Philosophy from the University of Illinois at Urbana-Champaign and JD from Illinois Institute of Technology, Chicago-Kent College of Law.
View Sessions with John G. Bates
John Masserini – Global CISO, Millicom
A 25-year veteran of providing information and corporate security services to multinational companies. An industry-recognized leader whose expertise across multiple business verticals provides for a unique approach to delivering an information risk program that drives business-focused solutions to today’s global Information Security & Compliance challenges. An experienced leader who not only specializes in reinvigorating and realigning existing teams but also building new information security programs to meet today’s critical business needs.
As Global Chief Information Security Officer of Millicom Telecom International, John is responsible for all global aspects of information security, including Security Operations, Engineering, Architecture, Vulnerability and Risk management, and Business Continuity Planning for all 14 international operations.
John also runs a popular industry blog, Chronicles of a CISO, found at johnmasserini.com.
View Sessions with John Masserini
Joseph Carson – Chief Security Scientist & Advisory CISO, Thycotic
Joseph Carson has more than 25 years of experience in enterprise security, an InfoSec award winner, author of Privileged Account Management for dummies and Least Privilege Cybersecurity for dummies. He is a CISSP and an active member of the cyber community, speaking at conferences globally. He’s a cybersecurity advisor to several governments, as well as critical infrastructure, financial, and maritime industries.
View Sessions with Joseph Carson
Julia Hermann – Information Security Architect, Giesecke+Devrient GmbH
CISSP, CCSP and CISM
As Information Security Architect at Giesecke+Devrient GmbH, Julia Hermann is responsible for all technical aspects of IT security within the group. This includes the evaluation of new technologies, the conception of security solutions as well as the technical management of the global Cyber Defence Center with focus on Threat Intelligence, Cyber Resilience and Security Incident Management.
She has more than 15 years of experience in IT and information security management and has worked as a consultant for a major German telecommunications group and as an information security manager for a European authority. As a certified CISSP, CCSP and CISM, she is not only Vice President of the ISACA Chapter Germany e.V. but also a founding member of the (ISC)2 Chapter Germany e.V.
View Sessions with Julia Hermann
Keri Pearlson – Executive Director- Cybersecurity at MIT Sloan
Keri Pearlson is the Executive Director of [email protected] at MIT’s Sloan School of Management. Dr. Pearlson has held positions in academia and industry including Babson College, UTexas-Austin, Gartner’s Research Board, CSC, and AT&T. She founded KP Partners, a CIO advisory services firm and the IT Leaders Forum, a community of next generation IT executives. Dr. Pearlson’s researches the intersection of information systems, business strategy and organizational design. Her work has been published in Sloan Management Review, Academy of Management Executive, Information Resources Management Journal and Harvard Business School Publishing. Dr. Pearlson holds a Doctorate in Business Administration (DBA) in MIS from Harvard Business School and a MS in Industrial Engineering and BS in Mathematics from Stanford.
View Sessions with Keri Pearlson
Dr. Kevin Charest, CISSP – Divisional Senior Vice President & CISO, Infrastructure and Information Security
Dr. Kevin Charest
Dr. Kevin Charest serves as the divisional senior vice president and chief information security officer for Health Care Service Corporation. He is responsible for all aspects of IT infrastructure and security operations across HCSC’s five plan states, including actively monitoring and mitigating current cyberthreats and overseeing the governance, risk and compliance program.
Kevin previously served as the VP of IT security and cyber defense operations at UnitedHealth Group and as the chief information security officer for the U.S. Department of Health and Human Services (HHS) where he was directly responsible for the HHS cybersecurity technology portfolio. Prior to joining the federal government, Kevin served in a number of entrepreneurial and senior executive positions in the private sector. His leadership in technology applications, innovation and security were instrumental to the development of numerous products and services.
Kevin holds a Ph.D. in Cybersecurity from Capella University. He also holds a master’s degree in Business Administration from the University of West Georgia and a bachelor’s degree in Computer Science from the University of Central Arkansas. He is also a veteran of the United States Marine Corps and the U.S. Army.
View Sessions with Dr. Kevin Charest
Kevin McNamee – Director of Threat Intelligence, Nokia
Kevin McNamee heads up Nokia’s Threat Intelligence Lab. This lab analyses hundreds of thousands of malware samples each day to create the threat intelligence that powers Nokia’s adaptive 5G end-to-end security solution. Previously he was director of Security Research at Bell Labs, specialising in the analysis of malware propagation and detection. He is an expert on mobile network security, holds ten patents in this field and has had speaking engagements on the topic at RSA, BlackHat and the (ISC)2 Security Congress.
View Sessions with Kevin McNamee
Koji Nakao – Distinguished Researcher, National Institute of Information and Communications Technology (NICT)
Koji Nakao received the B.E. degree of Mathematics from Waseda University, in Japan, in 1979. Since then, Koji has been engaged in the research on information security technology for telecommunications including IoT security and 5G security. His present positions are “Distinguished Researcher” in NICT and “Guest Professor” of Yokohama National University on IoT security research. Koji has also been an Advisor of Cybersecurity for CABINET SECRETARIAT in Japanese government since April 2017.
View Sessions with Koji Nakao
Kris Rides – CEO, Tiro Security
Kris has been working in technical staffing for over 20 years and co-founded Tiro Security, a cyber security staffing and professional services firm over 8 years ago. He recently founded a staff retention software and services company, kmute. Kris is the current President and a founding Board Member of the Los Angeles Cloud Security Alliance Chapter and he serves as an Advisory Board Member for California State University, Fullerton’s Cyber Security Program as well as the National Cybersecurity Training & Education Center (NCyTE).
View Sessions with Kris Rides
Lisa Vaughan – CIO, Mississippi Department of Environmental Quality
Lisa Vaughan is the CIO/CISO for the Mississippi Department of Environmental Quality (MDEQ) and has had a 32-year information technology and security career in both public and private sector industries.
Lisa has a passion for bringing awareness of cyber security and computer science careers to the next generation workforce. Her volunteerism to turn awareness into action includes teaching coding classes to elementary and middle-school students and being actively involved in organizations that promote and provide cyber security and computer science awareness and education.
View Sessions with Lisa Vaughan
Mari Galloway – CEO, Senior Security Architect, Women’s Society of Cyberjutsu
BBACIS MSIS CISSP GIACx6 Pentest+ CySA+ Security+ IT Project+ CEH
Mari is the CEO and a founding board member for the Women’s Society of Cyberjutsu (WSC). Mari began her cyber career with Accenture where she excelled as a Network Engineer. Mari is also the inaugural ISC2 Diversity Award for 2019. With over 10 years of IT and cybersecurity, her experience spans network design and security architecture, risk assessments, vulnerability management, incident response and policy across government and commercial industries. She holds a variety of certifications (CISSP, GIAC, CCNA, etc) as well as a Bachelor’s degree in Computer Information Systems from Columbus State University and a Master of Science in Information Systems from Strayer University. She regularly contributes content to security blogs and training companies across the country as well as an Adjunct Professor for UMUC.
View Sessions with Mari Galloway
Melike Etem – Head of Governance, Risk and Compliance, Earnin
CISSP, CIPP/IT, CRISC, PMP& ITIL.
Melike has been instrumental in enabling risk based decision making in various C-suite advisory roles by implementing strategic risk management programs in EY, Freddie Mac and Symantec. She established the enterprise technology risk management program at Common Securitization Solutions, the joint venture of Fannie Mae and Freddie Mac to oversee and monitor the technology risk posture from development to after go-live as part of single securitization initiative, an industry valued approximately $5 trillion. Melike is passionate about empowering and increasing visibility and influence of women in STEM fields.
Melike holds a B.S. in Computer Science and Engineering from Pennsylvania State University and an M.S. in Systems Engineering from University of Virginia. She is CISSP, CIPP/IT, CRISC, PMP and ITIL certified.
View Sessions with Melike Etem
Michael F. Angelo – Chief Security Architect, Micro Focus Corporation
Michael F. Angelo
Michael F. Angelo has over 30 years experience in the Cyber Security field. His accomplishments include over 60 granted security patents, a named Sigma XI distinguished lecturer, TCPA (now TCG) lifetime achievement award, a place on the ISSA Hall of Fame, and a place on the BIS / ISTAC. He has presented numerous times at RSA, InfoSec(UK), and ISSA (National/Regional/Webinars). Michael was responsible for security at the John von Neumann National Supercomputer Center. He was also a Staff Fellow at Compaq and HP where he worked on advanced security technology. Michael has implemented and taught numerous organizations to create and user of a Secure Development Life-cycles since 2000. In his current role he is responsible for the Secure Development Life-cycle for over 40 products.
View Sessions with Michael F. Angelo
Michael D. Weisberg – Chief Information Security Officer, Information Security and Assurance, Garnet River, LLC
Michael D. Weisberg
Michael Weisberg, CISSP has been involved in the Information Security field since his early career in mainframe systems security. He has provided technical expertise and hands-on implementation assistance in the areas of Identity Management, Perimeter Security, Patch Management, as well as general security policy. Michael has been involved in the Open Source community since 1994 and is an advocate for Standards Based software for securing environments while controlling costs.
Michael is a graduate of Rensselaer Polytechnic Institute. His career has led him through the Government, Financial, Education and Industrial sectors. He was the founding director of the Cyber Security program at Russell Sage College. He is now CISO and VP of the Information Security practice at Garnet River, LLC, a technology consulting firm.
View Sessions with Michael D. Weisberg
Ninad Doshi – Azure Security Lead – US Financial Services Customer Success Unit, Microsoft
Ninad is the Lead Security Architect on Microsoft’s Customer Success team working with Information Security Officers and Enterprise Security Operations teams to provide security, compliance and risk management guidance for Microsoft Azure-based workloads. This includes a focus on financial services-related regulations and guidelines including ISO/IEC 27002:2013, NIST 800-53r4, PCI DSS v3.1 as well as planning for incident response and using threat modelling approach. Some of work includes whitepapers he co-authored on Incident Management Implementation Guidance: Azure and Office 365.
View Sessions with Ninad Doshi
Paco Rosas Moreno – Section Supervisor, Johns Hopkins University Applied Physics Laboratory
Paco Rosas Moreno
Paco is an information security professional with years of experience in a variety of roles. He currently serves as a section supervisor at the Johns Hopkins University Applied Physics Laboratory. He recently completed the CISO program at Carnegie Melon University and is currently a candidate for a Master’s Degree in Cybersecurity Risk and Strategy at NYU. He holds an MBA from the University of Phoenix-Austin Campus and a BA from Texas A&M University-Kingsville.
View Sessions with Paco Rosas Moreno
Patrick T. Craven – Director, Center for Cyber Safety and Education
Patrick T. Craven
BS in Communication
Patrick Craven, has 30 yrs of nonprofit and C-Level roles at Big Brothers Big Sisters, Vietnam Veterans Memorial Fund and the Boy Scouts of America. As director for the Center for Cyber Safety and Education, he is responsible for all business operations, supporting the Board of Trustees, leadership to employees/volunteers, marketing & business development, and new program development. He has a BS in Communication from Xavier University (Cincinnati, OH) and a member of the ECPI University, Lake Mary Campus’ Program Advisory Board, Cyber and Network Security.
View Sessions with Patrick T. Craven
Paul Jordan – Managing Director, IAPP
As the European Managing Director of the IAPP European office in Brussels, Paul Jordan is responsible for implementing strategy and planning for Europe as well as leading efforts in expanding IAPP’s European presence. In addition to working in the tech corporate sector, Paul has delivered business management & consultancy services to a variety of association clients, including the Supply Chain Council (SCC), the International Society of Pharmaceutical Engineering (ISPE) and the Project Management Institute (PMI), overseeing their European strategy and operations. Paul holds a degree in Business Economics with a Human Resources Management specialization from Boston University and the Vrije Universiteit Brussels. He is fluent in French, with passive knowledge of other European languages.
View Sessions with Paul Jordan
Phil Lee – Partner, Fieldfisher
CIPP(E), CIPM, FIP
Phil Lee is a Partner in Fieldfisher’s Privacy, Security and Information law team. He has worked on both sides of the Atlantic, having founded Fieldfisher’s Silicon Valley office, and is recognized as a leading data protection expert in the Legal 500, Chambers and the legal edition of Who’s Who. He has particular specialisms in new technologies, adtech and social media.
View Sessions with Paul Jordan
Richard Tychansky – Security Architect
CISSP-ISSEP, CSSLP, CAP
Mr. Tychansky, CISSP-ISSEP, CSSLP, CAP is a Security Architect with over 15 years of experience in cryptographic systems and software security engineering. He has in worked in higher education conducting applied cryptographic research, defense systems engineering, biometric software development, and with Google’s Security & Privacy division to protect the data of over a billion users. He has a passion for educating the next generation of security professionals through his speaking engagements.
View Sessions with Richard Tychansky
Rob Ayoub – Senior Product Marketing Manager, FireEye
Rob Ayoub is a Senior Product Marketing Manager for Network Security products at FireEye. In this role he provides go-to-market positioning, content, competitive analyst, and event representation for the Network Security portfolio at FireEye. Previous, Rob Ayoub was an Program Director at IDC, where he provided thought leadership and guidance for clients on a wide range of security products, ranging from traditional network security products such as firewall, IPS and UTM to emerging products designed to protect the cloud and the Internet of Things (IoT). Rob is also responsible for research and analysis around a wide range of evolving security markets, including forensics and security and vulnerability management (SVM). Rob is involved in a number of initiatives in San Antonio, including the CyberPatriot.
View Sessions with Rob Ayoub
Robbie Meitler – AVP – Global Cybersecurity & Response Readiness, Liberty Mutual Insurance Company
CISSP, CIPP, GSLC
Robbie J. Meitler is an Assistance Vice-President of Global Cybersecurity at Liberty Mutual Insurance. His currently leads cyber response readiness for a global financial services company with advocacy to change employee behavior and build a culture of cybersecurity and data protection. Mr. Meitler has held positions in cybersecurity, privacy, regulatory compliance, operations management, and consulting. Mr. Meitler holds a CISSP, CIPP, and GSLC.
View Sessions with Robbie Meitler
Russell Megonigal – Senior Product Manager, HID Global
Russell Megonigal has worked in various Product Marketing roles at HID Global as part of the Crossmatch acquisition in 2014. While his current role is managing enrollment Biometric hardware products, he spent several years analyzing the authentication market segment which included topics related to Behavior Biometrics. Russell has a deep interest in all topics related to identity and he is excited to be part of the conversation at the 2020 (ISC)² Virtual Security Congress.
View Sessions with Russell Megonigal
Sarah B. Lee – Director, School of Computing Sciences and Computer Engineering, University of Southern Mississippi
Sarah B. Lee
Sarah joined the faculty at Mississippi State University (MSU) in 2011 after a 19-year career at FedEx Corporation, and she currently serves as Assistant Department Head in the Department of Computer Science and Engineering (CSE). In 2013, she co-founded the Bulldog Bytes outreach program which has delivered CS and cybersecurity informal learning activities to K-12 students and teachers. She is on the board of directors for the Mississippi Coding Academies, a novel, state-supported, emerging workforce development program. Sarah is a co-pi on the CyberCorps Scholarship for Service program at MSU, and provides leadership to cybersecurity degree and curriculum development in CSE. In 2019, she was recognized by the Mississippi Business Journal as Top in Tech for her work in broadening participation in computing.
View Sessions with Sarah B. Lee
Saskia Coplans – Founder and Security Consultant, Digital Interruption
Saskia Coplans is a co-founder and director at Digital Interruption. She is a registered Data Protection Officer (DPO) and a privacy specialist. She has over ten years’ experience in information security and governance along with standards and policy development. She has worked across Europe and Central Asia for Governments, NGOs, Regulators, and the private sector. She is the founding board member of Manchester-based skills and diversity group, the InfoSec Hoppers and sits on the board of the OWASP Manchester Chapter and the Manchester Grey Hats.
View Sessions with Saskia Coplans
Scott M. Giordano – V.P. and Senior Counsel, Privacy and Compliance, Spirion
Scott M. Giordano
Scott M. Giordano is an attorney with more than 20 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy and a Certified Information Security Systems Professional (CISSP), Scott serves as Spirion’s subject matter expert on multinational data protection and its intersection with technology, export compliance, internal investigations, information governance, and risk management. Prior to joining Spirion, he served as Director, Data Protection for Robert Half Legal and established the global privacy program for Esterline Technologies Corporation in Bellevue, WA.
Scott is a member of the bar in Washington state, California, and the District of Columbia.
View Sessions with Scott M. Giordano
Sharon Smith – Principal Consultant, Verizon
Since 2005 Sharon has worked globally with companies from a single location to Fortune 50 providing consulting and advisory services around their security and compliance initiatives. Sharon’s past work has spanned a broad security spectrum as a principal security consultant, auditor, and advisor. Sharon understands the challenges of the security industry and the adversity the security professional is up against and must deal with every day. She not only understands the technology they work with, but also the challenges in getting business buy-in for the proper support and funding to achieve and maintain the confidentiality, integrity and availability of information resources.
View Sessions with Sharon Smith
Shawn A. Harris – Director, Information Security – Strategy, Engagement, and Architecture, Starbucks Coffee Company
Shawn A. Harris
Shawn Harris has over 25 years of Information Security experience. He is currently the director, information security – Strategy, Engagement, and Architecture at Starbucks Coffee Company. Shawn’s background includes engineering, architecture and executive responsibilities. Shawn previously assisted with the initial development of the CCSP (Certified Cloud Security Professional) certification, served on the NIST Cloud Computing Security working group, IETF JOSE working group, the Cloud Security Alliance CCM, CAIQ, and the Enterprise Architecture Working groups. He has contributed material for ISC2 CISSP, ISSAP, and CCSP examinations. Shawn is currently Co-Chair of a Cloud Security Alliance working group, leading efforts to develop the Cloud Control Matrix 4.0.
View Sessions with Shawn A. Harris
Timothy R. Robnett – vCISO, Wavefront Consulting, Inc
Timothy R. Robnett
Mr. Robnett has more than 25 years in Information Security and Risk. His firm focuses on helping clients build world-class cyber security and cyber resiliency capabilities. He has extensive experience working with clients who have experienced data breaches regain control of their systems and hardening them against future attacks. Prior to returning to consulting, he had oversight for security during mergers and acquisitions and led Identity for Anthem, Inc. and directed the IAM portion of Anthem’s breach remediation in 2015.
View Sessions with Timothy R. Robnett
Wendy Lau – Cyber Risk Specialist, Federal Reserve Bank
Wendy is a Cyber Risk Specialist at the Federal Reserve Bank of New York, where she has been working in information technology for over six years. As a Cyber Risk Specialist, she manages resiliency at the bank and dependencies of business operations and assets in case of cyber incidents. Wendy is a candidate for a Master’s Degree in Cybersecurity Risk and Strategy at NYU Law and Tandon School of Engineering.
View Sessions with Wendy Lau
Wesley Simpson – Chief Operating Officer, (ISC)²
As COO, Wesley oversees the operational aspects of contracts with all business partners. He collaborates with the Chief Executive Officer and senior management to support (ISC)² programs and services. He’s also responsible for the development and implementation of a business template for the regional offices.
Wesley has more than 25 years’ experience leading digital transformation, systems development, asset and project management, and growth initiatives for global Fortune 500 and non-profits. Exceptional communicator with strong executive presence and proven history of mobilizing organizations to undergo cultural and digital transformations that continually result in superior levels of innovation, excellence, and success. Decisive and calculated risk taker and key stakeholder influencer with compelling vision of the future of technology innovation, creativity, and change. Champion for global collaboration, volunteer committee member, and lifelong learner with nine technical and project management certifications.
Wesley holds a B.S. in Accounting from the University of Massachusetts and various technical certifications.
View Sessions with Wesley Simpson
Zachary Tudor, CISSP – Associate Laboratory Director for National and Homeland Security, Idaho National Laboratory
Zachary (Zach) is the Associate Laboratory Director of Idaho National Laboratory’s (INL) National and Homeland Security’s (N&HS) organization. It’s a major center for national security technology development and demonstration, employing 550 scientists and engineers across $300M in programs for the:
– Department of Defense (DOD)
– Department of Homeland Security (DHS)
– The Intelligence Community
N&HS is responsible for INL’s Nuclear Nonproliferation, Critical Infrastructure Protection, Defense Systems and Homeland Security missions that include:
– Safeguarding and securing vulnerable nuclear material
– Enhancing the overall security and resilience of the nation’s infrastructure
– Providing protective system solutions and heavy manufacturing of armor for national defense
Zach has more than 30 years of experience in IT and cyber security management, operations and incident response.
Past positions include Program Director in the Computer Science Laboratory at SRI International, support to the Control Systems Security Program (CSSP) and the ICS-CERT at DHS, on-site deputy, program manager for the NRO’s world-wide operational network, information security manager for OSD CIO’s Enterprise Operations Support Team and security management support for the Centers for Medicare and Medicaid Services.
Zach holds an M.S. in Information Systems from George Mason University concentrating in cyber security.