2017 Central Ohio InfoSec Summit
Strategist & Sr. Fellow
New America Foundation
Peter Warren Singer is Strategist at New America and an editor at Popular Science magazine. He has been named by the Smithsonian as one of the nation's 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and by Onalytica market research as one of the ten most influential voices in the world on cybersecurity. Peter's award winning books include Corporate Warriors: The Rise of the Privatized Military Industry, Children at War, Wired for War: The Robotics Revolution and Conflict in the 21st Century; and Cybersecurity and Cyberwar: What Everyone Needs to Know. His latest is Ghost Fleet: A Novel of the Next World War, a technothriller crossed with nonfiction research, which has been endorsed by people who range from the Chairman of the Joint Chiefs to the co-inventor of the Internet to the writer of HBO Game of Thrones.
His past work include serving as coordinator of the Obama-08 campaign's defense policy task force, in the Office of the Secretary of Defense, and as the founding director of the Center for 21st Century Security and Intelligence at Brookings, where he was the youngest person named senior fellow in its 100 year history.
Former NSA Intelligence Official
William Binney is a former high-level National Security Agency intelligence official who, after his 2001 retirement after 30 years, blew the whistle on NSA surveillance programs. His outspoken criticism of the NSA during the George W. Bush administration made him the subject of FBI investigations that included a raid on his home in 2007. Even before Edward Snowden’s NSA whistle blowing, Binney publicly revealed that NSA had access to telecommunications companies’ domestic and international billing records, and that since 9/11 the agency has intercepted some 15 to 20 trillion domestic communications.
The Snowden disclosures confirmed many of the surveillance dangers Binney — without the benefit of documents — had been warning about under both the Bush and Obama administrations.
Between 2001 and mid 2007, Mr. Binney was a consultant on analysis
and analytic techniques to various agencies of the US government intelligence community – NSA, CIA, NRO and Customs and Border Protection in the Department of Homeland Security. From 1970 to 2001, Mr. Binney was a civilian employee of NSA. At NSA, Mr. Binney held numerous positions: Technical Director of the World Geopolitical and Military Analysis, Operations Directorate Analysis Skill field leader, member of the NSA Senior Technical Review Panel, Chair of the Technical Advisory Panel to the Foreign Relations Council, co-founder of the Sigint Automation Research Center, an agency representative to the National Technology Alliance Executive Board, and Technical Director of the Office of Russia
as well as a leading analyst for warning for over 20 years.
Over the years, Mr. Binney applied mathematical discipline to collection, analysis and reporting. In the process, he was able to structure analysis and transform it into a definable discipline, making it possible to code and automatically execute functions without human intervention from the point of collection to the end product. The successful automation of analysis formed the foundation for prototype developments in the SIGINT Automation Research Center; demonstrated how to handle massive
amounts of data effectively and relate results to military and other customers; and, formed the basis for organizing an international coalition of countries to develop and share technology advances.
Richard Thieme is an author and professional speaker who addresses the challenges posed by new technologies and the future, how to redesign ourselves to meet these challenges, and creativity in response to radical change. He has published hundreds of articles, dozens of short stories, five books with more coming, and has delivered hundreds of speeches. A novel, FOAM, was published in September 2015 and “A Richard Thieme Reader,” collecting fiction and non-fiction, was published on Amazon Kindle in 2016. His pre-blog column, “Islands in the Clickstream,” was distributed to thousands of subscribers in sixty countries before collection as a book in 2004. When a friend at the NSA told him, “The only way you can tell the truth [that we discuss} is through fiction,” he returned to writing short stories (35 published to date), one result of which is “Mind Games,” a collection of nineteen stories about anomalies, infosec, professional intelligence and edgy realities. More edgy realities are illuminated in the recently published and critically extolled “UFOs and Government: A Historical Inquiry” to which he contributed, a 5-year research project using material from inside the military and intelligence communities to document government responses to the phenomena from WW2 to the present. It is in the collections of 65 university libraries.Many speeches address creativity, shifts in identities, and technology-related security and intelligence issues. He and Dan Geer, CISO of CIA’s In-Q-Tel, did a “fireside chat” as a keynote for Source Boston and he keynoted SOURCE Boston in 2016. He keynoted the first two Black Hats and spoke in 2016 at Def Con for the 21st year. He has keynoted conferences in Sydney, Brisbane, Canberra and Melbourne, Wellington and Auckland, Dublin and London, Berlin and Heidelberg, the Netherlands (Amsterdam, Rotterdam, and the Hague), Ghent Belgium, Dubai, Kuala Lumpur, Tokyo, Johannesburg SA, Lodz and Krakow Poland, and Israel. Clients range from GE, Microsoft and Medtronic to the National Security Agency, the Pentagon, FBI, US Dept of the Treasury. Los Alamos National Lab, and the US Secret Service. His work has been taught at universities in Europe, Australia, Canada, and the United States, and he has guest lectured at numerous universities, including Purdue University (CERIAS), and the Technology, Literacy and Culture Distinguished Speakers Series of the University of Texas.
TrustedSec, Binary Defense Systems and DerbyCon
David started TrustedSec and Binary Defense Systems (BDS) with the vision in working with companies for information security. TrustedSec provides information security consulting services for organizations all around the world. BDS is a global Managed Security Service Provider (MSSP) and software security company which detects attackers in the early stages and prevents large-scale attacks.
Prior to TrustedSec and BDS, David was a Chief Security Officer (CSO) for Diebold Incorporated, a Fortune 1000 company located in over 80 countries with over 20,000 employees. David developed a global security program that tackled all aspects of information security. David is considered a forward thinker in the security field and has presented at several hundred conferences worldwide.
David has had the privilege to speak and keynote at some of the nations largest conferences. David has had numerous guest appearances on Fox News, CNN, CNBC, MSNBC, Huffington Post, Bloomberg, BBC, The Katie Show, and other high-profile media outlets. In addition, his tools have been featured on a number of TV shows including the History Channel, Mr. Robot, and movies. David is the founder of DerbyCon, a large-scale information security conference.
David has testified in front of Congress on multiple occasions on the threats we face in security and in the government space. David also co-authored Metasploit: The Penetration Testers Guide book, which was number one on Amazon in security for over a year. David was also one of the founding members of the “Penetration Testing Execution Standard (PTES)“. PTES is the industry leading standard and guidelines around how penetration tests should be performed and methodologies which is also now adopted by the Payment Card Industry (PCI) Data Security Standard (DSS) Guidelines for Penetration Testing.
David is the creator of several widely popular open-source tools including “The Social-Engineer Toolkit” (SET), PenTesters Framework (PTF), Artillery, and Fast-Track. David has also released security advisories including zero-days and focuses on security research. David has over 15 years of security experience, with over 10 specifically in security consulting and services. Prior to the private sector, David worked in the United States Marines (USMC) for cyber warfare and forensics analysis activities for the intelligence community including two tours to Iraq.
David is also a board of director for the ISC2 organization.
As an Account Executive at GuidePoint, Aaron brings practical knowledge which allows him to deliver tailored, seamless integration for any company - large or small. Aaron has overall responsibility for the accelerating growth in the North Central US & Canada and focuses on key verticals to expand their products and services to new markets & businesses.
At BMW Financial Services, Aaron facilitated security program management. Aaron oversaw development and application of IS application security policies, standards, and guidelines. He managed application compliance across the BMW & also served as a subject expert ensuring key vendors and partners maintained BMW’s practices.
Aaron built his risk management portfolio with prior roles at JPMC, Cardinal Health and Huntington. At Chase, he led management of multiple security groups which included risk management of the deposits platform, BC&DR planning and long-term risk planning & internal auditing. At Cardinal, he oversaw the installation & management of intrusion detection devices globally, also conducting HIPAA audits.
Aaron received his MBA from Franklin & his BS in Comp Sci from OSU. He gives back and uses his experience as an Instructor at Franklin, teaching Info Sec. Aaron also has an active family life & spends much time with his 2 kids & wife. They reside in Dublin and are involved in their church as well as volunteering for their kids’ school.
Aaron is Chief Security Officer at Eligible. He is the creator of Repsheet, an open source threat intelligence toolkit. Aaron is the co-author of Programming Clojure, 2nd Edition and a frequent open source contributor.
Aaron Lafferty, is just this guy, you know? He currently manages and information security operations team for an international retailer. He is heavily involved in his local information security community. As a former program manager for the Central Ohio ISSA, and now president of the Central Ohio (ISC)2 chapter, he's noticed topic trends in presentations and discussions with his peers.
Director of Security
Andre McGregor is Director of Security at Tanium responsible for the cyber security protection of Tanium systems and networks. He possesses deep knowledge of incident response in both criminal and counter intelligence techniques used to attack U.S. computer networks and infrastructure. Prior to joining Tanium, Andre served as an FBI Cyber Special Agent in New York City before being promoted to Supervisory Special Agent at FBI Headquarters. At the FBI, Andre was the senior technical cyber agent for national security investigations and the lead cyber incident responder for numerous large-scale computer intrusions. Additionally, Andre served as the FBI Cyber Liaison to the United Nations as well as FBI Cyber Liaison to DHS US-CERT and ICS-CERT. Before entering the FBI Academy in 2009, Andre went to Brown University, started his career at Goldman Sachs before transitioning to IT Director at Advogent Group (formally Cardinal Health) where he was in charge of all IT operations nationwide. In his free time, Andre is the FBI and technical consultant for the TV show Mr. Robot.
Sr. Information Security Analyst
Specializing in Incident Response Andrew has loved Information Security since his entrance to the field in 2013. Andrew is fast-learning self-starter taking every opportunity to both acquire knowledge and teach others within his current role in the Security Operations Center and Incident Response Team, Andrew has always had the self-driven approach of an entrepreneur and believes in driving results. Bringing excellence in every opportunity provided Andrew has been blessed with a multitude of avenues to showcase his expertise. He is always hungry for more knowledge as well as eager to share what he already knows. He has received his Master’s in Network and Communications Management from the Keller School of Management in 2013 and also maintains his GIAC Certified Incident Handler.
Director of Product Marketing
Andy is an enterprise software product management and product marketing leader with deep experience in enterprise focused IT security, infrastructure, services and cloud. Presently responsible for thought leadership programs and product marketing for Thales e-Security, Kicklighter brings over 25 years of experience to his role. His background includes six startups, as well as more established companies including CA Technologies, Adobe Systems, Sun Microsystems and IBM's Tivoli division. A strong technologist, he developed his skills beginning with roles in engineering, quality assurance and customer support.
Security Managing Consultant
Bill Lisse is a Senior Principal Consultant at Forsythe Security Solutions where he assists executives in solving their most complex security challenges. For over 30 years, Bill has built and led data protection programs in a variety of commercial industries and the U.S. Government. He is a retired AF Office of Special Investigations (OSI) Special Agent where he specialized in counterintelligence associated with research and technology protection. He is the recipient of the National Intelligence Meritorious Unit Citation as the lead OSI agent on an Interagency Task Force Investigating Espionage and 1997 DoD Counterintelligence Award for Analysis and Production. Bill holds a master’s degree in managerial economics; bachelor’s degrees in MIS/CIS, as well as management studies with an emphasis on industrial and organizational psychology. He is also an alumnus of the National Intelligence University. Bill holds a number of professional certifications including CISSP-ISSAP, CISA, CGEIT, CIPP/US, and ISO 27001 Lead Auditor.
Application Security Architect
Bill Sempf is a software security architect. His breadth of experience includes business and technical analysis, software design, development, testing, server management and maintenance, and security. He is the author of C# 5 All in One for Dummies and Windows 8 Programming with HTML5 For Dummies; a coauthor of Effective Visual Studio.NET and many other books, a frequent contributor to industry magazines; and has recently been an invited speaker for the ACM and IEEE, BlackHat, CodeMash, DerbyCon, BSides, DevEssentials, the International XML Web Services Expo and the Association of Information Technology Professionals. Bill also serves on the board of the Columbus branch of the Open Web Application Security Project, and is the Administrative Director of Locksport International.
Director of Cyber Security
Dr. Branden R. Williams has almost twenty years of experience in technology and information security, both as a consultant and an executive. Branden co-founded a technology services company that provided the foundation to a prominent e-learning company. He has vast experience as a practitioner and consultant which included helping companies create user-centric security controls and models. His specialty is navigating complex landscapes—be it compliance, security, technology, or business—and finding innovative solutions that save companies money while reducing risk and improving performance. Along the way, he was a Consulting Director for VeriSign/AT&T, a CTO at RSA, ISSA Distinguished Fellow, elected to the PCI Board of Advisors, and author of four books.
Director of Security and Compliance, Privacy Officer
Brent H.B. Bigelow is the Director of Risk and Compliance, Privacy Officer for a health care services company that provides eligibility, clearinghouse and related services. He also draws from his 28+ years of IT and Information Security experience in manufacturing, education, pharmaceutical, automotive, robotics, banking, healthcare, government and consulting to help upper level management make well-informed business decisions.
Sr. Security Solutions Architect
As a Senior Security Solutions Architect at F5 Networks, Brian McHenry focuses on web application and network security. McHenry acts as a liaison between customers and the F5 product teams, providing a hands-on, real-world perspective. He is also a regular contributor on InformationSecurityBuzz.com, writing articles aimed at simplifying complex IT security challenges. Prior to joining F5 in 2008, McHenry, a self-described “IT generalist”, held leadership positions within a variety of technology organizations, ranging from startups to major financial services firms.
Security Professional that is passionate about protecting company assets from cyber threats, skilled at offensive security and defensive security. Over the course of my career I have obtained certifications in Network security and System administration. A self starter that is always looking for ways to do things better and challenge myself. Specialties include:Penetration testing, Incident response, Information Security Solution Development, System administration, Network administration, Process automation, Firewall administration and Anti-virus management.
Principal Research Scientist
Chester Wisniewski has been involved in the information security space since the late 1980s. He is currently a Principal Research Scientist in the Office of the CTO. Chet divides his time between research, public speaking, writing and attempting to communicate the complexities of security to the press and public in a way they can understand. Chester has spoken at RSA, InfoSec Europe, LISA, USENIX, Virus Bulletin and many Security BSides events around the world in addition to regularly consulting with NPR, CNN, CBC, The New York Times and other media outlets.
Vorys, Sater, Seymour and Pease
Chris is an associate in the Vorys Columbus office and a member of the litigation group. His practice focuses on complex business, commercial, real property and contract litigation. He has significant experience in counseling large commercial clients related to potential litigation, including breach of contract, breach of fiduciary duties, statutory and regulatory changes and general best business practices. Chris served as a legislative aide to Sen. Jeff Jacobson, president pro tempore of the Ohio Senate, for five years. He also externed for the Honorable Maureen O'Connor, Supreme Court of Ohio.Chris received his J.D. cum laude from The Ohio State University Michael E. Moritz College of Law. He received his B.S.B.A. cum laude from The Ohio State University.
Senior Information Security Analyst
Dan Wilkins is a Senior Information Security Analyst at CareSource, focusing on threats, user awareness, and purple team integration in order to protect CareSource members and employees. He also previously served as President of OISF, and has presented at DerbyCon, OISC, OISF, and MISTI's Cloud Security World.
Chief Information Security Officer (CISO/CSO)
State of Kentucky
Dennis Leber is an Information Security/Information Technology (IS/IT) Executive with over 20 years’ experience in IS/IT Management across various industries. Dennis is a combat vet that served in the US Military. Dennis is currently perusing his PhD in IT Management and holds a Masters in IS Management, B.S in Information System Security. Dennis has worked in various industries including Federal Government, Automotive, Financial , and Healthcare. Currently Dennis is serving to improve healthcare security for the State of Kentucky as a CISO.
Tsibouris & Associates, LLC
Dino Tsibouris is the founding principal of the law firm Tsibouris & Associates, LLC. His practice concentrates in the area of technology and intellectual property law with specific expertise in electronic commerce, online financial services, software licensing, and privacy law. In addition, Mr. Tsibouris' practice includes the implementation of electronic signatures, records management and information security.
Director, Market and Technology Innovation Team
Efrain Ortiz is a Director in the Market and Technology Innovation group at Symantec. He is responsible for collaborating with and advising internal teams on business and technical demands from diverse customer perspectives. In his role, Ortiz works with internal teams and customers to assist in communicating solution ideas to address IT related security challenges. He is currently researching epidemiological investigative processes and thinking used at the Center for Disease Control & Prevention and their applicability to practical day to day threat management in Cyber Security.
Vorys, Sater, Seymour and Pease
Heather brings more than a decade’s worth of experience in privacy, cybersecurity and consumer protection issues. Her tenure includes her time at Vorys advising a multitude of companies as outside counsel as well as significant experience in-house handling privacy and data breach issues for large banking and payments companies. She has represented large retailers in all aspects of data breach response – including initial discovery, investigations, litigation and appeals of the payment card process. She advises clients on privacy policies, cybersecurity, negotiating large credit card processing agreements, as well as drafting and negotiating technology agreements. Heather also has advised clients on payment processing systems; POS systems and vendors, including end-to-end encryption and tokenization; and payment processing regulations, such as money transmitter laws. She also provides advice to companies regarding their compliance with state and federal privacy and consumer protection laws impacting the collection, sharing, use and protection of information, as well as cross-border data transfer issues.
The Ohio State University
Since July 2013 Helen has assumed the role of Chief Information Security Officer at The Ohio State University, where she works to enable a risk-aware culture. She manages the Enterprise Security team, and oversees Information Risk and Control Governance across University units. The Security team is responsible for Information Security policies and Standards, as well as providing Security products and services. Helen chairs the University Information Security Advisory Board, which governs the execution of the University’s award-winning Information Security Framework.Prior to working at OSU, Helen spent nine years in a Fortune 50 Financial Services firm, where she was responsible for creating Risk and Resiliency programs and operations which delivered pragmatic risk delivery capabilities to internal and external clients.Helen works to encourage collaboration across and between industries, to enable better information security practices. She believes in improving diversity in the Information Security profession, and mentors people interested in pursuing a career in Security, Privacy and Risk Management. Helen has a Master’s degree in Public Policy, and holds certifications as a Certified Information Systems Auditor and Certified In Risk and Systems Control, from ISACA. She is also a member of the State of Ohio Attorney General Cybersecurity Advisory Board, the Information Systems Security Association, Women for Economic and Leadership Development, and the CISO Executive Roundtable.
Director, IT Infrastructure & Security
Jack is a well-recognized for his passionate advocacy for information security, and has committed himself to leading IT and risk management initiatives within government, financial and manufacturing sectors. Jack offers nearly 20 years of experience complemented with experience instructing and mentoring. Jack’s strengths lie in effectively working collaboratively across various business units to align IT and data privacy with an organization's business goals. Jack earned the recognition as one of the “People Who Made a Difference in Security 2013” by the SANS Institute and received the CSO50 award in 2014 for connecting security initiatives to business value. He holds an Executive MBA from Baldwin-Wallace University and a bachelor’s degree from Youngstown State University and is an adviser for Baldwin-Wallace’s State winner Collegiate Cyber Defense Competition (CCDC) team. He is certified in the following: CISSP, GCIH, GSLC, CRISC, CCNP, CCDA, CCNA and VCP.
Client Solutions Architect
Jakob Grimm is an IAM Client Solutions Advisor for Optiv, the largest comprehensive pure-play IT security provider in the country. Prior to joining Optiv in the summer of 2016 Jakob lead the IAM practice for Alliance Data, a $6 Billion dollar company in the finance services field providing customer loyalty programs for Fortune 500 retailers (such as Victoria Secret, Pottery Barn, and Toyota) and overseeing a team of professionals tasked with building out the IAM and Security Operations programs overseeing over 12,000 employee identities and over 50,000 user accounts. Additionally Jakob oversaw development and launch of a complex customer-facing federation solution allowing B2B authentication and authorization to handle millions of card member account authentication via mobile shopping applications.Jakob's prior experience spans industry verticals including leading IAM programs both at Owens Corning, world leader in glass and fiber products; Mercy Health (formerly Catholic Health Partners), developing the initial identity management system processing 50,000 employee identities, 900 roles, and over 100,000 user accounts; and roles at both Microsoft and Imprivata.
Technical Strategist - Mobile
Jamie Bowser is a Technical Strategist who has over 20 years of information technology experience in a variety of roles including Web Application developer/architect, Unix Administrator, and Systems Analyst. Mr. Bowser has worked with a number of Fortune 500 companies, including Morgan Stanley, JP Morgan Chase, and Key Corp. As a Technical Strategist at Cigital, he has overseen and performed Mobile Strategic Consulting, Mobile Application Penetration Testing and Mobile Application Source Code reviews of systems built from a few thousand lines of code to systems containing tens of millions of lines of code (Java, .Net, and Objective-C). Currently, Mr. Bowser focuses on iOS Static and Dynamic testing tool development.
Jason Kent has held technical security positions at Qualys, Veracode, BlueCoat, Aruba and Verizon. Through more than a decade of dedicated AppSec experience, he has established expertise in AppSec PenTesting, AppSec program architecture and AppSec tools. His efforts helping Fortune 500 companies to maintain continuous security and compliance spans Application Security, Infrastructure Security, Wireless and Physical Security. Jason has spoken at conferences such as ISC2 Security Congress, Northeastern OWASP events, and for Qualys at RSA and Black Hat. A US Navy Submarine Force Veteran, Jason is also passionate about putting security people together with their stakeholders.
Manager, Security Research & Operations
Jeff Shipley is the manager of the Cisco Security Research & Operations IntelliShield security analyst team for Cisco Security Intelligence Operations, which is responsible for the collection, research, analysis, tracking, trending, and reporting of security vulnerabilities, threats, and events. Jeff is also responsible for coordinating activity across the Cisco Security Intelligence Operations, and is a core editor and subject matter expert producing of the Cisco Annual Security Reports. Prior to joining Cisco in 2006, Jeff served with the U.S. Army in Special Operations Security and Intelligence, and the National Security Agency for 20 years, retiring in 1999. Jeff has worked in the private IT sector as a UNIX system and network administrator, consultant, security engineer and analyst, and the Director of Security Intelligence with TruSecure and ICSA Labs. Jeff is a CISSP and SANS GIAC GCIH, member of the ISSA, Infragard, ISC2, the IT-ISAC Technical Committee, and the CVE Numbering Authority for Cisco.
Associate Director, Information Risk Management
The Ohio State University
I've been working in infosec long enough to have earned every gray hair in my beard. Whether as a trainer, consultant, manager, or specialist, my focus has always been to help people figure out how to do what they're trying to do SECURELY.By night, I'm a husband, father, writer, filmmaker, martial artist, musician, gamer, and (recovering) social media junkie.
Jessica Hebenstreit is an experienced Information Security leader focused on balancing business needs with security risk. Ms. Hebenstreit has had hands-on information security experience in a variety of security disciplines and various industries over her nearly 20 year career. Hebenstreit has worked at a number of large enterprises over the course of her career including Motorola, American Express and Mayo Clinic. This has given her a variety of experiences from which to draw. She holds numerous certifications including GCIH, CISSP, CRISC, etc. Hebenstreit is active in the security community and enthusiastic about making the industry more inclusive and accessible. Ms. Hebenstreit has a passion for security and firmly believes our role as security practioners is to enable capabilities for our business partners.
Tech Savvy Women
JJ DiGeronimo, the President of Tech Savvy Women, advanced from entry-level positions into leadership positions within technology companies. Through her keynotes and executive sessions, JJ shares effective leadership and inclusion strategies to retain, develop and advance diverse talent. JJ includes these experiences in her book new book “Accelerate Your Impact which complements her 2011 book, “The Working Woman’s GPS.” JJ has been quoted in numerous publications including Forbes, The Wall Street Journal, and Fox Business.
John Dattalo, Jr., is currently employed as information security architect for a Fortune 250 company in the Columbus Ohio area. He is an a technically sophisticated, business-savvy information security professional with 17 years of experience specializing in, security architecture, security engineering software security, risk management/governance, privacy, compliance, penetrating testing, as well as information security program management. During his InfoSec career he has had the opportunity to work in many challenging and diverse industry verticals including retail, financial, manufacturing, education and the government sector. John is passionate about security and loves rising to challenges presented in the constantly changing risk landscape of today’s world. He loves being part of the close knit information security community and believes in “playing it” forward via mentorship and infosec community involvement.
John Muirhead-Gould is a Solutions Engineer for Venafi. John is a recognized authority & thought leader on the topics of Identity & Access Management, Privileged Access, and Encryption. Over the last 14 years, he has gained experience through the roles of a Systems Analyst, a UNIX/Linux Engineer, a VP of Engineering, and multiple VP of Security Service positions.
Founder, Principle Consultant
Jon is the Application Security Testing manager at a Fortune 500 Financial Institution and is also a SANS Community instructor, teaching SANS seminal course Hacker Tools, Techniques, Exploits and Incident Handling. He has worked in Information Technology since 2004, and has focused on Information Security since 2006 when he discovered his new job as a “Network Administrator” should have been advertised as a “Security Engineer” position. Since having that realization, he has performed security engineering, security architecture, incident response, and penetration testing in the government, retail, and finance industries. He is passionate about security and leadership, and he loves trying to ignite those passions in other people. Jon is proud to have served in the Army Reserve for 11 years, where he became a Warrant Officer and served one tour in Afghanistan. He currently maintains the GCIH, GAWN, GMOB, CISSP, and Security+.
Jonathan is CEO and Co-Founder of Prevalent, a leader in 3rd party risk management and continuous monitoring. He has spoken on the need for third-party risk management at the leading industry events including RSA, Shared Assessments Summit, ISACA, ISSA, Infragard, NYSE, and others. Jonathan also helped develop the Risk Assessment Body of Knowledge (RABOK) as part of the development of Shared Assessments efforts to develop the first of its kind certification for third-party risk professionals (CTPRP). Jonathan is the former Chair of both the Shared Assessments Steering Committee and Shared Assessments SIG Committee, and sits on the Penn State Outreach Advisory Board. Jonathan received his MBA from The Pennsylvania State University, is a Certified Third-Party Risk Professional (CTPRP), and a Certified Information Systems Security Professional (CISSP).
Ken came to NETSCOUT in 1998 in the role of a Systems Engineer. In his current role as a Problem Solver, Ken is responsible for designing network and application performance management solutions to address the unique business challenges of enterprise, healthcare and financial customers. His primary focuses are the areas of Application Triage, VoIP, Video, Capacity Planning, CyberSecurity, Latency, Multi-Tier applications, Virtualized servers and applications, etc. Ken is a graduate of Bowling Green State University and resides in Huron, Ohio. His problem solving blog is available at http://problemsolverblog.czekaj.org.
Vice President, Sales Engineering
Kevin Flanagan, CISSP, CISA, is the Vice President of Global Sales Engineering at PhishMe. Kevin leads a team of security experts responsible for assisting clients with development of security programs that improve the role of humans in detection, response, and mitigation of today’s and tomorrow’s threats.
Threat Intelligence Researcher
Kyle Ehmke is a senior threat intelligence researcher with ThreatConnect and has seven years of experience as a cyber intelligence analyst in the Intelligence Community and within the healthcare sector. Kyle has followed a wide range of cyber threat ranging from the Middle East and Extremists to, more recently, those specifically affecting the healthcare and pharmaceutical sector. He was also actively involved with ThreatConnect’s research efforts into recent Russian activity targeting the DNC, DCCC, and Bellingcat.
Vice President – System Engineering Americas for Juniper Networks
Lisa is currently the Vice President Systems Engineers for the Americas at Juniper Networks, providing leadership and driving the technology vision for the Enterprise and Service Provider Sectors. She has over 20 years of networking technology experience in a variety of roles. Prior to joining Juniper in 2008, she held leadership positions in Product Management and Marketing (Brocade), Consulting Engineering and Business Development (Atrica/Nokia Siemens), Worldwide Systems Engineering Director (Nortel’s Shasta IP Services BU), and other Engineering roles with Bay Networks, Wellfleet Communications and Shell Oil Company. Lisa was recognized by the Anita Borg Institute as a “Woman of Vision” in May 2016 and profiled by Women Worth Watching’s Diversity Journal in October 2016. She holds a Bachelor of Science degree in Electrical Engineering as well as a Master’s degree in Business Administration.
Mark Curto Sr
Senior IT Security Architect and Policy Analyst
Mr. Curto is a dedicated professional with over twenty-five years of comprehensive experience in the Information Security and Information Technology arenas. Mr. Curto is currently a Senior IT Security Architect at Worthington Industries, a global, diversified, metals manufacturing company. Mr. Curto currently holds the following professional certifications; Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Certified Security Analyst (E|CSA), Certified SCADA Security Architect (CSSA), (CNSS) NSTISSI 4011 and CNSSI 4012 – FISMA, ISO/IEC 27002 (ISFS), and ITILFv3 and ITILSSv3.
Director of Field Marketing
Mark Villinski brings more than 20 years of technology sales, marketing experience and channel leadership to Kaspersky Lab. As Director, Field Marketing, Mark is responsible for field marketing efforts in the United States and for increasing awareness of Kaspersky Lab as a thought leader in the online security industry. Prior to joining Kaspersky Lab, Mark served as Director Worldwide Channel Operations at Enterasys Networks.Mark has presented at several industry conferences across North America addressing audiences on the challenges facing IT departments today and discussing ways organizations can protect themselves from the current threat landscape.
As Tenable ’s VP of Strategy, Matt is responsible for developing long-term strategies to enter new markets, develop new products, and improve existing products to meet the emerging needs of our customers and partners across the globe. An information security and compliance veteran with 20+ years of experience, Matt came to Tenable from RSA, where he led product strategy and messaging for Archer. Before RSA, he was responsible for enhancements to the SaaS platform and Policy Compliance solution at Qualys, where he also co-authored and published Policy Compliance for Dummies. Matt was the founder and CTO at ControlPath, where he and co-inventor Sean Molloy were issued United States Patent 7,788,150: Method for assessing risk in a business.
Technical Manager, Information Security
Matt Dokman is an IT and Operational risk management professional with more than 20 years of industry experience. Matt has served in key information security roles at large enterprises in academic, financial, retail and manufacturing industries. Some of his expertise includes developing and managing risk assessment methodologies, technology and operational risk frameworks, vendor management, cost effective risk mitigation strategies, as well as security strategy planning, risk awareness and other. he uses the combination of different industry backgrounds and experience to develop risk-based approach to security solutions with a balanced view of risk and requirements that meet business objectives.
Chief Security Architect/President
Max Aulakh is a software security and compliance leader delivering DoD-tested security strategies that safeguard mission-critical IT operations. He trained and excelled in The United States Air Force as Security Specialist performing software assurance, InfoSec and ComSec functions of network hardware, software, and IT infrastructure for global unclassified and classified networks. He is often quoted in several media outlets as an industry expert on governance, risk and compliance.
He leads an award-winning cybersecurity firm, MAFAZO Digital Solution that delivers Cyber Defense and Regulatory compliance to Defense, Healthcare, and Manufacturing industries.
His experience is supplemented by formal education and certifications. He has an MBA, B.S Information Systems Security with Computer Science minor and holds the following certifications: Executive Education Certification/CISO Institute, CISSP, Security +, Network +, Linux +, Server +, CSM, PMP, ITIL-F
Tsibouris & Associates
Risk & Control Consulting LLC
Mike is the Managing Director of Risk & Control Consulting LLC, a professional services firm providing critical thought leadership in enterprise risk management and internal controls. Mike has over 20 years of experience in technology risk management consulting and advisory services. His background includes Big 4, corporate internal audit, and risk management. His experience spans the public, private, and government sectors, including Banking, Insurance, Financial Services, Automotive, Transportation, Construction & Environmental, Energy/Utility & Technology.
General Manager of Cybersecurity Industry
Michael Schiebel is Hortonworks’ GM of Cybersecurity Industry where he leverages his over 15 years cybersecurity experience working in financial services and healthcare companies to help customers build cybersecurity analytic solutions. He has lead incident response and computer forensic teams, designed and built security solutions, and created security roadmaps and strategies; learning how to position security projects based on delivering bottom line value to the enterprise.
Even when his job title indicated otherwise, Mick Douglas has been doing information security work for over ten years. He received a bachelor's degree in Communications from the Ohio State University and holds the CISSP, GCIH, GPEN, GCUX, GWEB, and GSNA certifications. He currently works at Binary Defense Systems as the DFIR Practice Lead.He is always excited for the opportunity to share with others so they do not have to learn the hard way! Please join in; security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he's not 'geeking out' you'll likely find him indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.
Dir. of Security Strategy & Architecture
As a well-seasoned professional with more than 20 years of experience in Cyber Security and 15 years as a senior security decision maker, Mike has seen it all. He is a respected IT/Security leader within organizations focused on building success by understanding the needs of both the external/internal customer and applying security in a manner that can fit within the organization. He has a strong technical background, combined with financial experience. He is often sought after to help rebuild and restructure security teams in order to bring a positive change within organizations. In his spare time, he helps organize the Columbus, Ohio BSides event and mentors younger security professionals through leadership and training.
I am a high school senior attending St. Charles High School. I am currently applying to colleges and evaluating going straight into the technology world (maybe). I have interned at local companies and have had some great experiences along the way. Though out my interning experience I have learned from many great mentors and had the privilege to work with many great professionals along the way.
Nick Santora is the CEO of Curricula, a cyber security company focused on education. His background includes a 7 year career at NERC (North American Electric Reliability Corporation) as a cyber security advisor. NERC is the regulatory body responsible for ensuring the reliability and safety of our nations power grid. While at NERC, Nick has audited, advised, and coached dozens of organizations on their cyber security program. Nick holds a Bachelor of Science and Master of Business Administration from Rider University. He also earned his CISSP (Certified Information Systems Security Professional) and CISA (Certified Information Systems Auditor).
Executive Consulting Partner
Rafeeq Rehman is the creator of 'CISO Mind Map' and blogger. He is working as executive consulting partner with Verizon Professional Services focusing on Information Security, IoT, and advanced networking. He has worked in the information security industry for more than 20 years.
Global Security Strategist
Richard Henderson is Global Security Strategist at Absolute, where he is responsible for trend-spotting, industry-watching and idea-creating. He has nearly two decades of experience and involvement in the global hacker community and discovers new trends and activities in the cyber-underground. He is a researcher and regular presenter at conferences and events, and was lauded by a former US DHS undersecretary for cybersecurity as having an “insightful view” on the current state of cybersecurity. He is also a skilled electronics hacker: he was one of the first researchers in the world to defeat Apple’s TouchID fingerprint sensor on the iPhone 5S. Richard can be found speaking at industry conferences including Gartner’s Security and Risk Summit; he also provides media commentary for publications ranging from Wired to CSO. Richard also helped edit colleague and friend Tyson Macaulay’s latest book on IoT Security: RIoT Control: Understanding and Managing Risks and the Internet of Things.
Robert Brzezinski, MBA, CHPS, CISA the principal of BizWit LLC is an accomplished leader with hands on experience in leading teams through organizational changes, developing, testing and implementing process improvement, technology and information security solutions to protect organizations’ assets and ensure uninterrupted business operations with the Focus on Security approach. Experience in the corporate structure and working in the trenches with small businesses allow Robert to find balance between SMB’s operational reality, small business IT/budget priorities, privacy, security and regulatory requirements.Robert maintains the AHIMA professional certification of Certified in Healthcare Privacy and Security (CHPS) and is a member of AHIMA Certification Exam Development Committee. He also maintains ISACA certification of Certified Information Systems Auditor (CISA).Past Presentations https://www.bizwit.us/services.html Educational and informational presentations – Training
Sr. Solutions Engineer
Security Solutions Architect
Shawn Sines is a seasoned information security professional who in his career has held positions loading high explosives on attack aircraft, spent time as a rentable mercenary building information security incident response programs and in numerous crisis has been the bearer of bad news as the technical translator to executives. He worked for the Ohio State University, The Columbus Dispatch, Scott's Miracle-Gro and OCLC. He presently works as a Security Solution Architect at Forsythe Technologies.
Penetration Testing / Red Team Lead
Tim is currently the team lead on the American Electric Power red team and have over 20 years of security experience with a focus on offensive security testing. His background includes penetration testing, red team engagements, social engineering, hardware and software reverse engineering.
IT Security Risk Consultant
TJ is an IT Security Risk Consultant at a Fortune 500 Financial Institution. In his fairly new career in Information Security, he has had the opportunity to perform threat and vulnerability management, incident response, security engineering, and penetration testing. All of this started by accident: approaching the end of his degree, TJ wasn't enthused about one of the final courses he had to take: Network Security. After just a few classes though, what began as reluctance quickly turned into excitement and a career in one of the coolest fields. TJ knows how overwhelming it is being a noob in Information Security, so he enjoys sharing what did - and didn't - work for him during his formative years with others new to the industry.
Systems Engineering Manager
Tom currently leads the systems engineering team at ExtraHop Networks. He has spent most of his 20-year career looking at networks, protocols, and packets in one way or another. Tom has a passion for utilizing data-driven techniques to solve the complex problems faced by modern IT practitioners. When he's not working with ExtraHop's expansive customer base, he is deeply involved in developing and defining techniques for advanced malware detection, having authored the award-winning Ransomware Bundle for ExtraHop (http://bit.ly/2fAt2WM). Tom resides in Houston, TX along with his wife and three daughters. He remains actively involved with his alma mater Texas A&M (Electrical Engineering), and can be found most weekends cheering his Aggies on to victory.
CIO For You
With over 25 years’ experience in Information Technology, Security, Governance, Risk and Compliance Management, including 15 years as a CIO, CTO and CISO, William is an IT executive who’s lively presentations have captivated audiences for years.
Senior Security Engineer
Info Sec Professional with a couple of decades of security specific focus and an earlier decade of sysadmin, physical plant and network admin experience. Desires to improve practices, procedures and outcomes of network and application IT security.
Director, Security Strategy
J Wolfgang Goerlich supports information security initiatives for clients in the healthcare, education, financial services, and energy verticals. He is a cyber security strategist with CBI focusing on secure IT operations and software development practices. Wolfgang regularly advises and presents on the topics of changing culture, managing risk, and securing systems through-out the development lifecycle.
Director, Security Services
The past twelve years of Justin’s twenty-one year IT career have been spent as an information security consultant. He has performed work in every field of infosec - vulnerability management, digital forensics and incident response, security architecture, operations, and governance and risk management. He's consulted for customers in every vertical and all sizes, from SMB’s to the Fortune 10.
Justin is the Director of the Security Services team, overseeing the world-class CBTS security consulting group. Justin has a BBA in Information Systems and International Business from the University of Cincinnati. He is GIAC certified in Incident Response, Digital Forensics, and Penetration Testing. He also serves as director of the organizing committee for BSidesCincinnati, a regional information security conference in its fourth year.
Senior Security Consultant
Dan Bougere is a Senior Security Consultant at Securicon, LLC providing clients with customized information security assessments that combine traditional vulnerability assessments with controlled penetration testing and social engineering that take into account actual threats as well as the client's business processes. Dan has over 14 years of experience in both government and commercial sectors including the Department of Defense, the National Security Agency, and other intelligence community partners and contractors along with utility, medical, and retail customers.
Dan earned a Bachelor of Science degree in Software Engineering Technology from the University of Southern Mississippi, a Master of Science degree in Information Assurance from Capitol Technology University, and a Master of Science degree in Technology Studies from Eastern Michigan University. Dan is a Certified Information Systems Security Professional (CISSP) and holds multiple certifications from SANS, CompTIA, and Microsoft.
Director, Security & Network Transformation
Kevin Peterson is the director or security and network transformation at Zscaler, where he primarily works with the largest cloud security deployments to ensure that the desired outcomes are achieved. He brings with him the advantage of having lead the security efforts for one of McKesson's (Fortune 10) major business units (75 software products, managed services...), as well as the company-wide cloud security strategy, ranging from A to Z (Azure to Zscaler!). As a top practitioner and trusted advisor on both enterprise and cloud security topics, his goal is helping everyone achieve the most effective security with the lowest cost to the business.
Senior Security Strategist
Ladi Adefala is a passionate cyber security professional with a broad range of expertise that spans multiple security domains including security strategy, solution architectures, security risk assessments, network security, threat management, and security training. Adefala’s background in information technology and security began with stints at Red Hat Consulting, AT&T and World Wide Technology Inc., and his credentials include an MBA from Washington University and multiple industry certifications.
Mr. Adefala has served in a variety of strategic technical and leadership roles that span several disciplines including enterprise network, mobility, data center and advanced cyber security solutions. As a FortiGuard Labs cyber security expert with Fortinet, Adefala advises and engages clients and executive leaders on solution strategies and risk management in a number of industry segments, including Financial, Healthcare, Retail, Utilities/Energy, and numerous federal and state government agencies. As a member of several advisory boards, he serves to influence and shape solution capabilities in the area of cyber security and has spoken at various forums on cyber security risk and threats aligned with business imperatives. Adefala’s research interests include cyber threat intelligence and data analytics. He also serves as Adjunct Faculty supporting students at Webster University’s Masters of Science – Cyber Security Program, where he engages participating students in the domains of Critical Infrastructure Protection (CIP), network forensics, malware analysis and reverse engineering.
Director, Worldwide Sales Enablement
Mr. Hackmeyer is the Director of Worldwide Sales Enablement for Carbon Black. Over the past 20 years, Mr. Hackmeyer has filled roles that include: Systems Engineer, security instructor, instructional designer, and enablement professional.
Systems Engineering Team Lead
Ted has been an IT systems security practitioner for over 15 years. In that time he has successfully sold and implemented global security tools for Fortune 50 customers in most major verticals. He has previously worked for Symantec supporting customers across North America and Dell Computers internal IT as a senior network engineer. In his current role, Ted relies upon his security background to assist customers in utilizing ForeScout’s CounterACT Network Access Control platform to secure their networks from BYOD/guest users and computers, insider threats and mobile devices.
Brandon McCrillis is a Principal Consultant and Senior Information Security Analyst at Rendition InfoSec, specializing in incident response, penetration testing, digital forensics, training and consulting. Prior to Rendition InfoSec, Brandon was a team lead and technical SME with USCYBERCOM Cyber Mission Forces, drafting technical guidance for Computer Network Exploitation tools and planning Offensive Cyber Operations. A former Network Exploitation operator (ION) and Senior Technical Lead he executed Computer Network Exploitation (CNE) operations to fulfill critical National Level requirements in support of strategic foreign intelligence goals and cyber objectives. Brandon led teams of multi-disciplined cyber operators, conducting more than 10,000 operations globally. When not delivering expert security consulting to help organizations reduce risk, achieve compliance, maintain business continuity and reach their security goals, Brandon enjoys loud things that go fast.
Evan Blair is the Co-Founder and Vice President of Worldwide Channels at ZeroFOX. Evan spends his time with customers, industry analysts and partners solving the security challenges and risks that social media presents to the modern business. He is responsible for driving the ZeroFOX corporate vision through execution-focused initiatives and has spoken at industry conferences from Las Vegas to NYC including RSA Conference, McAfee FOCUS, SINET and more. Evan leverages a diverse background in economics and security to shape value based programs and empower the CISO within the organization. Prior to founding ZeroFOX, Evan was a member of the Accuvant Leadership Team and has held both financial and business development leadership roles within the security industry. He studied at Cambridge University and holds a BA in Economics from Wake Forest University.
Senior Solutions Architect and Director of Sales Engineering
Igor has over 19 years of technical experience in high-tech companies as a software engineer and technical lead. Prior to joining Checkmarx as our Senior Solutions Architect, Igor worked as a Technical Manager at Myriad, a leading mobile software company, and as a Software Engineer and Product Manager at Novarra, acquired by Nokia in 2010. Igor is an appreciated speaker at forums such as ISC2 and OWASP.
Igor studied at Belarusian State University of Informatics and Radioelectronics and received his B.Sc in Computer Science and Math from Christian Brothers University.
Senior Director – Systems Engineering Americas for Juniper Networks
Oliver Schuermann is a recognized technology leader with a unique background in software and networking. Working with a wide variety of customers over his 20-year career, he has held positions in software integration, systems engineering, and technical leadership in both the Enterprise, as well as in the Service Provider space.
Joining Juniper in 2003 Oliver is a 12-year veteran of Juniper Networks and has held multiple technical leadership positions within the company. Most recently, Oliver has taken the role of Technical Director for our Civilian Government and Education practice for the Americas Theater. Prior to joining Juniper Networks, Oliver worked in the service provider space with local exchange carriers such as Qwest and McLeod USA.
With over eight years at Infoblox, Ed helped transition Infoblox from its roots as a DNS & DHCP company to its current leadership position as the Single Authoritative Database containing every single IP address, networks, and DNS records. This authoritative database service can now act as a control plane for provisioning, securing, managing, and monitoring all your physical and virtual assets both on premises and off premises including public cloud infrastructures.
Before working at Infoblox, Ed held roles in Network Security Engineering and as a Security Solutions Architect, building very secure, and highly available & reliable global network architectures.
Cvent Online Event Registration Software
Copyright © 2000-2017 Cvent, Inc. All rights reserved.
Event Management Software
End User License Agreement