SC Awards Meet the Judges

Alissa “Dr. Jay” Abdullah is Mastercard’s deputy chief security officer. In this role she leads Regional Security and the Emerging Corporate Security Solutions team and is responsible for protecting Mastercard’s information assets as well as driving the future of security. Dr. Jay joined Mastercard in 2019 after serving as the chief information security officer of Xerox where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House where she helped modernize the Executive Office of the President’s IT systems with cloud services and virtualization. She currently hosts Cybercrime Magazine’s Mastering Cyber podcast and is a cybersecurity lecturer at the University of California, Berkeley, School of Information. Dr. Jay is also a member of Smartsheet’s Board of Directors as well as a member of the board for Girls in Tech. Dr. Jay holds a PhD in Information Technology Management from Capella University, a master’s degree in Telecommunications and Computer Networks from The George Washington University and a bachelor’s degree in mathematics from Savannah State University.

Accomplished cybersecurity leader with over 10 years of experience in security and 20+ years in IT and networking.

Proven track record of success in diverse industries, including automotive, higher education, and telecommunications. Currently spearheading cybersecurity, information security, and privacy initiatives at a global Tier-1 automotive company.

Roota Almeida is a trailblazing leader in the realm of information security. She currently holds the position of Head of Security Governance at Amazon, where she spearheads transformative global changes in the domains of Security, Governance, and Risk Management. Her role encompasses enhancing the effectiveness of Amazon’s information security program, including the crucial Amazon Healthcare Compliance. Prior to her tenure at Amazon, Roota held the mantle of Chief Information Security Officer (CISO) at Delta Dental of New Jersey and Connecticut (DDNJ, Inc.). Her pivotal contribution led to the establishment of DDNJ’s HITRUST/NIST CSF Certified Office of Information Security, and she continued to steer the formulation and execution of comprehensive enterprise-wide information security strategies, policies, risk assessments, and controls. Beyond her corporate endeavors, Roota is a strong advocate for increasing female representation in STEM careers. She initiated a dedicated internship program at DDNJ, Inc. designed to empower graduating female high school students with insights into the dynamic realm of corporate cybersecurity.

Roota’s illustrious journey also includes her role as the former CISO of Covanta Holdings Corp., a prominent player in Energy-from-Waste solutions. During her tenure, she took charge of all facets of information security, risk management, and compliance, including the oversight of global information security awareness initiatives, policies, business continuity planning, and incident response teams. An acknowledged luminary in the industry, Roota Almeida has over two decades of security (software/hardware) engineering experience and has contributed extensively to the field. She serves as a part of the Board of Advisors for several organizations, assumes the role of governing body chair for Evanta’s CxO Summits and other tech conferences, and imparts her wisdom as a faculty member and security awards judge. Roota’s profound expertise finds expression in a wealth of articles, eBooks, interviews, and podcasts. Dedicated to nurturing fresh talent and innovative solutions in the security domain, she places significant emphasis on mentorship. As a mentor, she provides invaluable guidance, unwavering support, and inspiration to aspiring students and professionals alike.

Roota holds CCISO, CISSP, CISM and CRISC certifications.

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices’ patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP’s information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program’s day to day operational effectiveness. In her previous roles, Krista assisted with developing and leading security programs in crypto, finance, and the Department of Defense.

Krista is an active member of ISACA, Infragard’s Philadelphia Chapter, serves on Neumann University’s Business Advisory Council and is Marketing Committee chair for Women in Cybersecurity-Delaware Valley Affiliate. Through this service, Krista’s mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

Todd Bell is a globally recognized expert in the fields of technology transformation, resilient cybersecurity programs, and providing invaluable insights to startups ranging from new ventures to Global Fortune 500 companies. With a distinguished career as a Chief Information Officer (CIO) and Chief Information Security Officer (CISO), Todd has left an indelible mark on the international stage by safeguarding the sensitive information of millions of consumers worldwide to major technology transformations. His impact is evident in the development of new cyber programs and the enhancement of existing initiatives that have stood the test of time.

In addition to his corporate leadership roles, Todd has served as a Board Director for two Colorado public utilities. His expertise extends globally as a Board Advisor to Forticode in Melbourne, Australia, Board Advisor to Versive, and Board Advisor to Cloud Central in Canberra, Australia, along with participation in the Digital Directors Network. This international experience has positioned him to fulfill roles in company operations, VC fundraising, P&L management, financial auditing, and a building companies.
Todd’s influence in the technology and cybersecurity space is further underscored by his global publications, where he shares his extensive knowledge and contributes to advancing best practices in the industry. He actively collaborates with expert networks, providing advisory services to Wall Street Investors and Private Equity Investors.

Todd holds an MBA degree from Regis University, a bachelor’s degree, and a Masters Project Manager Certification from Regis. His credentials include a PMP certification from the Project Management Institute, a Corporate Governance credential (SOX) from Tulane University, CISSP from Information Security ISC2, ITIL Foundation v4, Microsoft/LinkedIn Artificial Intelligence/Machine Learning Certifications, and an Exercising Leadership credential from Harvard University Online.

Augustine Boateng, a distinguished IT executive born in Ghana and now Deputy Chief Information Officer for the City of Memphis, has played pivotal roles in shaping the city’s technology landscape. With a background as Information Security Manager, Analyst, Senior Linux Engineer, and Systems Administrator, he brings a wealth of experience to his current position.

As Deputy CIO, Augustine drives innovation by integrating emerging technologies aligned with the city’s vision. His responsibilities include strategic technology leadership, technical guidance, managing IT infrastructure, and building high-performing teams. He excels in vendor management, negotiating contracts, and ensuring top-notch service delivery.

Augustine is dedicated to upholding the security and integrity of the city’s technical assets, enforcing IT governance policies, and ensuring regulatory compliance.

Educationally, Augustine holds a BSc in Management Information Studies from Ghana’s Wisconsin International University College. His commitment to professional development is evidenced by certifications including CISSP, CEH, CNDA, ECIH, and ITIL.

Augustine actively contributes to the tech community, serving on advisory boards for Vation Ventures, customer advisory boards for Ironscales Inc. and CrowdStrike Holdings, Inc., and executive boards for the Cyber Risk Alliance. His memberships in the Society for Information Management and the Greater Memphis IT Council showcase his collaborative approach to industry advancement.

His insights and expertise are featured in publications like Cyber Magazine and Technology Magazine. Augustine Boateng stands as a beacon in the IT realm, combining technical proficiency with strategic foresight to drive transformative change in Memphis, emphasizing responsible and innovative technology use for community betterment

Tracey Brand-Sanders is the UGI Corporation, Vice President and Global Chief Information Security. She is an Executive with over 20 years of experience helping public companies and non-profits transform their Technology Human Capital to deliver sustainable outcomes and become trusted advisors. Tracey leads a Global Cybersecurity Program that spans across 17 European Countries and operate across the United States.

Tracey is an active member in her community, personally and professionally. She sits on the Board of the Urban Affairs Coalition, the Executive Board of the Valley Forge Alumnae Chapter of Delta Sigma Theta Sorority, Incorporated, a member of the National Association of Parliamentarians, an Advisory Council Member of SecureWorld Philadelphia, a governing Body member of Evanta Philadelphia CISO Inner Circle, a Leadership Board member of the Philadelphia CISO Cybersecurity Collaboration Forum and serve on the Board of Trustees for the Enon Tabernacle Baptist Church.

Tracey earned an M.S. in Cyber Security from Saint Leo University, an M.B.A. from the Donald R. Tapia School of Business at Saint Leo University, is a summa cum laude graduate from Chestnut Hill College with a dual degree in Business Administration and Human Resource Management and has a certificate in IS/IT Project Management from Villanova University.

Chuck serves as President and Consultant of Brooks Consulting International with over 25 years of experience in cybersecurity, emerging technologies, marketing, business development, and government relations. He helps Fortune 1000 clients, organizations, small businesses, and start-ups achieve their strategic goals and grow their market share.

Chuck also serves as an Adjunct Professor at Georgetown University in the Cyber Risk Management Program, where he teaches graduate courses on risk management, homeland security, and cybersecurity. He designed the course that he teaches called “Disruptive Technology and Organizational Management” .

C. He has also been named “Cybersecurity Person of the Year” by Cyber Express, Cybersecurity Marketer of the Year, and a “Top 5 Tech Person to Follow” by LinkedIn” where he has almost 115,500 followers on his profile. He has 57,000 subscribers to his newsletter “Security and Tech Insights.”

As a thought leader, blogger, and event speaker, he has briefed the G20 on energy cybersecurity, The US Embassy to the Holy See and the Vatican on global cybersecurity cooperation. He has served on two National Academy of Science Advisory groups, including one on digitalizing the USAF, and another on securing BioTech. He has also addressed USTRANSCOM on cybersecurity and serves on an industry/government Working group for DHS CISA focused on security space systems.

Chuck is also a contributor to Forbes, The Washington Post, Dark Reading, Homeland Security Today, Skytop Media, GovCon, Barrons, The Hill, and Federal Times on cybersecurity and emerging technology topics.

Chuck has an MA from the University of Chicago, a BA from DePauw University, and a certificate in International Law from The Hague Academy of International Law.

Miki Calero has been named one of the Most Influential People in Security by Security Magazine, and a Top 100 City Innovator Worldwide by United Business Media (UBM) Future Cities, for advancing enterprise risk management through unified physical and cybersecurity.

As Chief Security Officer, he established an Enterprise Security Risk Management program that received CSO Magazine’s CSO40 award for groundbreaking business value and innovative application of risk and security concepts at the 15th largest city in the US, Columbus, Ohio.

Miki’s career spans the private and public sectors, including startup companies, Fortune 500 enterprises, and federal, state, and local government. His responsibilities have included protection of information systems, physical assets, and critical infrastructure in strategic, tactical, and operational capacities.

He consults and advises on security strategies for comprehensive asset protection, and promotes enterprise security and public private partnerships as keynote speaker at national and international events, and writer in various media outlets.

With nearly 30 years in the cybersecurity field in commercial and government arenas, Ed is currently the Head of Cyber Risk Engineering at Bowhead Specialty Underwriters, a provider of cyber risk insurance. He focuses his work on risk management and enterprise security architecture and the value they bring to organizations. All of this is an effort to ensure organizations make good cybersecurity decisions that best meet their overall mission or objectives.

In addition to his professional work, Ed is a Adjunct Professor in the Department of Information Systems as California State University – Los Angeles as well as a published author and regular speaker at cybersecurity events and forums. He is also on the Board of Directors of the Los Angeles ISC2 chapter and an active member of other cyber-focused organizations in southern California. Finally, he is a veteran of the US Navy.

He has a Masters degree in Information Technology Management, specializing in organizational leadership and change management from Colorado State University. He received his undergraduate degree in cybersecurity from the University of Maryland. He holds a number of industry certifications.

Additional details about his publications, community involvement, and experience are at edwincovert.com.

Mark Eggleston is a senior executive specializing in security and privacy program development and management. His unique background and expertise in information technology, program and people management combined with his diverse experience in managed care and health care provider systems has positioned him as a thought leader and frequent speaker. Mr. Eggleston currently is a Vice President, Chief Information Security Officer and Privacy Officer at a leading Philadelphia HMO where he leads the implementation and maturation of various security technologies and privacy initiatives and manages a business continuity and disaster recovery program and facility management.

Mr. Eggleston started his professional career serving as a Program Manager and Psychotherapist at a hospital serving children and adolescents. Later, Mr. Eggleston helped develop an internal compliance approach, complete with policies and tools, ensuring a geographically dispersed health care provider organization (across 19 states) complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mr. Eggleston then transitioned to apply his HIPAA expertise to a local health plan. He then was promoted into a series of positions to direct a health plan’s security and business continuity programs where he has helped to implement many successful security controls to include, single sign on (SSO), Identity and Access Management (IAM), vulnerability assessment program, and a comprehensive business continuity program.

Mr. Eggleston received his Bachelor of Science degree in Psychology from Radford University. Later, Mr. Eggleston received both his Masters in Social Work and his Post Baccalaureate Certificate in Management Information Systems, from Virginia Commonwealth University. Mr. Eggleston holds CHPS, CHPS and CISSP certifications.

Alain Espinosa thrives in the business-technology continuum, viewing business and technology as interwoven concepts. He excels at strategizing, planning, and coaching people, as he moves easily between the big picture and the details. His unique gift of envisioning things that have not yet happened enables him to extract solutions to issues and challenges. Alain is a relationship builder, skilled communicator, and facilitator who engages both technical and business stakeholders in reaching a common goal.

Currently, Alain is the Global Director of Information Security Operations for Upbound Group (formerly known as Rent-A-Center) a $4 billion public retail and financing company. Among his accomplishments are 1) driving development of the company’s first third-party vendor risk management and data governance programs, thereby decreasing the risk of regulatory fines, 2) reducing the security operations management workload by 30%, and 3) establishing a robust cybersecurity awareness program.

Previously, Alain rose through a number of technical positions, which provided the foundation for his leadership roles in Information Security. These experiences were enhanced during his tenure at Cyber Defense Labs, an information security consultancy and managed security service provider, where he worked directly with clients on developing risk management strategies and providing program management expertise. Subsequently, he was the Director of Security Operations/Cybersecurity Consultant (vCISO) at Online Business Systems, an international digital transformation and cybersecurity consultancy, where he oversaw the Security Operations Center. He also served as Interim CISO for several clients, designing security controls and implementing governance processes.

Alain is an Advisory Board Member of Blackswan Cybersecurity (Consultancy), an Advisory Board Member of the Security Advisor Alliance, and Founding Advisory Board Member of DallasCISO.

Michael Fey is Island’s co-founder and CEO. Fey was President and COO at Symantec. Prior to Symantec, he was President and COO of Blue Coat. Prior to that, Mike was EVP & GM for enterprise products at McAfee and CTO of Intel Security playing a pivotal role in Intel’s acquisition of McAfee for $7.7 billion in 2010.
Fey holds a degree in Engineering Physics and Mathematics from Embry-Riddle Aeronautical University and was co-author of Security Battleground: An Executive Field Manual, providing a playbook for security obligated executives coping with the new realities of cyber security responsibilities to the board.

Steven Fox directs the GRC strategy for Educational Testing Services, the world’s largest private educational testing and assessment organization. He brings a cross-disciplinary, international perspective to the practice of information security; combining his experience as a Deputy CISO, security consultant, an IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges.

Mitchell Greenfield is currently AVP, Identity and Access Management at Humana. Mitch leads a team of around 200 identity specialists focused on managing identity risk for large complex health care organization. Previously Mitch was the Information Security Officer for CenterWell Home Health in Humana’s Enterprise Information Protection (EIP) department. Mitch lead the security program for CenterWell Home Health as well as the teams responsible for the security merger and acquisition process and the subsidiary security programs. Previously, Mitch conducted ethical hacking and penetration testing for Humana, including business partners and acquisitions. Mitch previously held his Certified Information Security Auditor (CISA) and has previous held certifications including Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT), and Certified Information Security Auditor (CISA). Mitch is also involved with the executive advisory boards for key security companies including SkyHigh Security, F5, Yubico and Forescout. Mitch is past President for the Kentuckiana chapter of ISACA and holds an M.S. in Information Systems and a B.S. in Informatics from Indiana University – Bloomington.

Todd is a Senior Manager in EY’s Cybersecurity Consulting, specializing in Threat & Vulnerability Management, Purple Teaming, and technology controls. He is based in New York and has 19 years of cybersecurity technical product and program management experience delivering cyber solutions and developing thought leadership across multiple verticals, with focus on threat detection, threat exposure management, response/remediation, and protection.

Dheeraj Gurugubelli is a seasoned information security executive and Senior Director at EY-Parthenon’s Cybersecurity and Data Privacy practice. As a trusted board and C-suite advisor, he guides private equity firms and corporations on cybersecurity strategy, risk management, and security program transformation. Dheeraj specializes in risk management, security operations, and incident response.

Dheeraj has led cyber due diligence in over 250 global M&A deals, representing more than $180 billion in combined equity value. He has transformed cybersecurity programs for very large private equity funds and their portfolio companies. He helps address unique cybersecurity challenges faced by PE’s across the investment lifecycle, from acquisitions to exits.

As a thought leader, Dheeraj has guest lectured at Harvard on cybersecurity in M&A valuations. He has served as a security scholar at Purdue University, published security research, and been cited by media and organizations like NATO. He also mentors upcoming cybersecurity professionals at Cyversity.

Dheeraj is passionate about enabling and empowering disruptive businesses to achieve their vision and growth potential, while protecting their business, assets and customers from cyber threats.

Internationally known cybersecurity thought leader and pioneer with demonstrated success in delivering world-class global security programs for Fortune 100 companies. Drive innovative cybersecurity organizations to new levels of growth while optimizing operational expenses, improving enterprise processes, strengthening relationships, and building high-performing teams. Creator of industry best practices proven to stay ahead of cybersecurity risks.

Dr. Harris has a doctorate in Information Assurance and Cybersecurity and has 33+ years of Network and Security experience. Dr. Harris is a Certified Information Systems Security Professional and has spent 12 years in academia teaching Computer Security at the University of North Carolina. Dr. Harris is a founding member of the Retail Cyber Information Sharing Center. He currently serves on the Cyber Security Scholarship Review Board for ISC2 and is an active member of FBI InfraGard. He is the past President of the ISC2 Chapter in Greensboro, NC, and is a former member of the National Security Council for the US Chamber of Commerce. Dr. Harris is a security evangelist, author, and international speaker. He has spoken both academically and professionally for more than 30+ years.

Dr. John D. Johnson is CEO/Founder of Aligned Security, providing vCISO advisory services and working with tech startups. John started his career as a physicist and security manager at Los Alamos National Laboratory, and has served in executive security roles for John Deere, Campbell Soup Co., Deloitte and with startups. John founded Docent Institute, a nonprofit focused on technology and cybersecurity education, outreach and inclusion. John is an educator, volunteer and serves on several industry boards. John’s focus areas are cybersecurity and advancing technologies, including Artificial Intelligence, IoT, OT, blockchain, and quantum computing.

Highly accomplished and strategic leader with extensive experience and demonstrated success in managing a broad range of risk oversight activities, including risk identification, control design and evaluation, and completion of risk and control self-assessments. Possess specialist expertise in network security architecture, network access and monitoring, data access and monitoring, identity and access management, and employee education and awareness. A transformational leader with strong skills in leading, training, and developing teams to achieve and exceed predefined performance targets while monitoring performance on regular basis to introduce multiple process improvements.

Organizations and Education
Master of Science in Management, Computer & Information Systems Security – Colorado Technical University, Colorado
Bachelor of Science, Computer Science & Engineering Technology – The University of Toledo, Ohio
Certificate: Enterprise Cybersecurity Leadership Academy, 20
Co-Chair: CyberSecurity Collaborative – Detroit Chapter

Ashutosh Kapse is a credentialed and experienced senior executive advising businesses in the areas of Cybersecurity, governance, compliance and technology risk management. Currently, he heads Falcon Labs which provides consulting and advisory services to organisations across Asia Pacific and Australia. He also founded L3 – Life and Leadership Learning, which provides leadership and life skills training to Graduate students and new managers across Australia and India.

Over the past 30 years, Ashutosh has held several CISO and Risk Executive leadership roles in large Australian businesses and Government entities. He has been involved in IT risk and information security since 1992. He is known for his integrity, leadership, subject matter expertise, and ability to achieve results. He has extensive experience in representing Risk, GRC, security & audit matters at Board level and providing cyber security advisory to business leaders. Ashutosh has a passion for leading people and challenging them to grow and develop into high performing, cohesive teams. He has led several advisory teams, in industrial verticals such as financial services, health, federal & state government departments, Manufacturing. He is an ISACA accredited trainer for CISM, CISA and CRISC certifications and has been conducting official ISACA training courses since 2010.

Ashutosh volunteers as a board member and chairman of the Risk & Compliance committee at SCCV, the largest not for profit aged care provider in the state of Victoria. He has been a board member of ISACA Melbourne chapter, including being its Vice President for 12 years from 2010 to 2022. Since 2018, he has been a member of the judging panel for SC Magazine global security and trust awards and was member of ISACA international awards working group from 2017 to 2020

Ricardo Lafosse is chief information security officer for Kraft Heinz. Lafosse is responsible for IT risk governance, OT security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including Blackhat, Defcon, RSA, ISACA and Secure World. He is an avid gamer and anime nerd.

Prior to his current role, Lafosse was chief information security officer for Morningstar, where he was responsible for providing strategic information security leadership, implementation and governance for the Information Security Program.

Lafosse has more than 19 years of experience in information security for the government, banking, legal, healthcare and education sectors. Lafosse began his career in information security consulting in finance.

Lafosse holds a Master’s in Information Assurance from Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.

A people-centric leader, fascinated with real estate technology and the powerful role it plays throughout various industries, business organizations, and everyday lives.

24 years of MLS real estate data management experience, award-winning software architect, customer service activist, data science practitioner, an accomplished musician (in his own mind), baseball enthusiast, and father of two (the most challenging task of all!).

Current CIO at Metro MLS (Milwaukee, WI) – senior executive carrying the company vision on technology, business strategy, and governance goals.

Brian Lee is an accomplished cybersecurity executive with over 13 years of experience driving security strategy and operations for complex organizations. Currently Director of Cyber Security at Oil States International, Brian established robust data protection protocols and led cross-functional initiatives to instill security best practices across the company. His expertise spans security management, compliance, threat mitigation, and risk management. Previously, as a VCISO with Unisys, Brian oversaw all aspects of security for large enterprise clients. He is passionate about partnering with business leaders to enable security for the business. Brian holds an MS in Computer Information Systems Security, NACD Directorship Certification, and numerous industry certifications including CISSP, CEH, and CCNA.

Cedric Leighton is a founding partner of CYFORIX, a cyber risk and security solutions consultancy and the Chairman of Cedric Leighton Associates, LLC a global strategic risk consultancy. He is also a retired US Air Force Colonel and a CNN Military Analyst, providing on-air commentary on military and international security issues to CNN’s US and international audiences. His analysis of the ongoing wars in Ukraine and Gaza has been an integral part of CNN’s coverage since the start of those conflicts..

Colonel Leighton has also been quoted in the New York Times, Wall Street Journal, Los Angeles Times, the Boston Globe, France’s Le Figaro, Correio Braziliense, Portugal’s Expresso and Spain’s La Razon as well as C4ISR Magazine and ADS Advance. Previously Colonel Leighton wrote for several publications, including The Hill and Leadership Excellence Magazine.

Prior to founding his strategic risk consultancy, Colonel Leighton served for 26 years as an Intelligence Officer in the US Air Force. During this period, he deployed five times to the Middle East, served at US Special Operations Command, directed specialized intelligence efforts during combat operations, witnessed the fall of the Berlin Wall, was a Squadron Commander and served twice at the Pentagon, first on the Air Staff and later on the Joint Staff. His last military assignment was as the Deputy Training Director for the National Security Agency, where he championed training initiatives for the nation’s cyber warriors.

His awards and decorations include the Defense Superior Service Medal, the Bronze Star, the Defense Meritorious Service Medal, seven Meritorious Service Medals and the Humanitarian Service Medal. He was a Distinguished Graduate of the US Air Force Reserve Officer Training Corps and received the Joint Specialty Officer designation.

Colonel Leighton graduated magna cum laude from Cornell University and holds a Master’s Degree in International Studies from Angelo State University.

Daniel Lieber is a highly experienced technology leader with a strong focus on cybersecurity. For the past 30 years, he has worked with many organizations on collaboration, communication, cybersecurity, and organizational success. He brings about the ability to quickly identify the intersections of technology and people, reducing friction from systems and enhancing value. Mr. Lieber has particular fondness for supporting organizations that help people thrive, including nonprofits, education, and healthcare. He is a frequent speaker at conferences and serves on several boards.

David Lingenfelter is the Chief Information Security Officer at Penn Entertainment, responsible for ensuring the highest level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

Prior to joining Penn Entertainment David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform.

David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

Gary D. Long, CISA, CISSP is an information security professional with over 25 years of combined US and global experience working in the public and private sector in information security consulting, sales, and management. Gary has served in such positions as Information Security Officer at Cerner Corporation in Kansas City, and Principal at several information security consulting firms, as well as an enterprise sales team member for many major vendors including Check Point and Cisco. Gary is also an adjunct professor in the Cyber Security program at Northeastern State University. Gary has provided Security thought leadership by speaking at forums, such as RSA Conference, mNext Forum, Executive Alliance Security Leader’s Summit, and he is a contributing author for the ISSA Journal. Gary is a Senior Member of the Information Systems Security Association (ISSA), and a Platinum Member of the Information Systems Audit and Control Association (ISACA).

Jacob (Jake) Lorz is a highly respected cybersecurity executive with a proven track record of success in multiple industries, including manufacturing, aerospace, defense, biometric identification, and software development. With over 20 years of experience, he has developed and implemented effective security strategies, managed complex security projects, and led high-performance security teams. He joined Cintas Corporation in 2021 where his expertise and leadership have allowed him to build a world-class and threat-resilient information security program.

Jake is widely regarded as a thought leader in the cybersecurity industry. He serves as co-chair of the Cincinnati Cybersecurity Collaboration Forum’s Leadership Board, as a member of the Cincinnati Information Systems Security Association (ISSA) Advisory Board, as a Board Member for the National Technology Security Coalition (NTSC), and he sits on the Verizon Cybersecurity Customer Advisory Board. Jake holds a bachelor’s degree in Management Information Systems, a master’s degree in Information Technology with a focus on Data Driven Cybersecurity, and a master’s degree in Business Administration. Jake also maintains professional industry certifications, including CISSP, CISM, and CRISC.

Dr. Marshall offers 30 plus years of broad executive leadership experience as a former member of the Senior Executive Service in the federal government having served in the Department of Defense, National Security Agency (legal architect of nation’s first cyber warfare exercise), the White House (Comprehensive National Cyber Security Initiative), the Department of Commerce (Critical Infrastructure Assurance Office), and the Department of Homeland Security (Director of Global Cyber Security Management).

Since retiring from the federal government (Senior Executive Service) he has broadened his executive experience by serving as Chairman of three corporations and on various boards of advisors and directors, CEO of tech startups, Executive Director of a non-profit research center, and Special Cyber Advisor to the government of Moldova.

Founder and Chairman of the Board of CinturionGroup, a global provider of international fiber optic cable communications systems and services delivering high-reliability and high-capacity solutions via the next generation of fiber optic networks. Current project is connecting Europe to India and Singapore through Israel, Jordon, and Saudi Arabia. See www.cinturiongroup.com

Chairman of the Board of SDSE Networks. Home of SCOUT Providing Software defined Secure Enclave. SDSE (SCOUT) secures and encrypts network communications: each endpoint, every instance, over any device, any place in the world. “Engineered with Stealth, Dark by Design.”

As President of X-SES Consultants LLC, he advocates at the board level, comprehensive sustainable corporate information technology governance programs that foster cost-effective software assurance, supply chain risk management, cyber security awareness training, and procurement strategies.

Greg is the Co-Founder and CEO of the application security company Ghost Security. He formerly founded cybersecurity companies Anomali and JASK (acquired). Greg is a cybersecurity expert with over 15 years of industry experience, including serving as a technical adviser to the FBI, the United States Secret Service, and NASA. Greg is also an active investor and advisor for first-time startup founders, primarily in the Austin, TX area.

Sean McElroy has built engaging financial services companies and products throughout his 23 year software engineering and cybersecurity career. At Lumin Digital, Sean is the Chief Risk Officer, responsible for cybersecurity, risk management, and privacy programs to scale the next generation of cloud-based digital banking securely across global data centers. In 2009 he co-founded Alkami Technology (NASDAQ: ALKT), where he served in roles ranging from CTO to CISO to build innovative solutions. Prior to Alkami, at Computer Services, Inc. he led all software development teams to create patented, first-to-market SaaS solutions for online banking document delivery, remote deposit capture, check item processing, and expedited payments. Sean earned a Master of Science in Information Security Engineering from the SANS Technology Institute, and holds a BBA in Management and in Management Information Systems from the University of Oklahoma. He currently holds the CISSP, CISM, GSEC, GCIH, GCIA, GDSA, GCUX, GDAT, GCCC, and GCPM certifications. In his spare time, he mentors upcoming cybersecurity and GRC professionals in Dallas, Texas.

Enida Metaj brings over 13 years of extensive experience in auditing, governance, risk, compliance, law, cybersecurity, IT, and finance. She holds a Master of Public Administration from Oakland University and a Bachelor of Laws from the University of Tirana.

Certifications in ISO standards, artificial intelligence (AI), and a Master’s Certificate in Enterprise Cybersecurity Leadership from the Professional Development Academy demonstrate Enida’s commitment to mastering cutting-edge technologies and industry best practices. Furthermore, she has refined her leadership skills through a certificate in Exercising Leadership from HarvardX.

As an award-winning cybersecurity leader, she brings innovative strategies to fortify digital infrastructures against evolving threats. Enida’s professional journey is characterized by a continuous pursuit of learning, innovation, and a relentless dedication to excellence, with a passion for driving organizational success.

Beyond her professional pursuit, Enida actively engages in community outreach initiatives, advancing cybersecurity awareness and education. Her goal is to extend her impact beyond corporate settings, fostering a safer and more secure digital ecosystem for all.

Julian Mihai is serving as the Chief Information Security Officer at Penn Medicine, University of Pennsylvania Health System, a leading academic medical center based in Philadelphia, PA. Julian is an information security leader with extensive experience in the industry. He is responsible for all aspects of the enterprise cybersecurity program across clinical, research, and education lines of business. Prior to joining Penn Medicine, he held multiple senior and technical leadership roles in enterprise cybersecurity and technology at the Cleveland Clinic, HCSC/Blue Cross Blue Shield of IL, Microsoft, Motorola, and several technology startups.
Julian positions cybersecurity as a key enabler of the organization’s mission, in addition to its more traditional role in risk management. He has helped multiple organizations transform lagging security functions into cutting-edge cybersecurity programs that drive competitive advantage. He is passionate about collaboration with the security community to disrupt the status quo and leapfrog the industry into the future. As a thought leader, he enjoys advising security technology companies, as well as speaking at leading security and healthcare technology conferences on emerging topics in cybersecurity.
Julian holds an M.B.A. from the University of Chicago Booth School of Business, and a M.S. and B.S. in Computer Science from the Polytechnic University of Bucharest.

Niel Nickolaisen has held technology executive (CIO / CTO / CISO) and operations executive positions (COO); typically in turnaround roles. He has a passion for helping others deliver on what he considers to be the three roles of IT leadership: 1) Enable strategy and 2) Achieve operational excellence and 3) Create a culture of trust and ownership.

His outcomes include the transformation of a manufacturing company into a software company, the rapid modernization of a telecommunications company and the creation of a number of highly-successful technology products and artificial intelligence tools.

He has advised a number of established organizations and start-ups on architecture, agile and lean methods, products and technology.

He holds a MS in Engineering from MIT, a BS in Physics from Utah State University, and an MBA from Utah State University.

He is the author of “The Agile Culture” (2014, Addison Wesley) and “Stand Back and Deliver” (Addison Wesley, 2009). Niel is the winner of several IT leadership awards including the ProphIT award, CIO Magazine 100 and Golden Bridge and, in 2020, was named one of the 20 CIO’s changing the future of technology.

Murtaza Nisar currently serves as Vice President, Chief Information Security Officer for Clario, a global data and technology company that minimizes risk and uncertainty in clinical trials so that organizations can move ahead quickly – and with confidence. Clario has delivered more than 19,000 clinical trials in more than 120 countries and supported more than 70 percent of FDA approvals from 2019 to 2020.

Before joining Clario, Murtaza was the CISO for Elanco, the world’s second largest animal pharmaceutical company where he built the company’s cyber program from the ground up after the company became independent while also navigating a multi-billion dollar acquisition.

Murtaza is a transformative technology leader with a diverse background in cybersecurity and a deep appreciation of the role of cybersecurity as a Trust enabler.
Murtaza is also heavily involved with the broader cybersecurity community. He serves on the Advisory Board of Kennesaw State University’s Information Systems and Security department. He also is an investor and advisor to multiple cybersecurity startups and is on the advisory board for other cybersecurity organizations such as Cybersecurity Collaboration Forum and Evanta.

Sakthi is a seasoned Product and Cybersecurity Leader with 18+ years of combined experience in Security Product management, Product Incident Response, Cloud Security, Data Privacy, Risk Management, Audit and Compliance. He currently leads the Product Security Incident Response at Pure Storage. Prior to Pure Storage, Sakthi has held various security leadership roles at VMware, Juniper, IBM and Deloitte. He has helped fortune 100 companies improve their overall cybersecurity posture and create product differentiation and competitive advantage through security.

Sakthi currently serves as President at the San Jose Institute of Internal Auditors. He also served as Board of Director at ISACA Silicon Valley chapter from 2018-2022. He has written various security articles and publications including speaking engagements on various security topics. He holds security and privacy certifications including CISSP, CISM, CISA, CIA and CDPSE.

Olivia Rose is an award-winning two-time global Chief Information Security Officer (CISO), with over 22-years experience in Cybersecurity, including leading advisory services for Fortune 1000 companies.

Presently, Olivia is the CISO and founder of the Rose CISO Group (www.rosecisogroup.com), a boutique Security company delivering exceptional Fractional CISO, Executive and Board Communications, and Strategic services to Fortune 1000 companies.

Olivia holds numerous IT, Privacy, and Security certifications, and is an active participating member of several industry groups. Olivia is frequently requested at speaker events and podcasts, and is regarded as a thought leader in the industry.

Marcus (Marc) Sachs is the Senior Vice President and Chief Engineer at the Center for Internet Security. He is a retired US Army Officer and was a White House appointee in the George W. Bush administration. His private sector experience includes serving as the Deputy Director of SRI International’s Computer Science laboratory, as the Vice President for National Security Policy at Verizon Communications, as the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation (NERC), and as the Chief Security Officer of Pattern Computer. He was most recently the Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. He is the former Director of the SANS Internet Storm Center and has co-authored several books on information security. He holds degrees in civil engineering, computer science and technology commercialization, and is an avid collector of mechanical cipher equipment.

John Taylor has over 25 years’ experience in technology and until recently, was the Group CIO of MedHealth, a multi-brand national health services provider. Previously, John was an IT executive with AGL (one of Australia’s largest energy companies) where he performed a variety of roles including the CIO for AGL’s Retail business, CTO, established its IT shared services capabilities and was AGL’s first Chief Information Security Officer (CISO).

John has wide-ranging experience across various sectors with extensive international experience in a variety of global roles for top 5 FTSE and top 20 ASX organisations, including IBM, Reuters, British American Tobacco and Insurance Australia Group. Throughout his career, John has delivered various major transformational programs, lead complex operational and development teams and provided consulting services up to Board level regarding various strategic IT topics. John’s unique perspective is that he has held multiple CIO, CTO and CISO roles.

John holds a Bachelor of Commerce degree in Management Information Systems, a Master of Business Administration and is a Graduate of the Australian Institute of Company Directors. In 2023, John was listed at number 25 in the Australian CIO50 Awards. Additionally, John has been a member of several global advisory Boards throughout his career, is currently a judge for the Australian Women in Security Awards and is a CISOLens Alumni.

IT executive with over 20 years of achievement in collaborating closely with business leadership, leveraging technology to support business initiatives and in leading, developing and mentoring IT colleagues in multiple disciplines. Diverse background encompasses leadership roles across training, support, infrastructure, audit and security domains as well as project management. Excels in bridging the gap between IT and the business and recognized as a thought leader having spoken at key CISO and CIO events. Board reporting, risk management, data privacy, cyber security, security awareness training, internal controls and audit are key areas of skill and expertise. Achievements include a zero concern, deviation, deficiency external General Computing Controls (GCC) audit; an increase from 29% to 100% in site infrastructure compliance five years after implementing a site infrastructure audit program.

Solomon is a visionary cybersecurity leader with over 15 years of experience forging secure enterprises across diverse information security domains including, penetration testing, cybersecurity  auditing, network and application security design and verification, architecting secure enterprises, securing payment systems. He is an expert in establishing enterprise information security management systems. He has led information security in a startup and at mature global organizations. He is currently a Director for Governance, Security and Compliance in global automation giant – Rockwell Automation, where he guides executives in managing cybersecurity risk and deploying information security as a business enabler.

Vandana is a Security Leader at Snyk. Vandana is a seasoned speaker and trainer. She presented at various public events ranging from Global OWASP AppSec events to BlackHat events, to regional events such as BSides events in India. She is on the OWASP Global Board of Directors. She also works in various communities towards diversity initiatives such as InfosecGirls, and InfosecKids. She is a recipient of multiple awards and is listed as one of India’s top women leaders in technology and cybersecurity.

As Chief Information Security Officer, Jon Washburn leads the firm’s information governance and security program in alignment with established international standards and cyber security and risk management frameworks. Jon acts as the firm’s compliance officer, working directly with the Chief Operating Officer and Firm Counsel to ensure policies, controls, operational processes and training programs reduce IT risk and meet client and regulatory requirements.

A resource for the firm’s Privacy & Data Security practice, Jon draws on his more than 20 years of IT, information security and information governance experience to assist the team with performing risk assessments, responding to incidents, identifying information governance policy and process improvements, and evaluating information systems architecture and security controls to determine how well they might reduce the likelihood and impact of a data breach.

Since 1997, Jon has held a number of IT infrastructure, security and information management leadership roles, successfully deploying robust technology, business continuity and data governance solutions. Outside the office, Jon spends considerable time volunteering with the International Legal Technology Association (ILTA) and the Legal Services Information Sharing and Analysis Organization (LS-ISAO), where he collaborates with other leaders to transform the cybersecurity capabilities and culture of the legal industry.

As a transformative, servant leader, Corey is a proven entrepreneur focused on innovating and creating new paradigms in the security industry and life. His leadership style is focused on an employee first approach because of the positive impact of happy employees to their customer relationships. Corey has chosen to take a people centric approach to life and to let all outcomes be driven by that philosophy.

Twenty-nine years of experience in the security industry has seasoned him to create the next exponential evolution. As Founder and Chief Experience Officer, Corey has created Cyvatar.ai to enable
vendor partners to deliver reliable, repeatable, and measurable business outcomes to clients through an outstanding customer experience. This also allows the partner to engineer out complexity, improve renewal/upsell/cross-sell opportunities, and increase their customer satisfaction and referrals.

Susan Whittemore is a leader and business founder with a career that spans over twenty years in technology risk and cybersecurity. Throughout her career, Susan has worked with large and small companies to establish and improve cybersecurity functions, develop risk management programs, and engage with business and technology teams to ensure strong disciplines and compliance readiness. She is well versed in privacy, industry standards and regulatory requirements such as ISO27001, NIST, HIPAA, HiTrust, GDPR, CCPA and PCI.

Susan has held leadership positions in technology risk and governance, security operations, vulnerability management, application security, business line Information Security Offices, vendor risk management, customer protection, business resiliency and consulted for enterprises and small businesses. In her spare time, she enjoys gardening and music.

Gregory Wilson is the Chief Information Security Officer (CISO) at Putnam Investments and a United States Air Force veteran.

Prior to joining Putnam Investments, Wilson served as the Chief Information Security Officer at Pioneer Natural Resources and was the Head of Information Security at 1st Global. Wilson led the IT Compliance and Security function at TPG Capital and the IT Compliance and Security group at Lehigh Hanson.
​
Wilson graduated cum laude with a bachelor’s degree in Public Administration from the University of Nebraska and a master’s degree in Economics from the University of Oklahoma. Wilson holds a certificate from the Harvard Kennedy School cyber security executive program and holds the CISSP, CISM, CGEIT, CDPSE, PSM and PMP certifications as well as his Series 7 and 24. Wilson is a boardroom Qualified Technology Expert (QTE) by DDN and holds a board certification in Director Professionalism by the NACD.

Wilson serves on the Board of Director’s at Intrusion Inc. as the Chair of Nomination/Governance and is a member of Audit Committee. He also serves as an Advisor for Menlo Ventures, YL and Vation Ventures and on EveryIncome, LLC corporate Advisory Boards and Boston Innovation Advisory Council. Wilson also serves on the following professional boards, including CNBC Technology Executive Council, Boston CXO Executive Committee and SecureWorld Boston Advisory Boards.