The mission of the SC Awards 2018 is to honor the achievements of companies and cybersecurity professionals striving to safeguard their business' and their customers' critical data in North America.
There is also no greater excitement than receiving an SC Award. As always, the identities of the winners will be withheld until our spectacular event on April 17 2018, in San Francisco.
To view the 2018 winners listed in the Book of the Night, please click here.
Entry information for the 2019 awards will be available in August.
Book your sponsorship today by contacting your SC Media Commercial representative and download
our sponsorship media kit here.
AlienVault® has simplified the way organizations detect and respond to today’s ever evolving threat landscape. Our unique and award winning approach combines our all-in-one platform, AlienVault Unified Security Management®, with the power of AlienVault’s Open Threat Exchange®, making effective and affordable threat detection attainable for resource constrained IT teams.
Arctic Wolf answers the question, “Am I Safe?”, with our turnkey SOC-as-a-service. AWN’s Concierge Security Engineers improve threat detection by up to 10X, leveraging our hybrid AI, custom rules engine and security optimized data architecture. These innovations provide a superior threat detection and response platform for proactively hunting threats, performing remote forensics analysis of incidents, and delivering actionable remediation recommendations.
Barracuda Networks, Inc. offers industry-leading solutions designed to solve mainstream IT problems – efficiently and cost effectively – while maintaining a level of customer support and satisfaction second to none. Our products span three distinct markets, including: 1) content security, 2) networking and application delivery and 3) data storage, protection and disaster recovery.
While we maintain a strong heritage in email and web security appliances, our award-winning portfolio includes more than a dozen purpose-built solutions that support literally every aspect of the network – providing organizations of all sizes with true end-to-end protection that can be deployed in hardware, virtual, cloud and mixed form factors.
Digital Defense, Inc., an industry recognized security risk assessment solutions provider, helps organizations defend data and protect brands. The company’s Frontline. Cloud suite of vulnerability and web application security solutions are underpinned by innovative, patented technology and complemented with unparalleled service and support.
Thousands of organizations rely on Splunk Inc. (NASDAQ: SPLK) as their security nerve center to turn machine data into answers. Splunk’s suite of security solutions, including Splunk® Enterprise Security and Splunk® User Behavior Analytics, sits at the heart of the Security Operations Centers (SOC), to provide security analysts with insight into machine data generated from security technologies such as network, endpoint, access, malware, vulnerability and identity information. This analytics-driven approach to security helps analysts drive better, faster security decisions, enabling improved threat detection, improved time to resolution and reduced security costs. For more information on Splunk’s SIEM platform, visit the Splunk website.
Best Data Leakage Prevention (DLP) Solution
Best Database Security Solution
Best Email Security Solution
Best Deception Technology
Best Identity Management Solution
Best Managed Security Service
Best Mobile Security SolutionAsavie Moda
Best Authentication Technology
Best NAC Solution
Best Risk/Policy Management Solution
Best SIEM Solution
Best Threat Intelligence Technology
Best Threat Detection Technology
Best UTM Security Solution
Best Vulnerability Management Solution
Best Web Application Solution
Best Security Company
Rookie Security Company of the Year
Best SME Security Solution
Best Regulatory Compliance Solution
Best Customer Service
Best Emerging Technology
CSO of the Year
Best Security TeamBank of America
Best IT Security-related Training Program
Best Professional Certification Program(ISC)² for CISSP
Best Cybersecurity Higher Education Program
Cybersecurity Student of the Year
Tony Sager is a Senior Vice President and Chief Evangelist for CIS (The Center for Internet Security). In this role, he leads the development of the CIS Controls, a worldwide consensus project to find and support technical best practices in cybersecurity. Tony also serves as the Director of the SANS Innovation Center, a subsidiary of The SANS Institute.
Roota Almeida is a dynamic senior IT Executive responsible for successful implementation of information security, risk and compliance systems and strategies across multiple industries with global operations. Currently, she is the AVP -Head of Information Security at Delta Dental of NJ and CT, leading the development and implementation of enterprise-wide information security strategy, policies, risk assessments and controls.
Prior to Delta Dental, Roota was the Chief Information Security Officer (CISO) at Covanta Holdings Corp., a leader in Energy-from-Waste. As a CISO she led all aspects of Information security and risk, including global information security awareness programs, policies, business continuity and incident response teams.
Roota has over 15 years of direct experience in establishing and maintaining global security strategies, architectures, standards, and compliance while driving the necessary cultural changes to affect measurable improvements in the organizations’ security posture. Roota is a recognized thought leader in the industry and serves as a Co-Chair for Evanta’s NJ CxO Summits and Advisory Board Member for HMG’s CIO and CSO Summits. She is also a Governing Body Member for various other technology conferences. She is a frequent speaker at various conferences such as MIT’s CIO Symposium, HMG’s CIO Summit of America. Her in-depth experience and expertise in the field of Information Security and Risk Management can be measured by the various articles, eBooks, interviews and podcasts she has to her credit.
Peter Anderson has been the CIO and Executive Director of IT for the Greater Cleveland Regional Transit Authority since May 2014. In addition to reorganizing an austere environment to provide focus on customer support, he has been a key player of the executive team planning transport for NBA and MLB Playoffs, The Republican National Convention and the Cavs Championship parade.
His transit work began at the Central Ohio Transit Authority in 2000 and continued with work on a federal research team even when his day job was not transit.
Pete’s municipal CIO experience was in the cities of Columbus OH and Fort Worth TX. Peter’s public sector IT work started with the federal government in the Navy Supply Corps and the Defense Logistics Agency, installing systems in the fleet in the former and commanding an agency of 1600 in 13 sites developing software for the latter.
The common thread in his career has been taking challenging positions and leaving them award winning organizations. Pete was named a Public Technology Institute Fellow in 2012, one of 2013’s Doers, Dreamers and Drivers by Government Technology and one of Computerworld’s Premier 100 Technology Leaders of 2017. Under his leadership, GCRTA has won several national IT awards since his arrival.
Vikas Bhatia is the Founder & Chief Executive Officer of JustProtect Inc. Headquartered in Manhattan, NY. Just Protect is a Continuous Compliance Assessment platform that enables enterprises to accelerate internal and vendor compliance assessments without adding spreadsheets or people.
Vikas has over 19 years’ enterprise information technology experience with over 17 years dedicated to information security operations, auditing, compliance and consulting engagements. Prior to founding JustProtect he founded Kalki Consulting, a cyber security consultancy dedicated to Small and Medium sized businesses.
Prior to Kalki he held senior consulting positions at the Federal Reserve Bank, Deloitte & Touché and Cap Gemini where he served clients such as, the (UK) Ministry of Defense, Barclays Bank, American Express, Visa, CIT Bank, Citigroup, Honeywell, Shell Oil, Target (way before the breach!) and has indirectly advised countless other state and local government, energy financial services, healthcare, and retail clients.
Vikas earned a BA in Economics from Kingston University in the UK and has been recognized as an Advanced Degree holder in Information Risk Management from Pennsylvania State University. Additionally, based on his expertise, Vikas was awarded permanent residence status in 2012 by U.S. Citizenship and Immigration Services, which deemed him a “person with exceptional ability in the national interest” in the area of Information Security.
Over twenty years of analyzing business processes and creating IT solutions that make my institution more effective and efficient. I have been an active IT Security Evangelist since May 2001 when we were hit with a Distributed Denial of Service (DDOS) attack. This incident took my main site offline for three days, while I worked with my ISP to reroute and deflect the attack.
From that point forward I focused on building as secure a network as possible, as well as preaching "Defense in Depth." Over the last 16 years I have obtained multiple, high-level IT Security certifications (the GSEC, GCIH, and GCWN). These security certificates go beyond general security, and are focused heavily on the technical side of Information Security.
I also have been active in the Higher Education Information Security Council (HEISC) since 2006, serving twice as the co-chair of that group. I have also presented over a dozen times at national Higher Education conferences on IT security. I work to raise awareness and how to implement best-practice standards for IT Security.
I am a graduate of Oklahoma State University and have 17 years experience in IT. Having been the head of the IT department at two dynamic, mid-sized mortgage companies over the past 17 years, I have had the opportunity to be responsible for all phases of the system development lifecycle, from technology selection to technology support. As the CIO at Certainty Home Loans, I am responsible for ensuring that the IT department is a business enabler, source of value for the organization, and active participant in growing the business. At the same time, having multiple IT Security and IT Risk certifications (CISSP, ISSMP, and CRISC) as a guide, I am also responsible to ensure that the IT-related security, governance, risk and compliance needs of the organization are met in order to actively protect the brand.
Related to my role as CIO, I have had the opportunity to help the company win multiple IT awards (Mortgage Technology Green Lender Award 2011 and 2013), participate in a review of content for multiple IT-related conferences (Citrix Synergy 2013 and INTERFACE-Dallas 2013 and 2014), as well as participate in the exam development process for an IT Security certification, the ISSMP Certification from (ISC)2.
As Truth Initiative’s Chief Information and Cybersecurity Officer, Derrick A. Butts oversees a team of specialists supporting access control, computing, VoIP, cybersecurity, and other information technologies along with enterprise and cloud-based applications.
Derrick has considerable leadership and technical expertise with a background that includes developing, managing, and architecting secure information enterprise systems. He is well versed in cyber-security and infrastructure design strategies, applications interoperability, cloud computing, and virtual networking infrastructures. He has advised top executives on business processes improvements, infrastructure improvements and technology refresh efforts to improve the continuity and security of business operations. In 2015, Derrick lead his Truth Technologies Team (T3) to migrate Truth Initiative’s entire staff and programs to a new open concept facility where they are supported by state-of-the-art technologies.
His career spanning three decades in information technology as an enterprise solutions architect which has included positions at major corporations such as Siemens and MCI/WorldCom, as well as in the federal government and the DoD with the U.S. Information Agency/Voice of America and the U.S. Naval Sea Command (NAVSEA).
Before joining the Truth Initiative, Derrick was CEO/President of Continuums Corporation, a business continuity strategy company working with securing enterprise clients in multiple sectors. He holds a CISSP and ITIL certification.
Miki Calero has been named one of the Most Influential People in Security by Security Magazine, and a Top 100 City Innovator Worldwide by United Business Media (UBM) Future Cities, for advancing enterprise risk management through unified physical and cybersecurity.
As Chief Security Officer, he established an Enterprise Security Risk Management program that received CSO Magazine's CSO40 award for groundbreaking business value and innovative application of risk and security concepts at the 15th largest city in the US, Columbus, Ohio.
Miki's career spans the private and public sectors, including startup companies, Fortune 500 enterprises, and federal, state, and local government. His responsibilities have included protection of information systems, physical assets, and critical infrastructure in strategic, tactical, and operational capacities.
He consults and advises on security strategies for comprehensive asset protection, and promotes enterprise security and public private partnerships as keynote speaker at national and international events, and writer in various media outlets.
Benjamin Caudill is the Founder and CEO of Rhino Security Labs, a penetration testing and managed security firm headquartered in Seattle, WA. As a security professional, Benjamin has seen a wide range of security environments, with clients ranging from mobile startups to government agencies and Fortune 500’s. He’s been published in Wired Magazine, CNN, Forbes and presented at security conferences such as Defcon.
Taking interest in all things digital.
Laszlo DELLEI is experienced, certified and internationally recognized InfoSec, Cybersecurity, Security and ITSM professional, with a multidisciplinary background, and last but not least he is an expert witness as well. Laszlo received B.S. degree in Information Technology the Dennis Gabor College and the MBA in Information Management specialised in Security from the Metropolitan University. Furthermore, Laszlo is proudly holds among others the following internationally recognized credentials: C|CISO, CISA, CGEIT, CRISC, ITIL and ISO27001. Laszlo is dealing with the referred disciplines for almost 15 years.
As the Chief Security Officer of UNIQA Biztosító Zrt. he is responsible for high-priority operations in the following domains: Physical Security, Environmental Security, Cyber and Information Security. Laszlo is also a registered and active security expert of the European Commission. Furthermore, he is a member of the Hungarian Chamber of Judicial Experts, Gold Member of ISACA, member of the EC-Council, and member of John von Neumann Computer Society.
Moreover he is the author of numerous articles and presentations on IT security. he is one of the topic leader of ISACA’s Hungarian Information Security Landscape Survey for many years and member of the Corporate Awards Working Group of ISACA HQ. Nevertheless he is one of the nominated GDPR Ambassador of ISACA HQ as a Member of the GDPR Working Group.
Rick is Chief, Cyber and Information Security for Crumpton Group LLC in Arlington, Virginia. Rick provides strategic guidance for corporate CISOs, and acts as surrogate CISO for companies wishing to improve their IT security programs. Rick has worked in and managed ethical hacking, incident response and forensics, and risk management teams throughout his career. Previously, Rick was the CISO of Digital Management, Inc. (DMI) and has held positions as a Risk Management consultant at Gartner, Chief Scientist for Lockheed Martin’s Center for Cyber Security Innovation, and Managing Principal in the Professional Security Services practice at Verizon. Rick is on the committee managing the CIS Critical Security Controls.
Karen S. Evans is serving as the National Director for the US Cyber Challenge (USCC). The USCC is the nationwide talent search and skills development program focused specifically on the cyber workforce. She serves as an independent director and outside manager for publicly traded companies. She is also an independent consultant in the areas of leadership, management and the strategic use of information technology. She retired after nearly 28 years of federal government service with responsibilities ranging from a GS-2 to Presidential Appointee as the Administrator for E-Government and Information Technology at the Office of Management and Budget (OMB) within the Executive Office of the President.
Russ Finney is a technologist and researcher with the itmWEB Group LLC who is a long-time advisor to high profile clients and a well-known keynote speaker and moderator for events. In 2016 he was named a Top 5 CIO Influencer through social media by Apollo Research and one of the top 10 CIO advisors in the US. He spent many years as an executive and as a CIO working inside the computer chip industry building semiconductor equipment, the defense industry building aircraft carriers and submarines, the financial services industry building advanced trading platforms, and the aerospace industry building advanced VIP & Head-of-State aircraft. From these leadership roles he has developed deep insights into the complex security technologies, processes, standards, and innovations which are vital to protecting today’s large scale enterprises. He first began his career as a consultant with Ernst & Young in Houston, and then he spent almost 20 years as an executive in the high technology industry travelling between the US and Japan. Today he is based out of Austin, Texas serving as a business and technology advisor to a wide variety of complex organizations across the world.
After an MBA and a BA in Political Science, I worked 9 years as a Principal Presales Consultant Enterprise Products in Europe for Microsoft . After relocating to the US in 2001 I changed careers to head IT departments for manufacturing companies. In my current role as ICT Senior Manager for Coesia an Italian based leader in the packaging automation business I am responsible for an IT department that serves over 900 users in 14 locations, implementing a shared service organisation as well as new applications such as IoT and SAP.
Jane Frankland is an award-winning entrepreneur, author, speaker and consultant in cybersecurity and entrepreneurism. Founder and Managing Director of Cyber Security Capital, a consultancy that offers niche consulting, coaching and training services, she works internationally with a wide range of clients from Chief Information Security officers at listed multinationals to cybersecurity entrepreneurs of ambitious, fast growth startups.
Jane has twenty years worth of experience in cybersecurity and is one of the top influencers in the UK market. She has built and sold her own global penetration testing firm, held senior executive positions at several large PLCs, and been an SC Awards Judge for Europe and the USA. Over the years she has been actively involved in OWASP, CREST and the Cyber Essentials Scheme, and as a Baord Advisor of CISO forums. She has authored many articles and been featured in leading publications and media programmes.
Jane is driven by her three children, an obsession to deliver outstanding quality and to make a positive difference in the world. Believing passionately in freedom, empowerment, and entrepreneurism, her vision is to strengthen cyberspace with an optimised, gender diverse cybersecurity workforce. It is why she authored IN Security, founded the IN Security movement and community.
Ajit Gaddam is the Chief Architect of Cybersecurity at Visa and leads their security architecture and engineering team. Named the Information Security Executive of the year 2017 by T.E.N, Ajit Gaddam has successfully protected the most sensitive assets, data, and infrastructure of the world's largest financial services, insurance, media, and technology companies.
Ajit is a technologist, serial entrepreneur, and a Cyber security expert specializing in machine learning, cryptography, and big data security. He is an active participant in various open source and security architecture standards bodies (NIST, SABSA, OWASP, OpenGroup). He is a prolific inventor in disruptive technologies (over 50+ patents), international speaker (BlackHat, Strata Hadoop, Global Cybersecurity Conference, COSO), instructor (SANS, community colleges), and a security researcher (two security books, over 300 citations on security publications).
Terry is the founder of D6 Research a vendor-neutral research and advisory firm specializing in security, identity, and authentication across the physical, transactional and logical domains.
For the past 15 years, Terry has specialized in assisting global organizations to assess their security posture and develop adoption strategies to mitigate identity related threats. At D6 Research, he has been focused on leveraging this experience to build repeatable methodologies, tools, and research to more meaningfully impact global enterprise practitioners.
Terry has worked in strategic roles for a variety of companies in the identity and security space and applies his past and present knowledge to impose transparency and disclosure between vendors and end users. Terry is frequently published in media and presents at various conferences including DEFCON, DerbyCon, Security BSides (among others) and sits on a variety of conference and security trade organization boards.
Dr. Tyrone W A Grandison is the first-ever Chief Information Officer (CIO) of the Institute of Health Metrics and Evaluation - an independent global health research center at the University of Washington that provides rigorous and comparable measurement of the world's most important health problems and evaluates the strategies used to address them. Dr. Grandison also advises the Government of Jamaica on their Information Technology strategy - as a member of the National Information and Communications Technology Advisory Council (2016-18). More at http://www.tyronegrandison.org/bio.html
Stacey Halota joined Graham Holdings Company (then The Washington Post Company) in 2003. Graham Holdings is a diversified education and media company whose operations include educational services; television broadcasting; online, print and local TV news; home health and hospice care; and manufacturing. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance and other data protection efforts. Halota has more than 25 years of experience in the information technology, security and privacy field. Before joining Graham Holdings, she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice working with federal government and Fortune 500 clients. Halota was named Secure Computing Magazine’s 2009 Chief Security Officer of the Year, and was also named 2009 Mid-Atlantic Information Security Executive of the Year (Commercial Category) by the Executive Alliance. She is a Certified Information Systems Security Professional (CISSP), a Certified Information Privacy Professional (CIPP) and a Certified Information Systems Auditor (CISA). She has spoken at many information security events, most recently in 2015 on mobile security at the Black Hat CISO summit, on “Congruence and Tension: Where Privacy and Security Align and Where They Don’t” at the first Privacy+Security Forum created by Professor Daniel Solove, as a keynote speaker at the 2015 Women’s Cyberjustu Awards, and at the inaugural International Consortium of Minority Cybersecurity Professional (ICMCP) conference. She also participates as a judge at “Shark Tank”-type events that evaluate security start-ups, including in 2015 and 2016 at the TEN ISE Lion’s Den at Black Hat. She is on the strategic advisory board of ICMCP, and Graham Holdings’ newest company, CyberVista that is focused on cybersecurity training.
Aim High!, Inc., your contract CIO, provides IT services for a variety of small and medium businesses and work groups in large companies, focusing on Apple OS and iOS. This includes infrastructure planning, logistics, configuring and installing Workstation, LAN and WAN (especially network security/firewall) equipment; training, support and development. Aim High! Internet services provides LAN and WAN integration to companies throughout the world, specializing in customized solutions for customer needs, requiring a high level of customer interaction and understanding of not only technology, but business functions and interpersonal communications. Certifications and volunteer highlights include:
Juror of the 2017 SC (Security Vendor) Awards
Diploma in Legal Studies
Diploma Computer Networking
Certified in Fundamentals of Network Security
Certified in DevOps - Application Lifecycle Management
Microsoft Certified Understanding Active Directory
Small Business Representative to the TAC 14. The Colorado State Government Technology Automation initiative
Member (Colorado) Governors Small Business Council, Chair of the Technology Subcommittee
Over 42 years experience designing systems and networks, training, supporting and using computerized systems including mainframes, mini computers, PC's and mobile devices.
2017 Cybersecurity People’s Choice Award and 2017 Information Governance Expert of the Year, Dr. Mansur Hasib is the only cybersecurity and healthcare leader, author, speaker, and media commentator in the world with 12 years’ experience as Chief Information Officer, a Doctor of Science in Cybersecurity (IA), and the prestigious CISSP, PMP, and CPHIMS certifications.
Dr. Hasib led organizational transformations through digital leadership and cybersecurity strategy in healthcare, biotechnology, education, and energy for 30 years. Dr. Hasib currently teaches cybersecurity leadership, digital innovation and strategy to graduate students and executives worldwide and is Program Chair of the (ISC)2 Americas ISLA Award Winning Master of Science in Cybersecurity Technology Degree Program in The Graduate School at University of Maryland University College (UMUC).
With a Bachelor’s degree in Economics and Politics and a Master’s degree in Political Science, Dr. Hasib has a unique interdisciplinary perspective in digital strategy, business innovation, and cybersecurity. He is author of widely acclaimed Cybersecurity Leadership: Powering the Modern Organization (ebook, paperback, and audio), which received two nominations for The Cybersecurity Canon – and is currently contesting to be inducted into this Hall of Fame in 2018. In 2013 he conducted a national study of US healthcare cybersecurity and published the book Impact of Security Culture on Security Compliance in Healthcare in the USA.
Dr. Hasib enjoys table tennis, comedy, and travel and has been to all 50 states of the USA. Follow him on Twitter @mhasib or LinkedIn: www.linkedin.com/in/mansurhasib. Visit Dr. Hasib’s website for content and updates: www.cybersecurityleadership.com.
Kelly is a Senior Director of Business Security Operations for Brightcove where she is responsible for the development and oversight of their security program. Her passion for promoting security awareness, risk management and the security of company assets, employees, and customers is unparalleled.
She is an accomplished and seasoned leader with 20 years of technology experience.
In her most recent roles at Hasbro Inc. and Axeda Corporation, she implemented her strategic objectives and goals for global quality assurance and training divisions.
Throughout her career, Kelly’s achievements have resulted in numerous promotions, community and company recognition awards and nominations.
Erin is a former CIO and CSO who yields her nearly two decades consulting and C-level management experience in managing Urbane’s compliance and strategic advisory delivery teams. She and her team work with all levels of an organization to identify business goals and IT challenges and then, through specially tailored services, aligns them with the best solutions to help them securely drive their business forward. Through her work, Erin has established several industry best practices and has presented these at numerous high-profile security conferences, including RSA, DEF CON, Brucon, Derbycon, Hack In The Box, and ISC2 Congress just to name a few. She is also passionate about fostering collaboration between the CSOs and practitioners that oversee day-to-day security challenges with the security research community at large to help them learn from each other and ultimately improve our industry. Urbane Security is an information security firm that provides specially tailored security and compliance solutions that empower the Fortune 500 to securely focus on their ultimate business goals. Accomplished through highly technical services ranging from offensive and defensive security testing, to risk assessment and compliance services, which Urbane Security manages as trusted advisors to ensure high quality, incomparable expertise, and consistency of service in every engagement. Urbane Security’s core passion lies in elevating its clients and the broader industry through education, communication, cutting edge research and community. In addition to its Chicago headquarters, the company has presences in Atlanta, Los Angeles, New York and San Francisco. www.urbanesecurity.com
Dr. John Johnson is CEO and Founder of Aligned Security. He is a founding member of the Security Advisor Alliance, a member of SC Media Editorial Board, and serves on various advisory boards and mentors innovative security startups. He spent 17 years as security architect for a Fortune 100 global manufacturing company, where he managed infrastructure and developed strategy and secure architecture solutions for protecting a global corporate network, endpoints, industrial systems and the supply chain. Dr. Johnson was previously network security manager for the Theoretical Division at Los Alamos National Laboratory, and an experimental staff physicist developing radiation systems for nuclear remediation and non-proliferation. Dr. Johnson develops and teaches graduate cybersecurity courses and helped develop the CISO executive certificate program with University of Chicago, Booth School of Management. He is a frequent speaker at industry conferences and serves as program committee member for RSA Conference and other industry conferences. Over his career, he has served in leadership roles in technical and professional societies, including IEEE, InfraGard and (ISC)2. Dr. Johnson has received various awards in recognition of his contribution to the profession, he is a Ponemon Institute Fellow and was runner up for 2014 Chicago CISO of the Year.
Aaron Kirby is Senior Vice President, Authentication Solutions in the MasterCard Operations & Technology organization. In this role, he is responsible for the application development and support of the authentication platforms that support key business products including SecureCode (Card Not Present Authentication) and Biometric Authentication.
Mr. Kirby joined MasterCard in May of 2014. Prior to joining MasterCard, Mr. Kirby was a Global Security Architect for IBM. Before joining IBM he led an Online Authentication Strategy and Operations team for Capital One and worked in online security for the Wells Fargo Commercial Banking group. He also spent a number of years as an information security consultant at Deloitte and PricewaterhouseCoopers.
Mr. Kirby earned a Bachelor of Science from Ithaca College, a Master of Computer Information Systems degree from the University of Denver and is a Certified Information Systems Security Professional. He is an active volunteer for Junior Achievement of Greater St. Louis and also served on active duty in the United States Army as a Combat Engineer.
Jonas Kriks joined ATEL in 2007 and currently serves as Chief Information Officer. He has more than 18 years of experience leading information technology to develop, deploy and strengthen IT strategy initiatives across corporate operations. Kriks serves in an advisory role designing cost-effective solutions supporting enterprise networking, telecom, software assurance, application development, and security. Mr. Kriks leads a diversified team aligning technological projects with Board direction within ATEL’s business functions of equipment leasing, asset-based lending, venture finance, lease administration, investor securities services and asset management.
Christian Kutscherauer is the Director of Cyber Security at MBAF, a top 40 accounting firm in the country and largest based out of Florida. CK helps organizations of all sizes address Cyber Security and Information Technology needs. He brings his expertise to clients helping them translate their overall business strategies into Cyber Security initiatives including service delivery, governance, infrastructure, and business applications.
CK expertise includes information management and governance, Cyber Security, risk management, and consulting. He has worked in a variety of industries, including banking, healthcare, advertising, education and Cyber Security, in positions ranging from systems engineer, network administrator, chief information officer, and chief technology officer. He has significant international expertise working with businesses in the USA, South America, and Europe.
CK has experience in implementation and administration of Security Operation Centers (SOC), Threat Intelligence integration, Threat Modeling, Threat Hunting, Red-Team exercises and Incident Response planning. CK is fluent in English, Portuguese and Spanish.
CK is a Certified Information System Security Professional, and his education includes Masters Degrees in Business Administration, Management Information Systems and Bachelor of Science in Computer Science.
An award-winning software architect, a customer service activist, an IT mongrel, an accomplished musician (in his own mind), a baseball enthusiast and daddy of two (the most challenging task of all)... currently the CIO of Metro MLS in Milwaukee, WI.
Fascinated with real estate technology and the powerful role it plays in the everyday lives of many different people. Providing focus on projects that better benefit the user experience while constantly scouting for areas to innovate or re-energize. Being surrounded with a great team in an open environment is the secret ingredient to a fulfilling and successful occupation.
Devoted workgroup chair for RESO (Real Estate Standards Organization) and active IEEE (Institute of Electrical and Electronics Engineers) volunteer.
Brian Lawhorn is Corporate Vice President and Chief Information Security Officer for The Kroger Co., based in Cincinnati. He is responsible for the protection of our data assets, policy creation and enforcement, identity management, auditing, access controls, as well as guiding architecture of our systems to be compliant with present and future compliancy.
Brian joined Kroger in his current role. Prior to joining the company, he worked for IBM, Research Triangle Park in North Carolina and Champion International where he provided worldwide support of networking technology and was the head of the security department.
Brian earned a bachelor’s in Finance and Marketing from the University of Cincinnati. He is also a proud veteran and served in the United States Marine Corps. Traveling often, he speaks at various events around the world about security related topics. Brian also serves on several security advisory boards.
Brian and his wife live in Cincinnati and have three children and two grandchildren.
Brian is a role model for his Corporate Information Security organization and knows how to engage the entire company. This level of engagement makes it possible to accomplish a common goal - data protection.
Colonel Cedric Leighton is the Chairman of Cedric Leighton Associate and a Founding Partner of CYFORIX, a global consultancy specializing in cyber risk and innovative cyber strategies and technologies. He is a member of several advisory boards.
As a CNN Military Analyst, Colonel Leighton provides on-air commentary on international security issues to CNN’s US and international audiences. Prior to his appointment at CNN, he appeared on numerous global television and radio networks. He has been quoted in the New York Times, Wall Street Journal, Los Angeles Times, Le Figaro, and Correo Brasiliense as well as in C4ISR Magazine and ADS Advance. He has written for The Hill and Leadership Excellence Magazine.
While serving in the US Air Force, Colonel Leighton deployed five times to the Middle East, served at US Special Operations Command, directed specialized intelligence efforts during combat operations, witnessed the fall of the Berlin Wall, was a Squadron Commander and served twice at the Pentagon. He was the Deputy Director for Warfighter Support and Integration within the Joint Staff's Intelligence Directorate. His last military assignment was as the Deputy Training Director for the National Security Agency.
His awards and decorations include the Defense Superior Service Medal, the Bronze Star, the Defense Meritorious Service Medal, seven Meritorious Service Medals and the Humanitarian Service Medal. He was a Distinguished Graduate of the US Air Force Reserve Officer Training Corps.
Colonel Leighton graduated magna cum laude from Cornell University and holds a Master’s Degree in International Studies from Angelo State University.
Daniel is a well recognized expert within the enterprise software industry. Over the past several decades, he has worked closely with organizations around the world to design, implement, support, and measure the impact of solutions boosting productivity of people. Throughout his career, he has authored several articles and books on topics including security, collaboration, and data migration.
He led a team to design the first non-SQL based records management system to achieve full US DoD 5015.02 certification and his teams developed software licensed for embedded use by vendors such as IBM.
He actively supports technology and opportunities for new entrants. Daniel works with governments, including legislators in his home state of Massachusetts, to encourage business success with smart legislation. He actively helps organizations understand their risks, especially to human capital and develops plans to mitigate the risks, which include technology, process, training, reinforcement, and testing.
When not working in front of a screen, he can often be found sojourning with nature by camping in a forest with his family.
Gary D. Long, CISA, CISSP is an information security professional with over 20 years of combined US and global experience working in the public and private sector in information security consulting, sales, and management. Gary has served in such positions as Information Security Officer at Cerner Corporation in Kansas City, and Principal at several information security consulting firms. Gary has provided Security thought leadership by speaking at forums, such as RSA Conference, mNext Forum, Executive Alliance Security Leader’s Summit, as well as offering commentary to monthly CSO Magazine articles. Gary is a Senior Member of the Information Systems Security Association (ISSA).
Erwin Lopez is the Deputy Chief Information Security Officer at SLAC National Accelerator Laboratory. He has over 15+ years of IT experience, specifically focusing on Cyber Security. Erwin came to SLAC from Lawrence Livermore National Laboratory where he worked for over 11 years in the Cyber Security program, where he held numerous technical and leadership positions. Erwin is a proficient IT leader with a wealth of technical experience in network intrusion analysis, forensics, malware reversing, cyber incident handling, security assessments, web application and penetration testing, and application software development. Erwin has a Bachelor’s degree from California State University, Chico in Computer Engineering; in addition, he holds numerous Cyber Security certifications.
Jim is the Chief Information Security Officer at SoFi, a modern finance company. He has more than 30 years of IT experience with the past 15 years being focused exclusively on information security, privacy and risk management. Positions Jim has held include CISO at AvidXchange, VP of Information Security at Vantiv, CISO for Mercury Payment Systems, Head of Security Solutions for retail banking at Barclays Bank, Global Head of Information Security for Amazon.com, and Chief Security Executive for Corillian (Internet banking and security solutions).
Jim has current certifications as a Certified Information Systems Security Professional (CISSP), Certified Information Privacy Professional (CIPP/US) and (CIPP/E), Certified Information Security Manager (CISM), and Certified in the Governance of Enterprise IT (CGEIT). He holds an MS in management from Stanford University, an MBA from City University, an MS in engineering from Northwestern University and a BS in system design from Marquette University. He is also a member of the FBI InfraGard program.
Cecilia Milanezi Neves is an IT executive with more than 20 years of experience in the Information Technology industry.
In 2007 Cecilia joined Siemens and since 6 years she has been collaborating in the information security area. Currently she is the Chief Information Security Officer for Latin America
leading the IT security strategy and operations for the more than 25 countries where Siemens has presence in Latin-American.
Given the most recent events she and her team are focused on engaging the Siemens business in protecting their critical information and assets, promoting awareness across all employees and supporting all the innovation projects and the digitalization strategy that the company is leading.
CISO for the university where he plays a significant role in the strategic planning and policy development for IT security programs, leads risk management and analysis assessments, insures compliance with regulatory mandates, develops security plans, provides information security awareness presentations and training, develops customized information security programs, liaises with legal counsel and law enforcement for electronic discovery support, and cyber-criminal investigations.
Zachery has over 35 years of experience working in the field of operations and information systems security with UNCW, New Hanover Regional Medical Center, State of North Carolina University System, and the DOD which included accrediting sensitive compartmentalized Information facilities within the Central Region of Europe. He is a veteran of the US Army where he retired as a Major.
He earned his BBA from Mercer University. He also earned an MSA in Administration from Central Michigan University. Zachery graduated from the US. Army School of IT where he earned a diploma with a concentration in systems automation. He completed a graduate studies professional development program earning a Strategic Management Graduate Certificate at Harvard University.
Mr. Mitcham holds computer security certificates from various institutions of higher education to include Stanford, Villanova, Carnegie-Mellon Universities, and the University of Central Florida. He is certified as a CISO by the EC-Council and a Certified Computer Security Incident Handler from the Software Engineering Institute at Carnegie Mellon University. Zachery received his Information Systems Security Management credentials as an Information Systems Security Officer from the DOD Intelligence Information Systems Accreditations Course in Kaiserslautern, Germany.
Travis Paakki holds a Bachelors of Science in Information Security and MBA from Western Governors University. Professionally, he has worked in various security leadership and consulting roles over the past 15 years. Projects have included the creation of an Information Security department, installation various situational awareness components, instituting policies and procedures to aid organizations in complying with the CIS and NIST frameworks and PCI DSS standards, and security assessments for multiple organizations and projects.
Travis is currently working on his Doctorate of Information Assurance at Colorado Technical University, with a focus on IoT platform communications and WiFi security.
Diana Pan is the Chief Technology Officer for The Museum of Modern Art (MoMA) in New York. Diana is responsible for the overall vision, strategy, and architecture of the many technology solutions that support the Museum’s mission. Prior to joining MoMA, Diana has worked on solutions for companies including Scholastic, Inc, Cengage Learning, among others. Diana holds a BS and MS from Columbia University.
Mitchell Parker, CISSP, is the Executive Director, Information Security and Compliance, at IU Health in Indianapolis, Indiana. Mitch is currently working on redeveloping the Information Security program at IU Health, and regularly works with multiple non-technology stakeholders to improve it. He also speaks regularly at multiple conferences and workshops, including HIMSS, IEEE TechIgnite, and Internet of Medical Things. Mitch has a Bachelor's degree in Computer Science from Bloomsburg University, a MS in Information Technology Leadership from LaSalle University, and his MBA from the Fox School of Business at Temple University.
As GoDaddy’s Chief Information Security Officer, Todd Redfoot leads an award-winning team of security professionals devoted to keeping customers, employees and corporate systems safe – both online and in the real world. In addition to managing a 24/7 global team, he is responsible for protecting GoDaddy’s nearly 17 million customers and their data, from not only ongoing threats such as DDoS attacks on the hosting platform, but from data breaches, privacy concerns and more. Todd handles the security and safety of more than seven thousand employees and multiple data centers world-wide.
Jamie Rees centers his professional life on championing cybersecurity as an industry, a profession, and a provider of value to organizations. As a result his career has been one of firsts, creating new positions and award winning programs along the way. He has spent the past 17 years in senior security roles, cultivating organizational security cultures and developing business enabling security programs in telecommunications, financial services, government, and utility verticals. Throughout his career Jamie has built a strong base of business oriented security. His experience in communicating with executives about the value of cybersecurity as a business capability aids risk management decisions and delivers balance between risk outlooks and business outcomes.
Jamie is also a strong proponent of technical and security related education for youth. He is the Chair of the ICTC's National Cybersecurity Leadership Council for Youth and Education working to help Canadian youth get a head start on entering technical fields of study, including the CyberTitan challenge. He also works closely with individual organizations at K-12, college and university levels to shape cybersecurity curricula and programs.
As a speaker Jamie has shared his experience at several events including world congresses, national and regional security events and vendor expos sharing his vision of security and business as interlaced aspects of a successful organization.
Over 25 years experience in the cyber security domain as a Defense Intelligence Senior Leader (DISL) at the National Security Agency, Certified TEMPEST / signals analysis engineer and U.S. Navy Cryptologic Technician, performing maintenance functions on a variety of crypto equipment and maintaining network operation centers . While at the NSA successfully led cyber security organizations within the DoD and IC, developed strategic plans and led implementation of and operations to streamline Identity, Access Management, security postures and risk management in dynamically changing environments. Led transitions from individual cross domain solutions into enterprise-level capabilities for the DOD and IC. Currently performing a variety of technical research activities as a Senior Cyber Analyst with Johns Hopkins University’s Applied Physics Lab.
Areas of expertise: Identity and Access Management Systems, Credential Management Systems, Risk Management, and Security analysis.
Marcus Sachs is the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation where he is responsible for the oversight of the Electricity Information Sharing and Analysis Center, and for directing security risk assessment and mitigation initiatives to protect critical electricity infrastructure across North America. He retired from the United States Army in 2001 following a distinguished, 20-year military career that included service with the Defense Department’s Joint Task Force for Computer Network Defense in 1998-2001. In 2002 he was appointed by President George W. Bush to serve as the Director for Communications Infrastructure Protection in the National Security Council, and in 2003 he became the first Department of Homeland Security cyber security mission area leader.
From 2003-2010 he volunteered as the director of the SANS Internet Storm Center and in 2007 was selected to be a member of the Commission on Cyber Security for the 44th Presidency. Prior to joining NERC he was Verizon's Vice President for National Security Policy where he was responsible for advising the CEO and senior business leadership team on national security, cyber security, and physical security matters. He has testified before the US Congress, the Federal Communications Commission, and the Federal Energy Regulatory Commission as a security expert. He holds degrees in Civil Engineering, Science and Technology Commercialization, and Computer Science. He is a registered Professional Engineer in the Commonwealth of Virginia and is a Distinguished Member of the US Army Signal Regiment.
Staring in the 1970s, I have always had a intense interest in computers. My first hands on experience with a computer was in 1977 at White Plains, NY public library. There was a Wang mini computer that was coin operated. Though I was not too sure what to do with it, working at the screen just felt right. As other kids were starting to put money into video game machine, I preferred to feed the mini-computer..
In college at California Statue University, Long Beach, I taught my self how to program on an Apple II and then the schools PDP-11/70. My focus was always on developing businesses systems. After college I started working at Software Products International in San Diego in technical support. Eventually moved to Australia to be Technical Director at a software distributor, Software Suppliers.
Came back to the states to get married and helped run the family printing ink business. Developed a manufacturing software package in my spare time. After the business was sold, I worked as the IT Director for a retail store chain. When I needed more time to help raise my son. I started my own business, CIO Systems, Inc.
Since 2000 CIO Systems, Inc. has been working with companies to maintain their IT systems. With the focus on security and data protection. Security systems has always been included as core offering to clients. We are currently leading with promoting the enterprise security products from Microsoft Office 365.
Steve Santorelli (@stevesantorelli) became a police officer in 1994, working in London, UK. He worked his way up through various detective grades and branches until he joined Scotland Yard’s Computer Crime Unit in 2000. During the following 5 years he specialized in malware and botnet cases and reached the rank of Detective Sergeant. Steve received several awards and commendations from various international law enforcement agencies and judges. He was also an associate instructor for the CISSP certification. Steve then left law enforcement to join the Microsoft Internet Crimes Investigation Team, based in Redmond, USA.
He spent the next 2 years investigating botnet cases which were then referred out to law enforcement officers around the world for further work and arrests. During this time he also developed the International Botnet Task Force, a unique group of industry and law enforcement from 35 countries, dedicated to working together to combat botnets and ruin the lives of botherders. He was also the lead investigator on the Zotob case.
Steve left Microsoft in 2007 to join Team Cymru (@teamcymru), a small group of researchers who work to discover who is behind internet crime and why they carry out their activities. Still actively involved in investigations, he is currently a Team Cymru Fellow and the Director of Analysis and Outreach. This role enables him to contribute to using Team Cymru’s unique position and insight to improve lives around the world.
You can read more about him in a magazine article at: https://bitly.com/1PeVyrp
Dan Srebnick provides information security strategies to clients in the NYC metropolitan area and around the country. He writes, speaks, and blogs on information security issues such as the cloud, identity and access management, and the internet of things. He leverages 14 years of experience running information security for the City of New York.
As Associate Commissioner for IT Security with the New York City Department of Information Technology and Telecommunications, he was NYC's Chief Information Security Officer, and responsible for an information security program across 50 City agencies that includes operational security, planning, policy and standards, application accreditation, information security auditing, and identity and access management. Significant accomplishments included the establishment of a Citywide endpoint security cloud service and an enterprise IAM system linking together identities from over 50 agencies and providing public account management and social media login integration for nyc.gov. Dan has been recognized for his innovations by the Center for Digital Government, Information Week, and ISE.
Director of Security Assessments at Dun & Bradstreet with global responsibilities for application security and network security. Co-chair of the South Florida OWASP chapter.
Rohini specializes in application security, building automation pipelines for security testing, Agile, application penetration testing, mobile penetration testing, virtualization security assessments, network penetration testing and security code reviews. Rohini has also conducted Secure Development Training classes for clients worldwide. Rohini has been a technical reviewer for books and publications. Rohini has presented at various security events including AppSec EU, Black Hat and FROC. Rohini has served as the president of the Kansas City OWASP chapter and a member of the High Technology Crime Investigation Association (HTCIA).
Specialties: Automation/Network Penetration Testing, Mobile Penetration Testing, Application Penetration Testing (web and client/server), Application Security Reviews and Secure Development Training, Virtualization Assessments, PCI, Application Architecture Design /Review, Design Patterns, Public Speaking,
Training/coursework development, iPhone application development.
Priscilla Tate founded Technology Managers Forum (TechForum), a professional association for IT managers, in 1994. TechForum has a membership base of over 1500 IT managers in the New York area who work for some of the largest organizations in the world. Each year Ms. Tate produces multiple enterprise IT focused events for end-user IT managers. In addition to creating content for and moderating panels at TechForum events, Ms.Tate is an experienced radio host and co-produced TechForum Live, a series of podcasts in radio show format. Ms.Tate also created a Best Practice Awards program for Excellence in IT management and developed one of the first awards to recognize organizations that excelled in the business management of enterprise security. She served as Judge for the GSMA Mobile Global Awards for enterprise mobility from 2012- 2015 and currently is a judge SC Magazine’s Awards. Prior to TechForum, Ms.Tate worked at Citibank, EF Hutton and Manufacturers Hanover Trust. She was a senior features editor for PC Magazine and an active participant in the computer user group movement. Ms. Tate graduated from Duke University with a BA in History and an MA in Art History. She studied at the Freie Universitat in Berlin with a scholarship administered by the Fulbright commission. She was a Columbia Fellow and did graduate work at Columbia University.
Richard Timbol is a Cyber Security professional with over 25 years of experience. He started his early career as an Enterprise Network Engineer in the pharma, financial, healthcare and retail industries but always had security as part of his network portfolio. He has been focused specifically on security for over 10 years and is known as a passionate evangelist on the subject of meaningful security in both home and the enterprise.
Currently the head of cyber-security at a well-respected global law firm, he has also directed departments in InfoSec Operations, Network Engineering, Messaging and End Point Support.
He has served on the New York State eHealth Information Privacy and Security Collaborative and on several security advisory boards, including currently, as the Chairman of Threat Intelligence Committee for the LS-ISAO.
John is responsible for leading the development of Inspired eLearning’s (A leader in Gartner's Magic Quadrant for Security Awareness CBT) award-winning library of cybersecurity eLearning content, from the solid instructional design to the high-quality multimedia production. He has been a member of Inspired’ eLearning's team since 2009 and has over 17 years of experience in creating and delivering eLearning courses for a broad variety of industries and subjects. He’s passionate about creating quality eLearning content that is both engaging and impactful. In his off time, John loves spending time with his family, hiking, creating art, and writing.