Each year, a select pool of experts from the information security community sets hours (and hours) aside to review hundreds of entries received for the SC Trust and Excellence Awards that recognized products, services and leadership across the industry. And each year, that number seems to grow – this year hitting 800, a 20% increase from last year.
Simply put: the SC Awards program would not exist without the expertise and service of our panel of judges.
The process is arduous. Judges are assigned categories to review, scoring individual entries on a scale of 0-100. Those scores are tabulated and averaged to identify the top rankings (which we are pleased to announce today). When we crunch the numbers to identify winners, judges are tapped again to decide any ties that emerge. The process requires hours of time, and the judges do this without payment, in their free time (who has that these days?) as a service to the community. Many have returned year after year.
Below is our esteemed panel of SC Awards judges for 2022, contributing from healthcare, engineering, finance, education, manufacturing, nonprofit and consulting, among others.
Assessing vendor products, services, executives
For years, the SC Awards have honored vendor products, services and leadership by asking the security practitioners themselves to assess the features and functionality detailed in every entry. The goal is to determine how these offerings match up with the needs and wants of the community that they are intended to serve.
Alissa Abdullah is Mastercard's deputy chief security officer, leading the Emerging Corporate Security Solutions team and responsible for protecting Mastercard’s information assets as well as driving the future of security. She is also the host of the Mastering Cyber podcast. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House.
Roota Almeida is the chief information security officer at Delta Dental of New Jersey and Connecticut, and has been instrumental in helping to establish Delta Dental of New Jersey’s Office of Information Security. Almeida led the development and implementation of enterprise-wide information security strategy, policies, risk assessments and controls. Prior to joining Delta Dental, Almeida was the CISO at Covanta Holding Corporation, a leader in energy-from-waste management services.
Dan Basile is the chief information security officer for the RELLIS campus at the Texas A&M University System and director of Statewide Cybersecurity Services. These organizations create opportunities for advanced research and education, as well as provide cybersecurity services for public sector organizations across the state of Texas.
Todd Bell serves as the chief information security officer & executive director at Valleywise Health in Phoenix, Arizona. As a strategic business and technology leader, Bell drives and champions the company’s enterprise vision, strategy and programs to protect patients, critical data and clinical systems both within the organization in conjunction with Arizona Health Education Alliance. Bell has more than 20 years’ experience in IT and security strategy and execution. Most recently, Bell served as chief security and trust officer for Verdigris Holdings, a mobile banking platform to open financial markets to the underserved of banking.
Chuck Brooks is president of Brooks Consulting International and an ambassador for the Cybersecurity Collaborative. In government, Brooks served under President George W. Bush as the first legislative director of the Science and Technology Directorate at the Department of Homeland Security, and as a top adviser to the late Senator Arlen Specter on Capitol Hill covering security and technology issues. In industry, Brooks has served in executive roles for General Dynamics, Xerox and SRA.
John Bruggeman is a consulting chief information security officer for leading technology solutions provider CBTS. He previously servied as chief technology officer at Hebrew Union College - Jewish Institute of Religion, where he directed the strategic use of information technology for the College-Institute and was responsible for both IT and E-Learning departments for the four campus network of 350+ computers distributed across two countries and 10 time zones.
Miki Calero is founder of Urbis Global LLC. As a chief security officer, he established an enterprise security risk management program. His career spans the private and public sectors, including startup companies, Fortune 500 enterprises, and federal, state and local government. His responsibilities have included protection of information systems, physical assets and critical infrastructure in strategic, tactical and operational capacities.
Stephen Davis is chief information security officer and chief privacy officer at Macmillan. He has spent the last 20+ years implementing information security, technology and privacy programs, overseeing technology groups, integrating security into software products and consumer goods, building corporate compliance programs, and providing oversight to data protection initiatives. Davis supported program management at a range of organizations, including TD Bank and Kaplan.
László Dellei is the founding owner of Kerubiel in Hungary and the U.S., providing solutions to protect clients’ pool of information. He is also a registered and active security expert for the European Commission. Dellei led and delivered many successful projects in security over the past 20 years, focusing primarily on the government and financial sectors.
Paul Dumbleton is security operations and identity team manager at Gordon Food Service (GFS), the largest private food services company in North America. Dumbleton is an experienced IT and security professional, having served in most major roles over the past 25 years. Dumbleton's focus on visibility, threat hunting and defense has contributed to a robust and effective security program at GFS.
Ajit Gaddam is head of cybersecurity products at Visa, where he is responsible for building large-scale, AI-driven cybersecurity products, leading engineering programs and providing expert guidance on cybersecurity matters. He is an active participant in various open source and standards bodies, is a prolific inventor of disruptive technologies (over 100 global patents) and moonlights as an instructor.
Terry Gold is the founder of D6 Research, a research and advisory firm specializing in cybersecurity across the physical and digital domains. He specifically focuses on practices and outcomes analysis. He dedicated years to developing extensive threat, controls, deployment and financial models built on real-world organizational operations that are in use across some of the largest corporations. He’s a board member of Security B Conferences of California and former board member of ISSA of Orange County.
Todd Grober is a manager in Ernst & Young's cybersecurity consulting practice, specializing in threat exposure management and technology controls. He has 15 years of cybersecurity technical product and program management experience delivering cyber solutions and developing thought leadership across multiple verticals, with a focus on threat detection, threat exposure management, response/remediation and protection.
Dheeraj Gurugubelli is a director in EY’s Strategy & Transactions Group. He is a cybersecurity and M&A professional, focusing predominantly within financial services, life sciences, health care and retail industries. He advises both private equity and corporates on cybersecurity strategy, risk and transformation across the capital agenda. He has led cybersecurity diligence and/or security program transformation efforts in over 50 M&A deals across multiple industries globally.
Renee Guttmann has more than 25 years of experience managing technology risk for multinational corporations. She was one of the first women in the cybersecurity industry and an early adopter of many technologies that are core to information security programs. She was the CISO at Coca-Cola, Royal Caribbean, and Campbell Soup Company. She established Time Warner’s information security program and was AOL Time Warner's first Chief Privacy Officer. Renee is recognized as an industry leader, pioneer and transformation agent.
Travis Hartman, a solution designer with CACI, has decades of experience dealing with cyber security, telecommunications, and research. He has worked for companies ranging from startups to multi-billion dollar organizations. In his current role, Hartman is focused on answering complex management, technical, and operational challenges for government clients. He's also an Army Reserve cyber officer, commanding a 1600 person brigade, and is founder and lead of Career Hacking Village at Defcon.
Cedric Leighton is founder and president of Cedric Leighton Associates, a strategic risk and leadership management consultancy. Leighton honed his analytical and leadership skills during a 26-year career as an intelligence officer in the U.S. Air Force. He retired as a colonel in 2010. Since founding Cedric Leighton Associates, he has become an internationally known strategic risk expert. Leighton is also a founding partner of CYFORIX, specializing in the field of cyber risk.
Erin Jacobs started @UrbaneSec in 2009 to conquer information security and compliance with boutique attention to detail, delivery and talent that organizations desperately need in today's technical landscape. Jacobs has established several industry best practices and fostered collaboration between the C-suite, practitioners that oversee day-to-day security challenges and the security research community at large to help them learn from each other and, ultimately, improve the industry.
John Johnson is cybersecurity leader for a large consumer manufacturing company. He was previously senior manager at Deloitte, focused on IoT and industrial cybersecurity. Prior to that, he was chief technology officer at a technology startup, security architect at John Deere for 18 years, and developed and taught graduate cybersecurity for 16 years.
Chris Lambrou is chief information officer at Metro MLS in Milwaukee. He has more than 20 years in MLS management, software architect, customer service and executive IT project leadership, and is an accomplished musician (in his own mind), baseball enthusiast and father of two (the most challenging task of all). Lambrou is workgroup chair for the Real Estate Standards Organization and executive committee member of the Institute of Electrical and Electronics Engineers.
Daniel Lieber is the president of Innovative Ideas Unlimited, with 25 years of experience in advanced computing security. He has actively worked with global organizations, banks, governments, security companies and law enforcement. His expertise is in social engineering, technology, security algorithms and business. In addition to running the successful consultancy, he has been a CIO and vCIO at various organizations. His passions include transforming health care and building strong communities.
Gary Long is an information security professional with over 25 years of experience working in the public and private sector in information security consulting, sales and management. Long served in such positions as information security officer at Cerner Corporation, principal at several information security consulting firms and as an enterprise sales team member for major vendors including Check Point and Cisco. Long is also an adjunct professor in cybersecurity at Northeastern State University.
Glenda Lopez is a cybersecurity professional who leads the Policy Management and Security Awareness, Education and Communication Program at The Henry M. Jackson Foundation for the Advancement of Military Medicine (HJF). In this role, she ensures the security and privacy of HJF’s information assets by creating, communicating, maintaining and assessing the effectiveness of the foundation’s security controls. Lopez previously worked in policy and security roles at Aetna and Bank of America.
Sean McElroy has been securing financial services solutions in the cloud for over 20 years. As a co-founder of Alkami Technology, he helped protect millions of consumers across online banking platforms. Currently, as the CISO of Lumin Digital, he is responsible for cybersecurity, risk management, and compliance programs to scale the next generation of cloud-based digital banking. Sean has a BBA in Management and MIS from the University of Oklahoma and holds various security certifications.
Kelley Misata survived years of cyberstalking, reaching out to nonprofits for help and finding little. She earned a Ph.D. in information security from Purdue University, focusing her dissertation on cyber preparedness of nonprofits working with victims of violence. She founded Sightline Security to change how nonprofits address cybersecurity. She serves as executive director of the Open Information Security Foundation, a nonprofit dedicated to building open source security technologies.
Michelle Moore is the director of the Graduate Cyber Security Operations & Leadership program and professor of practice with the University of San Diego. She has over two decades of experience as a cybersecurity professional and over 10 years of experience as a professional educator. Moore’s research topics are dedicated to the ongoing progression of cyber law, cybercrime, national and international cyber policy, and disaster recovery efforts.
Tammy Moskites is the CEO and Founder of CyAlliance. She is a strategic adviser and “alliance” builder for companies, vendors and startups by leading and scaling security offerings while providing executive advisory services and professional services for companies worldwide. She is a career chief information security officer, and has held security and technology leadership roles at Accenture, Venafi, Time Warner Cable and The Home Depot. She is a venture advisor to YL Ventures.
Patrick J. O'Guinn, Sr. is a professor and program director of digital forensics and cyber investigation at University of Maryland Global Campus. He has spent 17 of his 28 years in higher education developing, teaching and directing Maryland digital forensics cyber Investigation programs. At Howard Community College, O’Guinn developed courses in criminal justice and computer forensics, and created and directed the digital forensics program.
Travis Paakki has worked in information technology for 25 years for Fortune 100 energy and manufacturing companies as well as businesses as small as early-stage startups. Pakki’s focus areas have been in infrastructure, information security and IT leadership. He earned a doctorate in computer science, completing his dissertation after three years of research on the challenges of information security in K-12 education. He currently serves as deputy CIO at the Oregon Health Authority.
Mitchell Parker has served as chief information security officer at Indiana University Health for 11 years. He is responsible for providing policy and governance oversight and research, third-party vendor guidance, proactive vulnerability research and threat modeling services, payment card and financial systems security, and security research to IU Health and IU School of Medicine.
Sandi Roddy is a senior cyber advisor at the Johns Hopkins Applied Physics Laboratory, advising strategic system resiliency modeling and testing. She served as chief scientist for the Cyber Warfare Operations Group, and, prior to Johns Hopkins, deputy director of the National Security Agency's Laboratory for Telecommunication Sciences. Roddy worked across NSA and DoD, focusing on public key infrastructure, identity and access management, sensor analysis and fusion, and SOAR technologies.
Marcus (Marc) Sachs is deputy director for research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security, and serves as the chief security officer of Pattern Computer. A retired U.S. Army officer, Sachs served as deputy director of SRI International’s Computer Science laboratory, vice president of national security policy at Verizon Communications, and SVP and CSO of the North American Electric Reliability Corporation. He was also director of the SANS Internet Storm Center.
Randolph (Randy) Sanovic is owner of RNS Consulting, having previously served as industrial engineer for the Youngstown Steel Company, manager of computer security planning for Mobil Corporation and director of information systems security for United Healthcare. In 1997, Sanovic became general director, information security for General Motors, responsible for GM’s information security strategy, programs, plans and global information security posture.
Sunil Sekhri is the head of security services at At-Bay, a leading cyber insurance provider. In this role, Sekhri advises the business on cyber risk and implementing proactive measures to manage risk across its portfolio of insureds. Sekhri's background draws from various disciplines including digital forensics, incident response, cyber crime, information security, and risk management. His experience includes both industry and big four consulting roles.
Richard Timbol is a cybersecurity and compliance professional with over 26 years of global IT experience. Currently the head of cybersecurity at Davis Polk, he has also directed departments in InfoSec operations, network engineering, messaging and end point support. He has served on the New York State eHealth Information Privacy and Security Collaborative and on several security advisory boards, including, currently, as the vice chairman of the Threat Intelligence Committee for the LS-ISAO.
Krishna Vedula is chief operating officer at 365 Retail Markets. He previously served as vice president of technology at ACI Worldwide, delivering software that powers electronic transactions for financial institutions, processors and retailers around the world. He also spent a decade at CenturyLink, leading software development teams in the delivery of fully integrated enterprise IT solutions.
Vandana Verma brings extensive experience across a range of security disciplines, from application security to infrastructure and now DevSecOps. She is part of the OWASP Global board of directors and works in various communities to advance diversity initiatives, including InfoSecGirls, WoSec and Null. Verma has worked with security teams at IBM, Accenture and Time Inc. of India.
VJ Viswanathan is a veteran global technology executive, currently serving as a founding partner at Cyforix, a global cybersecurity research, advisory and strategy firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized due diligence, advisory and technology services firm delivering value through analytics and automation. Viswanathan is also the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social and defense.
Lauren Zink is an information security professional who has developed, expanded and maintained security awareness programs for numerous companies, including Opportun, AmTrust and Diebold Nixdorf. Zink is also a LinkedIn Learning cyber author of two security courses and a huge advocate for women in STEM, volunteering her time mentoring women as well as talking at schools, businesses and conferences.
Among the new 2022 categories are those that assess the financing aspect of cybersecurity innovation: Deal of the Year, recognizing the most notable IPO or merger or acquisition of the year; Growth Stage Investor of the Year, recognizing the firm that helps cybersecurity startups scale when it's time to go big; and Early Stage Investor of the Year, recognizing firms that help startups transition from idea to product to lucrative business. To judge these new entrants, we turned to those that would understand what is needed from an investor – the entrepreneurs themselves.
Chad Boeckmann has over 20 years of experience in data security, cyber risk and regulatory compliance, In 2015, he founded TrustMAPP, pioneering the term “cybersecurity performance management”: a software platform that gives users a continuous view of their cybersecurity maturity. He is a founding member of the IEEE working group to help define standards for next generation connectivity systems in IoT, 5G, wireless and connected systems, and he is founder of the Business of Security, a podcast that focuses on many non-technical aspects of cyberrisk, cyber security and information security at the intersection of technology and managing to business expectations.
Michael Fey is co-founder and CEO of Island.io, which developed The world's first enterprise browser. He is the former president and chief operating officer of Symantec and COO of Blue Coat Systems, and
GM and CTO of McAfee. Corporate Products, and Chief Technology Officer for Intel Security. In this role, he drives the organization's long-term strategic vision and core innovation efforts. Prior to his current position, Fey was Senior Vice President of Advanced Technologies and Field Engineering at McAfee. Fey is an author of Security Battleground: An Executive Field Manual, which gives guidance to executives with no formal background in security and technology.
Richard Marshall offers 20 plus years of broad executive leadership experience as a former member of the Senior Executive Service in the federal government having served in the Department of Defense, National Security Agency (legal architect of nation’s first cyber warfare exercise), the White House (Comprehensive National Cyber Security Initiative), the Department of Commerce (Critical Infrastructure Assurance Office), and the Department of Homeland Security (Director of Global Cyber Security Management). He currently serves as founder and chairman of the board of CinturionGroup, a global provider of international fiber optic cable communications systems and services.
Greg Martin is the co-founder and CEO of FactionCyber. Prior to its acquisition by SumoLogic, Greg was the CEO/Founder of JASK, a Silicon Valley startup specializing in artificial intelligence development for security applications, which was backed by Battery Ventures. He is a former cybersecurity advisor to the FBI, Secret Service and NASA. He was the also previously led the professional services practice for ArcSight, an HP company, and founded ThreatStream, a predictive threat intelligence firm funded by Google Ventures. Greg currently serves as an investor, advisor or board member of more than a dozen early stage companies.
Corey White is founder and CEO of cybersecurity-as-a-service provider Cyvatar.ai. He is a proven security industry veteran backed by more than 25 years of success managing security practices and consulting teams, and delivering on strategic projects as well as tactical assessments, penetration tests, and incident response engagements. White's work encompasses virtually every industry sector, including defense, technology, government, critical infrastructure, automotive, finance, healthcare, and manufacturing. He previously served as the senior vice president of worldwide consulting and CEO at Cylance, managing a team of 150+ globally, culminating in the acquisition of Cylance by Blackberry for $1.5 billion.