SC Awards Meet the Judges

Alissa “Dr. Jay” Abdullah is Mastercard’s deputy chief security officer. In this role she leads Regional Security and the Emerging Corporate Security Solutions team and is responsible for protecting Mastercard’s information assets as well as driving the future of security. Dr. Jay joined Mastercard in 2019 after serving as the chief information security officer of Xerox where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House where she helped modernize the Executive Office of the President’s IT systems with cloud services and virtualization. She currently hosts Cybercrime Magazine’s Mastering Cyber podcast and is a cybersecurity lecturer at the University of California, Berkeley, School of Information. Dr. Jay is also a member of Smartsheet’s Board of Directors as well as a member of the board for Girls in Tech. Dr. Jay holds a PhD in Information Technology Management from Capella University, a master’s degree in Telecommunications and Computer Networks from The George Washington University and a bachelor’s degree in mathematics from Savannah State University.

Todd Bell is a globally recognized expert in the fields of technology transformation, resilient cybersecurity programs, and providing invaluable insights to startups ranging from new ventures to Global Fortune 500 companies. With a distinguished career as a Chief Information Officer (CIO) and Chief Information Security Officer (CISO), Todd has left an indelible mark on the international stage by safeguarding the sensitive information of millions of consumers worldwide to major technology transformations. His impact is evident in the development of new cyber programs and the enhancement of existing initiatives that have stood the test of time.

In addition to his corporate leadership roles, Todd has served as a Board Director for two Colorado public utilities. His expertise extends globally as a Board Advisor to Forticode in Melbourne, Australia, Board Advisor to Versive, and Board Advisor to Cloud Central in Canberra, Australia, along with participation in the Digital Directors Network. This international experience has positioned him to fulfill roles in company operations, VC fundraising, P&L management, financial auditing, and a building companies.
Todd’s influence in the technology and cybersecurity space is further underscored by his global publications, where he shares his extensive knowledge and contributes to advancing best practices in the industry. He actively collaborates with expert networks, providing advisory services to Wall Street Investors and Private Equity Investors.

Todd holds an MBA degree from Regis University, a bachelor’s degree, and a Masters Project Manager Certification from Regis. His credentials include a PMP certification from the Project Management Institute, a Corporate Governance credential (SOX) from Tulane University, CISSP from Information Security ISC2, ITIL Foundation v4, Microsoft/LinkedIn Artificial Intelligence/Machine Learning Certifications, and an Exercising Leadership credential from Harvard University Online.

Chuck serves as President and Consultant of Brooks Consulting International with over 25 years of experience in cybersecurity, emerging technologies, marketing, business development, and government relations. He helps Fortune 1000 clients, organizations, small businesses, and start-ups achieve their strategic goals and grow their market share.

Chuck also serves as an Adjunct Professor at Georgetown University in the Cyber Risk Management Program, where he teaches graduate courses on risk management, homeland security, and cybersecurity. He designed the course that he teaches called “Disruptive Technology and Organizational Management” .

C. He has also been named “Cybersecurity Person of the Year” by Cyber Express, Cybersecurity Marketer of the Year, and a “Top 5 Tech Person to Follow” by LinkedIn” where he has almost 115,500 followers on his profile. He has 57,000 subscribers to his newsletter “Security and Tech Insights.”

As a thought leader, blogger, and event speaker, he has briefed the G20 on energy cybersecurity, The US Embassy to the Holy See and the Vatican on global cybersecurity cooperation. He has served on two National Academy of Science Advisory groups, including one on digitalizing the USAF, and another on securing BioTech. He has also addressed USTRANSCOM on cybersecurity and serves on an industry/government Working group for DHS CISA focused on security space systems.

Chuck is also a contributor to Forbes, The Washington Post, Dark Reading, Homeland Security Today, Skytop Media, GovCon, Barrons, The Hill, and Federal Times on cybersecurity and emerging technology topics.

Chuck has an MA from the University of Chicago, a BA from DePauw University, and a certificate in International Law from The Hague Academy of International Law.

Mark Eggleston is a senior executive specializing in security and privacy program development and management. His unique background and expertise in information technology, program and people management combined with his diverse experience in managed care and health care provider systems has positioned him as a thought leader and frequent speaker. Mr. Eggleston currently is a Vice President, Chief Information Security Officer and Privacy Officer at a leading Philadelphia HMO where he leads the implementation and maturation of various security technologies and privacy initiatives and manages a business continuity and disaster recovery program and facility management.

Mr. Eggleston started his professional career serving as a Program Manager and Psychotherapist at a hospital serving children and adolescents. Later, Mr. Eggleston helped develop an internal compliance approach, complete with policies and tools, ensuring a geographically dispersed health care provider organization (across 19 states) complied with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Mr. Eggleston then transitioned to apply his HIPAA expertise to a local health plan. He then was promoted into a series of positions to direct a health plan’s security and business continuity programs where he has helped to implement many successful security controls to include, single sign on (SSO), Identity and Access Management (IAM), vulnerability assessment program, and a comprehensive business continuity program.

Mr. Eggleston received his Bachelor of Science degree in Psychology from Radford University. Later, Mr. Eggleston received both his Masters in Social Work and his Post Baccalaureate Certificate in Management Information Systems, from Virginia Commonwealth University. Mr. Eggleston holds CHPS, CHPS and CISSP certifications.

Alain Espinosa thrives in the business-technology continuum, viewing business and technology as interwoven concepts. He excels at strategizing, planning, and coaching people, as he moves easily between the big picture and the details. His unique gift of envisioning things that have not yet happened enables him to extract solutions to issues and challenges. Alain is a relationship builder, skilled communicator, and facilitator who engages both technical and business stakeholders in reaching a common goal.

Currently, Alain is the Global Director of Information Security Operations for Upbound Group (formerly known as Rent-A-Center) a $4 billion public retail and financing company. Among his accomplishments are 1) driving development of the company’s first third-party vendor risk management and data governance programs, thereby decreasing the risk of regulatory fines, 2) reducing the security operations management workload by 30%, and 3) establishing a robust cybersecurity awareness program.

Previously, Alain rose through a number of technical positions, which provided the foundation for his leadership roles in Information Security. These experiences were enhanced during his tenure at Cyber Defense Labs, an information security consultancy and managed security service provider, where he worked directly with clients on developing risk management strategies and providing program management expertise. Subsequently, he was the Director of Security Operations/Cybersecurity Consultant (vCISO) at Online Business Systems, an international digital transformation and cybersecurity consultancy, where he oversaw the Security Operations Center. He also served as Interim CISO for several clients, designing security controls and implementing governance processes.

Alain is an Advisory Board Member of Blackswan Cybersecurity (Consultancy), an Advisory Board Member of the Security Advisor Alliance, and Founding Advisory Board Member of DallasCISO.

Michael Fey is Island’s co-founder and CEO. Fey was President and COO at Symantec. Prior to Symantec, he was President and COO of Blue Coat. Prior to that, Mike was EVP & GM for enterprise products at McAfee and CTO of Intel Security playing a pivotal role in Intel’s acquisition of McAfee for $7.7 billion in 2010.
Fey holds a degree in Engineering Physics and Mathematics from Embry-Riddle Aeronautical University and was co-author of Security Battleground: An Executive Field Manual, providing a playbook for security obligated executives coping with the new realities of cyber security responsibilities to the board.

Steven Fox directs the GRC strategy for Educational Testing Services, the world’s largest private educational testing and assessment organization. He brings a cross-disciplinary, international perspective to the practice of information security; combining his experience as a Deputy CISO, security consultant, an IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges.

Mitchell Greenfield is currently AVP, Identity and Access Management at Humana. Mitch leads a team of around 200 identity specialists focused on managing identity risk for large complex health care organization. Previously Mitch was the Information Security Officer for CenterWell Home Health in Humana’s Enterprise Information Protection (EIP) department. Mitch lead the security program for CenterWell Home Health as well as the teams responsible for the security merger and acquisition process and the subsidiary security programs. Previously, Mitch conducted ethical hacking and penetration testing for Humana, including business partners and acquisitions. Mitch previously held his Certified Information Security Auditor (CISA) and has previous held certifications including Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA), Licensed Penetration Tester (LPT), and Certified Information Security Auditor (CISA). Mitch is also involved with the executive advisory boards for key security companies including SkyHigh Security, F5, Yubico and Forescout. Mitch is past President for the Kentuckiana chapter of ISACA and holds an M.S. in Information Systems and a B.S. in Informatics from Indiana University – Bloomington.

Todd is a Senior Manager in EY’s Cybersecurity Consulting, specializing in Threat & Vulnerability Management, Purple Teaming, and technology controls. He is based in New York and has 19 years of cybersecurity technical product and program management experience delivering cyber solutions and developing thought leadership across multiple verticals, with focus on threat detection, threat exposure management, response/remediation, and protection.

Dheeraj Gurugubelli is a seasoned information security executive and Senior Director at EY-Parthenon’s Cybersecurity and Data Privacy practice. As a trusted board and C-suite advisor, he guides private equity firms and corporations on cybersecurity strategy, risk management, and security program transformation. Dheeraj specializes in risk management, security operations, and incident response.

Dheeraj has led cyber due diligence in over 250 global M&A deals, representing more than $180 billion in combined equity value. He has transformed cybersecurity programs for very large private equity funds and their portfolio companies. He helps address unique cybersecurity challenges faced by PE’s across the investment lifecycle, from acquisitions to exits.

As a thought leader, Dheeraj has guest lectured at Harvard on cybersecurity in M&A valuations. He has served as a security scholar at Purdue University, published security research, and been cited by media and organizations like NATO. He also mentors upcoming cybersecurity professionals at Cyversity.

Dheeraj is passionate about enabling and empowering disruptive businesses to achieve their vision and growth potential, while protecting their business, assets and customers from cyber threats.

Mr. Harris has 32+ years of Network and Security experience and is pursuing his Doctorate in Information Assurance. Mr. Harris is a Certified Information Systems Security Professional and has spent 12 years in academia teaching Computer Security at the University of North Carolina. Mr. Harris is a founding member of the Retail Cyber Information Sharing Center. He currently serves on the Cyber Security Scholarship Review Board for ISC2 and is an active member of FBI InfraGard. He is the past President of the ISC2 Chapter in Greensboro, NC, and is a former member of the National Security Council for the US Chamber of Commerce. Mr. Harris is a security evangelist, author, and international speaker and has spoken academically and professionally for more than 29+ years.

Dr. John D. Johnson is CEO/Founder of Aligned Security, providing vCISO advisory services and working with tech startups. John started his career as a physicist and security manager at Los Alamos National Laboratory, and has served in executive security roles for John Deere, Campbell Soup Co., Deloitte and with startups. John founded Docent Institute, a nonprofit focused on technology and cybersecurity education, outreach and inclusion. John is an educator, volunteer and serves on several industry boards. John’s focus areas are cybersecurity and advancing technologies, including Artificial Intelligence, IoT, OT, blockchain, and quantum computing.

Ashutosh Kapse is a credentialed and experienced senior executive advising businesses in the areas of Cybersecurity, governance, compliance and technology risk management. Currently, he heads Falcon Labs which provides consulting and advisory services to organisations across Asia Pacific and Australia. He also founded L3 – Life and Leadership Learning, which provides leadership and life skills training to Graduate students and new managers across Australia and India.

Over the past 30 years, Ashutosh has held several CISO and Risk Executive leadership roles in large Australian businesses and Government entities. He has been involved in IT risk and information security since 1992. He is known for his integrity, leadership, subject matter expertise, and ability to achieve results. He has extensive experience in representing Risk, GRC, security & audit matters at Board level and providing cyber security advisory to business leaders. Ashutosh has a passion for leading people and challenging them to grow and develop into high performing, cohesive teams. He has led several advisory teams, in industrial verticals such as financial services, health, federal & state government departments, Manufacturing. He is an ISACA accredited trainer for CISM, CISA and CRISC certifications and has been conducting official ISACA training courses since 2010.

Ashutosh volunteers as a board member and chairman of the Risk & Compliance committee at SCCV, the largest not for profit aged care provider in the state of Victoria. He has been a board member of ISACA Melbourne chapter, including being its Vice President for 12 years from 2010 to 2022. Since 2018, he has been a member of the judging panel for SC Magazine global security and trust awards and was member of ISACA international awards working group from 2017 to 2020

A people-centric leader, fascinated with real estate technology and the powerful role it plays throughout various industries, business organizations, and everyday lives.

24 years of MLS real estate data management experience, award-winning software architect, customer service activist, data science practitioner, an accomplished musician (in his own mind), baseball enthusiast, and father of two (the most challenging task of all!).

Current CIO at Metro MLS (Milwaukee, WI) – senior executive carrying the company vision on technology, business strategy, and governance goals.

Brian Lee is an accomplished cybersecurity executive with over 13 years of experience driving security strategy and operations for complex organizations. Currently Director of Cyber Security at Oil States International, Brian established robust data protection protocols and led cross-functional initiatives to instill security best practices across the company. His expertise spans security management, compliance, threat mitigation, and risk management. Previously, as a VCISO with Unisys, Brian oversaw all aspects of security for large enterprise clients. He is passionate about partnering with business leaders to enable security for the business. Brian holds an MS in Computer Information Systems Security, NACD Directorship Certification, and numerous industry certifications including CISSP, CEH, and CCNA.

Cedric Leighton is a founding partner of CYFORIX, a cyber risk and security solutions consultancy and the Chairman of Cedric Leighton Associates, LLC a global strategic risk consultancy. He is also a retired US Air Force Colonel and a CNN Military Analyst, providing on-air commentary on military and international security issues to CNN’s US and international audiences. His analysis of the ongoing wars in Ukraine and Gaza has been an integral part of CNN’s coverage since the start of those conflicts..

Colonel Leighton has also been quoted in the New York Times, Wall Street Journal, Los Angeles Times, the Boston Globe, France’s Le Figaro, Correio Braziliense, Portugal’s Expresso and Spain’s La Razon as well as C4ISR Magazine and ADS Advance. Previously Colonel Leighton wrote for several publications, including The Hill and Leadership Excellence Magazine.

Prior to founding his strategic risk consultancy, Colonel Leighton served for 26 years as an Intelligence Officer in the US Air Force. During this period, he deployed five times to the Middle East, served at US Special Operations Command, directed specialized intelligence efforts during combat operations, witnessed the fall of the Berlin Wall, was a Squadron Commander and served twice at the Pentagon, first on the Air Staff and later on the Joint Staff. His last military assignment was as the Deputy Training Director for the National Security Agency, where he championed training initiatives for the nation’s cyber warriors.

His awards and decorations include the Defense Superior Service Medal, the Bronze Star, the Defense Meritorious Service Medal, seven Meritorious Service Medals and the Humanitarian Service Medal. He was a Distinguished Graduate of the US Air Force Reserve Officer Training Corps and received the Joint Specialty Officer designation.

Colonel Leighton graduated magna cum laude from Cornell University and holds a Master’s Degree in International Studies from Angelo State University.

Gary D. Long, CISA, CISSP is an information security professional with over 25 years of combined US and global experience working in the public and private sector in information security consulting, sales, and management. Gary has served in such positions as Information Security Officer at Cerner Corporation in Kansas City, and Principal at several information security consulting firms, as well as an enterprise sales team member for many major vendors including Check Point and Cisco. Gary is also an adjunct professor in the Cyber Security program at Northeastern State University. Gary has provided Security thought leadership by speaking at forums, such as RSA Conference, mNext Forum, Executive Alliance Security Leader’s Summit, and he is a contributing author for the ISSA Journal. Gary is a Senior Member of the Information Systems Security Association (ISSA), and a Platinum Member of the Information Systems Audit and Control Association (ISACA).

Greg is the Co-Founder and CEO of the application security company Ghost Security. He formerly founded cybersecurity companies Anomali and JASK (acquired). Greg is a cybersecurity expert with over 15 years of industry experience, including serving as a technical adviser to the FBI, the United States Secret Service, and NASA. Greg is also an active investor and advisor for first-time startup founders, primarily in the Austin, TX area.

Sean McElroy has built engaging financial services companies and products throughout his 23 year software engineering and cybersecurity career. At Lumin Digital, Sean is the Chief Risk Officer, responsible for cybersecurity, risk management, and privacy programs to scale the next generation of cloud-based digital banking securely across global data centers. In 2009 he co-founded Alkami Technology (NASDAQ: ALKT), where he served in roles ranging from CTO to CISO to build innovative solutions. Prior to Alkami, at Computer Services, Inc. he led all software development teams to create patented, first-to-market SaaS solutions for online banking document delivery, remote deposit capture, check item processing, and expedited payments. Sean earned a Master of Science in Information Security Engineering from the SANS Technology Institute, and holds a BBA in Management and in Management Information Systems from the University of Oklahoma. He currently holds the CISSP, CISM, GSEC, GCIH, GCIA, GDSA, GCUX, GDAT, GCCC, and GCPM certifications. In his spare time, he mentors upcoming cybersecurity and GRC professionals in Dallas, Texas.

Sakthi is a seasoned Product and Cybersecurity Leader with 18+ years of combined experience in Security Product management, Product Incident Response, Cloud Security, Data Privacy, Risk Management, Audit and Compliance. He currently leads the Product Security Incident Response at Pure Storage. Prior to Pure Storage, Sakthi has held various security leadership roles at VMware, Juniper, IBM and Deloitte. He has helped fortune 100 companies improve their overall cybersecurity posture and create product differentiation and competitive advantage through security.

Sakthi currently serves as President at the San Jose Institute of Internal Auditors. He also served as Board of Director at ISACA Silicon Valley chapter from 2018-2022. He has written various security articles and publications including speaking engagements on various security topics. He holds security and privacy certifications including CISSP, CISM, CISA, CIA and CDPSE.

Marcus (Marc) Sachs is the Deputy Director for Research at Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security. He also serves as the Chief Security Officer of Pattern Computer. He is a retired US Army Officer and was a White House appointee in the George W. Bush administration. His private sector experience includes serving as the Deputy Director of SRI International’s Computer Science laboratory, as the Vice President for National Security Policy at Verizon Communications, and as the Senior Vice President and Chief Security Officer of the North American Electric Reliability Corporation (NERC) where he directed the Electricity Information Sharing and Analysis Center (E-ISAC). He was also the Director of the SANS Internet Storm Center and has co-authored several books on information security. He holds degrees in civil engineering, computer science and technology commercialization, and is an avid collector of mechanical cipher equipment.

John Taylor has over 25 years’ experience in technology and until recently, was the Group CIO of MedHealth, a multi-brand national health services provider. Previously, John was an IT executive with AGL (one of Australia’s largest energy companies) where he performed a variety of roles including the CIO for AGL’s Retail business, CTO, established its IT shared services capabilities and was AGL’s first Chief Information Security Officer (CISO).

John has wide-ranging experience across various sectors with extensive international experience in a variety of global roles for top 5 FTSE and top 20 ASX organisations, including IBM, Reuters, British American Tobacco and Insurance Australia Group. Throughout his career, John has delivered various major transformational programs, lead complex operational and development teams and provided consulting services up to Board level regarding various strategic IT topics. John’s unique perspective is that he has held multiple CIO, CTO and CISO roles.

John holds a Bachelor of Commerce degree in Management Information Systems, a Master of Business Administration and is a Graduate of the Australian Institute of Company Directors. In 2023, John was listed at number 25 in the Australian CIO50 Awards. Additionally, John has been a member of several global advisory Boards throughout his career, is currently a judge for the Australian Women in Security Awards and is a CISOLens Alumni.

Solomon is an information security, GRC and privacy practitioner with about 15 years experience delivering enterprise information security programs across multiple industries including finance, legal, cloud, industrial automation and consulting. He is fully immersed in the world of risk management and how information security and compliance can be deployed to deliver a competitive advantage in high-velocity, quick-to-market product organizations. In his words, information security must deliver clear business value and not be a weight that impedes the maximization of market potential. It must show how it is firmly anchored to and supports the goals of the leadership team”. Solomon supports the GRC practice at Rockwell.

Vandana is a Security Leader at Snyk. Vandana is a seasoned speaker and trainer. She presented at various public events ranging from Global OWASP AppSec events to BlackHat events, to regional events such as BSides events in India. She is on the OWASP Global Board of Directors. She also works in various communities towards diversity initiatives such as InfosecGirls, and InfosecKids. She is a recipient of multiple awards and is listed as one of India’s top women leaders in technology and cybersecurity.

As Chief Information Security Officer, Jon Washburn leads the firm’s information governance and security program in alignment with established international standards and cyber security and risk management frameworks. Jon acts as the firm’s compliance officer, working directly with the Chief Operating Officer and Firm Counsel to ensure policies, controls, operational processes and training programs reduce IT risk and meet client and regulatory requirements.

A resource for the firm’s Privacy & Data Security practice, Jon draws on his more than 20 years of IT, information security and information governance experience to assist the team with performing risk assessments, responding to incidents, identifying information governance policy and process improvements, and evaluating information systems architecture and security controls to determine how well they might reduce the likelihood and impact of a data breach.

Since 1997, Jon has held a number of IT infrastructure, security and information management leadership roles, successfully deploying robust technology, business continuity and data governance solutions. Outside the office, Jon spends considerable time volunteering with the International Legal Technology Association (ILTA) and the Legal Services Information Sharing and Analysis Organization (LS-ISAO), where he collaborates with other leaders to transform the cybersecurity capabilities and culture of the legal industry.

As a transformative, servant leader, Corey is a proven entrepreneur focused on innovating and creating new paradigms in the security industry and life. His leadership style is focused on an employee first approach because of the positive impact of happy employees to their customer relationships. Corey has chosen to take a people centric approach to life and to let all outcomes be driven by that philosophy.

Twenty-nine years of experience in the security industry has seasoned him to create the next exponential evolution. As Founder and Chief Experience Officer, Corey has created Cyvatar.ai to enable
vendor partners to deliver reliable, repeatable, and measurable business outcomes to clients through an outstanding customer experience. This also allows the partner to engineer out complexity, improve renewal/upsell/cross-sell opportunities, and increase their customer satisfaction and referrals.

Susan Whittemore is a leader and business founder with a career that spans over twenty years in technology risk and cybersecurity. Throughout her career, Susan has worked with large and small companies to establish and improve cybersecurity functions, develop risk management programs, and engage with business and technology teams to ensure strong disciplines and compliance readiness. She is well versed in privacy, industry standards and regulatory requirements such as ISO27001, NIST, HIPAA, HiTrust, GDPR, CCPA and PCI.

Susan has held leadership positions in technology risk and governance, security operations, vulnerability management, application security, business line Information Security Offices, vendor risk management, customer protection, business resiliency and consulted for enterprises and small businesses. In her spare time, she enjoys gardening and music.