Speaker
Bios
We are honored to have the following keynotes, conference speakers, workshop instructors and CISO panelists contribute their expertise to the 2015 NY Metro Joint Cyber Security Conference:
Keynotes
Top
| |
Tim Rains
Chief Security Advisor, Worldwide Cybersecurity & Data Protection, Microsoft
Tim Rains has over 20 years of experience in the technology industry across several disciplines including engineering, consulting, and marketing communications roles. He currently serves as Chief Security Advisor on the Worldwide Cybersecurity & Data Protection group at Microsoft. Previously Tim managed security and cloud trust marketing and corporate communications in the Trustworthy Computing division at Microsoft. His expertise ranges across security incident response (engineering and communications), threat intelligence\malware protection, security strategy, operations and development, marketing, PR/AR and corporate communications.
Tim served in several roles at Microsoft in the past including Senior Program Manager on the Windows Networking team in Microsoft's Core Operating Systems Division, and the Technical Lead on both Microsoft's customer facing Security Incident Response team and Enterprise Networking team.
Tim has been a frequent speaker at industry conferences around the world including RSA conferences in the US and Europe, Cloud Security Alliance Congress, NIST Cybersecurity Innovation Forum, ISACA's World Congress Insights, Security Education Conference Toronto, TechEd, Evanta CIO Executive Summit, and many others. Tim is a frequently interviewed and quoted Microsoft spokesperson and security industry expert, and has done international and national broadcast television and radio interviews on the BBC and other media outlets around the world. Tim is a frequent contributor on Microsoft's Official Security Blog.
Tim has attended executive management programs at both Stanford and Kellogg business schools. Tim earned an MBA at Seattle University and a BA at the University of Alberta. Tim also holds several technical certifications including CISSP, MCSE, and a two-year Computer Systems Technology diploma from the Northern Alberta Institute of Technology.
|
Top
| |
Ron Ross
Fellow, National Institute of Standards and Technology
Ron Ross is a Fellow at the National Institute of Standards and Technology (NIST). His areas of specialization include information security, risk management, security architecture/engineering, and systems resiliency. Dr. Ross leads the Federal Information Security Management Act Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical information infrastructure. He is the principal architect of the NIST Risk Management Framework and multi-tiered approach that provides a disciplined and structured methodology for integrating the suite of security standards and guidelines into a comprehensive enterprise-wide information security program. Dr. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, the Intelligence Community, and the Committee on National Security Systems that developed the Unified Information Security Framework for the federal government.
In addition to his responsibilities at NIST, Dr. Ross also supports the U.S. State Department in its international outreach program for cybersecurity and critical infrastructure protection. He previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency and has been a guest lecturer at many universities and colleges across the country. A graduate of the United States Military Academy at West Point, Dr. Ross served in a variety of leadership and technical positions during his twenty-year career in the United States Army. During his military career, Dr. Ross served as a White House aide and as a senior advisor to the Department of the Army. He is a graduate of the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the Naval Postgraduate School specializing in artificial intelligence and robotics.
|
Conference Speakers
Top
| |
Ken Belva
Consultant, Silverback Ventures LLC
Ken is an information security professional with 15+ years of experience in areas of governance, policies, application, database and network security architecture in complex, international financial organizations. Experience includes top-down and bottom-up perspectives of risk analysis and information security from business and technical perspectives in domestic and global environments. Demonstrated strengths include excellent writing skills, public speaking, inter-personal skills, managerial skills and analytical ability.
|
Top
| |
Andrea Bonime-Blanc
CEO/Founder, GEC Risk Advisory LLC
Dr. Andrea Bonime-Blanc is CEO and Founder of GEC Risk Advisory, a global firm that provides strategic and tactical governance, risk, integrity, reputation and crisis advice to boards, executives, investors and advisors (http://www.gecrisk.com). She is author of The Reputation Risk Handbook: Surviving and Thriving in the Age of Hyper-Transparency (http://bit.ly/1284TMR) and the upcoming Conference Board Research Report, Emerging Practices in Cyber-Risk Governance (December 2015)
She served for two decades as a global corporate executive, including as general counsel, chief risk, ethics, compliance, audit, InfoSec and corporate responsibility officer, at several international companies (Bertelsmann, PSEG, Verint) in energy, technology, media and professional services. She is a life member of the Council on Foreign Relations, an Ethisphere 100 Most Influential People in Business Ethics 2014, a 2014 100 Top Thought Leader in Trustworthy Business.
She is chairman emeritus of the Ethics & Compliance Initiative and currently serves on several boards including Madrid-based Corporate Excellence - Centre for Reputation Leadership and UK-based Ethical Corporation Magazine.
Dr. Bonime-Blanc is an Adjunct Professor at New York University and a frequent global keynote speaker. She is an extensively published author of books and articles (http://bit.ly/1ctFvSh) and has been interviewed by or written for the Wall Street Journal, The Economist, the BBC, The New York Times, Foreign Affairs, El Pais, El Cronista, Expansion and Jornal do Commercio. She holds a joint JD in law and PhD in political science from Columbia University, was born and raised in Germany and Spain, and is based in New York City.
|
Top
| |
Anthony Concolino
Managing Director, QED National
Tony leads the Solutions Consulting practices for QED National, a certified woman-owned business enterprise providing IT Consulting, Solutions and Staffing serving the public and corporate sectors. With over 30 years of experience, much of which was in the financial services sector, and more recently the public sector, Tony managed Data Center operations functions including Information/Cyber Security and Business Continuity as part of multi-year, multi-billion dollar transformation initiatives. Earlier in his career, Tony delivered world-class brokerage and trading technology products serving large global Wall Street firms. Tony has also advised several startup companies building Cloud, Virtualization, Big Data, DevOps, Cyber Security and Digital Marketing technologies. Tony's most recent speaking engagements: Waters Technology NA Financial Information Services -Cyber Security and Cloud Technologies; New York State Forum - Large Scale Program Management.
|
Top
| |
Cindy Cullen
Security Strategist, HP
Cindy Cullen, President of (ISC)2 NJ Chapter, and HP Security Strategist responsible for driving strategic initiatives and providing thought leadership and insight regarding the ever changing global threat landscape. Ms. Cullen has over 20 years of experience leading cybersecurity and information risk programs. Cindy is an ICIT fellow providing cyber security insights to congress, was CTO at SAFE BioPharma, CISO at Telcordia/Bellcore, VP of IS at Citi, and designed an S-SDLC process for Bristol Myers Squibb. Cindy is an in demand speaker with experience at national & international venues.
She received the Digi Award for industry leadership for the pioneering use of inter-operable digital identities by National Cancer Institute, BMS and Sanofi, reducing the cost and time required to get critical medicines to market more quickly. Cindy's leadership and innovation were recognized by the White House initiative on National Strategy for Trusted Identities in Cyber Space (NSTIC) winning her Computer World's Computer Laureate Award 2012
|
Top
| |
Sam Curry
Chief Technology and Security Officer, Arbor Networks
Sam Curry brings 20 years of experience, where his focus has largely been on the intersection of deep technology and solving customers' problems, to his role as Arbor's Chief Technology and Security Officer. In this role, Sam leads the development and implementation of Arbor's product strategy and innovation roadmap.
Previously, Sam Curry was with MicroStrategy where he held the roles of Senior Vice President of Information Security and Chief Information Security Officer. Prior to that, Sam held a number of significant roles at RSA, including Chief Technology Officer for Identity and Data Protection; he also held the role of Chief Security Officer. Sam has held a number of senior roles at McAfee and Computer Associates, among other companies. He has been a frequent speaker and widely quoted subject matter expert in technical and industry forums during the course of his career.
|
Top
| |
Todd Feinman
CEO/Founder, Identity Finder LLC
Todd Feinman is the CEO and founder of Identity Finder. He has transformed the company into a leader in sensitive data management by helping businesses manage enterprise data and prevent data leakage. He has over fifteen years of experience in the security industry and is an internationally published author and media personality. Todd wrote Microsoft's own reference book on securing Windows and McGraw Hill's university textbook on managing the risks of electronic commerce. Recently he has appeared on many television and radio shows including the Today Show, Martha Stewart, and Good Morning America. He has written dozens of articles and presented at numerous global conferences on the topics of sensitive data management, data leakage, security, and privacy. Todd spent ten years at PricewaterhouseCoopers, where he started as an ethical hacker breaking through the IT security of Fortune 100 companies and later took the role of Director to grow their vulnerability management consulting practice. Todd also worked as a product manager for Microsoft in their enterprise server group and was the CIO of an energy retailer in NYC. Todd has a Master in Business Administration from Harvard Business School and a Bachelor of Science from Lehigh University.
|
Top
| |
Jay Ferron
Principal, Interactive Security Training
As a speaker Jay has presented at many events including, user groups, computer trade shows, DOD and federal conferences, ISPCON, TechEd, and WPC. Jay is on the global board member of GITCA. Past President of ISACA-CT, Past president APCUG and is a Microsoft MVP Enterprise Security. Jay has been a MVP in Windows, HPC, and Azure.
|
Top
| |
Ken Garmson
IT & Communications Practice, Arup Inc.
Ken leads the IT & Communications practice in the Americas for Arup including rail systems engineering. He is a Fellow of the Intuition of Engineering and Technology and holds a bachelor's in engineering from Royal Military College of Science, Shrivenham in Wilts, UK.
With more than 35 years of experience, starting his career at the Ministries of Defense and Transport where he became experienced in systems engineering with specialization in Cryptographic techniques. Ken has furthered his expertise in the design and implementation of Intelligent Transport Systems (ITS) and railway telecommunication systems in Asia, Australia, Europe and Americas. Specializing in the design of integrated control, monitoring and information systems. Typically this includes the migration of railway communication systems to IP based infrastructure including the mitigation of the associated security issues. With his worldwide experience he was invited to chair and speak at the SmartRail conference in NC following on directly after the US Secretary of Transport on the Future of Railways in US.
|
Top
| |
Stuart M. Gerson
Partner, Epstein Becker & Green, P.C.
A senior litigator and former government official and Presidential advisor, Stuart Gerson's connection with cybersecurity dates to service as a counterintelligence officer following the 1968 capture of the USS Pueblo. In 1989, DOJ and then Assistant Attorney General Gerson began developing policies directed at protecting government and commercial data and detecting and prosecuting data thieves. This intensified following the first attack on the World Trade Center in 1993, when Gerson was Acting Attorney General. Lately, Gerson has been active in digital data security, compliance and breach litigation. Gerson advises providers, investors, Business Associates and others concerning HIPAA compliance issues including the establishment of best practices as described in the President's Executive Order and. the NIST "Framework for Improving Critical Infrastructure Cybersecurity." Gerson serves as lead defense counsel in cases of data breaches. Recently, two health plans represented by Gerson were able to achieve the unusual result of getting a court to deny class certification in a mass-breach case. He also has represented hospitals and others in remedial challenges presented by breaches. He is a frequent speaker and media interviewee.
|
Top
| |
Eric Green
SVP of Business Development, Mobile Active Defense
Eric is both SVP of Business Development and board member at Mobile Active Defense. In that role he's been consulting as a subject matter expert (SME) with primarily the FORTUNE 500 and Federal Agencies on the subject of mobile security and management. This includes serving as an SME for both the NSA's National Information Assurance Partnership (NIAP) in developing the requirements for the mobile device management protection profile used to create a Common Criteria for mobile device management as well as for CompTIA in the creation of a mobile security management certification. Outside of that role, he has been involved in the security industry for over a decade. Past experience also includes running a technology book division publishing 12 books with a wide variety of industry luminaries, primarily in security. For the last 7 years, Eric has and continues to also serve as program director for SC Magazines SC Congress events.
|
Top
| |
Russell Kiernan
Solutions Consulting Practice, QED National
Russell oversees the delivery of Management Consulting and Information Security Services at QED National. With over 20 years of IT experience, Russell understands the business needs of QED National's client base and transposes them into capabilities. Prior to working at QED National, Russell worked in the Financial Services industry where he was responsible for various aspects of Information Technology including, Information Security, Risk & Control Management, Enterprise Architecture, Technology Standards Management, Program/Project Management and Application Development. Russ is a frequent speaker at industry conferences and events, most recently as a keynote speaker for the New York State Forum on Secure SDLC.
|
Top
| |
Jonathan Klein
Chief Information Security Officer, Broadridge Financial Solutions
Jonathan Klein is the Chief Information Security Officer at Broadridge Financial Services, Inc (NYSE:BR). Mr. Klein has worked in the information technology field for more than three decades specializing in Unix-based Operating System architecture, network engineering, application development and Information Security. He has responsibility for the oversight and implementation of the company's security strategy and works closely with the Executive Committee. He has held IT positions across several global banks and corporations, including Merrill Lynch, Morgan Stanley, AT&T and IBM.
Mr. Klein has co-authored security benchmarks for the Center for Internet Security, has presented at conferences such as the Black Hat Briefings, SOURCE Boston and trade association events. He is a graduate of the Rochester Institute of Technology, holds CISM and CISA certifications and serves on the security advisory boards for Cisco, IBM, Bromium and the Visitors Board of the NJIT College of Science and Liberal Arts.
|
Top
| |
Juanita Koilpillai
Founder/CEO, Waverley Labs
Juanita Koilpillai is Founder & CEO of Waverley Labs a cyber risk engineering company. She has spent 30 years developing systems in computer security, network management and distributed software. She is currently pioneering the field of digital risk management and is the technical advisor to the Digital Risk Management Institute. As part of that effort, she is leading the open source software-defined perimeter (SDP) effort for 'black' apps in the cloud with the Cloud Security Alliance. The SDP is a prescriptive five layer security model that stops all network-based cyber attacks.
She is an active contributor to NIST and led the creation of a security risk index system for moving apps to the cloud (NIST 500-299). She was a key member of FEMA's Enterprise Security Management Team and has served as Principle Investigator for several Department of Defense initiatives. She co-founded CyberWolf - one of the most advanced automated attack sensing and warning systems that was deployed by government and later acquired by Symantec.
|
Top
| |
Itzik Kotler
Co-Founder/CTO, SafeBreach
Itzik Kotler is CTO and Co-Founder of SafeBreach. Itzik has more than a decade of experience researching and working in the computer security space. He is a recognized industry speaker, having spoken at DEFCON, Black Hat USA, Hack In The Box, RSA Europe, CCC and H2HC. Prior to founding SafeBreach, Itzik served as CTO at Security-Art, an information security consulting firm, and before that he was SOC Team Leader at Radware (NASDQ: RDWR).
|
Top
| |
Idan Levin
Co-Founder/CTO, Hexadite
Idan Levin is the co-founder and CTO of Hexadite, he brings over 10 years of experience in both offensive and defensive sides of the cyber security domain.
Prior to Hexadite, Idan spent four years at Elbit Systems Ltd. as a cyber-security R&D team leader responsible for the product life cycle of the company's intelligence systems.
Prior to his work in the private sector, Idan served in an elite intelligence unit of the Israel Defense Forces (IDF), where he led the development of several cyber security products and managed various development teams.
|
Top
| |
Brian Maccaba
CEO, Waratek
Brian Maccaba brings more than twenty-five years' experience to the role. A serial entrepreneur, Brian has founded five technology companies during this period. He is renowned for his ability to spot disruptive technologies and was one of the first CEOs to recognize the potential of the Internet for revolutionizing the financial services industry. He led his former company, Cognotec, to develop AutoDeal, a pioneering Web-based foreign exchange trading platform that was adopted by more than sixty banks worldwide. London Institutional Investor magazine named Brian Maccaba among the top thirty individuals in Europe and Asia who were harnessing the Internet to transform the financial services industry. Brian holds Bachelors and Masters degrees in business and economics from University College Dublin and the London School of Economics. This year Brian has presented at the Gartner Security and Risk Management conference and has been selected to present at the FS-ISAC Fall Summit.
|
Top
| |
Jack Mannino
CEO, nVisium
Jack is the CEO at nVisium and loves solving problems in the field of application security. With experience building, breaking, and securing software, he founded nVisium in 2009 to invent new and more efficient ways of protecting software. He is an active mobile application security researcher and focuses on creating techniques for making application security scale effectively.
|
Top
| |
Pergrin Pervez
Sales & Business Development Director, US & Canada, Vigitrust
Pergrin Pervez is the United States & Canada Sales & Business Development Director for Vigitrust, a global firm providing security assessments based on the 5 Pillars of Security Framework™ and specializing in cloud based eLearning programs and security compliance solutions. Pergrin has an extensive background in data preservation, and electronic discovery and information governance. He has been invited to speak before several professional organizations as well as government agencies. Pergrin currently serves on the Board of the New York Chapter of ARMA International.
|
Top
| |
Danelle Au
VP of Strategy & Marketing, SafeBreach
Danelle Au is VP of Strategy and Marketing at SafeBreach. Safebreach delivers an innovative security platform that executes breach methodologies and finds possible breaches before a hacker attacks.Danelle has more than 15 years of experience bringing new and innovative security technologies to market, and is a frequent speaker at conferences. She is a frequent contributor on security for SecurityWeek and RSA. Prior to SafeBreach, Danelle was VP of Strategy and Marketing at Adallom, a cloud security company that was acquired by Microsoft. She was also responsible for security solutions at Palo Alto Networks, driving growth in critical IT initiatives like virtualization, network segmentation and mobility. Danelle was co-founder of a high-speed networking chipset startup, co-author of an IP Communications Book, "Cisco IP Communications Express: Operation, Implementation and Design Guide for the Small and Branch Office" and holds 2 U.S. Patents.
|
Workshop Instructors
Top
| |
Vladislav Gostomelsky
Senior Security Consultant, Secret Squirrel Consulting
|
Top
| |
Guy Hermann
Chief Architect, GSAtrain
As Chief Architect at GSAtrain, Guy is an enterprise architect, developer and technical trainer with 30 years of experience consulting, designing, implementing, managing and securing software solutions and network infrastructures. His focus is on providing cost-effective solutions to problems and then applying the right processes to implement them. He has worked with some of the largest ISP's in the world, helping design their infrastructure and evaluating their security. He is uniquely positioned to help you take advantage of the Cloud-computing phenomenon, having been playing in that space for at least 10 years. His irreverent and refreshing style will wake you up to the potential of innovative application of technologies, and help you solve your toughest challenges.
|
Top
| |
Chris Roberts
Founder, One World Labs
Regarded as one of the world's foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients.
With increasingly sophisticated attacks on targets of opportunity, Roberts' unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
As a security advocate and passionate industry voice, Roberts has been featured in several documentaries and is regularly quoted in national newspapers, television news and industry publications.
|
Top
| |
Timothy Singletary - CISSP,CRISC, CISM, CEH, CEI, CTT+, Security+, A+, Net+, Linux+, LPI
Technical Director, Cyber Security Services, Harris Inc.
Tim has over 20 years' experience in analysis, design, and management of information system security, Tim has a full understanding of the technical issues, as well as how security works, in organizations. His experiences with Harris Inc., Exelis Inc., ITT Inc., US Army Regional Computer Emergency Response Team (RCERT-Europe) and the US Air Force Research Laboratory in Rome, New York, and several large Fortune 500 companies facilitated the development of the Active Defense Enterprise Network courseware.
Tim also holds several certifications including Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), Certified ethical Instructor (CEI), Comptia Security+, Certified Technical Trainer, and Microsoft Certified Professional.
Tim has provided security services and lead penetration testing/vulnerability testing teams for various commercial and government customers throughout his career, including NASA, DHS and the FAA. Tim has provided training and security seminars for several well-known organizations including Intel Inc., Stanford University, Notre Dame, Johns Hopkins, Internet Security Systems, as well as many corporations worldwide. He also instructs the Certified Information Systems Security Course (ISC2™), and the Certified Ethical Hacking Course (EC Council™). Tim was a contributing author for "Evolution of Cyber Technologies and Operations to 2035" (October 2015). Tim was featured instructor in NIKI Trendy magazine as the hottest certification track in 2006. Tim was on the design team as an independent security consultant that developed the Comptia Security+ Certification
|
CISO Panelists
Top
| |
Dr. Boaz Gelbord
Chief Information Security Officer, Bloomberg LP
Dr. Gelbord is responsible for leading Bloomberg's enterprise-wide Information Security Program as the company's first Chief Information Security Officer. Responsible for protecting the data of an enterprise consisting of over 16,000 people with offices in 73 countries. Oversee the Product Security Team, Security Operations Center, Vulnerability Management Team, and Cyber Threat Intelligence Team. Overall executive responsibility for the information security of one of the world's largest private networks.
|
Top
| |
Shane Harris
Senior Correspondent, The Daily Beast
Shane is a journalist and book author covering intelligence, national security, and cyber security. Currently a senior correspondent at The Daily Beast.
Shane is a fellow at a non-partisan think tank and part of New America's Future of War program, which explores new policy frontiers in the way that America fights, and issues that will shape the future of armed conflict, including cyber warfare, drones, and new technology.
He has written two books: The Watchers: The Rise of America's Surveillance State and @War: The Rise of the Military-Internet Complex.
|
Top
| |
George Rettas
Managing Director - Global Information Security Department - Information Protection Directorate, Citi
George Rettas joined Citigroup in December of 2014 where he currently serves as the Managing Director and Chief of Staff of the Global Information Security Department. In this capacity, Mr. Rettas also serves as the Chief Administrative Officer and Global Head of Strategy, Planning, and Governance for GIS. Before joining Citigroup, Mr. Rettas worked at JP Morgan Chase Bank for nine years where he was a Managing Director with the firm's Cyber Security Team. In this capacity, Mr. Rettas oversaw the Cyber Intelligence, Cyber Investigations, Incident Response, Vulnerability Management, and Hunting teams for the firm. While with JPMC, Mr. Rettas built a Cyber Intelligence program that was responsible for detecting some of the most prolific breaches in recent history, including the Target breach and the JPMorgan Chase breach.
|
Top
| |
Stephen Scharf
Managing Director & Chief Security Officer, DTCC
Mr. Scharf joined DTCC from Experian where he served as Global Chief Information Security Officer, accountable for the overall strategy, leadership and governance of Experian's global information security, physical security and business continuity programs. Prior to his role with Experian, Mr. Scharf served as the Global Chief Security Officer for Bloomberg LP, and has previously held a number of positions in information security and technology firms.
|
Top
| |
Deb Snyder
Deputy Chief Information Security Officer (CISO), NYS Office of Information Technology Services
Accomplished senior professional with a broad range of experience in government programs and information technology services. Solid business, leadership and strategic partnership strengths. Demonstrated track record of quality in public service, and meeting business needs through people-process-technology-oriented process improvement and innovative technology solutions.Extensive experience in program & policy development, project execution, governance, risk management and compliance, incident management, e-discovery, secure systems, digital forensics, procurement, contract management and leading organizational change.
Certified Information Security, Risk and Information Systems Control, and Project Management Professional.
Co-authored "SECURE - Insights From The People Who Keep Information Safe" - insights and perspective on what's top-of-mind for executives in the information security field.
|
[ Home ]
|