VP, Executive Advisory (Financial Services) Optiv
Greig Arnold brings more than 20 years of technical and leadership experience in financial industry, professional services, and telecommunications to his current role. As vice president of information security within the office of the CISO, Arnold brings this experience to Optiv clients in financials and the Northeast region to help ensure quality and consistent client experiences. He also works closely with other Optiv sales executives to develop and ensure successful execution of regional and national sales strategies.
With more than six years of experience as a CISO in the financial and professional services industry, Arnold has a strong background in information security, security architecture, strategy, incident response, risk and governance. During his time with professional services, Arnold was the primary client contact for the information security program to provide knowledge and assurance of the firm’s information protection, privacy, and compliance practices. Arnold jointly led the successful integration of information security and risk management processes, including risk assessment, security testing, GRC process and tool implementation, and incident management at companies such as JPMorgan Chase, KPMG, ING Bank, and Infonet.
AVP & Chief Information Security and Risk Officer New York City Health and Hospitals Corporation
Vikrant Arora is a credentialed business leader with more than 15 years of global experience in developing enterprise security and risk management programs, delivering security business value, and communicating risks to the board of directors. Arora has successfully helped government, education and healthcare sectors to become more resilient against future attacks and shift corporate culture accordingly.
In his current role as the AVP and chief information security and risk officer at NYC Health & Hospitals, Arora is particularly focused on security strategy, business risks, regulatory compliance and securing clinical systems and bio-medical devices. In 2013, he led a robust transformation of security and risk function across the largest municipal health care organization in US. Prior to joining NYCHHC, Arora worked with Wipro, NBC, Pfizer and Dimension Data, advocating development of a risk-aware culture and risk-based business model.
Arora holds a master’s in computer engineering from New Jersey Institute of Technology, is CISSP, CISM and SANS GCFA certified and was nominated for the 2011 Northeast security executive of the year.
SVP, Cybersecurity Services Fidelis Cybersecurity
As senior vice president of cybersecurity services, Mike Buratowski is responsible for managing the network defense and forensics business area at Fidelis Cybersecurity, including the digital forensics lab. Prior to joining Fidelis, he was the business area director for the cyber operations solutions business and program manager for the US-CERT contract in the cyber division of General Dynamics’ advanced information systems.
Buratowski served in various operational roles at General Dynamics, including nearly 10 years on the defense computer forensics laboratory contract as an examiner in the major crimes and safety section, a network intrusion examiner in the intrusions and information assurance section, and the section chief of the imaging and extraction section. Before his tenure with General Dynamics, Buratowski was a police officer with the Montgomery County Police Department in Maryland where he served as a detective in the computer crimes unit. He holds a master of science in forensic studies of information systems from Stevenson University, as well as a bachelor of arts in criminal justice from the University of Maryland.
VP, Business Development PhishMe
Allan Carey brings more than 13 years of information security industry experience. Prior to joining PhishMe, he has served in various executive and management roles at leading security technology and services companies and industry research firms, including Tenable Network Security; RSA, The Security Division of EMC; NetWitness, acquired by RSA in 2011; IANS; and IDC. He frequently presents at industry conferences and forums domestically and internationally. Previously, Carey has advised and consulted to Fortune 1000 organizations, providers of security technologies and services, and the financial community on information security and compliance market trends, program development, and vendor intelligence.
Chief Information Security Officer Cloud & SaaS Operational Services IBM
As CISO for IBM, David Cass has global responsibility for all aspects of security practices, processes and policies across the IBM Cloud SaaS business unit. Previously, Cass served as the SVP and CISO for Elsevier where he lead an organization of experienced legal, risk and security professionals that provided data protection, privacy, security and risk management guidance on a global basis.
Cass has extensive experience in IT security, risk assessment, risk management, business continuity and disaster recovery, and developing security policies and procedures. He has played a key role in leading and building corporate risk and governance, and information security organizations in the financial sector. As the senior director of information security risk and governance for Freddie Mac, he rebuilt the risk and governance function and developed a team to provide risk assessments, methodologies, tools, services, and training to improve the organization’s capabilities and maturity. Prior to that he was VP of risk management for JPMorgan Chase, responsible for providing an accurate assessment of the current risk management state, contributing to the future direction of risk management, continuity and disaster recovery capabilities for the organization.
Cass has an MSE from the University of Pennsylvania and an MBA from MIT. He is a frequent speaker at high-profile industry conferences and serves on the board of directors for PixarBio Corporation.
CISO Thomson Reuters
Mark Connelly is the chief information security officer for Thomson Reuters. Connelly joined Thomson Reuters in 2012 to lead a robust transformation of the risk and security function. In his role, he oversees security operations, governance, risk and compliance, application security, policies and controls, infrastructure security, and security awareness and training. He brings more than 30 years of risk and security, IT, and business management experience to Thomson Reuters.
Previously, Connelly was the CISO with ITT. He has worked to build government industry partnerships in the information security area through the Security Innovation Network to increase the awareness of innovative emerging companies. He was named CISO of the Year for the Northeast region in 2011 and an ISE Northeast Executive of the Decade award nominee in 2012. He was recently named one of the Top 10 Breakaway Leaders in 2013, which recognizes world-class information security leaders whose leadership elevates their people, partners and business. He holds an M.S. from the Sever Institute at Washington University, a B.A. from Washington University, an M.A. from University of Missouri, and is a CISM, CGEIT, and CRISC.
VP & CISO Lockheed Martin
Jim Connelly currently serves as the vice president and chief information security officer of Lockheed Martin. In this capacity, Connelly is the executive responsible for the overall information security strategy, policy, security engineering, operations, and cyberthreat detection and response for the Lockheed Martin global computing environment.
Built on more than 25 years of experience, Connelly oversees Lockheed’s intelligence-driven defense operations, including both the LM computer incident response team and a global network of security intelligence centers. These security intelligence centers serve as the company’s focal point for detection, identification and response to all information security incidents across Lockheed Martin’s 113,000-employee enterprise. Finally, Connelly leads an industry-recognized team of cybersecurity professionals that manage the company’s end-to-end security infrastructure, develop world-class capabilities to defend against advanced persistent threats, and enable open collaboration and information sharing with Lockheed Martin’s government and industry partners.
Chief Security Strategist Securonix
Brian Contos is a seasoned executive, security company entrepreneur, author and blogger. At Securonix he is responsible for security strategy worldwide. Contos began his security career with the Defense Information Systems Agency and later Bell Labs. He has built security startups and has taken multiple companies through successful IPOs and acquisitions including Riptech, ArcSight, Imperva, McAfee and Solera Networks.
Contos has worked in more than 50 countries across six continents. He has authored several security books, spoken at leading security events, is a distinguished fellow with the Ponemon Institute and blogger for CSO Magazine. Contos frequently appears in media outlets like CNBC, NPR, Fox, Forbes and USA Today.
Global Director of Information Security & Risk Management Coty Inc.
Brendan Conway is the global director of information security and risk management at Coty Inc., a leader in the fragrance, cosmetics and beauty industry. With 14 years of information security experience, Conway has spent nearly 8 years at Coty, building a leading information security and risk management program, and has supported the transition of the company from private to public. In his role, Conway is responsible for aligning security initiatives with enterprise programs and business objectives to ensure data and technology resources are protected throughout the organization. As the company continues to grow through significant merger and acquisition activity, he remains focused on maturing and growing information security and risk management services as formal business processes.
Conway has been a CISSP holder for more than 9 years and also is registered as a CISM and CRISC professional. He holds a bachelor's of science in computer information systems and a master's of science in information assurance from Norwich University, the oldest private military college in the U.S.
CISO Sikorsky Aircraft Corporation
Stephen Gilmer, head of IT governance and risk and compliance, oversees all aspects of GRC responsibilities at Sikorsky Aircraft Corp. His responsibilities include cybersecurity, GRC, IT security, investigations, threat intelligence, vulnerability management, IDM, security architecture, as well as incident and crisis management. He is an accomplished information technology management professional with more than 20 years of comprehensive experience in a multisite, multihost network environment with involvement in all regions of the globe.
Gilmer received his bachelor’s degree in computer science from Kalamazoo College, is certified for Six Sigma Black Belt, and currently holds a C|CISO certification.
Deputy CISO Forcepoint
Mark Goldstein is deputy CISO for Forcepoint, responsible for assisting with security and privacy challenges faced by all organizations and offering strategic advice on applying technology to meet the challenges. With a career in cybersecurity and privacy spanning more than 20 years, Goldstein has an array of experience in IT, security, sales, marketing, customer support, legal and privacy in commercial enterprises. Goldstein worked at America Online for more than a decade, leading customer-facing cybersecurity programs before becoming a cybersecurity consultant advising financial institutions, commercial customers, government contractors, trade associations and the Department of Homeland Security. Goldstein founded the “Malvertising Working Group.” He is a senior advisor for the Online Trust Alliance, a mentor at MACH37 (cybersecurity incubator), and a member of the Northern Virginia Tech Council’s Cybersecurity & Privacy Committee, Industry Botnet Group, as well as Infragard. Goldstein holds the CIPP and CISSP certifications along with a MBA from American University.
VP & CISO L'Oréal Americas
Zouhair Guelzim is an accomplished information security executive with more than 20 years of experience. He currently serves as VP and CISO for L’Oréal USA, the Americas subsidiary of the L’Oréal Group, the world's largest cosmetics company and the leader in the beauty industry. He is responsible for the overall information security program, which includes the company’s information risk and security strategies, planning, governance, architecture, and operations. He is a member of the IT leadership team and he is instrumental in enabling L’Oréal’s innovation and digital transformation to drive business growth.
Prior to joining L’Oréal in 2005, Zouhair spent seven years at Time Warner Inc., a media and entertainment conglomerate, where he managed multiple global infrastructure and security initiatives, and ensured compliance with corporate, industry and regulatory standards. He was attributed the AOL Outstanding Employee Award for his leadership and technical role in the modernization of the AOLTW global network and integration with the AOL backbone network.
Zouhair is active in the CISO community and industry development. He received a post-master’s certificate in international business, an MBA in management and an M.S. in telecommunications from Iona College and he holds several professional certifications, including C|CISO, CISSP, CISA, CGEIT and CRISC.
VP & Chief Product Strategist Identity Finder
Gabriel Gumbs has worked for nearly two decades in information security management. Gumbs has extensive experience in strategic execution of information security programs with a focus on data loss prevention, intrusion detection and prevention, application security, and vulnerability management. Also well-versed in HIPAA, PCI-DSS, GLBA and FERPA regulatory requirements and policy development, Gumbs is an accomplished public speaker on many of these topics.
President, CrowdStrike Services & CSO CrowdStrike
Former Deputy Director National Security Agency
As the former deputy director and senior civilian leader of the National Security Agency, Chris Inglis acted as the agency's COO, responsible for guiding and directing strategies, operations and policy. Prior to his retirement in 2014, Inglis spent most of his time defending the NSA from revelations by former contractor Edward Snowden while dealing with the fallout and response to what is now the most serious data exfiltration attack ever seen from an insider.
Inglis began his career at the NSA as a computer scientist within the National Computer Security Center. His NSA assignments included service across information assurance, policy, time-sensitive operations and signals intelligence organizations. Promoted to the NSA's Senior Executive Service in 1997, he subsequently served in a variety of senior leadership assignments culminating in his selection as the NSA deputy director. A 1976 graduate of the U.S. Air Force Academy, Inglis holds advanced degrees in engineering and computer science from Columbia University, Johns Hopkins University and The George Washington University. He is also a graduate of the Kellogg Business School executive development program, the U.S. Air Force Air War College, Air Command and Staff College, and Squadron Officers' School.
Chief Strategy Officer Veracode
Sam King is the chief strategy officer at Veracode. In this role, King is responsible for product management, marketing, corporate development and the company’s customer-facing solution architects. King is a recognized speaker at industry events including RSA, Gartner Security Summit and InfoSecurity. She was recognized by Mass High Tech as a Woman to Watch, an award that honors contributions of women in technology and life sciences.
She joined Veracode from VeriSign and Guardent, where she led the development of security-as-a-service offerings and held product management, product marketing, professional services and customer relationship management responsibilities. Prior to VeriSign, King served as program manager for i-cube/Razorfish. King received her master of science and engineering in computer and information science from University of Pennsylvania. She received her B.S. in computer science from University of Strathclyde in Glasgow, Scotland, where she earned the prestigious Charles Babbage Award, awarded to the student with the highest academic achievement in the graduating class. King serves as a mentor for the Boston Product Management Association.
CISO The Rockefeller University
Marty Leidner has been at The Rockefeller University, a worldwide leader in biomedical research, for the last 13 years with the last nine as chief information security officer of the information security practice that he established and maintains.
Leidner spent 13 years working in various divisions in IBM getting promoted rapidly to advisory analyst. He completed the IBM marketing training program and the advanced system research institute. Leidner founded and has managed his own consulting practice for several years. His clients included Merrill Lynch, Bankers Trust, MCI and Mellon Bank. He is also a member and presenter at InfraGard, a joint organization with the FBI and NYSERNet.
Leidner earned a B.S. in computer science from the City University of New York and is a certified information system security professional from the International Information Systems Security Certification Consortium Inc.
CISO Duff & Phelps
Brian Lozada is CISO for Abacus Group. He is responsible for the development and maintenance of Abacus' information security program. Prior to joining Abacus, he was director of information security at Condé Nast, where he was responsible for overseeing the security and risk management for all digital and technology operations. He led the company's integration of information security efforts in the development of next-generation digital products and services. He has held several senior information security management positions at Sony Music Entertainment and Vonage.
Lozada is a CISSP, and he has a B.S. in information security and an M.S. in homeland security from Monmouth University.
Global CISO International Flavors & Fragrances Inc.
John J. Masserini
CSO Miami International Holdings
As chief security officer, John Masserini is responsible for information security, physical security, business continuity and privacy for the MIAX Options Exchange. An 18-year veteran of the security industry, Masserini is responsible for all information security and risk management strategies, including security architecture, regulatory compliance and business continuity. Prior to joining MIAX, Masserini was the CISO for Dow Jones, overseeing security and risk management for all of the Dow Jones and Wall Street Journal brands. He has held key leadership positions at several information security market leaders, such as VeriSign and Guardent, as well as leading integrators such as EDS and SAIC.
Masserini was named ISE Northeast Security Executive of the Year in 2010 and one of the Evanta Top 10 Breakaway Leaders of 2013.
CIO Westchester County
John McCaffrey joined Westchester County, New York in 2011 as deputy CIO. In 2012, he was appointed as CIO by County Executive Rob Astorino. As CIO, he is responsible for all aspects of technology vision throughout county government. These areas include governance, budgeting/cost control, tech development and security among, others. Some of the major projects being tackled in Westchester are security, compliance, consolidation, shared service, 911 public safety agency coordination and public safety radio systems.
From 2005—2012, McCaffrey was CIO for Orange County, New York. He was recognized for revitalization of IT, improved service, and cost reductions through staff training and technology programs. McCaffrey was also responsible for the creation of Orange County’s security policies and business continuity infrastructure and plan. He was on team Orange employee management training committee and Orange County’s business retention committee.
From 1999—2005, McCaffrey was the first director of MIS for the village of Skokie, Illinois, hired to create and manage the new MIS department. Prior to that, McCaffrey served seven years as deputy commissioner of finance in North Hempstead, New York, culminating an 18-year career there in prior positions of system development and technical management.
CEO & Co-Founder Onapsis, Inc.
As CEO and co-rounder, Mariano Nunez manages the strategic direction of Onapsis. A respected authority in the business-critical application security/SAP cybersecurity field, he was the first to publicly present on cybersecurity risks affecting SAP platforms and how to mitigate them. Nunez is frequently invited to lecture at major security conferences such as RSA, Black Hat, SANS, SAP GRC and SAP TechEd, as well as at Fortune 100 companies, security agencies and military organizations. As an industry thought-leader, he was also the developer of the first open-source SAP and ERP penetration testing frameworks. He has been interviewed and featured in mainstream media such as CNN, Reuters, WSJ and The New York Times and was distinguished by MIT in its list of 35 innovators under the age of 35.
Nunez holds a bachelor's of science in computer science and has completed executive training programs at Harvard Business School and Stanford University Graduate School of Business.
Chief Information Security Officer National Football League
Michael Palmer is the VP and CISO for The National Football League. Palmer has more than 20 years of hands-on management in IT with extensive experience helping businesses manage information risk through strengthened security, controls and project management at a cost commensurate with risk. His diverse IT background with specialties in IT governance, risk and compliance, combined with strong business acumen, gives him the ability to lead disparate groups to deliver tangible results while building strategic relationships.
Palmer has also held positions in a variety of industries including financial, insurance, technology and retail. He graduated from Baruch College with a bachelor's of business administration in computer information systems and holds several industry certifications including ITIL, CISSP, CISM, CRISC and C|CISO.
Cyber Security & Risk Leader Bay Dynamics
Joe Quigg brings 20 years of experience in leading and driving software sales and enterprise management. At Bay Dynamics, heis responsible for global sales, revenue growth and sales operations for enterprise markets. Prior to Bay Dynamics, Quigg held executive positions at top enterprises including Symantec, Vontu, PerspecSys and Computer Associates. He holds a BA from the University of Delaware.
CISO Jefferies & Company, Inc.
Ramin Safai is the first CISO at Jefferies. As CISO, Safai is responsible for Jefferies' global cybersecurity and IT risk management programs. Prior to joining Jefferies, Safai was America’s CISO at Barclays and had global responsibilities for rollout of application security and identity management programs. For the past 15 years, Safai has worked as an information security officer at large banks, including Credit Suisse, Lehman Brothers, JP Morgan and Barclays. Safai holds degrees in electronics engineering and computer science and has an MBA from New York University.
IT Director, Enterprise Applications Eastman Kodak Company
Chief Marketing Officer Fortscale
With 30 years of experience, Kurt Stammberger is a respected security pundit with a track record of launching successful startups. He comes to Fortscale from Norse, a threat-intelligence company, where he served as SVP of marketing. Before that, Stammberger worked in the same role at Mocana, where he drove revenues up twentyfold. He also was part of the founding teams at VIMO and Proofspace. In 1990, he joined RSA, where he founded the RSA Data Security Conference. In 1998, he founded Coda Creative, a marketing agency focusing on security startups. He also worked at IBM and Lockheed Missiles & Space. Stammberger is a CISSP and a PMC with a bachelor's from Stanford in mechanical engineering and aeronautics. He also holds a master's in management from the Stanford Graduate School of Business, where he was an Alfred P. Sloan Fellow.
CEO Threat Connect
Adam Vincent is an information security expert and is currently the CEO and a founder at ThreatConnect. He possesses more than a decade of experience in programming, network security, penetration testing, cryptography design and cryptanalysis, identity and access control, and detailed expertise in information security. The culmination of this knowledge has led to the company’s creation of ThreatConnect, the first-of-its-kind threat intelligence platform. He currently serves as an advisor to multiple security-focused organizations and has provided consultation to numerous businesses ranging from startups and governments to Fortune 500 organizations and top financial institutions. Vincent holds an M.S. in computer science with graduate certifications in computer security and information assurance from The George Washington University.
VP, Global CISO Henry Schein, Inc.
As Henry Schein’s first CISO, Mark Viola is responsible for the global cybersecurity program. The mission of his organization is to ensure the confidentiality, integrity, and availability of business critical systems and information assets, and facilitate compliance with applicable laws and regulations. He leverages a holistic and comprehensive risk-based approach to lead strategic, tactical and operational execution.
Viola is a career cybersecurity professional. He began his career with the Department of Defense National Security Agency where he led several classified programs, including a focus on the DoD public key infrastructure program. He subsequently spent a number of years in the pharmaceutical industry establishing, leading, developing and transforming cybersecurity programs. These companies include Johnson & Johnson, Celgene, Shire, and Valeant Pharmaceuticals. Viola also has financial services and insurance experience as the first CISO at Philadelphia Insurance Companies and subsequently at Tokio Marine North America where he established and led the cybersecurity program for PHLY and the TMNA Group Companies.
Viola has a master of science in business from Johns Hopkins University and a bachelor of science in electrical engineering from Lafayette College. He also completed all of the requirements for the computer science program at Lafayette College.
CSO & CISO TIAA Financial Services
Stephen Ward is CISO at TIAA, providing direction and ingenuity over cybersecurity and technology risk. In this role, he manages the identification and remediation of IT risks and the security technologies that safeguard the company’s information assets from attacks. In addition to cybersecurity and risk, he provides a comprehensive governance structure pertaining to security standards, processes and threats across the firm’s various security disciplines.
Ward has more than 16 years of experience in physical security, fraud, cybersecurity,risk and information security. He has held senior roles in both the private sector and federal government. At JPMorgan Chase, he was active in multiple aspects of overseeing cyber intelligence, fraud investigations, information security and risk. As an agent with the federal government, the breadth of his training and experience spanned physical protection, fraud and cybersecurity.
CISO Sumitomo Mitsui Banking Corporation
Kylie Watson is the CISO for Sumitomo Mitsui Banking Corporation’s international banking operations in the Americas, Europe, Middle East, Africa and SMBC Capital Markets globally. Watson is charged with establishing security strategy and direction and is the corporate advocate for information security best practices. She is responsible for defining the company’s security vision in support of the business and promoting a culture of security. Watson’s role also includes system risk management and security operations.
Watson has worked in Australia, the U.K., Japan and the U.S., and has more than 20 years of experience in IT in roles as diverse as global crisis management, program management, application development, corporate user liaison and as a systems engineer. Prior to joining SMBC, Watson worked for IBM in Australia and Monbusho, Japan. She holds CISSP, CISM and CRISC certifications.
VP & CISO Medidata Solutions
Glenn Watt is vice president of information security and privacy and CISO at Medidata Solutions. Prior, Watt was the director of the computer security research center at East Stroudsburg University, CEO at Backbone Security.com, and an officer in the U.S. Air Force.
Over his 21-year military career his positions included assistant professor of computer science at the U.S. Air Force Academy, deputy chief of network security research at the National Security Agency, and commander of the 509th Communications Squadron supporting the B-2 stealth bomber.
Watt holds degrees in mathematics and education from Kutztown University of Pennsylvania, and computer science form Lehigh University. Watt developed 270 hours of security courses accredited by the Pennsylvania System of Higher Education as a B.S. in computer security. His professional certifications include CISSP, ISSMP and CISM.
CISO DDB New York
John Whiting is the global CSO at DDB Worldwide. He leads the global information and physical security organization and is charged with establishing security strategy and direction. He is also the corporate advocate for information security best practices. Whiting has extensive experience in developing and managing information security programs, including subject matter expertise in threat and vulnerability management, incident management and forensics, secure application coding and testing, third-party due diligence, IT risk, and IT compliance.
Whiting regularly presents at technology andr security conferences and is an active member in the InfoSec community.
Chief Technology Officer/Co-Founder Contrast Security
A pioneer in application security, Jeff Williams has more than 20 years of experience in software development and security. He is the co-founder and CTO of Contrast Security, a revolutionary application security product that enhances software with the power to defend itself, check itself for vulnerabilities, and join a security command and control infrastructure. Williams is also a founder and major contributor to OWASP, where he served as the chair of the OWASP board for eight years and created the OWASP Top 10, OWASP Enterprise Security API, OWASP Application Security Verification Standard, XSS Prevention Cheat Sheet and many other widely adopted free and open projects. Williams holds a B.A. from Virginia, an M.A. from George Mason, and a J.D. from Georgetown.