SecureWorld Dallas 2023

Ms. Haywood brings a highly diverse skill set to businesses. For more than 17 years, prior to moving into Security, she specialized in Human Resources, Business Development, Risk Strategy, Contracts Management, and Program Audit. Combined with her eight years in Security Governance, Risk & Compliance, she is considered a multi-talented leader, supporting Fortune 500 companies and government organizations in an array of industries (e.g., Healthcare, Education, Financial, Federal, Technology). Ms. Haywood's knowledge and experience of security frameworks, governance standards (such as NIST 800-53, SOC1/2 Type 2, ISO 27001:2013, HIPPA-HITECH, PCI), and risk methodologies have led to her success in program development, management, and audits for companies. This applied skillset has resulted in a savings of more than $1.1 million in potential contract losses. Additionally, she’s designed and developed a Medical Device Cybersecurity program for one of the largest Healthcare organizations in the Dallas-Ft. Worth region of Texas. Ms. Haywood holds a certificate as a Cyber Security Practit

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Michael R. Smith, MBA, CISSP, CFE, CISA, CIA, PMP, ITIL, is a Healthcare Information Technology Professional with over thirty years of IT experience. Michael is a Sr. I.S. Auditor at Parkland in Dallas, Texas, specializing in performing information security assessments and audits focused around IT governance and regulatory compliance.

Industry Certifications, Licensure, & Training
Certified Information Security Specialist (CISSP)
Certified Internal Auditor (CIA)
Project Management Professional (PMP)
Certified Fraud Examiner (CFE)
Certified Information Systems Auditor (CISA)
Information Library Information Technology (ITIL)

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

Steve is a cyber liability product leader and underwriter with almost 30 years of experience in both the insurance and technology sectors. In his current role Steve helps drive premium growth through leading operations, product development and underwriting at Safety National. Steve previously served as Chief Underwriting Officer at Measured Insurance and Vice President – Product Leader at QBE North America.

Steve is a subject matter expert and national speaker on the topic of cyber liability.

Theresa Le is Chief Claims Officer at Cowbell Cyber, the leading provider of standalone cyber insurance for small and medium-sized enterprises. At Cowbell, she leads the team of cyber claims specialists and risk engineers who work tirelessly to minimize the frequency and severity of cyber incidents. Theresa brings nearly 20 years of cyber claim and insurance coverage experience to her role at Cowbell. Previously, she served as Vice President, Cyber Claims Expert at Swiss Re and prior, Theresa spent over a decade counseling domestic cyber insurers and London market syndicates on cyber coverage and wording, data breach and crisis management, dispute resolution strategies, and business impact of privacy and cyber liability. Theresa’s robust cyber background is also complemented by her experience as Senior Counsel at Clyde & Co, Atheria Law, and Duane Morris.

Cyber Liability National Practice Leader (current). IT Security / IT Auditor at RLI for eight years. Network / security consulting / auditor for financial institutions, government for nine years. Network / firewall administrator in healthcare for seven years. Designations: CPCU, RPLU+, CISSP, CISM, CISA, CRISC, CSXF, MBA.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Lulu is a highly experienced and knowledgeable IT advisory Senior Manager with a strong focus on governance, risk, and compliance. She possess over seven years of experience in the field and has led and executed a range of projects, including SOC 1 and SOC 2 examinations, IT audits, Sarbanes-Oxley compliance, EI3PA assessments, FFIEC, FDICIA, and technology consulting projects. Lulu finds the work most rewarding when helping clients achieve their business objectives while ensuring they comply with regulations and best practices. She is particularly passionate about SOC 1 and SOC 2 engagements, where she leads teams in testing the design of controls and operating effectiveness and creating detailed reports for clients. Her expertise in identifying and implementing business processing, general computer, and application controls spanning in a variety of industries, including government, financial services, technology, loan servicing and origination, oil & gas, and professional and business services.

Eric has more than 15 years of IT advisory and operations experience with significant knowledge of cloud services providers and users. He often works in complex, highly technical environments and consults with global cloud providers, Fortune 100 companies, private equity groups, start-ups, large pension fund managers, and state government entities. Eric’s experience linking technology environments to governance and compliance requirements enables him to advise clients on attaining and maintaining certifications and attestations over Payment Card Industry Data Security Standards (PCI DSS), Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR), ISO 27001, National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), and System and Organization Controls (SOC). He has also performed multiple internal audit and consulting engagements, managing acquisition or implementation of Enterprise Resource Planning (ERP) and large public administration software.

Michael Gregg is the state of North Dakota’s Chief Information Security Officer. The state CISO is responsible for establishing and leading the strategic direction of cyber security for the state and advising the governor and legislators on key cyber issues.

With Michael’s cyber experience span being over a period of two decades, he has been a pioneer of helping people interested in becoming IT professionals as well as seasoned IT professionals achieve by sharing knowledge by means of authoring over 25 IT cyber security books. He enjoys contributing his time and talents where there is a need to help others learn and grow by holding board, committee, and advisory positions for non-profit organizations. He holds a Bachelors degree, Masters degree, and many security certifications.