SecureWorld Dallas 2023

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Patrick was previosuly the Global Head of Cyber Governance, Risk, and Compliance / Business Information Security Officer for CBRE. He was formerly the Deputy CISO for Cheetah Digital. He has been an Executive Business Partner at Experian; a Customer Delivery Executive and Service Delivery Leader at Dell; and owned a technology consulting company. He is a highly effective Business Leader with a mastery of Technology and Security. He is also a Writer, Speaker, and a continuous Mentor/Advisor and Learner. He has demonstrated repeated success guiding business strategy to achieve maximum positive business impacts with minimum resource expenditures. Talented at building and launching global technology and security programs, grooming high-performing teams across all domains, plus guiding the digital transformation, enhancing the digital customer experience, driving and enhancing revenue using technology and reducing risk to the business. A skilled executive leader, presenter, negotiator, and businessperson, able to forge solid relationships with strategic partners and build consensus across multiple organizational levels.

He is certified as C/CISO, CISM, CISSP, CRISC, PMP, ITIL Expert, and Lean Six Sigma Black Belt. He is a pilot and flight instructor. He studies and teaches Aikido, rides motorcycles, and his favorite teaching is “From Chaos Comes Greatness,” a loose translation from the “I Ching."

Ms. Haywood brings a highly diverse skill set to businesses. For more than 17 years, prior to moving into Security, she specialized in Human Resources, Business Development, Risk Strategy, Contracts Management, and Program Audit. Combined with her eight years in Security Governance, Risk & Compliance, she is considered a multi-talented leader, supporting Fortune 500 companies and government organizations in an array of industries (e.g., Healthcare, Education, Financial, Federal, Technology). Ms. Haywood's knowledge and experience of security frameworks, governance standards (such as NIST 800-53, SOC1/2 Type 2, ISO 27001:2013, HIPPA-HITECH, PCI), and risk methodologies have led to her success in program development, management, and audits for companies. This applied skillset has resulted in a savings of more than $1.1 million in potential contract losses. Additionally, she’s designed and developed a Medical Device Cybersecurity program for one of the largest Healthcare organizations in the Dallas-Ft. Worth region of Texas. Ms. Haywood holds a certificate as a Cyber Security Practitioner.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Teresa Merklin is a Principal Information Assurance Engineer for Cybersecurity Engineering at Lockheed Martin Aeronautics, where she is responsible for technology identification and evaluation for aeronautics platforms. Teresa holds a BS in Electrical Engineering from Oklahoma State University, a Masters of Software Engineering from Texas Christian University, an MBA in Information Assurance from the University of Dallas. She is a CISSP and CSSLP.

Nader Zaveri has over 15 years of experience in IT security, infrastructure, and risk management. Nader has led hundreds of incident response investigations related to on-prem or cloud-based environments. He has helped investigate and understand the storyline of the attack for the most allusive threat actors such as nation-states. He also leads the remediation efforts with his knowledge and experience by providing strategic short, medium, and long-term remediation recommendations to directors and C-level executives. He also leads the efforts in providing tactical recommendations to specialists, to improve the security posture of an organization. Nader also has experience with leading transformational projects over infrastructure and processes with technical and organizational change components in response to rapidly evolving business needs and regulatory requirements. Nader Zaveri conducted interviews and presentations for dozens of organizations and conferences regarding cloud and on-prem Incident Response and Remediation topics. He regularly provides security updates and briefings to C-Suite personnel during and after an incident, as well as assists with post-remediation and hardening efforts for the organization. Prior to joining Mandiant, Nader Zaveri spent several years in leadership positions at major cyber security consulting firms. Before joining consulting, Nader worked as a lead practitioner for multi-national organizations. When Nader is not working, he is helping and mentoring young professionals with their entry into the workforce and Cyber Security. Nader juggles about 5-10 mentees at a time to help them navigate their studies and career paths.

Rick Bosworth is an engineer turned product manager and marketer, bringing an uncommon technical perspective to enterprise GTM strategy and execution for almost two decades. At SentinelOne, his focus in cybersecurity—in particular cloud workloads, IoT, and user endpoint security—has provided expertise to the rapidly-evolving challenges across multiple fronts.

Michael R. Smith, MBA, CISSP, CFE, CISA, CIA, PMP, ITIL, is a Healthcare Information Technology Professional with over thirty years of IT experience. Michael is a Sr. I.S. Auditor at Parkland in Dallas, Texas, specializing in performing information security assessments and audits focused around IT governance and regulatory compliance.

Industry Certifications, Licensure, & Training
Certified Information Security Specialist (CISSP)
Certified Internal Auditor (CIA)
Project Management Professional (PMP)
Certified Fraud Examiner (CFE)
Certified Information Systems Auditor (CISA)
Information Library Information Technology (ITIL)

Cynthia Gonzalez is a Sr. Product Marketing Manager at Exabeam. An advocate for customers, she’s focused on their use of technology to enable and simplify work. She is at her best when bridging the gap between sophisticated software products and the benefits customers can expect.

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Steve is a cyber liability product leader and underwriter with almost 30 years of experience in both the insurance and technology sectors. In his current role Steve helps drive premium growth through leading operations, product development and underwriting at Safety National. Steve previously served as Chief Underwriting Officer at Measured Insurance and Vice President – Product Leader at QBE North America.

Steve is a subject matter expert and national speaker on the topic of cyber liability.

Theresa Le is Chief Claims Officer at Cowbell Cyber, the leading provider of standalone cyber insurance for small and medium-sized enterprises. At Cowbell, she leads the team of cyber claims specialists and risk engineers who work tirelessly to minimize the frequency and severity of cyber incidents. Theresa brings nearly 20 years of cyber claim and insurance coverage experience to her role at Cowbell. Previously, she served as Vice President, Cyber Claims Expert at Swiss Re and prior, Theresa spent over a decade counseling domestic cyber insurers and London market syndicates on cyber coverage and wording, data breach and crisis management, dispute resolution strategies, and business impact of privacy and cyber liability. Theresa’s robust cyber background is also complemented by her experience as Senior Counsel at Clyde & Co, Atheria Law, and Duane Morris.

Cyber Liability National Practice Leader (current). IT Security / IT Auditor at RLI for eight years. Network / security consulting / auditor for financial institutions, government for nine years. Network / firewall administrator in healthcare for seven years. Designations: CPCU, RPLU+, CISSP, CISM, CISA, CRISC, CSXF, MBA.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

Eric has more than 15 years of IT advisory and operations experience with significant knowledge of cloud services providers and users. He often works in complex, highly technical environments and consults with global cloud providers, Fortune 100 companies, private equity groups, start-ups, large pension fund managers, and state government entities. Eric’s experience linking technology environments to governance and compliance requirements enables him to advise clients on attaining and maintaining certifications and attestations over Payment Card Industry Data Security Standards (PCI DSS), Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR), ISO 27001, National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF), and System and Organization Controls (SOC). He has also performed multiple internal audit and consulting engagements, managing acquisition or implementation of Enterprise Resource Planning (ERP) and large public administration software.

Michael Gregg is the state of North Dakota’s Chief Information Security Officer. The state CISO is responsible for establishing and leading the strategic direction of cyber security for the state and advising the governor and legislators on key cyber issues.

With Michael’s cyber experience span being over a period of two decades, he has been a pioneer of helping people interested in becoming IT professionals as well as seasoned IT professionals achieve by sharing knowledge by means of authoring over 25 IT cyber security books. He enjoys contributing his time and talents where there is a need to help others learn and grow by holding board, committee, and advisory positions for non-profit organizations. He holds a Bachelors degree, Masters degree, and many security certifications.