SecureWorld Denver 2024

Patrick Harr is an Investor, mentor, volunteer, entrepreneur, and frequent speaker on the dangers and misuse of AI. He has invested in multiple AI, edge, cyber and new GPU companies. He sits on the board of DEOSphere and on the advisory boards of Kobai, BlueFlag, Sales Advisors, and several new stealth companies. Patrick is also a mentor to cyber entrepreneurs from the local Silicon Valley ISSA chapter and at Santa Clara University.

Patrick started his career in cyber at Novell running security products, ran product and marketing at CacheFlow/BlueCoat, led Preventsys as CEO and most recently joined SlashNext, an email + messaging security company, as CEO to lead its growth and scale.

With four kids, Patrick spends his free time coaching basketball, attending his kid’s volleyball games around the country and volunteering for blind children and parents of children afflicted with visual impairment diseases.

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

With 15 years in the realm of security, Terra Cooke honed a knack for forging strong partnerships and pioneering innovative security programs. Her leadership style blends strategic vision with hands-on collaboration, ensuring that our defenses evolve alongside emerging threats and regulatory landscapes. Whether deciphering complex compliance requirements or spearheading cybersecurity initiatives, she's driven by a commitment to safeguarding our assets, creating impactful strategies, and fostering a supportive, empathetic team culture. And cats.

Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.

She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.

She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.

Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

Mike Ellerhorst is the Founder and CEO of NTM Advisory. With over 15 years of experience in consulting and industry, he specializes in delivering transformative programs for his clients at the intersection of business and technology, with a focus in the Information Security and IT Risk domains. He holds a Bachelor's in Computer Science from the University of Notre Dame and a Global Executive MBA from Duke University's Fuqua School of Business. Mike's leadership blends advisory and practitioner perspectives, driving success in diverse clients and teams.

Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.

Serving Region 8, the Rocky Mountain Region, since 2016, Regional Director Shawn Graff leads operations across six states to bolster resiliency in both government and private sectors as they manage cyber and infrastructure security risk.

Selected as the first Director for the Region, Mr. Graff develops protocols and procedures in alignment with directives of the National Infrastructure Protection Plan, to guide a diverse team of geographically dispersed Protection, Cyber and Chemical Security Advisors and Inspectors. As the senior CISA official in the region, Mr. Graff is responsible for all aspects of the CISA mission implemented across Colorado, Montana, Utah, Wyoming and North and South Dakota.

To this work, Mr. Graff brings his dedicated experience including myriad roles focused on national safety and security. His responsibilities have ranged from directing program development at various posts in the Department of Homeland Security (DHS) to leading the City of Portland, OR in Emergency Management.

He established the first CISA regional public-private information sharing forum, uniting government and private sector representatives in identifying common issues and best practices for critical infrastructure risk management. More recently, Mr. Graff led the federal effort across Region 8 engaging Secretaries of State in improving election security; and then eased his regional team through the transition of fulfilling CISA’s mission remotely during the COVID-19 international pandemic, which included protocols for election security during the 2020 Presidential election.

Earlier in his career, Mr. Graff served as the Director of the DHS National Infrastructure Coordinating Center where he led the transformation of the Infrastructure Protection incident management plan to align response operations closer to the rest of the federal interagency and more clearly define expectations and responsibilities of response resources. Additionally, Mr. Graff served as the Assistant Deputy Director of the Homeland Security Operations Center, now known as the National Operations Center, during the standup of the Department. He also served in the intelligence community within the Office of the Director of National Intelligence working information sharing within and amongst the federal interagency.

His civil service is complemented by his active duty service, where he served as a Platoon Leader and Battalion Staff Intelligence Officer during Operation Iraqi Freedom.

Mr. Graff earned a Master of Arts Degree in International Relations from the University of Oklahoma in 2014, a Bachelor of Arts Degree in Philosophy from the University of Wisconsin in 2000, and an Associate in Fire Protection degree from Fox Valley Technical College in 1996. While earning his degrees Mr. Graff spent his summers as a federal wildland firefighter throughout the West, Southwest and Alaska, fighting fires on Hotshot, Heli-rappel, and Engine crews.

Charlie Marmon serves as the Colorado Cybersecurity State Coordinator (CSC) for the United States Cybersecurity and Infrastructure Security Agency (CISA). He supports the CISA mission of strengthening the security and resilience of the nation's critical infrastructure. His daily responsibilities include coordinating risk management and incident management activities with Colorado’s State, Local and Tribal governments.

Charlie has nearly 30 years of professional experience developing, managing, and maintaining Information Technology and Cybersecurity programs. In the past he has provided cybersecurity expertise to organizations such as Lockheed Martin, the US Army, DARPA and the NSA. He is most passionate about supporting target rich, cyber poor local governments in rural Colorado.

Debra Brown brings over 25 years of experience in cybersecurity. Starting her career at Xerox and then honing her experience in high-growth startups like Ping Identity and Chainalysis, Debra excels in introducing innovative security technologies to the market. Her dedication extends beyond her professional sphere as she is also a passionate learner, book lover, and a devoted mother and wife in a loving, blended family.

Michael Marx, one of Oracle MySQL’s talented solutions engineers with a flair for transforming complex database challenges into seamless solutions.

When Michael isn’t decoding the mysteries of MySQL, he’s probably perfecting his latest recipe for the ultimate data-driven cocktail or plotting his next tech adventure. With a knack for making intricate tech talk feel like a casual chat over coffee, Michael brings a blend of expertise and enthusiasm to every stage he graces. His passion for MySQL is only matched by his love for sharing knowledge and making technology accessible and fun. When he’s not engineering solutions, Michael enjoys managing his vineyard and crafting exquisite wines.

Join him for a lively and insightful session where technology meets creativity, and you might even get a taste of his passion for both databases and wine!

Dennis Mastin, CISSP, is a security professional focused on securing the identities of humans and automated workloads. He has been in industry for over 30 years as a software engineer, field sales specialist, and consultant. The past two decades, Dennis focused on Identity and Access Management while at Netscape, Sun Microsystems, and Oracle. Currently, Dennis helps CyberArk customers realize the benefits of securing identities across a wide range of industries.

Ed has over 20 years’ experience in cybersecurity, covering SSL/VPN, Intel chip security technologies, endpoint protection, DLP, data at rest/in motion encryption technologies, key management, and managed security services. Based in Austin, Texas, Ed is a member of the Entrust Digital Security Solutions Center of Excellence for Data Protection Solutions. Prior to Entrust, Ed served in strategic alliance roles at Thales DIS and Symantec, where he worked with Global System Integrators. Earlier, he held leadership roles software products at Dell, semiconductors at Britestream Networks, and networking products at Compaq and Motorola.

Rick Vincent is the Director of System Engineering for the Rockies Enterprise team at Fortinet. His career has included roles in product development and engineering for security, networking, storage, and cloud disciplines. He is an avid outdoorsman and father who loves all the activities the Rocky Mountains have to offer. With Rick, look forward to some interesting stories across key industries and some inspiring strategies for success in your cybersecurity journey.

Richard Staynings is a globally renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world. He has advised numerous government and industry leaders on their healthcare security strategy and defensive posture and has served as a subject matter expert on government Committees of Inquiry into some of the highest profile healthcare breaches.

Richard is currently Chief Security Strategist for Cylera, a pioneer in the space of medical device and HIoT security. He is also author of Cyber Thoughts, a leading healthcare cybersecurity blog, teaches postgraduate courses in cybersecurity, health informatics and healthcare management at the University of Denver University College, and is a retained advisor to a number of governments and private companies.

A recovering CISO, with more than 25 years’ experience of both cybersecurity leadership and client consulting in healthcare, Richard has lived in over 30 countries and delivered innovative solutions to organizations in all of them. When he’s not on a plane or speaking at an event, he can usually be found in the Rocky Mountains of Colorado, USA

Some of his more notable successes include work for: Amgen, Cisco, CSC (now DxC), PricewaterhouseCoopers, Intel, Microsoft, Zurich Financial, and a long list of hospital and health systems.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Chris has been aligning people, processes and technology to drive companies forward for over 20 years. He has a decade of cybersecurity experience in product marketing and product management. His passion is helping businesses succeed through the strategic use of technology. Most recently he was helping customers accelerate their Zero Trust journey at Appgate, Inc. His background also includes experience in operations, sales, and new business development.

Karen Worstell began her cyber career 30 years ago when her Programming professor in grad school encrypted the final and unique code breaking tools were required to be used in order to decrypt and read each question.

She has provided cybersecurity support for programs like the Advanced Tactical Fighter prototype and B2 Bomber, developed the first computer security manual for the Boeing Company, and led research in secure distributed computing for Boeing’s Research and Technology Division in the 1980s and 90s. From there she had senior and C-level roles in security and IT Risk Management for companies like Union Carbide, SRI Consulting, Bank of America, AT&T Wireless, Microsoft and Russell Investments. She was the CEO for AtomicTangerine, the SRI International spinoff focused on security that served international Fortune 100 companies in security strategy and major technology implementations. She co-chaired major security events for SRI International, Forbes.com, and Georgetown University Law Center.

She held positions at NIST for OSI security architecture, the security subcommittee of the Aerospace Industries Association, US Department of Commerce Security and Privacy Advisory Board, and the security subcommittee of NSTAC and has been a featured speaker at events for SecureWorld, IIA, ISSA, ISACA, AusCERT, Security Conference Israel, and RSA.

She is the author of “Governance and Internal Controls for Cutting Edge IT” published by ITG, the chapter "The Role of the CISO" in the Computer Security Handbook 5th and 6th editions (Wiley) and co-author of "Evaluating the E-Discovery Capabilities of Outside Law Firms” by Pike & Fisher.

Her technical expertise spans Identity and Access Management, Intrusion Detection and Response, and integration of security into IT and business processes for “seamless security.” She is a huge fan of "not putting steel doors on grass shacks.” Today she focuses on changing perceptions about security to reduce the growing gap between emerging technology and security and pursues her passion for matching cyber talent in leadership roles for enterprises who are serious about cyber security.

Rhett served the Federal Reserve, and while there, led regular Enterprise Risk Management discussions between the Federal Reserve and U.S. Treasury with a focus on cybersecurity. He is a former NSA cryptoanalyst and a U.S. Army veteran, having served multiple joint intelligence communities, both foreign and domestic government agencies in international locations.

Rhett is a public speaker on the topic of privacy and identity theft prevention. He lectures on cybersecurity and cryptography topics at University of Colorado Colorado Springs (UCCS) and Flatiron School. He also serves on the SecureWorld Advisory Council. Rhett earned a Master of Business Administration from LeTourneau University and holds the CISSP credential.

Teressa Gehrke is the Founder of PopCykol, a trusted online safety resource for families and kids. PopCykol stands for Protecting Our Precious Curious Kids Online. PopCykol teaches internet safety concepts in a fun, easy, and interactive style.

She has worked in cybersecurity since 2014 as a technical writer, user experience designer, and project manager for various industries including biotech, healthcare, government, telecom, space, and banking. She has also taught cybersecurity at local colleges. Teressa graduated from the University of Denver with a B.A. in Art History and Anthropology. She earned a Master’s in Genetic Anthropology and International Development from Colorado State University and advanced her education studying Network Security at Arapahoe Community College. She is the Social Media Chair of Women in Cybersecurity - Colorado affiliate, President of Business & Professional Women of Colorado - Denver chapter, and Digital Training Chair for the National Federation of Business & Professional Women's Clubs.

Teressa is an award-winning children’s music singer-songwriter and brings her artistry to PopCykol. In 2022, she was nominated for Cybersecurity Woman of the Year by the United Cybersecurity Alliance. In 2023, she was a keynote speaker at the United Nations Commission on the Status of Women. In her free time, she enjoys standup paddleboarding, painting, singing, songwriting, and drumming.

Danny Manimbo is a Principal with Schellman based in Denver, Colorado. As a member of Schellman’s West Coast / Mountain region management team, Danny is primarily responsible for leading Schellman's AI and ISO practices as well as the development and oversight of Schellman's attestation services. Danny has been with Schellman for 10 years and has over 13 years of experience in providing information security and data privacy audit and compliance services. Danny has achieved the following certifications relevant to the fields of accounting, auditing, and information systems security and privacy: • Certified Public Accountant (CPA) • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • Certified Internal Auditor (CIA) • Certificate of Cloud Security Knowledge (CCSK) • Certified Information Privacy Professional – United States (CIPP/US)

Kent Blackwell is a Director at Schellman, helping lead their penetration testing and offensive security practice. Kent has over fifteen years of experience serving clients in a multitude of industries, including the Department of Defense and top cloud service providers. He got his start in penetration testing evaluating systems as a civilian with the Air Force before later joining Schellman to help build the security practice. A security and privacy enthusiast, Kent is passionate about ensuring people can have confidence in the platforms to which they entrust their data.

A dedicated Security Engineer with a passion for safeguarding Yahoo resources against cyber threats. With more than three years of experience in the realm of cybersecurity, I have honed my skills in securing applications, identifying vulnerabilities, and implementing robust solutions. With a Master's degree in Cybersecurity, my expertise extends beyond traditional security paradigms; I am well-versed in emerging technologies and industry best practices. My academic background, coupled with hands-on experience, enables me to navigate the ever-evolving landscape of Security Programs.