SecureWorld Gov-Ed Virtual Conference 2021

Tamika Bass is an Information Security professional with more than 17 years’ experience in information security, including information security governance and risk management. Tamika is passionate about improving communication and understanding of information security in the industry. Tamika is an active speaker, college professor and enjoys spending her time educating technical staff on the importance of communicating effectively in the Information Technology space. Tamika holds the following certifications: CISA,CRISC, HCISPP, CBCP.

Geoff Brown was appointed Chief Information Security Officer for the City of New York in 2016, a position focused on cybersecurity and aggregate information risk across all 100+ NYC departments and agencies. In July 2017, Mayor de Blasio established New York City Cyber Command, led by Geoff and charged with setting Citywide cybersecurity policies; directing
response to cyber incidents; and advising City Hall, agencies and departments on the City's overall cyber defense.

Prior to joining City government, Geoff worked in financial services, developing and operating threat management disciplines including threat intelligence, detection, response and countermeasures. Geoff also served in the federal government, including work with the National Commission for Terrorist Attacks Upon the United States (the 9/11 Commission), supporting the investigation’s work with the first responder community in NYC.

Nasir Memon is Vice Dean for Academics & Student Affairs, Head of Tandon Online, and a Professor of Computer Science at NYU Tandon. He introduced cybersecurity studies to NYU Tandon in 1999. He is co-founder of NYU's Center for Cyber Security (CCS) & the founder of the OSIRIS Lab, CSAW, and NYU Tandon Bridge & Cyber Fellows programs at NYU. He was the Editor-In-Chief of the IEEE Transactions on Information Security and Forensics and has received several awards for best paper and teaching excellence. He is an IEEE Fellow and SPIE Fellow for his contributions to image compression and media security and forensics.

Liat Krawczyk is Assistant Vice President for Emerging Tech at the NYCEDC where she led the workforce arm of Cyber NYC, NYC's signature program to grow its cybersecurity ecosystem. She is also the founder and head of the women.nyc Childcare Innovation Lab. Prior to joining NYCEDC, Liat grew startups, social-enterprises, and innovation ecosystems with a focus on social impact tech and real estate tech. Liat is co-founder of The Jeneba Project, a nonprofit that provides educational opportunities for Sierra Leonean youth and runs an excellence academy for girls in Lungi. She is also an award-winning documentary film director.

Jim Routh serves as a security & risk advisor and Board member for several companies, and is the former CISO for MassMutual, CSO at Aetna, and Global Head of Application and Mobile Security for JP Morgan Chase. He also was the CISO for KPMG, DTCC, and American Express and has more than 30 years of experience in information technology and information security as a practitioner, management consultant, and leader of technology, analytic, and information security functions for global firms.

Jim is the winner of the 2009 BITS Leadership Award for outstanding leadership of the Supply Chain Working Group sponsored by the financial industry in collaboration with NIST and the Department of Treasury. He was the 2007 Information Security Executive of the Year for the Northeast and the 2014 North American Information Security Executive of the Year for North America in Healthcare. He is a widely recognized expert in security program implementation and in reducing information security costs while significantly improving enterprise risk management practices through innovation and transformational leadership. He is a co-author of the FS-ISAC white paper on 3rd Party Software Security Controls and several other industry white papers.

Joel Caminer is the Director of Cybersecurity Education at NYU Tandon. Joel has 20+ years of experience in Financial Services, IT, and Consulting, and has led many strategic initiatives across the IT Risk and cybersecurity spectrum. He previously served as the Global Head of Technology Risk Management at TD Securities; VP of Information Risk Management and CISO at Goldman Sachs; and Manager at Andersen Consulting (now Accenture).

Bob Rudis has over 20 years of experience using data to help defend global Fortune 100 companies and is currently [Master] Chief Data Scientist at Rapid7, where he specializes in research on internet-scale exposure. He was formerly a Security Data Scientist & Managing Principal at Verizon, overseeing the team that produces the annual Data Breach Investigations Report. Bob is a serial tweeter (@hrbrmstr), avid blogger (rud.is), R (#rstats) avunculur, author (Data-Driven Security), speaker, and regular contributor to the open source community.

For nearly a decade, Russell has worked with SecureLink customers and organizations looking to improve third-party security. He has been an integral part of the implementation, support, and solution engineering for customers ranging from large healthcare vendors to small towns. In his current role, Russell and his team help organizations identify the SecureLink products and product features that can be leveraged to both improve security and streamline workflows.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker, and author. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. In 2017, Dan was awarded the cybersecurity breakthrough CISO of the year for global security products and services companies.

He led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO), and Chief Information Security Officer (CISO) roles in Michigan.

Dan currently serves as the CSO and Chief Strategist for Security Mentor, Inc., where he leads the development and implementation of Security Mentor’s industry-leading cyber training, consulting, and workshops for end-users, managers, and executives in the public and private sectors. He has advised senior leaders at the White House, National Governor’s Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses, and non-profit institutions.

Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

He is the author of two books: "Virtual Integrity: Faithfully Navigating the Brave New Web" and "BYOD For You: The Guide to Bring Your Own Device to Work." He is the co-author of the upcoming (November 2021) Wiley book, "Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering from the Inevitable."

Dan holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

Mike has over 17 years of experience in the Information Security field, working in multiple industries around the Boston area. He has helped build and improve information security programs, deploy and manage awareness training to over 1,000 staff members, as well audit networks against the CIS Controls. He holds the CISSP certification, has a Masters in Information Assurance from Norwich University and has been a long time member of the Secureworld Boston Advisory Council.

Deborah Watson is a Resident CISO at Proofpoint with more than 20 years of experience as a cybersecurity leader focused on corporate information security strategy, compliance, security architecture, and data privacy and protection. Deborah led cybersecurity strategy programs for public and private sector organizations across the Fortune 1000. Deborah has a Master's degree in Information Technology Management from Harvard University and is a Doctoral Candidate in Psychology (PsyD) at California Southern University.

James is a Security Solutions Architect and one of Radware’s thought leaders in Network and Application Security. He's been with Radware for nearly 10 years. James is a self-described geek and enjoys learning about application security and building web applications using the latest technologies. In his off time, James enjoys hiking, surfing, and playing guitar.

Professor Scott J. Shackelford serves on the faculty of Indiana University where he is Cybersecurity Program Chair along with being the Executive Director of the Ostrom Workshop. He is also an Affiliated Scholar at both the Harvard Kennedy School’s Belfer Center for Science and International Affairs and Stanford’s Center for Internet and Society, as well as a Senior Fellow at the Center for Applied Cybersecurity Research, and a Term Member at the Council on Foreign Relations.

Professor Shackelford has written more than 100 articles, book chapters, essays, and op-eds for diverse publications. Similarly, his research has been covered by an array of outlets, including Politico, NPR, CNN, Forbes, Time, the Washington Post, and the L.A. Times. He is also the author of "The Internet of Things: What Everyone Needs to Know" (Oxford University Press, 2020), "Governing New Frontiers in the Information Age: Toward Cyber Peace" (Cambridge University Press, 2020), and "Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace" (Cambridge University Press, 2014).

Both his academic work and teaching have been recognized with numerous awards, including a Harvard University Research Fellowship, a Stanford University Hoover Institution National Fellowship, a Notre Dame Institute for Advanced Study Distinguished Fellowship, the 2014 Indiana University Outstanding Junior Faculty Award, and the 2015 Elinor Ostrom Award.

Christopher A. Hart is the founder of Hart Solutions LLP, which specializes in improving safety in a variety of contexts, including the safety of automation in motor vehicles, workplace safety, and process safety in potentially hazardous industries.

Mr. Hart is also Chairman of the Washington Metrorail Safety Commission, a three-jurisdictional agency (MD, VA, DC) that was created in 2019 to oversee the safety of the Washington area subway system. In addition, in 2019 he was asked by the Federal Aviation Administration to lead the Joint Authorities Technical Review that was created bring together the certification authorities of 10 countries, as well as NASA, to review the robustness of the FAA certification of the flight control systems of the Boeing 737 MAX and make recommendations as needed to improve the certification process. Also, he was recently asked to join the Board of the Joint Commission on Accreditation of Healthcare Organizations, the organization that accredits hospitals, to help improve healthcare safety. After an Uber test vehicle struck and killed a pedestrian in Tempe, AZ, in 2018, and Uber terminated such tests on public streets, Mr. Hart was included in the team of experts that Uber engaged to recommend how to safely resume street testing, which it has done.

From 2009 until 2018 Mr. Hart was Chairman, Vice Chairman, and a Member of the National Transportation Safety Board (NTSB), having been nominated by President Obama and confirmed by the Senate. The NTSB investigates major transportation accidents in all modes of transportation, determines the probable causes of the accidents, and makes recommendations to prevent recurrences. He was previously a Member of the NTSB in 1990, having been nominated by (the first) President Bush.

Mr. Hart has a law degree from Harvard Law School and a Master's degree and a Bachelor's degree (magna cum laude) in Aerospace Engineering from Princeton University. He is a member of the District of Columbia Bar and the Lawyer-Pilots Bar Association, and he is a pilot with commercial, multi-engine, and instrument ratings as well as a Cessna Citation SIC Type Rating.

JD Sherry is a seasoned technology executive and is responsible for providing vision and awareness regarding the latest trends in cybersecurity, risk and compliance. Well-versed in enterprise security and data center architecture, as a former practitioner and CEO, JD has successfully implemented large-scale public, private, and hybrid clouds emphasizing security architecture best practices to meet strict compliance standards.

Over the last decade, he has established himself as a trusted senior advisor for the protection of Payment Card Industry (PCI), Health Information Privacy Act (HIPAA), and Personally Identifiable Information (PII) data. JD interfaces regularly with TV/media/press to provide expert insight on the state of cybersecurity and how individuals and organizations can adequately protect themselves from loss. JD has held Top Secret clearance and has an MBA/IT degree from Jones University and a B.S. degree from the University of Nebraska.

Tom currently leads the ExtraHop Public Sector technical practice as Director of Systems Engineering. He has spent most of his 20-year career looking at networks, protocols, and packets in one way or another. Tom has a passion for utilizing data-driven techniques to solve the complex problems faced by modern IT practitioners. When he's not working with ExtraHop's extensive customer base, he is deeply involved in developing and defining techniques for intrusion detection, having informally launched ExtraHop's foray into the cybersecurity world with the award-winning Ransomware App for ExtraHop (http://bit.ly/2fAt2WM).

Tom resides in Houston, Texas, along with his wife and three daughters. He remains actively involved with his alma mater Texas A&M (Electrical Engineering), and can be found most weekends cheering his Aggies on to victory.

David Sherry is the CISO at Princeton University, with university-wide responsibility and authority regarding matters of information security and information risk. He is tasked with the development and maintenance of Princeton's information security strategy, policies and best practices, security training and awareness programs, as well as ongoing risk assessment and compliance tasks. David came to Princeton in 2016 with over 20 years of experience in information technology across several verticals. David sits on a number of committees that fall under the EDUCAUSE Higher Education Information Security Council, and is a faculty member for the Educause Management Institute.

Tara Schaufler is the Information Security Awareness and Training Program Manager at Princeton University. Tara has worked at Princeton for 17 years, spending the last 10 focusing on training and technical communications, and over the past five years has built a robust security awareness and training program from the ground up. She is a member of the Educause Higher Education Information Security Council Awareness and Training Working Group and a frequent speaker at Educause events. Tara is CompTIA Security+ certified and is a Certified Professional in Accessibility Core Competencies (CPACC). She also holds a Bachelor of Arts degree in the social sciences from Thomas Edison State University and a Master of Administrative Science degree from Fairleigh Dickinson University.

Jonathan has been a third-party risk practitioner since 2004. He is co-founder and former president of the Third-Party Risk Association. He has deep experience building and running third-party risk programs in finance and healthcare. He started with RiskRecon in April, 2020.

Baseer Balazadeh has worked in IT management and implementation for more than 15 years. His experiences range from hands-on work on application architectures to development with DevOps best practices to network security and application migration into the public cloud IaaS. He has a bachelor's degree in computer system networking engineering from Westwood College. Fun facts about Baseer: he has completed several (10+) century bicycle rides, with his favorite being the Ojai Valley Century; he’s traveled to 10 countries, 41 cites with 200,000 miles flown; and he thoroughly enjoys passing on gained knowledge.

With more years working in the Security, Risk, Privacy and Resiliency professions than she cares to say, Helen Patton advocates using information risk, security and privacy to enable the mission of organizations and to support society at large.

Helen is an Advisory CISO at Duo Security (now CISCO), where she shares security strategies with the security community. Previously, she was the CISO at The Ohio State University where she was awarded the ISE North American Academic/Public Sector Executive of the Year, and an Executive Director at JPMorgan Chase.

Helen actively encourages collaboration across and within industries, to enable better information security and privacy practices. She believes in improving diversity and inclusion in the workforce, and mentors people interested in pursuing careers in security, privacy and risk management.

Helen has a Master’s degree in Public Policy and has earned Certified Information Systems Auditor and Certified In Risk and Systems Control certifications from ISACA. She serves on the State of Ohio Cybersecurity Advisory Board and is a founding board member of the National Technology Security Coalition.

Marcus Gwyn has worked in cybersecurity sales for 10 years and in the Federal space for five of those years. He is the lead Sales Engineer on the SonicWall Federal team and has worked with Federal customers in Civilian, DOD, and Intel spaces. Marcus enjoys following trends in the threat landscape and learning more about cybersecurity. In his spare time, he enjoys the outdoors with his family and coaching his son’s baseball teams.

Tina Thorstenson, Public Sector Strategist, sits on the Public Sector Industry Business Unit at CrowdStrike, where she provides strategic advisory services related to enterprise cybersecurity solutions for Public Sector organizations across Federal, State and Local, Higher Education, and Healthcare. Just prior to joining CrowdStrike, she served as the Chief Information Security Officer and Deputy CIO for Arizona State University, capping a career of public sector service spanning 25+ years where the last 11 years of those she held the title of CISO.

John Weiler is currently the CEO and CIO of a congressionally charted IT "do tank" called IT-AAC. He has forged partnerships with two dozen leading non-profits and federal agencies committed to the Digital Transformation of the federal IT sector.

He has 40 years of IT Management, Solution Engineering, and Architecture experiences, covering both private and public sectors. His expertise has taken him from senior leadership roles in Fortune 1000 companies (May Dept Stores, Giant Food, Boeing) to non-profit (Object Management Group, Interop. Clearinghouse), to high technology companies (Oracle, Excalibur, ParcPlace, Kodak, BAH, CACI).

Marina is a Security Engineer on the Automox SecOps team where she is passionate about all things security. Previously, she worked as a Threat Researcher, focusing on detections and prevention rules for commodity threats and common living off the land attacks (LOLbins). Before that, Marina served as a Sr. Threat Analyst on a managed SOC, triaging alerts and performing deep dive investigations into customer incidents, and suggesting steps to enhance customer security posture.

Alex Kirk is an open source security veteran, with a combined 17 years at Sourcefire, Cisco, Tenable, and now Corelight, where he serves as Global Principal for Suricata. Formerly a malware zookeeper and IDS signature writer, today he spends his time helping SOC analysts and advising on security policy for government agencies, universities, and large corporations around the world.

David Hawkins has been in the security industry for just over 20 years. His background includes both IT security as well as physical security. David has served as the Technical Vice Chair of the Open Security Exchange, co-authoring the PHISBITs security protocol which was intended to help integrate physical and IT security.

On the Information Security side, David has been part of the engine behind responding to security questionnaires, writing security product and procedural documentation, and speaking on various topics to include identity management, secure file sharing, and advanced threat protection. As a consulting engineer with BitSight, he is focused on helping companies with risk, compliance, technology, and program development. His goal is to promote the continued maturity of the security ratings industry into a discipline that holistically considers information security, data protection, technology, and business risk as a unified concept.

Throughout his 14 years in cybersecurity, Kevin has been an Analyst and Engineer in various organizations, such as the U.S. Navy, First Data, and Lowe’s. Previously, he served as the Global Information Security Officer at Guess? Inc. and a Product Manager for McAfee.

Founder of a strategic risk consultancy after serving 26 years in the US Air Force, Cedric Leighton oversaw numerous critical intelligence missions throughout his career. He served at US Special Operations Command, the Joint Staff and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star.

Currently, Cedric advises multinational businesses on cyber attacks and the management of complex global strategies to reduce risk and unpredictability.