SecureWorld Seattle 2024

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company include coordinating business continuity program activities and leading the company through emerging privacy legislation management.

In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University. William completed his Bachelor of Science in Computer Science from the U.S. Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that, he also served as the regional CISO for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

William served in the U.S. Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

John Brennan is the Managing Partner of Holly Ventures, a seed stage venture capital fund that exclusively invests in and supports cybersecurity entrepreneurs at their earliest stages. John has invested in over twenty security startups, with a focus on supporting founders from day one. Having previously served as a Senior Partner at YL Ventures, John's past portfolio work includes Axonius, Orca Security, Medigate, Hunters, Cycode, Vulcan Cyber, Spera, and many others. John holds an MBA from the University of Chicago and a Bachelor of Science from Trinity College in Connecticut.

Zabrina McIntyre is a Director with KPMG focusing on large scale cybersecurity transformations for clients with a focus on compliance. She holds the CISSP and PMP certifications and is working on her PCI QSA. She is a dedicated supporter of Women in Cybersecurity (WiCyS) and is currently on the leadership board for the Business Information Security Officer (BISO) Affiliate.

Ankit has been with Microsoft for over 12 years spanning roles from building and leading adoption of the most secure cloud native Microsoft managed Detection and Response platform. Over the years, he worked in several product teams as Cloud Compute and Security leader, ideated, defined and led cyber security initiatives from the ground up. In his current role, he's leading secure future initiatives to reduce attack surface area and build cyber resilience in Azure networks globally.

As the Chief Information Security Officer at REI, I lead a team of cybersecurity professionals who are passionate about protecting the company's data, systems, and customers. I have over 10 years of experience in cybersecurity, spanning various domains such as incident response, forensics, malware analysis, network security, and data protection.

My mission is to bring honesty, transparency, and integrity to the cybersecurity function, and to partner with other technology and business teams to ensure a balanced and pragmatic approach to our common goals. I leverage my expertise in cybersecurity strategy, policy, governance, and risk management to enable REI's growth and innovation. I also foster a culture of security awareness, education, and empowerment across the organization.

Highly experienced & technically proficient leader with extensive experience in security engineering, product development, operations and compliance. Laser focused on Security architecture, design & implementation, risk reduction, compliance & business orientation. Strong cross-functional skills due to extensive experience in Information Security, Production Support, Software Security and Compliance, Infrastructure and Project Management. Experienced in Cloud Security, System Administration, Networking, Project Management, Process Re- engineering. Result oriented, with a demonstrated ability to effectively respond to changing demands

Adam Zoller is the Chief Information Security Officer for Providence, a system of passionate providers focused on partnering with people to simplify health care. With 50+ hospitals, 1000+ clinics, and hundreds of locally driven programs administered by over 120,000+ caregivers, Providence is improving the health of communities, especially the poor and vulnerable. In this role, Adam is responsible for driving information security strategy and execution across the organization's information ecosystem

Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Vanessa is an accomplished technology executive with over 30 years of experience. Currently she serves as a Corporate Board Director of the public company Liveperson (NASDAQ: LPSN), Boeing Employee Credit Union, and Prisidio. Formerly she was on the board of Carbon Black (NASDAQ: CBLK) and was part of the transaction to sell Carbon Black to VMware. Vanessa is also very active in angel investing and is a venture partner for Flying Fish Partners.

Vanessa has held senior leadership positions at organizations such as DocuSign, Expedia, U.S. Bank, and AT&T Wireless. Her expertise spans various domains, including technology architecture and engineering, risk management, cybersecurity, and compliance. Vanessa has a proven track record of successfully building and leading high-performance cybersecurity teams, implementing robust security frameworks and controls, and driving cultural change to foster a strong security mindset within organizations.

Vanessa's educational background includes a MBA from Stanford University, MS in Telecommunication from the University of Colorado, Boulder and a BS in Engineering from UC Berkeley. She also holds various cybersecurity certifications including CISSP, CRISC, CISM, and GSEC. Relative to her board work, she holds the National Association of Corporate Directors (NACD) Director Professionalism certification.

Erika Voss offers two decades of extraordinary success in a series of high level roles at top tier companies that include Capital One,
Salesforce, Oracle Public Cloud, Microsoft Corporation and Amazon Web Services.

Erika’s invaluable expertise and broad business range have powered a history of developing successful process improvements that
drive productivity, reliability, and client satisfaction. Such traits have consistently enabled Erika to achieve an impressive command
of the skills needed to manage ongoing business planning processes while developing strategies to meet future challenges.

Upon being named as Vice President of Information Security for DAT Freight & Analytics, Erika will lead vision, strategy, and
execution for all facets of security for this Fortune 500 Supply Chain Logistics corporation, while defining and revising policies,
procedures, and best practices for security, including application security, access control, authentication, third party risk management,
and intrusion detection. Dr.. Voss has dedicated herself and her vision as a leader who engages in projects with an “All-In” attitude.

With a forte for successfully building strong teams and holding a key role leading all facets of finance and strategy, Dr. Voss has
successfully positioned companies, as a leading expert in its field with respect foundational security basics, fraud, identity, and cloud
security practices contributing to the following successes:

● Effectively manages a team of product and application security engineers, architects, and DevSecOps personnel, continually
identifying opportunities to reinforce the company’s security posture.
● Engages directly with customers, providing information and guidance on the company’s security posture.
● Served as the CISO of the company’s cybersecurity program in line with all industry standards and regulatory requirements,
including SOC2, PCI, SOX, and other industry regulations.

Combining her proven business instinct with an unprecedented disciplinary work ethic, Erika has continuously exceeded expectations
in high stake environments throughout her career positioning herself as a key member of each company and a driving force for growth.
Erika holds a Ph.D. in Cybersecurity from Northcentral University, as well as a Master of Science Degree in Security Administration
and a Bachelor of Science Degree in Computer Operations Technology from Southwestern College.

Jake Rasko is a passionate technology leader with an unwavering belief in the transformative power of technology to change the world. With a diverse career spanning both IT and Security, he has honed his expertise in building, running, and maintaining critical infrastructure securely at a global scale.

Over the course of Jake’s professional journey, he has been a part of notable organizations such as Cruise, Salesforce, and most recently, HashiCorp. Now, as the Head of Security Engineering and Architecture at DAT Freight & Analytics, he is dedicated to building a more secure future for the nation’s supply chain.

With a career that began at the help desk and has since soared to leadership positions in global technology companies, Jake exemplifies the power of continuous growth and learning in the technology industry. His journey is a testament to his adaptability, vision, and unwavering commitment to leveraging technology for positive change.

Elizabeth Schaedler is a Splunk Security Advisor and works with customers to develop strategies aligning security and business risks, and how to use risk-based-alerting to address fraud. Elizabeth has an expansive 20-year data center and security background and has spent time in the HPC world in senior positions at Cray Research, HP, RSA, Sun Microsystems, and IBM. She lives in Portland, Oregon, and she and her husband are currently spending their free time clearing out Legos and Barbies left behind by two adult children.

Nicholas DiCola is a Security Jedi and the VP of Customers where he leads a global team. Before joining Zero Networks, Nicholas led the Cloud Security Customer Experience Engineering team helping customers unblock deployments and improving products. He also spent 22 years with the United States Marine Corps and retired as a Defensive Cyberspace Weapons Officer after 22 years of total service. He received a Bachelor of Science in Computer Networking and Master of Business Administration from Strayer University. He is a co-author of several books and holds many certifications such as CISSP and CEH. You can follow him on Twitter @MasterSecJedi, GitHub (https://github.com/dicolanl), and LinkedIn (https://www.linkedin.com/in/ndicola/).

Amanda Stowell is a passionate Information Security and Privacy Program Manager at A-dec, Inc., a leading dental manufacturer based in the Pacific Northwest. Over the past few years, Amanda has built A-dec’s cybersecurity program from the ground up, leveraging her expertise to design a robust framework that balances business needs with today’s evolving cyberthreat landscape. Previously, Amanda served as Global Information and Records Manager for ESCO, Inc., and the Weir Group PLC, where she developed a strong foundation in safeguarding data and ensuring compliance across diverse organizations.

Amanda advocates for information governance as a strategic approach to managing the entire lifecycle of organizational data. She ensures information is properly classified, stored, protected, and disposed of in line with regulatory requirements and industry standards. Her collaborative efforts across business units foster cross-functional partnerships that align goals, streamline processes, and support shared objectives. This approach promotes accountability and transparency, enabling teams to make informed decisions based on secure and accessible data. Amanda’s leadership has made information governance a key part of the organization’s risk management and operational strategy.

Amanda holds a Master of Science Degree in Archives and Records Administration from San Jose State University as well as a Bachelor of Science Degree in Social and Behavioral Sciences and a certificate in Human Resources Management from Linfield University.

In her free time, Amanda enjoys quality time with her wife and three kids and indulging in her obsessions for console gaming and reading all the things.

Rich Teslow is a seasoned Senior Security Engineer at A-dec, Inc., a leading dental manufacturer in the US, based in the Pacific Northwest. With a career spanning over two decades, Rich has dedicated his professional life to the IT sector, specializing in safeguarding infrastructure and digital assets. His expertise covers a wide array of areas, including infrastructure architecture and design, enterprise security engineering, and system administration, where he has honed a deep technical skill set and an acute understanding of technology’s role in optimizing business operations.

In addition to his professional achievements, Rich is a passionate homelabber and active participant in the homelabbing community, continually exploring innovative technologies in servers, virtualization, networking, and storage. He extends his expertise beyond his day-to-day work through his popular YouTube channel, 2GuysTek. Rich’s content focuses on helping small to medium-sized businesses, as well as technology enthusiasts, with practical guidance on setting up and managing infrastructure. Whether it’s exploring the latest tech trends or demonstrating security best practices, Rich is committed to empowering others to navigate the complexities of IT and security.

Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Supportand. Currently, Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data. In addition to this, he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

Ade Gonzalez is a Senior Director of Security GRC and Data Security in Docusign. With over 15 years of experience, her expertise spans across building/managing high-performing teams and delivering board-critical programs around Security Governance, Strategy, Risk, Compliance, Data Protection and Cloud Security across various industries (financial services, technology, insurance and so on).

She also has experience working in different regions across the globe with established presence in South Africa, Ireland, UK and US. She holds a Masters (Cum Laude) in Computer Engineering, majoring in Artificial Intelligence. During her spare time, she enjoys travelling, food, exercising/fitness-related activities and spending quality time with her family, especially with her 3-year-old daughter and miniature-schnauzer.

Michelle Linders Wagner, a seasoned risk management executive, brings 25+ years of experience in enhancing compliance and risk posture for Fortune 500 firms. With cyber, compliance, and audit expertise, she builds high performing teams, swiftly identifying fit for purpose solutions that align with business strategy. While she is currently loving her job as the Head of Internal Audit at Docusign, Michelle has loved her prior positions, as well. At Deloitte, she transformed the global risk function; as an executive at Costco, she ran the second line of defense where she matured the global governance, risk, and compliance function; and at SAP, she drove high-priority risk and governance initiatives. Committed to excellence, Michelle excels in leading teams to solve intricate risk challenges.

Tony is a knowledgeable technical professional with 25+ years of experience developing, integrating, and leading technology projects for enterprise customers. He is effective in sales engineering, Internet security, project management, and computer networking. A skilled life-long student of managing the personal and technical challenges that arise from building something new.

Tim Gallo is the Head of Global Solutions Architects at Google, he specializes in Cyber Threat Intelligence and Risk everything from Intelligence Operations and Cyber Threat Profile development to risk based analytic approaches to Security Operations. He Joined Google Cloud through the acquisition of Mandiant by Google in 2022, he had spent 5 years at Mandiant prior to the acquisition in a variety of field facing roles covering the aforementioned topics. Before joining Mandiant, Tim leveraged his over 20 years’ experience in information security and intelligence operations to aid in the development and deployment of a number of solutions. Including building client and organizational expertise in Intelligence Led Security and Business Operations. This included the development and product management of some of the first cyber intelligence solutions ever brought to market. These solutions have included threat and vulnerability management tools, IOC prediction algorithms, intelligence services, and strategic intelligence consulting. Today he spends his days helping clients understand the importance of Intelligence as a guiding principle for building out effective security processes and operations and helping clients and vendors find ways to leverage technologies responsibly to build their cyber defense centers and security operations practices. Every once in a while he can be found out in the desert, sometimes on his Harley with a flamethrower, sometimes with just a flamethrower

Dennis Mastin, CISSP, is a security professional focused on securing the identities of humans and automated workloads. He has been in industry for over 30 years as a software engineer, field sales specialist, and consultant. The past two decades, Dennis focused on Identity and Access Management while at Netscape, Sun Microsystems, and Oracle. Currently, Dennis helps CyberArk customers realize the benefits of securing identities across a wide range of industries.

Dan Migliore brings over 25 years of experience in the cybersecurity space, with an extensive security related background contributing to industry leaders such as VeriSign, Varonis, Accellion, and Verint. Currently, he serves as a Regional Manager at Fortinet, where he has dedicated the last six years to advancing enhanced security technologies.

Founded over 20 years ago in Sunnyvale, California, Fortinet is a leader in the evolution of cybersecurity and the convergence of networking and security. With a mission to secure people, devices, and data everywhere, Fortinet boasts the largest integrated portfolio of over 50 enterprise-grade products. Trusted by more than 755,000 customers, Fortinet’s solutions are among the most deployed, patented, and validated in the industry, reflecting Dan’s commitment to delivering proven cybersecurity everywhere it’s needed.

Paul has more than 30 years of experience working in the Information Security space including 8 years with the US Air Force. Paul was a principal at Digital Signature Trust back in the 90’s working on Public Key Cryptography utilizing Hardware Security Modules to create Root certificates for the Browsers for trusted Root Certificates including the first Entrust Root Certificate to be published in a browser. His experiences have led him to be a knowledgeable and experienced Trusted Security advisor for many fortune 500 customers over the years.

Marc Menninger is a seasoned corporate information security and risk management
professional with more than twenty years of experience. He has held the Certified
Information Security Systems Professional (CISSP) certification since 2000 and the Certified
in Risk and Information System Controls (CRISC) certification since 2016.
Marc’s career started with his service as a Computer and Communications Officer in the
U.S. Air Force from 1992 to 1997. During his tenure, he led a team of 19 UNIX
administrators, managing mobile Top Secret fiber optic networks. He was stationed at
Langley Air Force Base in Virginia and Barksdale Air Force Base in Shreveport, LA, and served
a short tour in the Persian Gulf during Operation Desert Shield.

Transitioning to civilian roles, Marc has navigated through several technical and leadership
positions, building his expertise across the United States—from Dallas to San Francisco and,
ultimately, Seattle. His roles have included Vice President of Corporate Information Security
at Washington Mutual Bank, Security Manager at PEMCO Corporation, Senior Security
Manager at Lighthouse eDiscovery, and Director of Cybersecurity at A Place for Mom.
Presently, he serves as the Information Security Officer at AstrumU.

Marc's specialty areas encompass Enterprise Risk Assessment, Information Security
Program Management, Governance, Risk and Compliance, and more. He lives near Seattle,
WA, with his family.

Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

Chris is the Regional CISO, Americas at Okta, where he is responsible for corporate security compliance, third-party risk, and responding to customer security inquiries. Prior to Okta, Chris spent 6 years leading the adoption of Cloud Technologies at LinkedIn, helping them grow from 350 to over 6,800 employees. He started his career designing, developing, and delivering content management, system administration, and messaging solutions for customers such as Nestle, Cisco, AMD, Telus, and the US Department of Defense. During the winters, Chris has almost 15 years experience as a Ski Patroller, search & rescue, and teaching ski mountaineering & outdoor survival.

Winning in the software industry doesn’t come from faking it or even making it. Instead, it takes being great at it, because being exceptional results in a sustainable competitive advantage. Having been a part of great companies that have been honored with awards from Inc. 5000 Fastest Growing Companies, Deloitte Fast 500, Top 50 Best Places to Work in America, and Inc. Best Workplaces, as well as being named the #7 on Glassdoor’s Best Places to Work in America, John Gardiner knows what it takes to be great. His strategic leadership includes serving in numerous high growth software companies as the President, Chief Operating Officer, Chief Strategy Officer, and CFO, including the most successful investment in TA Associates’ 56-year history, earning a stunning 6013% ROI. A strong proponent of the Trust Product Practice, he knows the value it brings to an organizations’ business practices, culture, competitive differentiation, brand, and growth.

Sabino Marquez' approach to leading cybersecurity as a ‘Trust Product Practice’ has led to substantial returns on security investments, higher value-generation velocity, and enhanced equity valuations. Sabino leads the Trust Product organization as a go-to-market leader, working alongside the productive business to enable and defend value, and transforming stakeholder Trust into a powerful tool for competitive differentiation. Within his key areas of focus, Sabino ensures robust protection mechanisms are in place for stakeholder interests while also leveraging organizational Trust as a distinct advantage in a competitive market landscape. His work has not only brought him recognition as ‘2023 C100 Winner’, but he is also an esteemed thought leader who frequently shares insights in Security Magazine, The Wall Street Journal, and Cyber Security Tribe.

Lalitha Subramanian, Program Management Director at University of Washington Continuum College, has over a couple of decades of experience designing, developing, and delivering large-scale learning and development strategies and certification programs that empower working professionals build the right strengths, skills, and behaviors for organizational success and career progression. She has proven success coaching industry experts, university instructors, and private company leaders to evolve educational offerings, in the adoption of new technologies with accessibility standards, and has designed exemplary learner-driven digital education offerings to meet the needs of a dynamic global marketplace. Her expertise in educational pedagogical practices incorporating DEIBJ best practices for both in-class and virtual/online environments have been recognized at unit, university and at a national level.

Alejandro Ayala is a rising professional in the field of cybersecurity, pursuing a PhD in 2025 through an NSF Fellowship. Alejandro currently serves as a technical lead, ensuring program integration across multiple universities and industry. Alejandro contributes to the University of Washington’s Certificate in Risk Management in multiple roles. He is the co-founder and President of CyberAlumni, a community of practice focused on continuous professional cybersecurity education across the NCAE Schools. Alejandro has published in the Colloquium for Information Systems Security Education (CISSE), Springer Journal, Future Technologies Conference, and the Human Computer Interaction International Conference innovations in cybersecurity education.

Stuart collaborates closely with global clients, guiding them in harnessing observability data to enhance their application security posture throughout the entire SDLC. He is a passionate sneakerhead with a strong background in cybersecurity and networking, particularly WAF and DDoS, as well as Bot Management and Zero Trust.

Trevor Dunlap is a Principal Research Scientist at Chainguard. Trevor obtained a Ph.D. in Computer Science focusing on automatically enhancing vulnerability data to help provide richer information. He has been involved in research ranging from access control, robocalls, and the use of large language models in security domains. Beyond his technical expertise, he is a passionate advocate for securing open source software.

Kirsten Stoner is a Technologist on the Product Strategy team at Veeam Software. With 10 years of software experience, Kirsten has a specialized focus in all things data management including storage, cloud, cybersecurity, and analytics. Through her years working at Veeam, she leads the creation of technical content for product demonstrations, webinars and digital written collateral, engaging audiences globally. Kirsten holds the Veeam Certified Engineer (VMCE) credential with a drive to continuously learn more about customer pain points and the technologies they use to overcome them.

Erez Tadmor holds a two-decade career in the ever-evolving information security field, marked by his diverse background in managing various product portfolios and verticals. His expertise spans cloud and network security, automation & orchestration, IAM, fraud detection and prevention. As Tufin's Field CTO, he bridges the gap between customers, marketing, and product teams, educating stakeholders on network security technologies, cybersecurity best practices and Tufin's solutions. Erez holds a track record of strong leadership in both enterprise and startups cybersecurity product management and strategy development.

Chief Technology Officer at Washington State Department of Labor and Industries. Expert level grasp on IT Security governance and management of security in application, infrastructure and cloud domains. Spearheaded teams to do FedRAMP assessments of major cloud service provider giants in the industry. Certifications include CISSP, CCSP, CISA, PCIP, PMP, and AWS-SAA. Formerly PCI-QSA certified with a PCI assessor.

Troy Batterberry is the founder and CEO of EchoMark, a Software-as-a-Service (SaaS) company
pioneering a new standard in information protection. The company was founded on that trust is
central to empowering everyone to do their best work. Troy brings years of product and
technology experience, including 25 years at Microsoft, where he most recently served as a
Corporate Vice President as the product leader of Microsoft Teams Meetings, Calling, and
Events. During his tenure, Troy also played an integral role in the growth and success of
marquee Microsoft products, such as Windows, Explorer/Edge, Bing, Xbox, and MSN. Before
joining Microsoft, Troy held engineering positions at Sony and within the U.S. Department of
Defense. Troy is driven by a long-standing passion for creating new experiences and products.

In addition to his professional pursuits, Troy is a parent volunteer at his kids’ schools, spends time
volunteering for Boy Scouts, and also enjoys time outdoors boating, hiking, and running. He
holds an M.S. in Information Systems from the University of Southern California and a B.S. in
Electrical and Electronic Engineering from North Dakota State University.

Chirag H. Patel is a solution-oriented technology and commercial attorney with extensive experience in emerging technologies, artificial intelligence (AI), data privacy, cybersecurity, contracts, e-commerce, and trade secrets. His multi-channel experience encompasses compliance, transactional review, and litigation.

Chirag’s practice spans diverse industries, including software, e-commerce, cryptocurrency, healthcare, financial services (traditional and FinTech), cannabis, commercial construction, and hospitality sectors.

His litigation practice includes multimillion-dollar contract disputes, high-stakes consumer class actions, and novel technology issues. Recent cases include national data breach class actions, privacy and wiretapping claims (CIPA), AI discrimination claims, software service (SaaS) and implementation contract disputes, business email compromise, cryptocurrency injunctions, and right of publicity of cases.

Chirag’s compliance practice focuses on AI, data privacy, and e-commerce. This includes development and advising on AU Acceptable Use Policies (AUPs), AI Audits, data privacy laws, and ecommerce laws. Among other regulatory regimes, Chirag has advised clients on compliance with the HIPPA Privacy Rule, the California Restore Online Shoppers Confidence Act (ROSCA), California Consumer Privacy Act (CCPA), California Automatic Renewal Law (CARL), and Federal Trade Commission (FTC) regulations.

Chirag has experience with commercial contract review and transactions. He conducts master contract reviews in various industry settings covering issues such as intellectual property rights, data ownership, and terms of service. He also has full-cycle M&A experience, including conducting privacy and cybersecurity due diligence.

Danny Manimbo is a Principal with Schellman based in Denver, Colorado. As a member of Schellman’s West Coast / Mountain region management team, Danny is primarily responsible for leading Schellman's AI and ISO practices as well as the development and oversight of Schellman's attestation services. Danny has been with Schellman for 10 years and has over 13 years of experience in providing information security and data privacy audit and compliance services. Danny has achieved the following certifications relevant to the fields of accounting, auditing, and information systems security and privacy: • Certified Public Accountant (CPA) • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • Certified Internal Auditor (CIA) • Certificate of Cloud Security Knowledge (CCSK) • Certified Information Privacy Professional – United States (CIPP/US)

Kent Blackwell is a Director at Schellman, helping lead their penetration testing and offensive security practice. Kent has over fifteen years of experience serving clients in a multitude of industries, including the Department of Defense and top cloud service providers. He got his start in penetration testing evaluating systems as a civilian with the Air Force before later joining Schellman to help build the security practice. A security and privacy enthusiast, Kent is passionate about ensuring people can have confidence in the platforms to which they entrust their data.

As the Director of AI Infrastructure at Salesforce, Karim leads a key team responsible for designing and implementing cloud-based infrastructure and platform tools for the Salesforce AI Platform. Karim and his team focus on architecture, scaling, performance optimization, and infrastructure development to enhance system performance and scalability. They also create methodologies, tools, and frameworks that play a significant role in the 'go-to-production' process for an auto-scaled cloud system.

Milosz Goralczyk is a Lead Software Engineer, Scrum Master, Security Champion, and VTO rockstar for the AI Platform team at Salesforce. He owns services in model training areas for Generative AI and Predictive AI, expanding Salesforce Einstein AI impact in cutting-edge AI products. With a deep passion for ML, experimentation, and security, he plays a pivotal role in driving innovation and ensuring robust security standards within his team. Prior to his role at Salesforce, he contributed to Microsoft's Bing and Azure Active Directory, as well as several CRM-focused companies. An entrepreneur at heart, Milosz has founded and successfully managed two companies. He earned his master’s degree with honors from the Military University of Technology, where he published research papers from his work on object-oriented databases.

As Lead Product Security Engineer at Salesforce, Kaustubh works closely with engineers from the Salesforce AI Platform to ship secure-by-design products. Kaustubh leverages strong relationships with product teams and other stakeholders to reduce overall risk and security debt for the platform. He also helps scale security impact via automation, curating security patterns and paved roads, and championing security initiatives.

Eric is the Director of Strategy & Operations for Salesforce's AI Cloud, where he works on the company’s Trust commitments and leads strategic cross-functional initiatives. He is privileged to work with an exceptional team dedicated to delivering the most trusted AI CRM software on the market.

Before joining Salesforce, Eric built and led teams in the payments and Fintech industries, focusing on product innovation, business operations, and program management. His career includes roles at Visa, Citi Ventures, PayPal, Gap, and more.

A Silicon Valley native, Eric has lived and worked across Europe, earning his MBA from the Grenoble Graduate School of Business in France. He now resides in Silicon Valley with his family.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Jean is an Executive Consultant, ISSA Distinguished Fellow, and honored as a 2015 SC Magazine “Woman of Influence”. With a global focus on strategy, architecture, and technology in the high tech and financial industries, she alternates between technical and executive leadership roles. Once focused on security and cryptography for the financial industry, her current focus is on the use and abuse of blockchains, augmented reality, and the Internet of Things (IoT).

Frank Simorjay (CISSP, ISSA Distinguished Fellow) is a cloud security and compliance subject matter expert. Frank works for Microsoft Azure global ecosystem organization as the Lead PM of the Azure automation Blueprint program, that includes the PCI automation blueprint. Frank has written an extensive library of papers, and blogs (http://cloudntech.blogspot.com/)

Frank Simorjay is a Principal Architect for the Power Platform team at Microsoft. He has developed an extensive library of security content as a cloud security architect and content developer. A CISSP and an ISSA Distinguished Fellow, Frank is recognized for his significant contributions to cybersecurity. He founded the ISC2 Seattle chapter and ISSA Puget Sound. Frank is passionate about promoting secure computing and smart cloud adoption.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

Experienced Information Security Professional with a demonstrated history of working in the retail industry. Skilled in Operations Management, Sales, Management, Point of Sale (POS) / Fuel Systems, and Inventory Control. Strive to find ways information security can enable and support business and operations teams with solutions. Actively support public/private partnerships with local and federal agencies with emphases on infrastructure, cyber security and community outreach.

Mr. Petru is the President of the Washington State InfraGard Chapter and a Fellow of the British Computer Society, The Chartered Institute for IT. He is an innovative, and technically sophisticated professional, offering substantial years of broad-based experience in evaluating large corporate systems. Powered with a comprehensive background in development and implementation, he has authored more than forty-seven different courses based on AIX, Encryption, Linux, Networking, Security, and Virtualization technologies, teaching to an audience of tens of thousands around the world for the past twenty-five years. Mr. Petru has spent more than two years in Ukraine over the past 20 years and has seen much change. Equipped with a proven track record of success in designing and implementing system and policy based on Confidentiality, Integrity, and Availability, to meet business continuity and disaster recovery for long-range strategic plans of Fortune 100 Companies. Mr. Petru is armed with stellar qualifications in all facets of project lifecycle development, from initial analysis and conceptual design to implementation, quality review, and enhancement to optimize operational efficiencies that improve business and IT operations.

Maggie Amato is a dynamic cybersecurity leader with deep expertise in cloud security, AI security, and risk management across technology, healthcare, and federal sectors. As the Business Information Security Officer (BISO) for AI Cloud + CRM Apps at Salesforce, she plays an integral role in advising two Chief Technology Officers on holistic risk management strategies that align with the evolving demands of cutting-edge technologies. Throughout her career, Maggie has been at the forefront of innovation, leading the development of AI-specific security programs, advancing cloud security initiatives at Aetna, and forging impactful public-private partnerships in healthcare. Her leadership and strategic vision have consistently driven transformative security solutions that strengthen organizational resilience.

Rob Davidson brings many years of experience to his role as Chief Information Security Officer at Pacific Blue Cross and Pacific Blue Cross Solutions. His career started with Dell Canada and has progressed though several senior strategic and leadership positions at industry-defining organizations such as Microsoft and Hootsuite. Prior to his recent return to Vancouver, Rob worked through an extended tenure at Microsoft, from the original basics of networking through the launch of the Global Azure Cloud services.

Rob holds an Executive MBA and maintains his original CISSP certification. He enjoys the opportunity to share with and learn from others who are like-minded in his passion for the Security of People, Information, and Technology.

In addition to his core work, you will also find him engaged in Board of Directors (and Board advisory) positions, volunteer opportunities, and working to mentor and assist the next generation of security professionals.

William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company include coordinating business continuity program activities and leading the company through emerging privacy legislation management.

In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University. William completed his Bachelor of Science in Computer Science from the U.S. Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that, he also served as the regional CISO for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

William served in the U.S. Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

A proven senior security leader that drives business-centric innovation through strategy, empowering independence, and inspiring the next generation of enterprise growth from small to large enterprise. Experienced security strategist from Cloud to Enterprise Architecture, change/transitional management, application security, product development, vulnerability assessment, security operations, security engineering, process improvement, and enterprise transformation. A visionary who serves as a catalyst for sustainable change by empowering organizations and people in achieving breakthrough results as they travel to secure digital transformations. A leader that nurtures and empowers teams through communication in fostering cross-functional collaboration and achieving the organization’s goals. A driver of continuous improvement who eliminates single points of failure, transforming complex obstacles into tangible solutions.

Cynthia Damian is the Chief Information Security Officer at Valon Technologies, an up and coming fintech company innovating the financial and homeowner industry through technology. Cynthia has over 20 years of experience in cybersecurity and risk management holding security leadership and practitioner roles across small to large scale, global organizations including top Fortune companies. She is a mission-driven, people-centric security leader focused on making an impact through building, maturing and innovating cybersecurity and risk organizations with a track record of effectively managing risk and driving high-value outcomes for the business – protecting companies, employees and customers.

Cynthia has worked across diverse industries including companies such as Twitter/X, Salesforce, T-Mobile, and Starbucks. She also serves as a Board member, advisor, and mentor for various professional organizations in the security and tech community and is passionate about enabling diversity, equity and inclusion in the field one step at a time.

Becky Fricker is the Director of Information Security at DAT Freight & Analytics, where she plays a pivotal role in protecting the company’s digital infrastructure. She oversees Security Operations and Product Security, including areas such as Endpoint Protection and Response, Continuous Threat Exposure Management, Incident Response, and Network Security. Becky holds a Certified Information Systems Security Professional (CISSP) certification, a globally recognized credential that demonstrates her ability to design, implement, and manage a robust cybersecurity program.

Her extensive background in cybersecurity began with 13 years of service in the NJ Air National Guard, where she held critical roles such as Installation Spectrum Manager and Installation Security Systems Manager. After transitioning to the civilian sector, Becky continued to build her expertise as a Network Security Engineer at Cooper University Health Care. She later took on senior roles in the financial sector and at one of Southern California’s largest utility companies, focusing on information security within critical infrastructure.

Her academic credentials include an Associate of Science in Electronic Systems Technology, a Bachelor of Arts in Communication and Media Studies, and a Master of Science in Information Technology, specializing in Cybersecurity. Known for her adaptability, mentorship, and strong communication skills, Becky is an invaluable member of the DAT team, continuously driving improvements in the company’s information security programs.

Erika Voss offers two decades of extraordinary success in a series of high level roles at top tier companies that include Capital One,
Salesforce, Oracle Public Cloud, Microsoft Corporation and Amazon Web Services.

Erika’s invaluable expertise and broad business range have powered a history of developing successful process improvements that
drive productivity, reliability, and client satisfaction. Such traits have consistently enabled Erika to achieve an impressive command
of the skills needed to manage ongoing business planning processes while developing strategies to meet future challenges.

Upon being named as Vice President of Information Security for DAT Freight & Analytics, Erika will lead vision, strategy, and
execution for all facets of security for this Fortune 500 Supply Chain Logistics corporation, while defining and revising policies,
procedures, and best practices for security, including application security, access control, authentication, third party risk management,
and intrusion detection. Dr.. Voss has dedicated herself and her vision as a leader who engages in projects with an “All-In” attitude.

With a forte for successfully building strong teams and holding a key role leading all facets of finance and strategy, Dr. Voss has
successfully positioned companies, as a leading expert in its field with respect foundational security basics, fraud, identity, and cloud
security practices contributing to the following successes:

● Effectively manages a team of product and application security engineers, architects, and DevSecOps personnel, continually
identifying opportunities to reinforce the company’s security posture.
● Engages directly with customers, providing information and guidance on the company’s security posture.
● Served as the CISO of the company’s cybersecurity program in line with all industry standards and regulatory requirements,
including SOC2, PCI, SOX, and other industry regulations.

Combining her proven business instinct with an unprecedented disciplinary work ethic, Erika has continuously exceeded expectations
in high stake environments throughout her career positioning herself as a key member of each company and a driving force for growth.
Erika holds a Ph.D. in Cybersecurity from Northcentral University, as well as a Master of Science Degree in Security Administration
and a Bachelor of Science Degree in Computer Operations Technology from Southwestern College.

Mike Sheward is Head of Security at Xeal, an EV Charging hardware startup. Mike has around 18 years experience building security programs. Originally from the UK where he worked mostly in penetration testing and digital forensics, Mike moved to the US in 2011, where he has been focused on running security teams for SaaS companies ever since. Mike has written a mixture of fiction and non-fiction books, including the InfoSec Diaries series, which features stories based on real life digital forensics cases, pen tests and security incidents, as well as the non-fiction titles, "Security Operations in Practice" and "Hands-on Incident Response and Digital Forensics".

Dr. Peter Holowka is passionate about digital transformation and technology leadership, particularly in education. His doctoral research was in cloud computing adoption and organizational leadership. His professional work and academic research centre on the digital transformation journey, particularly the journey from legacy systems towards the cloud. He has received multiple awards for leadership and academic excellence. He was recognized as Member of the Year by the CIO Association of Canada, and currently serves as the Past President of the Vancouver Chapter. Beginning his career as a network and web design specialist, Dr. Holowka also advises a number of businesses, educational institutions, and not-for-profit organizations.

An Information Security leader with experience establishing resilient security strategies and procedures enhancing the corporate security posture, through evaluation of risk, promoting security awareness and privacy training, management of incident response, managing relationships with customers and business partners, and ensuring continued compliance through internal, customer and certification security audits.

A proven leader, skilled in managing network and application operations, knowledgeable in many collaboration and web environments and successfully managed services and large scale projects. Experienced in several security frameworks, including ISO 27001, PCI DSS, HITRUST, NIST 800-53, HIPAA, GDPR and SOC.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Maggie Amato is a dynamic cybersecurity leader with deep expertise in cloud security, AI security, and risk management across technology, healthcare, and federal sectors. As the Business Information Security Officer (BISO) for AI Cloud + CRM Apps at Salesforce, she plays an integral role in advising two Chief Technology Officers on holistic risk management strategies that align with the evolving demands of cutting-edge technologies. Throughout her career, Maggie has been at the forefront of innovation, leading the development of AI-specific security programs, advancing cloud security initiatives at Aetna, and forging impactful public-private partnerships in healthcare. Her leadership and strategic vision have consistently driven transformative security solutions that strengthen organizational resilience.

Gowri is a mission-driven, people-centric senior cybersecurity leader with 15 years of experience in Threat Intelligence, Security Operations, Risk Management, and Compliance. As a former FBI agent, Gowri proudly served her country and has also worked in Corporate Security. She holds a Master's Degree in Information Science from the University at Buffalo. Currently, Gowri serves as a Business Information Security Officer (BISO) at Salesforce, advising the President of the Customer Success Group on information security matters. In this role, she represents the Chief Trust Officer when partnering with executive leadership to promote cybersecurity across the Enterprise units.

Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Supportand. Currently, Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data. In addition to this, he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

Eric is the Director of Strategy & Operations for Salesforce's AI Cloud, where he works on the company’s Trust commitments and leads strategic cross-functional initiatives. He is privileged to work with an exceptional team dedicated to delivering the most trusted AI CRM software on the market.

Before joining Salesforce, Eric built and led teams in the payments and Fintech industries, focusing on product innovation, business operations, and program management. His career includes roles at Visa, Citi Ventures, PayPal, Gap, and more.

A Silicon Valley native, Eric has lived and worked across Europe, earning his MBA from the Grenoble Graduate School of Business in France. He now resides in Silicon Valley with his family.

Susan Young is part of Marsh’s North American Cyber Practice based in the Seattle office. She specializes cyber risk, media liability, and technology errors and omissions. Susan is also responsible for the growth strategy of the US & Canada Cyber Practice. Susan acts as a holistic cyber/E&O risk advisor for her clients – advising on cyber risk exposures through broad, strategic thinking about her clients’ operations and operating environment. She helps clients understand and quantify risks, conducts coverage analysis, and negotiates with insurance carriers on terms and conditions.

Susan has a broad view of the coverage available in today’s cyber marketplace and helps influence the creation of innovative solutions. Susan’s goal is to ensure that her clients’ existing and emerging cyber and E&O risk priorities are effectively identified and addressed. In her role as US & Canada Cyber Strategy & Growth Leader, Susan develops and executes on strategies to help clients and prospective clients understand, quantify, and effectively manage their cyber risks.

Ian Riley is a seasoned cybersecurity professional with over a decade of experience in the IT world, including more than six years specifically focused on cyber security. His career highlights include roles as a Senior Security Operations Analyst at Blumira and Cloud Ops at Amazon Web Services (AWS). Ian's expertise lies in security incident response and system hardening, approaching cybersecurity from a defensive standpoint. With a strong background in both cloud operations and security analysis, Ian brings a wealth of knowledge and practical experience to the field of information security.

Bryan Turriff is a seasoned technology and marketing professional with over 25 years of experience in data, security, and AI. He is currently the Founding Director of Product Marketing and Growth at Observo.ai, where he focuses on expanding the company's reach and impact in security and AI-driven data pipelines. His career spans product and marketing leadership roles at notable companies like Cribl, IBM, and Pinecone, where he has contributed to shaping solutions that address complex data challenges. Previously, he also served as Senior Director of Product Marketing at EDB, where he helped drive the adoption of Postgres solutions. He was also Director of Product Marketing at Cribl where he helped define the broader market for telemetry data pipelines for security teams.

As Field CTO at Varonis, Brian supports a wide range of security and technology initiatives by helping Varonis’ customers and partner get the most out of the company’s products. In his 20-year technical career, Brian served as a developer, tech architect, engineer and product manager for companies in financial services, legal, and cybersecurity. Brian joined Varonis in 2010 in technical marketing, led education and development, and now serves as the company’s Field CTO. He holds a CISSP certification and frequently speaks on topics related to security and technology. He has been quoted in news sources ranging from The Financial Times to Dark Reading and has made multiple appearances on CNBC. Brian holds a Bachelor’s Degree from The New School in New York City and graduated from The Lakeside School in Seattle, Washington.

Frank Simorjay (CISSP, ISSA Distinguished Fellow) is a cloud security and compliance subject matter expert. Frank works for Microsoft Azure global ecosystem organization as the Lead PM of the Azure automation Blueprint program, that includes the PCI automation blueprint. Frank has written an extensive library of papers, and blogs (http://cloudntech.blogspot.com/)

Vice Admiral (Ret.) Mike LeFever, USN, currently serves as Chief Executive Officer for Concentric. Concentric is a risk management consultancy that specializes in delivering strategic security and intelligence services. In
addition, he is a member of the network of national security experts for “The Cipher Brief,” a digital based conversation platform to connect the private sector with leading security experts.

Previously, Mike was the Chief Operating Officer for IOMAXIS, a US technology company specializing in cyber, communications, and computing solutions, and services. He also worked as a senior advisor, mentor, and
speaker at the McChrystal Group, a leadership and management firm, engaging with senior executives across multinational companies on leadership, strategy, and change management.

Reflecting his deep experience with and commitment to developing high performance leaders and teams, Mike also served as a Performance Ambassador and Speaker for Liminal Collective and Arena Labs and as a
senior advisor and mentor for leaders in private industry; the USG’s National Defense University senior level national strategy, leadership, and warfighting courses; and USG Joint Forces. He is also a member of the
board of advisors at the National Security Institute at George Mason University, Antonin Scalia Law School and a participant on the Atlantic Council Counterterrorism Study Group.

Mike retired from the United States Navy after over 38 years of service, finishing his military career as the Director of Strategic Operational Planning at the National Counterterrorism Center, within the Office of the
Director of National Intelligence. He also served as both the Commander of the Office of Defense Representative in Pakistan and the Commander of the Joint Task Force in Pakistan, leading all US Armed Forces in Pakistan between 2008-2011.

Throughout his career, Mike served in Navy and Joint leadership and command positions at every level. He led disaster relief and humanitarian efforts, the full spectrum of warfare operations, and counterterrorism and
counterinsurgency operations. Renowned for his effectiveness in navigating cross-cultural, complex, and international environments and building high performance teams, his leadership was directly responsible for
numerous significant achievements that protected and enhanced the national security of the United States. The hallmark of LeFever’s leadership was his commitment to build and promote lasting partnerships between
the US and its key allies and coalition partners.

Craig Spiezle is the Founder and President of AgeLight Advisory & Research Group, a professional services firm focused on online and digital services. Craig is a recognized authority on trust and the convergence of privacy and security promoting ethical privacy practices, end-to-end security and the importance on moving from a compliance mindset to stewardship. Craig is the Charmain emeritus of the Online Trust Alliance, an initiative of the Internet Society. He frequently briefs international policy makers driving awareness of best practices by both the public and private sectors and importance of internet governance. Craig has championed security best practices to help protect consumers while promoting innovation and the role of meaningful self-regulation. Prior to OTA, Craig spent over a decade at Microsoft focused on security and privacy enhancing technologies and standards. Craig chairs the Online Trust & Integrity Council and is on the board of the Identity Theft Council, editorial board of SC Magazine and a member of InfraGard, the IAPP and the APWG.

Marc Menninger is a seasoned corporate information security and risk management
professional with more than twenty years of experience. He has held the Certified
Information Security Systems Professional (CISSP) certification since 2000 and the Certified
in Risk and Information System Controls (CRISC) certification since 2016.
Marc’s career started with his service as a Computer and Communications Officer in the
U.S. Air Force from 1992 to 1997. During his tenure, he led a team of 19 UNIX
administrators, managing mobile Top Secret fiber optic networks. He was stationed at
Langley Air Force Base in Virginia and Barksdale Air Force Base in Shreveport, LA, and served
a short tour in the Persian Gulf during Operation Desert Shield.

Transitioning to civilian roles, Marc has navigated through several technical and leadership
positions, building his expertise across the United States—from Dallas to San Francisco and,
ultimately, Seattle. His roles have included Vice President of Corporate Information Security
at Washington Mutual Bank, Security Manager at PEMCO Corporation, Senior Security
Manager at Lighthouse eDiscovery, and Director of Cybersecurity at A Place for Mom.
Presently, he serves as the Information Security Officer at AstrumU.

Marc's specialty areas encompass Enterprise Risk Assessment, Information Security
Program Management, Governance, Risk and Compliance, and more. He lives near Seattle,
WA, with his family.

Scott Benson is the Director of Cybersecurity and Infrastructure at Mud Bay, with over 25 years of experience in the field. He holds certifications such as CISSP, CEH, and PCIP. Scott leads a team responsible for cybersecurity, infrastructure, and help desk services, ensuring successful business outcomes and compliance with industry standards. He has a strong background in risk management, cloud security, and cybersecurity strategies.

Matt Hoffmann is a technology executive with 20+ years in the industry working across development, privacy. security, IT, infrastructure and devops. Throughout his career he has primarily worked with private-equity backed SaaS companies and has been the point person on multiple mergers and acquisitions on both the buy and sell side. In his current role as CIO of KORE Software, he manages engineering, devops, IT and security for a market leading product suite that serves professional sports and entertainment organizations. Working with some of the largest sports and entertainment teams and venues in the world has given him the opportunity to be hands-on with real-world data privacy challenges, large scale infrastructure projects and high-consequence security deployments.

Kathryn Patterson supports the Global Cybersecurity & Fraud Management organization at TIAA. In prior roles, she managed 3rd Pty Assessment, Regulatory Exam Mgmt and Audit support, and RCSA. Her career spans three industries: healthcare, telecommunications, and financial services, with additional background in program management, business resiliency and internal investigations. She prioritizes collaboration with business partners on best practices, communications, training, and development. Kathryn holds a BA in Organizational Leadership from the University of Oklahoma with a concentration in Criminal Investigations and Intelligence Analysis.

For more than 20 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber-attacks in an increasingly complex world. As Check Point’s chief evangelist, he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development, and senior management for Dome 9, Blue Coat Systems, Neustar, and Altor Networks. As CEO of MetaInfo, he led its acquisition by Neustar. Grant is the host of the CISO Secrets podcast (cp.buzzsprout.com) and the Talking Cloud Podcast (www.talkingcloudpodcast.com) on Cloud security.

Wade Ellery, Field Chief Technology Officer and Senior Technical Evangelist with Radiant Logic. Wade has extensive experience in enterprise IT direct and channel software, and services, sales and management. He has in-depth knowledge and experience in enterprise IAM, IGA, PAM, ZTA, risk and compliance and IT security challenges. Wade has consulted on some of the largest identity management solutions deployed across Federal and Commercial clients.

Owen Pickford is a Senior Solutions Engineer at Snyk based in Seattle. Owen has 15 years of experience helping enterprise customers identify and implement software solutions that help them solve their most complex challenges.

Kevin has more than 25 years of experience in threat intelligence and information security. He was the VP of cybersecurity operations and governance at IOActive.com, a retired NSA intelligence officer, the former director of Windows security architecture at Microsoft, and shipped Windows 10 (not by myself). He holds the CISM, CISSP, CGEIT security certifications.

Cynthia Damian is the Chief Information Security Officer at Valon Technologies, an up and coming fintech company innovating the financial and homeowner industry through technology. Cynthia has over 20 years of experience in cybersecurity and risk management holding security leadership and practitioner roles across small to large scale, global organizations including top Fortune companies. She is a mission-driven, people-centric security leader focused on making an impact through building, maturing and innovating cybersecurity and risk organizations with a track record of effectively managing risk and driving high-value outcomes for the business – protecting companies, employees and customers.

Cynthia has worked across diverse industries including companies such as Twitter/X, Salesforce, T-Mobile, and Starbucks. She also serves as a Board member, advisor, and mentor for various professional organizations in the security and tech community and is passionate about enabling diversity, equity and inclusion in the field one step at a time.

Jaki Ferenz is a client risk advisor in the risk and insurance industry with over two decades of experience. She helps clients navigate operational and organizational risks to empower strategic business initiatives. Jaki has extensive experience and knowledge regarding privacy and security (cyber), errors & omissions, directors & officers, property & casualty, and workers' compensation risks, as well as insurance coverage needs. She ensures that her clients are well-prepared to navigate the ever-evolving landscape of cyber threats and protect their valuable assets.

Jane E. Petoskey is an associate at the firm's Seattle office. She is a member of the Technology Transactions practice group, and primarily services clients under the Data Protection, Privacy, and Security focus area. Jane is also a Certified Information Privacy Professional in the United States (CIPP/US) and Certified Information Privacy Manager (CIPM), and is a Fellow of Information Privacy (FIP).

Prior to joining the firm, Jane served as a technology transactions and data privacy associate attorney at the Seattle office of an AmLaw 100 firm. Through this role, Jane regularly advised clients of all sizes and industries through privacy and data security matters, including counseling on compliance with domestic and international privacy and data security laws and regulations, including the CCPA, COPPA, GLBA, HIPAA and HITECH, and GDPR.

Jennifer Womack has worked for Puget Sound Energy since 2008. She has held various roles within Infrastructure Security, Compliance and Security & Risk. She currently is the Manager of Cyber Security Operations.

Zabrina McIntyre is a Director with KPMG focusing on large scale cybersecurity transformations for clients with a focus on compliance. She holds the CISSP and PMP certifications and is working on her PCI QSA. She is a dedicated supporter of Women in Cybersecurity (WiCyS) and is currently on the leadership board for the Business Information Security Officer (BISO) Affiliate.

Hong-Lok Li is the Chief Technology Officer at the Alma Mater Society of UBC Vancouver (representing 60,000+ UBC students). He has a strong technical background and 20+ years of experience in large organizations in a multi-platform, integrated computing environment. Hong is a Chartered Engineer (CEng) who earned his Master of Science (MSc.) in AI and Networking at the University of Essex in the United Kingdom. He is also a BCS (British Computer Society) assessor for the Chartered Engineer (CEng) Assessment. Hong believes in fostering a culture of innovation and collaboration and is always passionate about deploying technology to ensure resource optimization and operational excellence.

Andrew Johnson is a Solutions Architect based in Olympia, WA. Andrew serves as the Principal Architect overseeing the state’s adoption of zero trust, Secure Access Service Edge, SD-WAN, and Secure Service Edge. Andrew is responsible to interconnect state government with cloud-based resources and external business partners. Andrew spearheads the state's adoption of new technologies enabling state government to leverage cutting-edge technology in serving the residents of Washington State. Additionally, Andrew modernized the state's DNS system, transitioning it to a hybrid DNS solution that handles both on-premise and cloud-based queries. Andrew is a retired Army Signal Warrant Officer.

Patrick Massey serves as the Regional Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Region 10 office in Seattle. CISA is committed to improving the security and resiliency of our nation’s infrastructure through collaboration with critical infrastructure owner/operators, governments, industry, and other stakeholders.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.