SecureWorld St. Louis 2017

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

As an experienced information security strategist and collaborative executive leader, Gene Kingsley builds and leads scalable, highly effective cybersecurity programs that enable organizations to protect their intellectual property and maintain critical operations while maximizing profitability. Gene is passionate about designing secure, compliant infrastructures that proactively mitigate potential risk, preparing organizations across diverse industries for incident response, disaster recovery, and sustained business continuity.

Gene’s robust industry experience gives him a comprehensive view of the broader security landscape, informing his innovative and collaborative approach. He began his career in IT help desk and operations roles and continuously progressed into information security leadership positions across the higher education, healthcare, and financial services industries.

One of Gene’s greatest accomplishments was developing and launching a security-as-a-service program for the University of Massachusetts in 2015, known as the Massachusetts Advanced Secure Technologies (MAST) program. He was recognized by the governor of Massachusetts in 2017 for this effort. To this day, MAST provides crucial security support to 501(c)3 nonprofits and institutions of higher education as well as local municipalities and government organizations at the request of the Massachusetts governor.

During his tenure with Reliant Medical Group, Gene managed the cybersecurity and data protection practice across 23 urgent care clinics and hospital facilities, ensuring the uninterrupted functionality of the critical operational infrastructure and healthcare platforms required for ongoing patient care. In this role, Gene managed the oversight and mitigation of potential HIPAA concerns and ensured continuous alignment with the requirements of a highly regulated environment.

In his most recent role with Farm Credit Financial Partners, Gene supported six separate farm credit associations and agricultural banks across the US. He designed and proposed a consolidated information security strategy that was accepted and even championed by the leaders of all six partners on the first draft, demonstrating his ability to navigate the competing priorities of multiple stakeholders while influencing the adoption of new processes that optimize the organizational security posture.

A common thread throughout each of Gene’s experiences has been his willingness to educate and drive awareness around information security and cloud computing practices. He has created and led tabletop incident response exercises, and since 2010 he has been an advisor, keynote speaker, panelist, and workshop facilitator for The Seguro Group. He develops and presents his own content and facilitates certificate-based workshops that are sought after by information security practitioners of all levels at Seguro’s SecureWorld and Secure Plus conferences.

Gene holds a Master of Science in Communications and Information Management from Bay Path University in Longmeadow, Massachusetts, and an MBA from the University of Massachusetts Isenberg School of Management in Amherst. He has two Global Information Assurance Certifications (GIAC)—Certified Information Security Professional and Certified Forensic Examiner—as well as an ITIL 4th Edition Foundation Certificate in IT Management. Gene is also certified in Risk and Information Systems Control (CRISC) and is a Certified Information Security Manager (CISM). He currently resides in the Springfield, Massachusetts area.

Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

Dave Hartley serves as a ‘Virtual CIO’ and ‘Virtual CISO’ helping clients with technology strategy and projects including strategic roadmap development, third party risk management including SOC reports, cyber risk assessments and cybersecurity programs, and digital transformation including cloud, mobile, etc. Dave joined UHY in 2015 following six years serving as the VP/Chief Information Officer for Arch Coal, the 2nd largest publicly traded coal company in the US, and 20 years of Big 4 consulting and auditing experience. Dave’s experience as a public-company CIO combined with a background as a CPA, CISA and auditor enables him to bring unique insights into today’s technology, cybersecurity and business challenges. He is a frequent speaker at technology and cybersecurity conferences and seminars.

JJustin is currently a leader in Information Security for IBM Cloud and Watson Platform. With a background in red teaming and blue teaming over the past ten years, multiple degrees in his field, and SIEM and hacking certifications, he has affected positive change in securing some of the largest environments and cloud deployments in the world today.

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

John DiMaria has 30 years of successful experience in Standards and Management System Development, including Information Systems, Business Continuity, and Quality. John was one of the innovators and co-founders of the CSA STAR program for cloud providers, a contributing author of the American Bar Association’s Cybersecurity Handbook, and a working group member and key contributor to the NIST Cybersecurity Framework. He currently manages all facets of the CSA STAR Program which includes security, privacy, continuous monitoring, and development of new solutions.

Gretel Egan is a senior security awareness training strategist for Proofpoint, a leading provider of cybersecurity services and solutions. She is a Certified Security Awareness Practitioner (CSAP) and has been working in technical, business, and consumer communications for more than 20 years. Gretel has extensive experience in researching and developing cybersecurity education content for Fortune 1000 companies and was named one of the "10 Security Bloggers to Follow" by IDG Enterprise.

Jeffrey Pricher has over 17 years of cybersecurity experience working in many different industries, and currently works for Check Point Software. He holds a master’s degree in Network Security, and serves part-time as a lead threat hunter for the Missouri Guard’s Computer Network Defense team, focused on providing security for the state’s critical infrastructure.

Timothy M. Grace, CIA, CISA, CISM, CRISC, Director of Technology Risk Advisory Services - As the Technology Risk Advisory Services leader for Mueller Prost. Tim brings more than 30 years of business experience delivering solutions that drive business innovation, optimization, and change within world class organizations. He is a leader in the fields of cybersecurity, information technology, internal audit, privacy, compliance, and risk management. Tim has brought best practices to global organizations and helped drive solutions that strengthen and enhance current technology practices. Through innovation and process improvement, Tim has been able to drive change to ensure organizations remain focused on key business issues. His deep information technology background and deep understanding of business processes allowed him to bring technology and business processes together.

Sean Henry has been in the cybersecurity industry since 2007 when he started his career in recruiting. Sean's career path includes being a key member of building out the east coast sales team at Rapid7. He was a Partner and helped launch CyberSN's go to market strategy around the Boston market. Sean has also had key stops at GuidePoint Security, Invincea and now currently is the Director of Sales @ Bugcrowd. Sean's background & experience is geared at getting start up's within the cybersecurity industry off get off the ground faster. Sean has previously presented at various ISSA, ISC2 and ISACA groups on various topics up and down the East Coast.

Michael Roling was the Chief Information Security Officer for the Office of Administration, Information Technology Services Division, for the State of Missouri since 2009. He led the Office of Cyber Security and was responsible for overseeing the information security posture for the State of Missouri.

Theresa Frommel is a network security analyst for the Office of Administration, Information Technology Services Division for the State of Missouri. She is responsible for incident response and coordinating end user awareness for the SOC within the Office of Cyber Security. She has a background in access controls, policy development and end user education. Her prior experience includes working as a security analyst with the Missouri Research and Education Network and information security officer with Missouri’s Office of State Courts Administrator. Theresa has been in the information security field since 2002.

Aaron Schubert joined the State of Missouri in 2003 after graduating college in 2001 with a degree in Networking Systems Technology. His roles as both a network and Unix/Linux administrator reinforced an interest in the Office of Cyber Security, which he joined in 2009. Aaron is now responsible for the deployment, integration and administration of the various technologies utilized in the Office of Cyber Security's daily operations.

Jeff Stapleton is a security professional with 30 years’ experience in the financial services industry, focusing on cryptography and key management. He has been an ASC X9 standards participant during his career, developing dozens of informational security standards. Jeff has published a three-book series called Security Without Obscurity, written dozens of articles, and spoken at numerous conferences. He has worked with most of the payment brands and several financial institutions. Jeff is currently a security architect and the cryptography domain lead at Wells Fargo.

Jon Stitzel is the Lead Analyst for Cybersecurity Risk Management at Ameren. He is responsible for driving cybersecurity and risk management strategy for business and industrial control system environments, in addition to leading IT and Cybersecurity controls compliance. Jon has over 30 years of experience in the IT industry, including more than 20 years in cybersecurity. He has served as a system administrator, manager, analyst, and consultant in many diverse industries during his cybersecurity career, including energy, manufacturing, financial services, telecommunications, and DOD.

John DiMaria has 30 years of successful experience in Standards and Management System Development, including Information Systems, Business Continuity, and Quality. John was one of the innovators and co-founders of the CSA STAR program for cloud providers, a contributing author of the American Bar Association’s Cybersecurity Handbook, and a working group member and key contributor to the NIST Cybersecurity Framework. He currently manages all facets of the CSA STAR Program which includes security, privacy, continuous monitoring, and development of new solutions.

Maurice Dawson is a faculty member in the School of Applied Technology to serve as Director of Illinois Institute of Technology's Center for Cyber Security and Forensics Education, which is accredited by the National Security Agency. Maurice has earned a Doctor of Computer Science from Colorado Technical University in 2009 and a Ph.D. in Cybersecurity from London Metropolitan University in 2017. Prior to joining Illinois Tech, Maurice served as an Assistant Professor at the University of Missouri - St. Louis. Dawson has received multiple Fulbright Scholar Specialist Grants to Russia and Saudi Arabia for cybersecurity and data analytics. Recognized by the DoDD 8140 as an IA System Architect and Engineer, Manager, and Cybersecurity Service Provider.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

As an experienced information security strategist and collaborative executive leader, Gene Kingsley builds and leads scalable, highly effective cybersecurity programs that enable organizations to protect their intellectual property and maintain critical operations while maximizing profitability. Gene is passionate about designing secure, compliant infrastructures that proactively mitigate potential risk, preparing organizations across diverse industries for incident response, disaster recovery, and sustained business continuity.

Gene’s robust industry experience gives him a comprehensive view of the broader security landscape, informing his innovative and collaborative approach. He began his career in IT help desk and operations roles and continuously progressed into information security leadership positions across the higher education, healthcare, and financial services industries.

One of Gene’s greatest accomplishments was developing and launching a security-as-a-service program for the University of Massachusetts in 2015, known as the Massachusetts Advanced Secure Technologies (MAST) program. He was recognized by the governor of Massachusetts in 2017 for this effort. To this day, MAST provides crucial security support to 501(c)3 nonprofits and institutions of higher education as well as local municipalities and government organizations at the request of the Massachusetts governor.

During his tenure with Reliant Medical Group, Gene managed the cybersecurity and data protection practice across 23 urgent care clinics and hospital facilities, ensuring the uninterrupted functionality of the critical operational infrastructure and healthcare platforms required for ongoing patient care. In this role, Gene managed the oversight and mitigation of potential HIPAA concerns and ensured continuous alignment with the requirements of a highly regulated environment.

In his most recent role with Farm Credit Financial Partners, Gene supported six separate farm credit associations and agricultural banks across the US. He designed and proposed a consolidated information security strategy that was accepted and even championed by the leaders of all six partners on the first draft, demonstrating his ability to navigate the competing priorities of multiple stakeholders while influencing the adoption of new processes that optimize the organizational security posture.

A common thread throughout each of Gene’s experiences has been his willingness to educate and drive awareness around information security and cloud computing practices. He has created and led tabletop incident response exercises, and since 2010 he has been an advisor, keynote speaker, panelist, and workshop facilitator for The Seguro Group. He develops and presents his own content and facilitates certificate-based workshops that are sought after by information security practitioners of all levels at Seguro’s SecureWorld and Secure Plus conferences.

Gene holds a Master of Science in Communications and Information Management from Bay Path University in Longmeadow, Massachusetts, and an MBA from the University of Massachusetts Isenberg School of Management in Amherst. He has two Global Information Assurance Certifications (GIAC)—Certified Information Security Professional and Certified Forensic Examiner—as well as an ITIL 4th Edition Foundation Certificate in IT Management. Gene is also certified in Risk and Information Systems Control (CRISC) and is a Certified Information Security Manager (CISM). He currently resides in the Springfield, Massachusetts area.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

As an experienced information security strategist and collaborative executive leader, Gene Kingsley builds and leads scalable, highly effective cybersecurity programs that enable organizations to protect their intellectual property and maintain critical operations while maximizing profitability. Gene is passionate about designing secure, compliant infrastructures that proactively mitigate potential risk, preparing organizations across diverse industries for incident response, disaster recovery, and sustained business continuity.

Gene’s robust industry experience gives him a comprehensive view of the broader security landscape, informing his innovative and collaborative approach. He began his career in IT help desk and operations roles and continuously progressed into information security leadership positions across the higher education, healthcare, and financial services industries.

One of Gene’s greatest accomplishments was developing and launching a security-as-a-service program for the University of Massachusetts in 2015, known as the Massachusetts Advanced Secure Technologies (MAST) program. He was recognized by the governor of Massachusetts in 2017 for this effort. To this day, MAST provides crucial security support to 501(c)3 nonprofits and institutions of higher education as well as local municipalities and government organizations at the request of the Massachusetts governor.

During his tenure with Reliant Medical Group, Gene managed the cybersecurity and data protection practice across 23 urgent care clinics and hospital facilities, ensuring the uninterrupted functionality of the critical operational infrastructure and healthcare platforms required for ongoing patient care. In this role, Gene managed the oversight and mitigation of potential HIPAA concerns and ensured continuous alignment with the requirements of a highly regulated environment.

In his most recent role with Farm Credit Financial Partners, Gene supported six separate farm credit associations and agricultural banks across the US. He designed and proposed a consolidated information security strategy that was accepted and even championed by the leaders of all six partners on the first draft, demonstrating his ability to navigate the competing priorities of multiple stakeholders while influencing the adoption of new processes that optimize the organizational security posture.

A common thread throughout each of Gene’s experiences has been his willingness to educate and drive awareness around information security and cloud computing practices. He has created and led tabletop incident response exercises, and since 2010 he has been an advisor, keynote speaker, panelist, and workshop facilitator for The Seguro Group. He develops and presents his own content and facilitates certificate-based workshops that are sought after by information security practitioners of all levels at Seguro’s SecureWorld and Secure Plus conferences.

Gene holds a Master of Science in Communications and Information Management from Bay Path University in Longmeadow, Massachusetts, and an MBA from the University of Massachusetts Isenberg School of Management in Amherst. He has two Global Information Assurance Certifications (GIAC)—Certified Information Security Professional and Certified Forensic Examiner—as well as an ITIL 4th Edition Foundation Certificate in IT Management. Gene is also certified in Risk and Information Systems Control (CRISC) and is a Certified Information Security Manager (CISM). He currently resides in the Springfield, Massachusetts area.

James Norberg was formerly the Information Risk Management Director at Express Scripts and has been in the Technology field since 2002. His areas of responsibility include the Security Operations Center, Incident Response, eDiscovery, and Cyber Threat Intel & Hunting. He earned his undergrad from Drury University and MBA from Texas A&M. Currently James and his family reside in the St. Louis area.

Kevin Hardcastle, Chief Information Security Officer (CISO) for Washington University in St. Louis, is a member of the CIO Leadership team and serves a key role in University leadership, working closely with senior administration, academic leaders and the campus community. The CISO is responsible for the development and delivery of a holistic information security strategy to optimize the security posture through collaboration with campus-wide resources, facilitate information security governance, advise senior leadership on security direction and direct program functions of risk and incident management, compliance, information security operations, and information security policy development and education.

Ernest Wong is a Research Scientist at the Army Cyber Institute and a United States Military Academy Assistant Professor of Systems Engineering.

As a member of the firm’s International practice group and a Certified Information Privacy Professional/Europe (CIPP/E), Scott helps clients navigate overseas data protection waters in the wake of the Schrems decision, the advent of the EU General Data Protection Regulation (GDPR), and the ongoing Privacy Shield negotiations. Scott assists clients in developing, implementing, assessing and auditing trade, data privacy, and FCPA compliance programs.

Founder and Principal Security Consultant of Night Lion Security, Vinny Troia brings 20+ years of IT security and development experience. He is also a featured speaker on ABC, CNBC, and Fox News.

"One afternoon, I drafted an email to the CEO and CISO of a major airline company. The title read – URGENT – Data breach in your network. During our phone conversation later that evening, I proceeded to tell the security admin that I received word from a dark web contact that sensitive data from their network was about to go on sale later that week. Working in tandem with my dark web contacts and the company’s security team, we were able to identify the hacker’s position within their network, turned off their access, and closed the vulnerabilities that allowed them to gain access. This is the kind of thing I do day in and day out, and I love my job." - Vinny Troia

Senior cybersecurity professional with years of experience (Engineer/Architect, Senior Manager, Director, and CISO roles) architecting and managing large scale IT Security, Network Infrastructure, and Development projects. Heavy experience collaborating with diverse cross-functional groups of people, both domestic and international. Recognized for building products, platforms, and IT teams from the ground up along with developing and implementing IT and OT (cyber) security standards, processes, and initiatives with high dollar impact, reduced costs, lower risk, increased revenue, and high customer satisfaction.

As the co-founder and CEO of EventTracker, Ananth was one of the architects of the EventTracker SIEM solution. With an extensive background in product development and operations for telecom network management, he has consulted for many companies on their compliance strategy, audit policy and automated reporting processes.

Matt Loeb, CGEIT, FASAE, CAE, is chief executive officer of ISACA. Prior to joining ISACA, he completed a 20-year career as staff executive for the Institute of Electrical and Electronics Engineers (IEEE) and as the executive director of the IEEE Foundation. His experience includes enterprise strategy, corporate development, global business operations, governance, publishing, sales, marketing, product development and acquisitions functions in a variety of for-profit and nonprofit organizations. He is a member of CESSE and NACD, and a senior member of IEEE. Additionally, he is an ASAE Fellow and serves on ASAE’s board of directors.

Bill Sawyer is a Manager in PwC's Advisory Services. As a member of PwC’s Security Architecture Center of Excellence, he is responsible for developing and delivering PwC’s Security Architecture security offerings. Across his 17 year career, Bill’s experience in both consulting and industry includes application security, security architecture and assessments, identity and access management, IT operations, platform and network engineering and architecture, mergers and acquisitions, email and directory services consolidations, and data center consolidations. Prior to joining PwC, Bill led the Identity and Access Management service line for a Microsoft-centric consulting firm.

Austin is currently the Information Security Manager for Ascension Health’s system office and five other service locations. He has worked over 30 years in IT, with over 20 years in non-profit educational and healthcare organizations.

Christine has over 10 years of public accounting and consulting experience analyzing financial information and internal controls for companies. She manages SOC engagements for companies across a variety of industries. Her knowledge spans industries and includes working with companies directly as well as with third party service providers.