Board of Directors

Marene Allison

Special Advisor

Recently retired, Ms. Allison's responsibilities in her role as Vice President & Chief Information Security Officer were to protect Johnson & Johnson information technology systems and business data worldwide. This included ensuring that the company’s information security posture supports business growth objectives, protects public trust in the Johnson & Johnson brand, and meets legal/regulatory requirements. Marene was a member of the company’s Compliance committee and presents to the Johnson & Johnson Board of Directors on cybersecurity risk. With more than 260 companies in 60 countries worldwide, Johnson & Johnson is a global leader in consumer health, pharmaceutical products, and medical devices.

Prior to joining Johnson & Johnson, Marene was Chief Security Officer and Vice President for Medco, the largest pharmacy benefit manager in the United States. Marene was responsible for all aspects of the company's security, regulatory compliance including physical and logical security, and executive protection as well as HIPAA, Payment Card Industry, Medicare, prescription fraud, and IT controls.

Prior to that, Marene was with Avaya as head of Global Security where she worked on securing the World Cup network in Korea and Japan in 2002. Before joining Avaya, she was Vice President of Loss Prevention and Safety for the Great Atlantic and Pacific Tea Company. Before joining the corporate world, she served as a Special Agent in the FBI working on undercover drug operations in Newark, NJ, and also working on terrorist bombings in San Diego, CA. She developed and participated in the nuclear terrorism exercise, Compass Rose ’88, the largest mock terrorism incident exercise by the federal government.

Marene has a Bachelor of Science degree from The United States Military Academy at West Point, in the first class to include women. She has served in the US Army in the Military Police at Ft Hood, TX, Ft Chaffee, AR and Ft McClellan, AL. She has served on the Defense Advisory Committee on Women in the Services appointed by the Secretary of Defense and the Overseas Security Advisory Committee appointed by the Secretary of State. Marene is a founding member of West Point Women and currently serves on their Board of Directors. She is also on the Board of Directors for H-ISAC (Health Information Sharing and Analysis Center) and ASIS International. Marene is married, has a son, a wonderful daughter-in-law and grandson, and lives in Bucks County, Pennsylvania.

Ben Aung

Executive Vice President, Chief Risk Officer, & Global Chief Information Security Officer, Sage Group

Ben joined Sage Group as Global CISO in 2018 after 16 years in the British Government. Sage is the UK’s largest technology company and the world's leading provider of integrated accounting, payroll, and payments systems to entrepreneurs and small and medium businesses. At Sage, Ben is responsible for protecting the global technology estate, products, and cloud services for 3 million customers in 23 countries.

In 2018, Ben left the UK Government as Deputy Government Chief Security Officer, based in the Cabinet Office. Ben was responsible for all aspects of protective security policy and coordination across 48 government departments and over 400,000 civil servants. Ben’s remit included cyber and information security, personnel security, counterterrorism, counterespionage, and investigation of serious incidents and breaches, including contravention of the Official Secrets Act. While in government Ben led transformative security reforms to redesign organizational structures, unlock government access to commodity technology and public cloud and modernize decades old security policies and practices.

Mario Balakgie

Global Business Chief Information Security Officer, World Wide Technology, Inc.

Mario joined World Wide Technology in 2013 after 28 years of professional experience in security in both the government and private sectors. During his tenure with the government Mario served as the Chief Information Security Officer for the Defense Intelligence Agency where he was responsible for information technology, data integrity and security, and global network communications. In this executive role Mario was instrumental in the establishment of key global information security capabilities for the Intelligence Community involving mitigation of advanced threats and implementation of security readiness and monitoring practices. He has served on special assignments to include the largest ever technology exploitation and forensic mission searching for evidence of weapons of mass destruction. Mario’s information security expertise has been called upon for Congressional testimony that ultimately established today’s federal standards for cyber protection.

As the CISO, Mario delivers consulting services to clients by working with executives and addressing the demands of security on a global and enterprise scale. He leads a team of professionals with expertise to assist clients in defining comprehensive security and privacy programs mapped to business imperatives. This includes advanced technology solutions to support a range of clients and working with them to meet organizational requirements for establishing, implementing, monitoring, and maintaining a highly capable security program.

Mario has received special recognition to include Executive Performance of the Year, Civilian Accommodation Award(s), Distinguished Performance, and Special Achievement from the Director of FBI and Director of National Intelligence Community. He holds a B.S. in Computer Science/Information Systems and is a Certified Information Security Manager (CISM).

Martin Bally

Vice President & Chief Information Security Officer, Campbell Soup Company

Martin Bally is the Vice President and Chief Information Security Officer of Campbells and has over 23 years of experience in cybersecurity. Martin has global experience in Information, Cyber, Manufacturing, Digital, and Product Development Security.

Martin has held the Global CISO position at Stellantis, formally FCA, American Axle & Manufacturing, Diebold, and TRW Automotive. Martin is a trusted advisor to the Board of Directors and Executive Leadership. He has prior experience in manufacturing, legal, and fintech industries. He has also managed a P&L of 20+ million for security services. In 2020, Martin was recognized as a top 100 CISO by Cyber Defense Magazine.

Martin was on the Board of Directors for the Automotive Information Sharing and Analysis Center (Auto ISAC) and currently sits on the Cloud Security Alliance - Detroit Chapter. He also sits on the Customer Advisory Board for Proofpoint, a U.S.-based enterprise security company. Martin holds a Master of Science in Information Assurance from Norwich University. He also holds the Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), Certified Information Security Manager (CISM), the Certified in Risk and Security Controls (CRISC) security certifications, and the DDN Masterclass Boardroom Certified Qualified Technology Expert QTE.

Scott Benson

Chief Information Security Officer and General Partner, Edward Jones Investments

Scott Benson is the Chief Information Security Officer for Edward Jones. Scott has spent over 20 years in the Information Security field in various lines of defense. Previously a CISO for a large financial institution headquartered in Chicago, Scott has an extensive background with Information Security frameworks, cyber defense, intrusion detection and incident response. Scott also worked extensively with various banking regulatory agencies throughout his career. Scott is a Certified Information Systems Security Professional (CISSP) and a member of the International Information System Security Certification Consortium (ISC)2.

Michael Blache

Chief Information Security Officer, TaxSlayer

Michael Blache is the Chief Information Security Officer of TaxSlayer, a software development company specializing in tax preparation software for professional and individual tax preparers. Promoted to this role in 2015, Michael has been instrumental in organizing and structuring the organization’s first dedicated Information Security Department operating separately from the IT Department. Michael is responsible for the vision and mission of TaxSlayer’s Information Security team in regards to security operations, regulatory compliance, disaster recovery, and business continuity.

In 2004, Michael first joined the TaxSlayer team as an IT Manager. In his first six months on the job, he was promoted to the position of Director of Information Technology. During his 11 years as IT Director, he drove the transformation of the organization’s information technology infrastructure during a time of expansive growth. Michael was responsible for standing up TaxSlayer’s first network operations center allowing round the clock monitoring of critical systems. He was selected by TaxSlayer’s executives to receive the organization’s highly coveted “Moving Your Division to the Next Level” award in 2005 and 2012.

Prior to joining TaxSlayer, Michael worked as a network administrator for a managed service provider in the private sector and as an Information Technology specialist in the Navy and Air Force. With over 20 years of experience, his diverse background is a testament to Michael’s ability to adapt technologies to meet the operational and security needs of various industries.
Michael holds a Bachelor of Science in Information Technology degree from South University and a Master of Science in Information Assurance degree from Norwich University. Michael holds several industry certifications, most notable of which is the Certified Information Systems Security Professional certification. Michael is an active member of the Greater Augusta ISSA Chapter and ISACA.

Don Boian

Chief Information Security Officer, Hound Labs, Inc.

Don Boian is the Chief Information Security Officer (CISO) for Hound Labs, Inc. He is responsible for developing and implementing a robust information security program, ensuring Hound Labs and its assets, as well as the information and assets of its customers, are protected from both internal and external threats as the Company brings its flagship product, the Hound marijuana breathalyzer, to market.

An accomplished technology leader and award-winning information security expert, Don is an information security leader with more than 34 years of experience. In addition to his role as Cybersecurity Outreach Director at Huntington Bank, Boian also serves as a cybersecurity consultant at the Department of Energy’s Special Technologies Laboratory. He retired from the National Security Agency in 2016 after almost 30 years of service. His roles included operational and leadership positions in both offensive and defensive cyber operations and included a Joint Duty Assignment as the Technical Director for the Chief of Operations (J3) USCYBERCOM. Boian won many awards including the Chairman Joint Chief of Staff (CJCS) Joint Civilian Service Commendation Award (CDR USCYBERCOM) in 2011.

Beth-Anne Bygum

Senior Vice President & Chief Information Security Officer, Q2, Inc.

Cybersecurity issues and the potential to disrupt resilient operations and brand trust should be a top priority for corporate boards. Risks, particularly cyber risks are accelerating and if not prepared, can undermine regulatory compliance, strategic growth and worse, weaken consumer loyalty. Navigating this environment, proactively responding to changes in regulatory expectations and managing fluctuating residual concerns requires knowledge and an understanding of proactive planning.

At Q2, Inc., Beth-Anne is responsible for the company’s global information, product, cyber defense, and data security strategy. Servicing the regulated financial sector, her program is designed to scale with changes across the digital and development landscape while leading the organization to be always audit ready. Beth-Anne is a valued member of the Q2 senior leadership team reporting to the president.

With more than 30 years of experience directing programs related to domains referenced above, Beth-Anne has worked with leading companies in data science, technology, consumer packaged goods, biotechnology, pharmaceutical and consulting sectors.

Beth-Anne holds a Master of Science degree in management and leadership (MSLM) from the University of La Verne and a bachelor’s degree in business administration from Rutgers University. She holds a Certified Business Continuity Professional (CBCP) designation and is a member of Chief, the private network designed to connect and support executive women. A board advisor to non-profit, the Forge Institute, she and her husband volunteer their time to assist resources in underserved communities as well as transitioning military members into the civilian workforce.

Tim Callahan

Senior Vice President & Global Chief Information Security Officer, Aflac

Tim joined Aflac as the Chief Information Security Officer in April 2014. In this role, Tim is responsible for the Aflac Information Security Program, which includes Threat and Vulnerability Management, Security Operations and Incident Response, Information Technology Compliance and Risk Management, Security Engineering, and Disaster Recovery. Through the execution of the security program, Tim is the executive responsible for protection and availability of the information assets of the leading provider of supplemental and voluntary insurance products in the world. Tim leads various risk committees and structures to help business partners accelerate in a safe and sound manner.

Prior to Aflac, Tim was Senior Vice President, Business Continuity and Information Assurance at SunTrust Bank. Tim was responsible for SunTrust’s Corporate Threat and Vulnerability Management, Information Security Monitoring and Investigation, Business Resumption, Disaster Recovery, Incident Response/Crisis Management, Technology Risk Project Office, Records and Information Management programs. Tim led a team of professional risk managers in ensuring the protection, preservation, and availability of critical corporate information and resources. Tim integrated these functions building a capability that provided a unified approach in determining threats, developing mitigation strategies and solutions, and managing through incidents. Tim has successfully tested this integrated concept in the management of virus, weather, technology outages, and distributed denial of service attacks.

Prior to SunTrust, Tim served as First Vice President, Technology Risk Management, and Chief Information Security Officer at People's United Bank in Bridgeport, Connecticut. Tim was the executive charged with protecting People’s United Bank’s information, information systems, and technology. During his tenure, Tim built an effective technology risk management organization and led the company through a technology integration and organization program upon the acquisition of a bank of near equal size. Tim also served on the State of Connecticut Judicial Committee on Identity Theft to assist in building requirements for protecting sensitive personal information introduced into the judiciary through legal actions.

Tim was a career military professional serving in leadership positions throughout his 23-year career. In his final assignment, Tim was the program manager for a command risk management function at one of the US Air Force's Major Command Headquarters.

Janet Cinfio

Chief Information Officer & Chief Security and Compliance Officer, Acxiom

Janet Cinfio serves as Chief Information Officer and Chief Security and Compliance Officer at Acxiom. She leads the overall information technology strategy for the company as well as directing teams in the specific areas of architecture, cloud platform, enterprise applications, infrastructure, operations, security & risk management as well as technology procurement. With years of experience in the high-tech industry, Janet is a transformational leader known for building global forward-thinking technology teams. A passionate and vocal advocate for inclusivity, Janet is a co-founder of the Acxiom Women LEAD Business Resource Group (BRG), a founding member of Acxiom’s IDEA (Inclusion, Diversity, Equity and Awareness) Council, and proudly serves as Executive Sponsor for Acxiom’s Pan Asia and LGBTQ+Acxiom BRGs. Janet is a champion of STEM (Science, Technology, Engineering and Math) education and contributes her leadership to Girlstart and Girls of Promise as strategic planning advisor, board member and steering committee member.

Janet's expertise extends beyond the digital services business and encompasses all facets of strategy, architecture, planning, analytics, management, security, delivery, cloud solutions and operations. As CIO at Acxiom, Janet Cinfio is driving transformation of Acxiom to a digital and cloud-enabled product and services company.

Prior to joining Acxiom, Janet was VP of Digital Platform Infrastructure and Operations at EA where she led a global team and services including architecture, business intelligence, data engineering, ecommerce, customer relationship management, cloud, infrastructure, and operations.

Prior to joining EA, Janet was CIO at Esprit de Corp. where she led the reengineering of processes and systems including the business sourcing strategy. Before these roles leading technology, Janet held leadership roles in product development, operations, sourcing and finance.

Kristin Cornish

Director Global Cybersecurity Risk, The Coca Cola Company

Kristin Cornish currently serves as Director Global Cybersecurity Risk at the Coca-Cola Company. In this role, Kristin is responsible for broad cyber risk management and monitoring across the Coca-Cola Company, including regulatory cyber compliance with PCI DSS, Privacy regulations (GDPR, CCPA), and Sarbanes-Oxley (SOX). Kristin leads a team responsible for assessing third party and internal cyber risk and developing and maintaining cyber security policy. Working closely with Coca-Cola’s Global Chief Information Security Officer, Kristin is building a manufacturing cyber security risk management capability, spanning multiple regional and global stakeholder functions.

An almost 8-year veteran of the Coca-Cola Company, Kristin has held positions of increasing responsibility in both the Cyber Security and Internal Audit functions. Prior to her current role, Kristin spent 2 years as a Senior Manager, Technology Controls, leading efforts to improve understanding and support of technological internal controls supporting SOX financial reporting, improved management of control deficiencies, and improved processes to strengthen the IT control environment-both across the Coca-Cola Company Technology function and within large acquisitions of the Company. Kristin began her tenure at Coca-Cola within the IT internal audit team, where she spent over 3 years, including most recently as an IT Audit Manager.

Prior to her time at Coca-Cola, Kristin has both internal and external technology and financial audit experience at the Kimberly-Clark Corporation and PwC. Kristin holds a Certified Information Systems Security Professional (CISSP) certification from the International Information System Security Consortium (ISC2), a Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA) from the Information Systems Audit and Control Association (ISACA), an active CPA license from the Virginia Board of Accountancy. In addition to ISC2 and ISACA, Kristin is an active member of the Atlanta chapter of the Institute of Internal Auditors (IIA). She holds an B.S. in Management from the Georgia Institute of Technology and a Master’s in Business Administration from Georgia State University.

John Dickson

Chief Information Security Officer, Colonial Pipeline

John Dickson is the Chief Information Security Officer (CISO) at Colonial Pipeline, a critical infrastructure company operating one of the largest refined products pipelines in the United States. This strategic appointment highlights John's exceptional expertise and leadership in cybersecurity, marking a significant milestone in his career.

Prior to his appointment at Colonial Pipeline, John was the VP of Infrastructure, Support Operations and Cybersecurity (CISO) at Republic National Distributing Company (RNDC), an industry leader and the nation’s second largest wine and spirits distributor.

In his role, John leads a comprehensive IT team covering Information Security & Governance, Enterprise Communications, Data Center and Cloud Services, Warehouse Automation and Technology Support Operations. He is a results driven, business focused IT leader with extensive experience and a proven track record of translating business requirements into functional systems for Republic National Distributing Company. John’s career at RNDC spans 23 years, starting in a Network Management role and progressing through a Directorship of Infrastructure to today’s role over four operational areas and one hundred team members.

Prior to RNDC, John managed Information Technology services for Transdyn Controls, a leading systems integrator for Public Utilities and Intelligent Transportation Systems. Prior to taking an IT leadership role at Transdyn, John helped implement SCADA systems for the Boston Central Artery Tunnel, the George Washington Bridge, the New York Department of Environmental Protection and numerous water treatment facilities around the world.

John is passionate about motorsports, aviation, Georgia Tech Yellow Jacket Football and spending time with his family in Woodstock, GA.

John Dunn

Chief Information & Security Officer, Accuray

John Dunn is a competent and accomplished CISO with 20+ years delivering value through strategy building and execution. As the Enterprise CISO of GE HealthCare, he strives to establish goals and foster collaboration for the information security and data privacy program. An innovator and creative problem solver, John has been recognized internally and externally for solving some of the most challenging problems in business and the community.

During his accomplished tenure at GE Healthcare, John launched an internal startup called Touchless Order. He originated the idea, gained approval from executive leadership, and executed on his vision. Touchless Orders was constructed as a team of teams to improve finance, order management, manufacturing, logistics and installation processes. Ultimately, John helped the organization save $130M savings improving on time delivery and inventory.

One of John’s passions is to giveback to the community. He is recognized as an emerging leader as an active Board Member for the Milwaukee Public Schools Technology Advisory Program, and the Technology United Advisory Board which aims to reduce the digital divide and mentor students who want to pursue a career in technology. Upon learning that only 300 students wanted to land a technology job, he created a series of job fairs, mentoring sessions, job shadow programs, and internships for students, raising more than $500K annually to help buy chrome books and WIFI access for
disadvantaged children.

John’s professional history is complemented with an Information Systems Security Professional Certification (CISSP), an MBA in Finance, Strategic Management & Entrepreneurship from the University of Chicago, and a Bachelor’s degree in Electrical & Computer Engineering from Marquette University.

Joe Ellis

Vice President & Chief Information Security Officer, Ryder Systems, Inc.

Joe Ellis is vice president and chief information security officer at Ryder System, Inc. In this role, he is responsible for Ryder’s global Information Security program.

Prior to joining Ryder, Joe was chief information security officer at Subway Restaurants. He held senior information security roles at the Independent Purchasing Cooperative. Joe began his career as a Global Compliance Manager at Fidelity National Information Service.

A graduate of the Tampa Technical Institute with a focus on Computer Information Systems, Joe holds a number of significant industry certifications. He is a CISSP® - Certified Information Systems Security Professional, Certified Information Systems Auditor® (CISA), and Certified Data Privacy Solutions Engineer (CDPSE).

Joe is an active leader in the Information Security community participating in several Information Security organizations including the Cybersecurity Collaborative, FBI InfraGard, and the National Technology Security Coalition. Joe was recently named a 2022 top global CISO by Cyber Defense Magazine.

Jamil Farshchi

Chief Information Security Officer, Equifax

As the Chief Information Security Officer, Jamil Farshchi is responsible for ensuring the security of the company’s digital assets as well as transforming the Equifax cybersecurity program into a world-class capability. Farshchi, an award-winning change leader, has spent his career building industry-leading cybersecurity programs to protect some of the world’s most sensitive assets, particularly in times of urgent need.

Most recently, Farshchi, in his role as CISO, successfully led a similar rebuilding effort to mature The Home Depot into an information security leader following what was one of the largest cyber breaches in history. Prior to The Home Depot, Farshchi was named the first CISO at Time Warner Inc. in 2014, and was responsible for the defense of entities such as Warner Bros., CNN, and HBO.

Before taking on his role at Time Warner, Farshchi was the VP of Global Information Security at Visa, where he was responsible for protecting over $7 trillion of payment card transactions annually and transforming Visa’s cyber program into one of the most mature within the financial services industry.

In 2009, Farshchi served as the CISO at the Los Alamos National Laboratory with responsibility for defending some of the United States’ most sensitive national security and nuclear weapon assets. He has also served in a variety of risk, operational, and technology leadership roles at organizations including Sitel Corp., NextWave Wireless, and the National Aeronautics and Space Administration (NASA).

Currently, he serves on the Board of Directors for the Institute for Information Security and Privacy at Georgia Tech and the Piedmont Park Conservancy, and he is also a mentor in the Columbia University Technology Management program.

Farshchi holds a bachelor’s degree in Business Administration from the University of Oklahoma and a master’s degree from the Wharton School at the University of Pennsylvania. He also completed the Harvard Business School’s Program for Leadership Development.

Kevin Gowen

Chief Information Security Officer, Synovus

Gowen joined Synovus in 1995 after a 16-year career with IBM Corporation where he served in various engineering and management positions. He began his career with Synovus in the Information Technology area as Vice President of Network Services and Support. He served in various leadership roles in Information Technology including Director of Technology and Strategic Infrastructure. Gowen was named Senior Director of Procurement in 2008 with responsibilities for procurement, contracting, and vendor management. He was named a Group Executive in 2011 and his responsibilities were expanded to include serving as Chief Procurement Officer and overseeing Synovus’ Corporate Real Estate group. Gowen was named Chief Information Security Officer in February 2015.

As Chief Information Security Officer, Gowen is responsible for all aspects of information security and business continuity including identity and access management, security architecture, security operations, IT risk assessments, audit and regulatory interface, disaster recovery coordination, business continuity planning, and crisis management. He is also responsible for setting the tactical as well as strategic direction for Synovus’ enterprise vision, strategy, and program to ensure that information assets and technology are adequately protected.

Gowen’s education includes:
B.S., Mechanical Engineering, Georgia Institute of Technology
M.S., Mechanical Engineering, Georgia Institute of Technology
Synovus Leadership Institute

Ron Green

Executive Vice President & Chief Security Officer, Mastercard

Ron Green is Group Executive and Chief Information Security Officer. He leads a global team that ensures the safety and security of the Mastercard network as well as internal and external products and services. He is responsible for Information Security Operations, Architecture and Engineering, Security Event Management and Incident Response. Mr. Green also oversees cryptographic key management, business continuity, disaster recovery, and emergency management.

Mr. Green joined Mastercard in 2014 after serving as deputy chief information security officer at Fidelity Information Services (FIS). There, he led a team responsible for North American Information Security Operations, including security architecture and engineering programs, security testing, and governance. Prior to this position, Mr. Green was Director, Investigation and Protections Operations at Blackberry where he was responsible for global cyber and physical investigations, security operations centers, network security architecture, technical surveillance countermeasures, and threat intelligence programs. He also served as a senior vice president across several areas at Bank of America.

Mr. Green has extensive experience working with international and federal law enforcement agencies both as a special agent in the United States Secret Service and as an officer in the United States Army. With the Secret Service, Mr. Green worked protection and fraud investigations. He was one of the first agents to receive formal training on seizing and analyzing electronic evidence, and he worked on a number of international cyber crime investigations. Mr. Green serves on several advisory councils including the Financial Services Information Sharing and Analysis Center and the Overseas Security Advisory Council. He holds a bachelor’s degree in mechanical engineering from the United States Military Academy at West Point; is a graduate of the FBI’s Domestic Security Executive Academy; and holds a graduate certification in Information Assurance from George Washington University.

Stacey Halota

Vice President, Information Security and Privacy, Graham Holdings

Stacey Halota joined Graham Holdings Company (then The Washington Post Company) in 2003. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance, and other data protection efforts. Halota has more than 25 years of experience in the information technology, security, and privacy field. Before joining Graham Holdings, she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice.

Ms. Halota serves on the advisory boards of CyberVista, Y/L Ventures, and the International Consortium of Minority Cybersecurity Professionals. She is a Certified Information Systems Security Professional (CISSP) and a Certified Information Privacy Professional (CIPP).

Shawn Harris

Senior Director of Information Security, Chipotle Mexican Grill

Shawn Harris is the Senior Director of Information Security at Chipotle Mexican Grill (NYSE: CMG). In this role, he is responsible for Security Architecture, Engineering, Operations as well as Governance, Risk and Compliance teams.

With over 25 years of cybersecurity experience, Shawn holds multiple industry certifications, including Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), Certified Cloud Security Professional (CCSP). He is on the board of directors for Hackers for Change and is an advisory board member of several prestigious organizations including Cybersecurity Competency Group (CSCG), RSA Conference Program Committee, and the Microsoft Cybersecurity Customer Advisory board. He is the co-chair of the CSA Cloud Control Matrix working group and was named one of Security Magazine’s Top Cybersecurity Leaders in 2021. Shawn has spoken at several esteemed events, most notably the RSA Conference and ISC2 World Congress.

Shawn is passionate about building and strengthening highly engaged teams, fostering a culture of growth and forward-thinking mindsets. He coaches through challenges to empower individuals to think and operate independently and drive innovation. When not working, you can find Shawn in his home-built campervan exploring the Southwest with his wife and two dogs.

Lori Havlovitz

Chief Information Security Officer, Haleon

Lori Havlovitz has recently transitioned to a new role as the Chief Information Security Officer at Haleon. Prior to her new role, Lori lead the global information security team at Cardinal Health which included cybersecurity operations, information security architecture, technology risk management, IT compliance, and IT resiliency. While at Cardinal Health, Lori has held roles of increasing responsibility in applications development and shared services as well as enterprise architecture.

Lori was with Cardinal Health for 20 years. Before joining the organization, Lori worked with Nationwide Insurance focusing on system integration project management in the property and casualty business.

Diversity and inclusion is a passion for Lori. She has held a variety of roles including chairing the Women’s Initiative Network and as an executive sponsor for the Women in Information Technology employee-led group at Cardinal Health. Lori has also been a key leader in the creation of two sponsorship programs for technology employees – one focused on women and one focused on Black and African American employees.

Lori makes community outreach a focus including non-profit leadership and volunteering. She served as the secretary and vice president of Adaptive Sports Connection (formerly known as The Adaptive Adventure Sports Coalition). Lori is a two-time cancer survivor and volunteers in the Help Others Through Peer Experiences program at The Ohio State University Comprehensive Cancer Center.

Curley Henry

Vice President & Deputy Chief Information Security Officer, Southern Company

Curley Henry, Vice President and Deputy Chief Information Security Officer for Southern Company, is responsible for strategic cybersecurity initiatives and leads security architecture and consulting, cyber risk and assurance, and identity governance across the enterprise (IT) and critical infrastructure (OT). Curley has 25+ years’ experience in information technology and cybersecurity where he has created and led diverse teams to develop, implement and maintain effective strategies to reduce cyber security risk.

Curley works closely within the utility industry, engaging with state public service commissions, Department of Energy, the National Labs, Electric Power Research Institute (EPRI), and leaders from other utilities. He also engages in the cybersecurity technology industry, working closely with executives who are developing innovative solutions to pressing challenges.

Before joining Southern Company, Curley served in senior leadership roles at E* Trade Financial, Hewlett-Packard, and IBM. Earlier in his career, Curley was a Department of Defense consultant where he led a team to design, build and manage the first 24x7 security operations center for the U.S. Army Reserve Command. He began his career in the military and was a founding member of the U.S. Army Reserve’s Information Operations Command, which provided cyber security and information assurance support to installations and units across the continental Unites States.

A native of Columbus, GA, Curley studied engineering at Georgia Institute of Technology (Georgia Tech) before joining the military. He holds a bachelor’s degree in Computer Information Systems from Saint Leo University along with several security and technical certifications. He also serves on the Industrial Advisory Board for the new School of Cybersecurity and Privacy at Georgia Tech.

Darren Highfill

Chief Information Security Officer, Norfolk Southern Corporation

Darren Highfill serves as the Chief Information Security Officer, protecting critical information assets, business systems, and computer hardware for Norfolk Southern Corporation. He is responsible for maintaining, developing, and leading the team of cybersecurity professionals comprising Norfolk Southern’s Information Security program.

The Information Security team is responsible for the monitoring of compliance to cybersecurity policies and standards and works cooperatively with other groups within the business units responsible for information security. The Information Security program includes teams responsible for identity and access management, cybersecurity architecture, cybersecurity operations, a cybersecurity operations center, disaster recovery planning, business recovery planning, general office emergency incident response planning, cybersecurity awareness training, employee and customer privacy protection, and industrial controls cybersecurity protection.

Darren’s background is focused on cybersecurity for critical infrastructure and operations technology – in particular, within electric power transmission and distribution, with experience in the development and application of national and international cybersecurity standards as well as cybersecurity governance, architecture, policy, and risk management. He has been focused on cybersecurity solutions for critical infrastructure since 2004.

Stacy Hughes

Senior Vice President & Chief Information Security Officer, Voya Financial, Inc.

Stacy Hughes is senior vice president (SVP) and chief information security officer (CISO) for Voya Financial, Inc. (NYSE: VOYA), which helps Americans become well planned, well invested and well protected.

In this role, Hughes is responsible for advancing the enterprise vision, strategy and roadmap for an industry-leading cybersecurity program and supporting Voya’s focus on providing products, solutions and technologies that help Americans become well planned, well invested and well protected. Her focus is to drive alignment of Voya’s information security investments and plans to deliver leading-edge security technologies and capabilities across Voya’s enterprise infrastructure. She also leads the effort to anticipate and proactively mitigate information security risks, while supporting business growth and innovation.

Hughes has more than 20 years of experience leading complex IT initiatives within Fortune 500 financial technology organizations. Prior to joining Voya, she held the position of CISO at Global Payments Inc., where she held other leadership positions across governance, compliance, accounting and audit functions. Hughes has been an active industry leader in payment security, serving on the Payment Card Industry (PCI) Security Standards Council Board of Advisors and was recognized by PaymentsSource in 2020 as one of the most Influential Women in Payments.

Hughes is a member of the Susan G. Komen Southeast Regional Leadership Council after serving for over two years on the Atlanta Board. She enjoys mentoring cybersecurity students to encourage and develop the next generation of leaders. Hughes was also recognized by the Atlanta Business Chronicle as one of the 2021 Women of Influence, which honors those who have made significant strides in their careers and are making a difference in their communities.

Shaun Khalfan

Senior Vice President & Chief Information Security Officer, Discover Financial

Shaun currently serves as the Senior Vice President, Chief Information Security Officer for Discover Financial Services. In this role, he leads the Information Security organization with overall responsibility for implementing the information security strategy and objectives, including strategies to monitor and address current and emerging risks and a strong cyber engineering function.

Shaun has over 20 years of IT experience with specialization in information security and risk management. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. He was Vice President, Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives. Most recently, he served as Managing Director, Chief Information Security Officer at Barclays International.

Shaun is a graduate of the University of Maryland and has an MBA from the George Washington University School of Business. He serves on the board of the Financial Services Information Sharing and Analysis Center (FS-ISAC), is an adjunct professor at Carnegie Mellon University, and Army combat veteran. Shaun is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.

Donna Kidwell

Chief Information Security & Digital Trust Officer, Arizona State University

Donna Kidwell is an internationally recognized thought leader who leads teams and manages technology initiatives within research universities to prepare students for the challenging and ever-changing nature of work and learning. Today, Ms. Kidwell is the Chief Information Security and Digital Trust Officer at Arizona State University.

Building trust is more precious than ever in today’s data driven world and Donna is working with colleagues to ensure that the digital experiences for the ASU family are safe, secure and trustworthy, including compliance with GDPR, FERPA, and Privacy By Design - just to name a few!

Donna teaches and mentors entrepreneurs in innovators in the U.S. and speaks on these topics at international conferences.

Donna is passionate about generating wealth through the production of new knowledge and has worked to implement innovation, commercialization and entrepreneurship programs in Brazil, Colombia, Egypt, France, Hungary, India, Indonesia, Jordan, Kazakhstan, Kenya, Korea, Mexico, Norway, South Africa and Russia.

Kate Kuehn

Chief Trust Officer, AON Cyber Solutions

Kate Kuehn has been an active thought leader in Security & Advanced Network Technologies for over 20 years. As the Chief Trust Officer (CTrO) for cyber security at Aon, she aligns global cyber initiatives with internal practice and policy to drive trust, transformation, and risk mitigation internally, with clients, and within the entire cyber community.

Early in her career, she had been given the opportunity to work with and lead some of the most innovative technologies that have shaped our industries. She led some of the industry’s first projects in DDOS, Ethernet as a network (CPA), SaaS and IaaS, and was on the front line with some of the earliest attacks against the financial services markets.

Kate has purposely executed multiple roles across her career from CISO, CEO, Board of Director, Advisor, strategic business development / alliances, leading sales and engineering teams, and now as a CTrO (Chief Trust Officer. In her role at Aon, before her role at Aon, she has worked for companies including vArmour, Senseon, BT Group plc, and Verizon. The culmination of her experience ensures Kate always brings expertise and a fresh perspective on emerging trends within cybersecurity.

Kate has two main passions in life: bleeding-edge technology that helps secure our world and developing world-class people and companies. Kate is a trusted advisor in the industry and holds positions on several boards including Redshield and Cybermainacs She is currently an Advisory Board Member for vArmour, Senseon, rThreat, and Net Thunder. She was also recently appointed to the IEEE steering committee for Cyber Security, and collaborates regularly with ISSA, SINET & WSTA.

In addition to professional endeavors, Kate loves to give back to her community. She is active in a number of STEM initiatives including CORNCON, the Docent Group and the University of California, Berkeley. Kate also spends time as a volleyball coach at her children’s school.

David Lin

Vice President & Chief Information Security Officer, Gemological Institute of America

David Lin is a senior information security leader with more than two decades of experience orchestrating global infosec programs characterized by robust governance frameworks, empowered security cultures, and high-performing teams. As both an executive team member and trusted subject matter expert, David harmonizes security strategies with organizational goals and redefines infosec as a business partner and growth catalyst. Combining pragmatism with creative solutioning, he establishes sound security structures within dynamic environments featuring elevated risk profiles. As Vice President and Chief Information Security Officer for the Gemological Institute of America, Inc. (2019-Present), David helms global security operations, partnering across the business to mitigate risk for a non-profit organization. By two years into the role, David significantly improved the overarching security position and culture while building a high-capacity multilevel team executing strategies across core areas of identification, detection, protection, response, and recovery. David rapidly confirmed security’s place in the corporate playbook, elevating the CISO role to join GIA’s executive team in 2021. Highlighted achievements include embedding a NIST cybersecurity framework, integrating governance across operations, optimizing existing technology, and implementing interactive education strategies including gamification. In David’s previous role as Vice President, Information Security at Sony Pictures Entertainment (2011-2019), he formalized governance of the $11B subsidiary’s nationally deployed enterprise vulnerability management program while partnering with global CISOs to cultivate a culture of resilience across entities. In 2014, David led the IT recovery of a globally publicized hacking incident orchestrated by a foreign government, successfully mitigating further damage and completing full restoration of the technology and operating environment within four months. At the core of David's methodology lies a pragmatic, business-aligned approach to strategic advisory honed as Senior Manager, Security & Privacy Services Group with Deloitte & Touche LLP, where he guided enterprise security transformation for cross-sector businesses distinguished by heightened risk profiles, complex security needs, and stringent regulatory requirements. David played a pivotal role in forming Deloitte’s security consulting framework, building and leading a security team that established the firm’s foothold in an emerging market.

Jacob Lorz

Vice President Information Technology & Chief Information Security Officer, Cintas

Jacob (Jake) Lorz is a highly respected cybersecurity executive with a proven track record of success in multiple industries, including manufacturing, aerospace, defense, biometric identification, and software development. With over 20 years of experience, he has developed and implemented effective security strategies, managed complex security projects, and led high-performance security teams. Jake began his career as a network analyst at Globe Motors, an aerospace and automotive manufacturing organization. He quickly rose through the ranks and helped to forge a new international IT department at the parent company, SAFRAN, located in Paris, France. In this role, Jake was the infrastructure and security lead responsible for all international deployments. After his success at deploying complex security projects to international subsidiaries, Jake took on the challenge of being the Chief Information Security Officer at MorphoTrak, a biometric identification software division of SAFRAN, in Southern California. In this role, he was responsible for overseeing all aspects of the company's information security program, including policy development, compliance, and security operations. Jake then transitioned to a customer-facing role at IDEMIA where he was the Director of IT Security and responsible for protecting GovCloud-hosted biometric identification systems for Local, State, Federal, and International law enforcement agencies. Under his leadership, IDEMIA achieved compliance with several industry standards, including FBI CJIS compliance.

Jake joined Cintas Corporation as the Director of IT security in 2021 where his expertise and leadership have allowed him to build a world-class and threat-resilient information security program. The program tripled in size and scope in less than one year, and Jake’s leadership and efforts led an independent third-party assessor to rate the Cintas information security program maturity level to be ahead of organizations of similar size.

Jake is widely regarded as a thought leader in the cybersecurity industry. He serves as co-chair of the Cincinnati Cybersecurity Collaboration Forum's Leadership Board, as a member of the Cincinnati Information Systems Security Association (ISSA) Advisory Board, and he sits on the Verizon Cybersecurity Customer Advisory Board. Jake holds a bachelor's degree in Management Information Systems, a master's degree in Business Administration, and he is finishing a second master's degree in Information Technology with a focus on Data Driven Cybersecurity from the University of Cincinnati. Jake also maintains professional industry certifications, including CISSP, CISM, and CRISC certifications.

Dr. Adrian Mayers

Vice President & Chief Information Security Officer, Premera Blue Cross

Dr. Adrian M. Mayers joined Premera Blue Cross in November 2019 as Vice President, IT and Chief Information Security Officer (CISO) for Premera Blue Cross.

Dr. Mayers is responsible for providing and optimizing an enterprise-wide security program and architecture that minimizes risk, enables business imperatives, and further strengthens Premera’s security posture. He works closely with Premera’s leadership team to establish and maintain a comprehensive program to protect employees, information assets, and technologies, and mature the corporate culture from security awareness to accountability.

Before joining Premera, Dr. Mayers held senior management positions at Vertafore, Microsoft, Nokia, and Securiguard. He has a strong passion for remaining on the cutting edge of technology and business innovation. Throughout his 20-year career, he has dealt with various aspects of corporate security, such as anti-fraud operations, cybersecurity, intellectual property protection, counterespionage, and loss prevention.

He holds multiple professional certifications including CISM, CCSP, CFE, CPP, CISA, and CDPSE. He earned his doctorate in Business Administration specializing in International Business from Northcentral University, an MBA from Athabasca University, a graduate certificate in Cybersecurity from Harvard University, a graduate certificate in Counterintelligence from the American Military University, and an Engineering Technologies diploma from John Abbott College. His academic research pursuits focus on cyber warfare, national security, intelligence analysis, special operations forces, and foreign policy.

Kevin McKenzie

CISO in Residence

Dr. Kevin McKenzie is Vice President of Information Technology and Chief Information Security Officer (CISO) for Dollar Tree Stores Inc. Dollar Tree is a publicly traded Fortune 150 company with revenues in excess of $20 billion that encompasses both Dollar Tree and Family Dollar retail stores. Headquartered in Chesapeake, Virginia, Dollar Tree operates thousands of stores across all 48 states of the contiguous United States along with five Canadian provinces.

Strategically, Kevin is responsible for establishing the vision, mission, and security posture for the combined Dollar Tree enterprise and tactically accomplishes this through his oversight of Governance and Risk Compliance, Security Operations, and Network Security. Kevin holds an undergraduate degree in Management, a master’s degree in Industrial Management, and a Doctorate in Career and Technology Education from Clemson University. He also holds the Certified Information Systems Security Professional (CISSP) and ITIL professional certifications.

In addition to his corporate officer role, Kevin remains an actively engaged member of the faculty at Clemson University. He serves on the strategic advisory board for the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the technology advisory board for Tidewater Community College. Additionally, he’s also an advisory board member for tech companies in the security industry. He has helped author multiple Congressional testimonies and personally participated in a Congressional town hall event about information security topics.

In 2013, Kevin was named the ISE Southeast Executive of the Year Award Winner and, later that year, the North America Information Security Executive of the Year for the Public & Academic Sector by Tech Exec Networks (T.E.N.). That same year, Kevin also received the America’s Information Security Leadership Award (ISLA) by ISC²—representing all of North America, South America, and Central America. In 2017, Kevin was honored and recognized as a ‘Roaring 10’ award recipient of Clemson University where ten alumni are named annually who have made an impact in business, leadership, community, educational, and/or philanthropic endeavors while upholding the university’s core values of honesty, integrity, and respect.

Previously, Dr. McKenzie was CISO and Executive Director for the Office of Information Security and Privacy at Clemson University where he established the university’s strategic direction in information security, mentored and taught students as a Research Professor in Electrical and Computer Engineering, created a student-led Security Operations Center (SOC) designed as an immersive experience for the students, served as Chief Security Officer to multiple statewide healthcare organizations comprising more than $7 billion in healthcare transactions, and protected one of the nation’s premier higher education environments classified as a top-tier Highest Research Activity (R1) research institution under the Carnegie Classification of Institutions of Higher Education.

Michael McNeil

Senior Vice President & Global Chief Information Security Officer, McKesson

Michael C. McNeil is the current Senior Vice President, Global Chief Information Security

Officer (CISO) at McKesson Corporation. McNeil is responsible for enhancing and overseeing

McKesson’s information and operational technology security strategy program, as well

managing information security governance. He will also ensure the execution of McKesson’s

cybersecurity strategy across the enterprise. McNeil has an extensive background in

cybersecurity and significant experience in the healthcare industry. Most recently, he served as

the Global Product & Security Officer for Royal Philips where he deployed consistent processes

across the entire portfolio of healthcare products and services. He has also held senior

leadership positions at Medtronic, Liberty Mutual Group, Pitney Bowes, and Reynolds &

Reynolds. Michael holds several board and executive member positions, including the

Healthcare and Public Health Sector Coordinating Council (HSCC) Executive Committee, the

Health Information Sharing and Analysis Center (H-ISAC), the National Black MBA

Association (NBMBAA) and the Association for the Advancement of Medical Instrumentation

(AAMI). He has also provided expert testimony before Congress on matters concerning

cybersecurity and data privacy. Michael holds an MBA from Northwestern University, J.L.

Kellogg Graduate School of Management and a Bachelor of Science Degree from the University

of Illinois. Michael and his wife, Devita, are the proud parents of two children and are doting

grandparents. Michael is an avid listener of Smooth Jazz and he loves traveling to jazz festivals

in his spare time.

Lucia Milică Stacy

Chief Information Security Officer, Stanley Black & Decker

Lucia Milică Stacy now serves as the Chief Information Security Officer (CISO) at Stanley Black & Decker, a prominent global diversified industrial company. She brings to this role her extensive experience as a senior technology leader with over 20 years of technical and business expertise in the cybersecurity and information security fields.

Prior to her current position, Lucia held the role of VP, Chief Information Security Officer & Chief Privacy Officer for Polycom, where she was responsible for overseeing all aspects of data privacy and information security within the organization.

Throughout her career, Lucia has held various leadership and technical roles in IT governance & strategy, security risk and compliance, corporate and product security, data privacy, and IT infrastructure at notable companies, including HP, Palm, Wells Fargo, and Franklin Templeton.

Lucia's contributions to the cybersecurity industry and the broader business community have been substantial. She has been a sought-after speaker at conferences, symposiums, and other events, where she has shared her insights and expertise. Additionally, she has actively participated in industry groups and served as an advisory board member for various organizations, including the National Technology Security Coalition. Lucia has also provided her expertise to the Department of Health and Human Services (HHS) 405(d) Cybersecurity Task Group, SC Media Advisory Board, and Forbes Technology Council.

She holds a Master of Science in Information and Cybersecurity degree from the University of California, Berkeley, and holds Master's in Business Administration and Juris Doctorate degrees, further demonstrating her commitment to excellence in both the technical and legal aspects of the cybersecurity field. With her wealth of experience and dedication to the field, Lucia Milică Stacy continues to make significant contributions to the world of cybersecurity as the Chief Information Security Officer at Stanley Black & Decker.

Allison Miller

Chief Information Security Officer and Vice President of Global Enterprise Information Security, UnitedHealth Group/Optum

Allison Miller serves as the Chief Information Security Officer and Senior Vice President for Optum. Allison has accountability for the Enterprise Information Security Officers for the Group, Security Incident Response/Technical Investigations, Security Policy and Global Cyber Regulatory Programs. In her existing role, Allison has developed a global security framework for the enterprise with a focus towards patient safety, security of clinical operations and a global cyber crisis response plan.

Prior to her role with the Global Enterprise Information Security Office, Allison served as the Director of National Healthcare Compliance for UnitedHealthcare, Chief Privacy Officer for OptumHealth and Deputy Chief Privacy Officer, National Privacy Director for UnitedHealthcare.

In addition to global cybersecurity, Allison has over 20 years of experience in health information systems and crisis management. During her tenure at UnitedHealth Group, Allison developed systems to identify the gaps in care and predict health outcomes for individuals with chronic conditions. Allison is a volunteer EMT and First Responder in the State of Louisiana serving residents during Hurricanes Katrina and Isaac. Most recently, Allison had the privilege of serving Refugees in Greece providing healthcare support to the clinicians on the frontlines.

Allison’s undergraduate (BA) studies were in Political Science and Sociology; she has completed Executive Education & Management post-college at Wharton, Kellogg Executive Education and MIT Sloan. She was part of the cohort that authored and attained the ISC2 Healthcare Information Security and Privacy Professional Certification and holds her HCISSP, in addition to holding certifications from GIAC, ISACA, HCCS and other technology areas of focus beyond security.

Allison continues to volunteer her time across organizations to help raise the level awareness regarding emerging cyber security landscape and the threats they present to patient care globally. In 2021, Allison partnered with the University of Minnesota to launch the Center for Medical Device Cybersecurity, the first program focused on the intersection of cyber risk, medical devices, and the delivery of patient care. The mission of the CMDC is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Allison is passionate about diversity and inclusion. She serves on the Board of Directors for Women in Cybersecurity (WiCys), Strategic Advisor to Black Girls in Cyber, CyberIreland and speaks publicly at schools and colleges around the globe.

Benjamin Murphy

Senior Vice President & Global Chief Information Security Officer, Unum Group

Ben is Senior Vice President and Global Chief Information Security Officer for Unum Group, a Fortune 500 insurance and work benefits provider. Ben’s career in information security spans more than 20 years and includes CISO roles for some of the largest banks and insurance companies in the U.S., as well as large organizations covering UK, Europe and Asia.

Ben has also spent much of his career in the business of security, helping to grow two security startups and running a large security and IT services division serving thousands of banking and credit union clients.

As an invited speaker, Ben has enjoyed addressing many high level industry conferences in the U.S. and Japan, including RSA and Financial ISACs. He has long been an avid contributor and volunteer to the joint effort among government, business, and non-profits to secure data and IT systems via organizations such as the FS-ISAC, InfraGard, SINET, BITS, FSSCC, TAG, and others. His charitable efforts include work with the United Way and The Center for Children and Young Adults.

David Nolan

Vice President of Risk & Chief Information Security Officer, Aaron’s

As the Vice President of Risk & Chief Information Security Officer at Aaron’s, David is accountable for information security and risk leadership, strategy, budget, and operational excellence. He is a servant leader and mentor to a robust team of information security professionals and managers covering Application Security, Incident Response, Governance Risk and Compliance, Emerging Technology Security, Endpoint Protection, and Information Protection.

David has spent over 20 years in the information technology industry in various roles. He previously served as a Manager of the Threat, Attack and Penetration testing services team, Application Security Architect, deployment manager, and various lead developer roles for Caterpillar Inc. He has additionally held positions at companies including State Farm Insurance and the Central Intelligence Agency.

David is a regular speaker at colleges, corporations, and industry conferences including the (ISC)2 Security Congress, ISSA, and ISACA conferences, is active on various industry advisory boards, and is the Education Chair for the Atlanta chapter of InfraGard.

Michael Palmer

Chief Information Security Officer, Hearst

Michael Palmer is the chief information security officer for Hearst, a leading diversified media, information and services company with over $10 billion in annual revenue. Hearst’s portfolio of more than 360 companies spans cable television networks such as A&E, HISTORY, Lifetime and ESPN; global financial services leader Fitch Group; and Hearst Health, a group of medical information and services businesses. Palmer leads enterprise-wide vision, strategy and architecture of information security and technology risk management. Palmer brings his expertise to evangelize IT security across Hearst’s portfolio, integrating IT security as a critical component of business operations.

Formerly, Palmer served as a key member of the NFL’s executive team, responsible for governing the league’s cybersecurity strategy, policies and programs while protecting its brand, intellectual property and assets. As the first chief information security officer in the NFL, Palmer’s inaugural role was the result of his ingenious work ethic, dedicated problem solving and ability to pitch the business case for having an information security office. Palmer recognized a need in the organization and created the CISO office from the ground level in 2012.

Palmer’s background includes 20+ years of broad cybersecurity and enterprise risk management experience, including deep specialization in corporate technology infrastructure, identifying threats and pinpointing vulnerabilities. Palmer works to expose inherent business risks and is adept at spearheading strategies on how to best address them. As a proven trailblazer, change agent and subject matter expert in information security, Palmer works closely with his colleagues, providing guidance on security and risk issues.

An industry thought leader, Palmer serves on the Grambling State University Technology Advisory Board and Rochester Institute of Technology Computer Security Advisory Board. In his work at the colleges, he helps to shape the educational programs that train the next generation of cyber defenders. Some of Palmer’s awards include the CISO Executive Summit Breakaway Leadership Award (2018), Global Leadership Forum (GLF) Superstar (2018) and Information Technology Senior Management Forum (ITSMF) Member of the Year (2017).

Palmer also co-chairs the governing body of the New York CISO Executive Summit (Evanta), an organization that fosters collaboration and knowledge sharing across the New York CISO community. He is a member of the programming committee for RSA 2019 CISO Boot Camp and CISO Insight track, creating educational content for the world’s largest cybersecurity conference.

Passionate about diversity and inclusion in the technology space, Palmer serves on the International Consortium of Minority Cybersecurity Professionals (ICMCP) Strategic Advisory Board to help bridge the great cyber divide, working to attract more women and minorities into the information security industry. Previously, Palmer also served as a committee chair of the NFL’s Diversity Council, a governing body that works to provide increased opportunities and exposure to women and diverse professionals within the NFL.

Palmer earned a U.S. Department of Homeland Security Secret Clearance and holds several industry certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Manager (CIPM) and Information Technology Infrastructure Library V3 (ITIL V3).

He obtained a bachelor’s degree in business administration with a major in computer information systems from Baruch College. He is also part of the Department of Homeland Security Commercial Facilities Workgroup Governing Board of Directors and Information Technology Senior Management Forum (ITSMF).

Steve Pugh

Chief Information Security Officer, InterContinental Exchange (ICE)

Steve Pugh has served as Chief Information Security Officer (CISO) of Intercontinental Exchange, Inc. (NYSE: ICE) since September 2021. He leads the cybersecurity program for all of ICE, including the New York Stock Exchange, securing critical economic infrastructure across multiple subsidiaries, geographies and regulatory jurisdictions. Further, Pugh is responsible for cybersecurity across regulated futures and options exchanges, central counterparty clearing houses (CCPs), trade repositories, equities venues and systemically important financial market utilities (SIFMUs).

Prior to joining ICE, Pugh served as the former Chief Information Security Officer of the White House Military Office and has more than 25 years of experience in cybersecurity, national security, and intelligence. Most recently, he was the Chief Security Officer for Twilio.

Pugh has served under three U.S. Presidents as a military communications aide. He spent 18 years in the U.S. Air Force as a cyber warfare officer and deployed in support of Operation Iraqi Freedom. Pugh holds a Bachelor of Computer Science from Valdosta State University and a Master of Management from the University of Phoenix. He serves as a board member for the non-profit Savvy Cyber Kids which focuses on cyber safety for preschool through high school students.

Stephen Richardson

Chief Administrative and Compliance Officer, Scientific Games

Steve brings 28 years of government experience to Scientific Games, including 22 years with the Federal Bureau of Investigation. He oversees all aspects of Information Security, Information Technology, Compliance, Human Resources, Procurement, Facilities and Internal Auditing for the company. He joined Scientific Games in 2018 as the Chief Compliance Officer and Director of Global Security, lending his extensive experience as a senior executive with the FBI’s Operational Technology Division and Criminal Investigative Division. During his tenure at the FBI, most recently as the Assistant Director of the FBI’s Criminal Investigative Division in Washington, D.C., Steve held a number of positions related to criminal and cyber threats, financial crimes, foreign corruption, money laundering and illicit finance. He was nominated for the Presidential Rank Award granted by the U.S. government to career senior executives, and was a finalist for the Samuel J. Heyman Service to America Medals. Previously, Steve was a highly decorated employee of the Tennessee Bureau of Investigation, receiving a Medal of Valor from the State of Tennessee for his work on high-profile criminal investigations. Steve holds a Bachelor of Business Administration in Accounting from East Tennessee University, and an MBA from Duke University. Additionally, he has earned a Business Law Certificate from Vanderbilt University and is a Certified Fraud Examiner.

Ray Rothrock

Executive Chairman, RedSeal, Inc.

Ray is presently Executive Chairman of RedSeal, Inc. an enterprise cyber security company based in San Jose, CA and founder of FiftySix Investments LLC, a seed stage investment fund.

In 2013 Ray transitioned to Partner Emeritus of Venrock, an early-stage tech investment partnership originally formed by the Rockefeller family. During his 25-year career at Venrock he invested in 53 early-stage technology companies. He led both the Internet and energy investment programs and was a member of the management committee for Venrock. His market leading cyber security investments included Check Point Software, Vontu, PGP, Imperva, CloudFlare, and Shape Security to name a few.

His Venrock track record included 9 IPOs that resulted in his being listed on the Forbes Midas List. A leader in the venture industry he was elected by his peers as chairman of the National Venture Capital Association for 2012-13. He serves on the boards of Check Point Software Technology (NASDAQ:CHKP), Roku, Inc. (NASDAQ: ROKU) and several private companies.

Richard Rushing

Chief Information Security Officer, Motorola Mobility

Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC. Richard participates in corporate, community, private, and government security councils and working groups, setting standards, policies, and solutions for current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the organization's security effort by developing an international team to tackle targeted attacks, cyber-crime, and emerging threats to mobile devices. He has organized, developed, and deployed practices, tools, and techniques to protect the enterprise's intellectual property worldwide. A much-in-demand international speaker on information security, Richard has spoken at many of the leading security conferences and seminars around the world.

Eric Seagren

Chief Information Security Officer, Oceaneering

Eric Seagren currently serves as the Chief Information Security Officer at Oceaneering International. Eric’s career in IT started in 1996 and has progressed through various positions including desktop support, server administration, network engineering, risk management, disaster recovery, and cybersecurity across diverse fields such as banking, real estate, oil and gas, aerospace, and defense. This breadth and depth of experience helps Eric understand information technology with a “big picture” perspective. Leveraging this broader perspective, Eric’s focus is to design security policies and solutions that respect the business needs and operational requirements of the organization, maximizing effectiveness while minimizing impact. Eric has experience working in organizations of all levels of IT security maturity, including building a security program from the ground up.

Eric holds a Bachelor of Science in Business: Information Systems. He is also a published author with multiple publishing credits and technical certifications including CRISC, CISA, CISSP-ISSAP. Some of Eric’s publications include “Secure Your Network for Free" and “How to Cheat at Configuring Open Source Security Tools” (co-authored).

Oceaneering International is a global organization with offices in 25 countries and does business in the aerospace, entertainment, material handling, military and defense, and oil and gas industries.

Forrest Smith

Chief Information Security Officer & Senior Vice President, Ingram Micro

Forrest Smith is the Senior Vice President and Chief Information Security Officer at Ingram Micro -- a $55B global leader in technology distribution, cloud solutions and supply chain services with operations in 52 countries and sales in 160. Forrest is responsible for all aspects of Cybersecurity and data protection. His focus is creating a secure environment that protects and data and services of more than 40,000 employees and 200,000 customers in 160 countries.

Forrest previously served as Vice President, Chief Information Security Officer at Nissan Motor Company (TYO: 7201), a $104B automotive manufacturer. Nissan’s 300,000 employees — design, manufacture, and sell over 100 different vehicle models in most countries around the globe. Forrest also held positions in enterprise architecture, infrastructure, and data center management at Nissan.

Prior to Nissan, Forrest held a variety of application development and leadership roles at IBM.

Forrest was a founding board member of the Auto ISAC (Information Sharing and Analysis Center) and was instrumental in expanding membership to tier 1 and tier 2 automotive suppliers. Forrest is currently a board member of the IT ISAC.

Forrest was also a deputized law enforcement officer and certified digital forensic examiner. During his time at the Williamson County Sheriff’s Department, he performed numerous high-tech crimes investigations and digital forensic exams as an unpaid volunteer.

Billy Spears

Chief Information Security Officer, Teradata

Billy serves in the role of Chief Information Security Officer for Teradata. He is responsible for overseeing Teradata’s Information Security, Cybersecurity, and Product Security functions. Mr. Spears is an award-winning industry respected technology executive, CISO, author, speaker, and podcast host.

He earned his reputation over two and a half decades through successfully building scalable Information Technology, Security (Information, Cyber, Product), Privacy Operations, and Security Risk programs that drive innovation within the federal government, private, and public sector organizations. Billy is an effective executive leader that earns trusted business partnerships and is passionate about architecting strategic solutions, enabling resilience, and incorporating core principles driving digital transformations with agile, forward-thinking security strategies that consistently transforms with the business to deliver reliable system performance throughout the entire ecosystem amid constant and changing threats. He believes in raising awareness, influencing positive change, and using forward thinking methods to lead modernization.

With an extensive information security and technology background, Billy joined Teradata from Alteryx where he was the company’s first CISO, brought in by the CEO to oversee Security (Information, Cyber, Product), business continuity, and associated risk management. Prior to that, he held similar positions at LoanDepot, Hyundai Capital America, General Electric, and Dell. He was also a founding member of the U.S. Department of Homeland Security and is a veteran who served in the United States Marine Corps.

Billy earned his MBA from the University of Phoenix and a Bachelor of Science in Information Technology from National University.

Mark Strosahl

Chief Information Security Officer, Penn Mutual

Mark Strosahl joined Penn Mutual in March 2022 after serving as Business Information Security Officer (BISO) at Principal Financial Group for their Retirement, Banking, and Trust and Custody business lines. During his 14 years at Principal, Mark served in various IT & Security roles and presented on information security to hundreds of clients. Mark also served as a board member of the SPARK Data Security Oversight Board, co-chair of the Retirement Industry Council for FS-ISAC, and a member of InfraGard.

Mark received a master of business administration degree from Iowa State University, a master's certificate of Cybersecurity from Harvard University Extension and a bachelor’s degree in Management Information Systems from Iowa State University. He holds 4 cyber security certifications including Certified Chief Information Security Officer (C-CISO), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and Certified Information Security Manager (CISM). He also holds his Series 99 and is registered with HTK.

Bob Varnadoe

Chief Information Security Officer, NCR Corporation

Bob Varnadoe is the Chief Information Security Officer for NCR Corporation. His duties include overall information security and operational / IT aspects of NCR’s privacy program, IT risk management, compliance company-wide, training and awareness for information security, and oversight of the deployment of security technologies. Bob works with NCR’s lines of business (Professional Services, Legal, Internal Audit, Customer Services and Hardware/Software Engineering) to develop and build out the company-wide strategy for information security. He also represents the IT organization as a part of NCR’s Enterprise Risk Management committee.

Prior to NCR, Bob was with Fiserv Corporation where he was responsible for information security within Fiserv’s corporate risk organization. His team was responsible for information security oversight, governance, and strategy across Fiserv’s business units. The team also provided consulting to Fiserv’s divisions and operating units for information security matters. During his tenure at Fiserv, Bob led teams focused on information security engineering and operations for network infrastructure, distributed systems, and mainframe systems. He also led teams focused on application security testing, consulting, and information security strategy, and he built Fiserv’s security operations center.

Bob joined Fiserv through the acquisition of CheckFree Corporation where he was responsible for information security strategy within CheckFree’s corporate function. Prior to joining CheckFree, Bob was IT Director for an architecture and engineering firm in Atlanta. He has over 20 years of experience in data networking and information systems, 15 years of which were spent exclusively in the security field. Bob holds a bachelor’s degree in electrical engineering from the Georgia Institute of Technology.

Brian Waeltz

Senior Vice President & Chief Information Security Officer, Cardinal Health

Brian is a Senior Vice President and the Chief Information Security Officer at Cardinal Health. In this role, he is responsible for implementing the overall information security strategy for the global organization, including areas such as cyber operations, security architecture, resiliency, compliance, third-party risk management, commercial solutions security, and the Business Information Security Officer organization. Over his 19+ year career at Cardinal, he has spent time leading teams in Risk Management & Compliance, IT Shared Services, IT Service Management, and in business-facing roles supporting Operations and highly-regulated platforms. These unique experiences have helped provide him a well-rounded perspective on security challenges from both a technical (infrastructure and applications) and business operations perspective – and they are being put to use as he helps Cardinal continue to grow and expand its information security capabilities.

Brian holds dual bachelor’s degrees in Accountancy and Management Information Systems from Miami University in Oxford, Ohio. He gives back to his community through involvement in various charity activities, as well as supporting emerging cybersecurity programs at his alma mater and local school district. He is also an advocate for diversity, equity, and inclusion in the information technology and security field, and serves as the executive sponsor for the Women in Technology employee resource group at Cardinal Health. In his spare time, he enjoys spending time with his wife and two sons, being actively involved in their church, traveling, and rooting on his favorite sports teams.

Steven Weber

CISO Chief of Staff, AbbVie

Steven Weber is the Chief of Staff to the CISO of AbbVie. In this role, he is responsible for managing the departmental budget and project portfolio, leading global security awareness and communications, coordinating AbbVie’s industry collaboration efforts, and managing cross department information security activities.

Prior to joining AbbVie, Steven spent 18 years with Cardinal Health. In his final role, he led the governance, risk and compliance team within the information security function. This included IT compliance, third party risk management, IT risk governance and IT risk management.

Steven and his family are avid global travelers exploring the world and learning new cultures.

Howard Whyte

Chief Information Security Officer & Executive Vice President, Truist Financial Corporation

Howard Whyte is an Executive Vice President and the Chief Information Security Officer (CISO) at Truist Financial Corporation. As CISO, Mr. Whyte is responsible for execution of the Corporation’s Information Security Program and alignment with enterprise programs and business objectives, ensuring that information assets and technologies are protected.

Prior to joining Truist in January 2022, Mr. Whyte served as CISO at Boeing, where he was responsible for the protection of Boeing’s information and computing resources globally and for managing information technology risk. Earlier, Mr. Whyte worked for more than 20 years as an executive leader of information technology and security in the federal government, military, and private sector. He served as the Chief Information Officer and Chief Privacy Officer at the Federal Deposit Insurance Corporation (FDIC), where he acted as an advisor to the chairman, board members, and senior executives on all strategic issues relating to information technology, including governance, investments, program management, strategic planning, and security. Previously, he was the CISO at FDIC and worked to reduce cybersecurity risk by implementing an around-the-clock security operations center and incorporating threat intelligence into security operations.In addition, he led the Threat Management Center at Goldman Sachs, focusing on cybersecurity detection, protection, response, and recovery on a global scale. He also served as the CISO and deputy CISO at NASA, where he provided direction and future vision on a wide range of information technology solutions for mission and corporate systems.

Earlier in his career, he was a senior information officer in the U.S. Army Network Enterprise Technology Command and the Defense Information Systems Agency; a telecommunications manager at Interim HealthCare; and an information management officer in the U.S. Army.

Mr. Whyte’s primary area of responsibility for Truist includes managing and overseeing the Corporate Cyber Security Department, which consists of Cyber Operations; Vulnerability Management and Data Protection; Identity and Access Management; Cyber Governance, Risk, and Compliance; Cyber Architecture and Strategy; Cyber Strategic Initiatives and Shared Services Management; as well as the Divisional CISOs, who serve as security liaisons to the business.

Mr. Whyte holds a Bachelor of Science degree in Management Studies from the University of Maryland and a Master of Business Administration from the University of Phoenix.

Reginald Williams

Chief Information Security Officer, The Chemours Company

Reginald Williams joined The Chemours Company in 2018 as the Chief Information Security Officer. He was instrumental in leading a 24-month Cyber Transformation program for Chemours with an emphasis on maturity and business alignment and as a high-impact results-oriented and customer-focused Information Security / Information Risk executive with over 25 years of experience, has helped multiple global corporations in their strategic execution of global cyber & information security programs. Reginald consistently executes a Cyber Risk-based methodology that aligns with Internal Audit and External Audit to develop annual audit plans for technology including post-audit activities regardless of the nature being statutory, regulatory or required under corporate governance. He thinks outside the box by understanding the relationships between Law, Policy, Regulations and Best Practices needed to accomplish corporate targets. He has served in high-profile consulting and leadership roles to gain the strong business acumen needed to develop CIO / CISO level security programs, and security solutions to address the information risks in data protection for corporate and customer data.

Reginald is very efficient in mapping regulations, frameworks, and best practices into a simplified framework in alignment with Business and Technology goals.This creates a manageable security program that helps the business meets their objectives. He has extensive experience in assessing and designing global security programs that use information risk which requires data protection across 9 of the 16 DHS sectors of Critical Infrastructure including: Chemical, Nuclear, Energy, Manufacturing, Financial Services, Dams and Transportation to name a few. These skills have been applied across a number of industries including: Chemical, Manufacturing, Internet and Technology, Energy, Medical, Financial, Healthcare, start-ups and various Fortune 500s.

Reginald is a results-oriented CISO that transformed a global Security Operation Center into a detection and response focus with the goal being to proactively hunt threats in the enterprise and respond to those threats before they become cyber incidents thus keeping the threat posture of the corporation at a manageable level. He has chaired multiple Cyber / Risk steering committees with each providing senior executive leadership the data needed to inform the Board, including a quarterly cadence with the Board on all matters related to Cybersecurity and Information Risk.

Larry Williams

President & CEO, Technology Association of Georgia

Larry Williams is the President and CEO of the Technology Association of Georgia (TAG). Williams is also the President of the National Technology Security Coalition (NTSC)

Williams brings more than 25 years of experience in global branding, international trade and finance, public and industrial policy, and administration and management to the NTSC. As the former president and CEO of The Beacon Council, Miami-Dade County's official economic development partnership, Williams helped facilitate local, national and international business growth and expansion programs.

Under Williams’ leadership The Beacon Council created and executed a new economic development framework to help the area grow and secure investments in today innovation economy. This is resulted in $687 million in new investment, 119 company relocations or expansions, and more than 4,500 new jobs.

From 2011 to 2014 Williams helped shape the vision for Atlanta’s tech sector as vice president of technology development at the Metro Atlanta Chamber. He provided leadership and direction to the Chamber’s Mobility Task Force, positioning Atlanta as a global hub of mobile technology, and to the Technology Leadership Council.

Jason Witty

Chief Security Officer, USAA

Jason Witty is currently the Chief Information Security Officer for USAA. Prior to his transition to USAA, Jason was the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. An award-winning CISO, Jason was recognized as a 2015 “CISO Superhero” at I.S.E. North America; the 2014 I.S.E. North America People’s Choice Award winner; 2013 “CISO of the Year” by the Information Systems Security Association of Chicago and the Association of Information Technology Professionals; and one of Information Security Magazine’s 2013 “Security 7” representing the Financial Sector. He is a highly rated public speaker, frequently keynoting on cyber security topics at large events including CSA Cloud Summit, Finsec, Infosec Europe, RSA Conference, SecureWorld, and others.

Before joining JPMorgan Chase, Jason was Executive Vice-President and Chief Information Security Officer at U.S. Bancorp, providing singular accountability for all information security controls in the company. And before U.S. Bancorp, Jason was the Senior Vice President and Cyberthreat Prevention Services Executive at Bank of America. He was responsible for a team of information security professionals spanning 8 countries who provided information security risk prevention and deterrence services, globally. He was simultaneously accountable for all information security controls outside of the United States for Bank of America Merrill Lynch, covering 48 countries.

Jason is a certified Information Systems Security Management Professional (ISSMP) who has played major leadership roles in information security throughout his career. He has 23 years of information technology experience, 21 focusing on information security risk management. Before his role at Bank of America, Jason was the First Vice-President of Security Services for LaSalle Bank N.A. He also led the internal Information Security team at The Options Clearing Corporation and served as Director of Global Security Architecture for Aon Corporation at its world-wide headquarters in Chicago. He combines strong organizational management and leadership skills with a high degree of technical knowledge, the result of hands-on information security experience early in his career at Allstate Insurance, N.A.S.A. Langley, Siemens, and Jefferson Laboratories.

Over his career, Jason has been involved in 54 acquisition related network integrations, set up secure eCommerce environments, and led multiple cross-industry forums.

Providing industry leadership, Jason is Vice-Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS/ISAC), a Board Advisor for ChicagoFIRST, Arbor Networks, and Qualys, and is a member of the Executive Committee of the Cloud Security Alliance (CSA). He was also on the Program Committee of the RSA Conference (2013-2016) and serves as FBI’s Chicago Infragard Sector Chief for Finance. Previously, he was the Chicago OWASP Chapter President (2006-2010).

Saša Zdjelar

Chief Trust Officer, ReversingLabs

Saša is the Chief Trust Officer (CTrO) at ReversingLabs and Operating Partner at Crosspoint Capital with ~20 years of Fortune 10 global executive leadership experience. His CTrO scope includes leadership, oversight and governance of the CISO/CSO function, including product security, as well as partnering with other leaders on corporate and product strategy, strategic partnerships and research, and customer and technology advisory boards, including sponsoring the ReversingLabs CISO Council.

Prior to ReversingLabs and Crosspoint Capital, Saša served as the Senior Vice President of Security at Salesforce, where he led a global organization encompassing enterprise security, product security, offensive security, security engineering/automation, bug bounty programs, technical product/program/project management, and mergers & acquisitions. He also played a crucial role as the executive sponsor for strategic corporate security initiatives, such as Zero Trust.

Prior to his tenure at Salesforce, Saša spent nearly two decades at ExxonMobil, holding various positions focusing on strategy, enterprise security & architecture, software engineering, ERP systems design/integration, program and product management, planning & stewardship, compute and hosting platforms, and digital/cyber resilience.

Saša is an active participant and founding member of several CISO leadership communities. He is also a member of the Forbes Technology Council, a Fellow at the Cyber Readiness Institute (CRI), a member of the BlackHat CISO Summit Advisory Board and BlackHat Content Review Board, and engages in organizations such as Infragard, ISACA, and ISSA. His insights have been published in various industry publications, and he has spoken at numerous industry conferences and universities.

Saša holds a Bachelor's degree in Management and a Master's degree in Decision Science from the University of Florida.