SVP and CSO, Ellie Mae
Dr. Selim Aissi is Ellie Mae’s Chief Security Officer. He is responsible for Ellie Mae’s Security Engineering, Operations, Strategy, Governance Risk & Compliance, and Disaster Recovery & Business Continuity.
Before joining Ellie Mae, Selim was the Vice President of Global Information Security at Visa. In that role, Selim transformed Visa’s information security program into the industry leader, led critical security programs including product security innovation, and enabled global growth and data center expansion. He also led the definition of security technologies for protecting Visa’s data, networks, data centers, digital wallets, applications, endpoint devices, and other core capabilities for corporate network as well as issuer- and consumer-facing products and services. Selim was recognized for leading company-wide security initiatives including Apple Pay, Visa’s APAC Data Center, and Visa’s Data Protection Programs.
Previously, Selim spent over 11 years at Intel where he held senior management and technology roles and championed several security technologies for Intel’s server, desktop, and mobile products. Prior to Intel, Selim held senior engineering positions at General Dynamics – Land Systems Division (M1A2 Battle Tank Vehicle Electronics), General Motors (Embedded Software Center of Excellence), and Applied Dynamics International.
Selim earned his B.S., M.S., and Ph.D. in engineering from the University of Michigan, Ann Arbor. He has filed over 100 patents in various areas of computer and information security, many of which are deployed in computing systems (e.g., Intel Trusted Platform Module, Trusted eXecution Technology) and consumer products (e.g., Visa Checkout, Apple Pay).
Selim serves on a number of advisory boards including startups (Black Duck Software, Dataguise, MagicCube), leading venture capital firms (Ten Eleven Ventures, BGV), and security organizations (UC Berkeley CISO Institute, Bay Area CISO Executive Governing Body, Intel Security Executive Advisory Board). He was named by IT Security Magazine as one of the “Top 59 Most Influential Security Experts” and was co-author of the book Security for Mobile Networks and Platforms (Artech House).
VP & CISO, Johnson & Johnson
Ms. Allison has responsibility for protecting Johnson & Johnson information technology systems and business data worldwide. This includes ensuring that the company’s information security posture supports business growth objectives, protects public trust in the Johnson & Johnson brand, and meets legal/regulatory requirements. Marene is a member of the company’s Compliance committee and presents to the Johnson & Johnson Board of Directors on cybersecurity risk. With more than 260 companies in 60 countries worldwide, Johnson & Johnson is a global leader in consumer health, pharmaceutical products, and medical devices.
Prior to joining Johnson & Johnson, Marene was Chief Security Officer and Vice President for Medco, the largest pharmacy benefit manager in the United States. Marene was responsible for all aspects of the company's security, regulatory compliance including physical and logical security, and executive protection as well as HIPAA, Payment Card Industry, Medicare, prescription fraud, and IT controls.
Prior to that, Marene was with Avaya as head of Global Security where she worked on securing the World Cup network in Korea and Japan in 2002. Before joining Avaya, she was Vice President of Loss Prevention and Safety for the Great Atlantic and Pacific Tea Company. Before joining the corporate world, she served as a Special Agent in the FBI working on undercover drug operations in Newark, NJ, and also working on terrorist bombings in San Diego, CA. She developed and participated in the nuclear terrorism exercise, Compass Rose ’88, the largest mock terrorism incident exercise by the federal government.
Marene has a Bachelor of Science degree from The United States Military Academy at West Point, in the first class to include women. She has served in the US Army in the Military Police at Ft Hood, TX, Ft Chaffee, AR and Ft McClellan, AL. She has served on the Defense Advisory Committee on Women in the Services appointed by the Secretary of Defense and the Overseas Security Advisory Committee appointed by the Secretary of State. Marene is a founding member of West Point Women and currently serves on their Board of Directors. She is also on the Board of Directors for H-ISAC (Health Information Sharing and Analysis Center) and ASIS International. Marene is married, has a son, a wonderful daughter-in-law and grandson, and lives in Bucks County, Pennsylvania.
Vice President and Head of Information Security, Western Digital
Geoff Aranoff joined Western Digital in February 2016 as Vice President and Head of Information Security. In this role, Mr Aranoff is responsible for developing and implementing the enterprise security strategy that protects the electronic assets and supporting infrastructure that includes the manufacturing and engineering systems, corporate systems, and intellectual property. His organization continually evaluates the ongoing internal and external risks to Western Digital and adopts long-term and short-term strategies to mitigate risks and threats within an appropriate budget. Mr. Aranoff leads the organization responsible for adopting and enforcing policies for internal and external risk management along with IT security including network, application, endpoint, and storage security.
Mr. Aranoff was previously the Chief Information Security Officer (CISO) for Broadcom Corporation where he initiated and built the company's information security program. Mr. Aranoff developed enterprise security strategies that provided the necessary monitoring and controls for Broadcom’s intellectual property (IP). He also facilitated electronic discovery for litigations and electronic forensics for internal and external inquiries and investigations. Mr. Aranoff served six years in the United States Marine Corps Reserves and was activated for Operation Desert Storm in 1990.
Global CISO, Sage Group
Ben joined Sage Group as Global CISO in 2018 after 16 years in the British Government. Sage is the UK’s largest technology company and the world's leading provider of integrated accounting, payroll, and payments systems to entrepreneurs and small and medium businesses. At Sage, Ben is responsible for protecting the global technology estate, products, and cloud services for 3 million customers in 23 countries.
In 2018, Ben left the UK Government as Deputy Government Chief Security Officer, based in the Cabinet Office. Ben was responsible for all aspects of protective security policy and coordination across 48 government departments and over 400,000 civil servants. Ben’s remit included cyber and information security, personnel security, counterterrorism, counterespionage, and investigation of serious incidents and breaches, including contravention of the Official Secrets Act. While in government Ben led transformative security reforms to redesign organizational structures, unlock government access to commodity technology and public cloud and modernize decades old security policies and practices.
Chief Information Security Officer, Voya Financial
As Senior Vice President and Chief Information Security Officer, Badhwar is responsible for advancing the Voya information security strategy as well as defining associated policies and standards for achieving the strategy. He leads a team accountable for developing, managing, and maintaining the information security and protection policies and standards for all company computing, privacy, and collection activities. Badhwar joined Voya Financial with more than 20 years of experience in cybersecurity engineering and operations. Most recently, he was global head of information security for AIG, where he led a security strategy centered on the protection and preservation of information assets.
Chief Information Security Officer and General Partner, Edward Jones
Scott Benson is the Chief Information Security Officer for Edward Jones. Scott has spent over 20 years in the Information Security field in various lines of defense. Previously a CISO for a large financial institution headquartered in Chicago, Scott has an extensive background with Information Security frameworks, cyber defense, intrusion detection and incident response. Scott also worked extensively with various banking regulatory agencies throughout his career. Scott is a Certified Information Systems Security Professional (CISSP) and a member of the International Information System Security Certification Consortium (ISC)2.
Michael Blache is the Chief Information Security Officer of TaxSlayer, a software development company specializing in tax preparation software for professional and individual tax preparers. Promoted to this role in 2015, Michael has been instrumental in organizing and structuring the organization’s first dedicated Information Security Department operating separately from the IT Department. Michael is responsible for the vision and mission of TaxSlayer’s Information Security team in regards to security operations, regulatory compliance, disaster recovery, and business continuity.
In 2004, Michael first joined the TaxSlayer team as an IT Manager. In his first six months on the job, he was promoted to the position of Director of Information Technology. During his 11 years as IT Director, he drove the transformation of the organization’s information technology infrastructure during a time of expansive growth. Michael was responsible for standing up TaxSlayer’s first network operations center allowing round the clock monitoring of critical systems. He was selected by TaxSlayer’s executives to receive the organization’s highly coveted “Moving Your Division to the Next Level” award in 2005 and 2012.
Prior to joining TaxSlayer, Michael worked as a network administrator for a managed service provider in the private sector and as an Information Technology specialist in the Navy and Air Force. With over 20 years of experience, his diverse background is a testament to Michael’s ability to adapt technologies to meet the operational and security needs of various industries.
Michael holds a Bachelor of Science in Information Technology degree from South University and a Master of Science in Information Assurance degree from Norwich University. Michael holds several industry certifications, most notable of which is the Certified Information Systems Security Professional certification. Michael is an active member of the Greater Augusta ISSA Chapter and ISACA.
Cybersecurity Outreach Director, Huntington Bank
In addition to his role as Cybersecurity Outreach Director at Huntington Bank, Boian also serves as a cybersecurity consultant at the Department of Energy’s Special Technologies Laboratory. He retired from the National Security Agency in 2016 after almost 30 years of service. His roles included operational and leadership positions in both offensive and defensive cyber operations and included a Joint Duty Assignment as the Technical Director for the Chief of Operations (J3) USCYBERCOM. Boian won many awards including the Chairman Joint Chief of Staff (CJCS) Joint Civilian Service Commendation Award (CDR USCYBERCOM) in 2011.
Global CISO, Aflac
Tim joined Aflac as the Chief Information Security Officer in April 2014. In this role, Tim is responsible for the Aflac Information Security Program, which includes Threat and Vulnerability Management, Security Operations and Incident Response, Information Technology Compliance and Risk Management, Security Engineering, and Disaster Recovery. Through the execution of the security program, Tim is the executive responsible for protection and availability of the information assets of the leading provider of supplemental and voluntary insurance products in the world. Tim leads various risk committees and structures to help business partners accelerate in a safe and sound manner.
Prior to Aflac, Tim was Senior Vice President, Business Continuity and Information Assurance at SunTrust Bank. Tim was responsible for SunTrust’s Corporate Threat and Vulnerability Management, Information Security Monitoring and Investigation, Business Resumption, Disaster Recovery, Incident Response/Crisis Management, Technology Risk Project Office, Records and Information Management programs. Tim led a team of professional risk managers in ensuring the protection, preservation, and availability of critical corporate information and resources. Tim integrated these functions building a capability that provided a unified approach in determining threats, developing mitigation strategies and solutions, and managing through incidents. Tim has successfully tested this integrated concept in the management of virus, weather, technology outages, and distributed denial of service attacks.
Prior to SunTrust, Tim served as First Vice President, Technology Risk Management, and Chief Information Security Officer at People's United Bank in Bridgeport, Connecticut. Tim was the executive charged with protecting People’s United Bank’s information, information systems, and technology. During his tenure, Tim built an effective technology risk management organization and led the company through a technology integration and organization program upon the acquisition of a bank of near equal size. Tim also served on the State of Connecticut Judicial Committee on Identity Theft to assist in building requirements for protecting sensitive personal information introduced into the judiciary through legal actions.
Tim was a career military professional serving in leadership positions throughout his 23-year career. In his final assignment, Tim was the program manager for a command risk management function at one of the US Air Force's Major Command Headquarters.
CISO in Residence
Peter Chronis was previously the Chief Information Security Officer for WarnerMedia, a $33 billion media, sports and entertainment company headquartered in New York City. Pete was responsible for WarnerMedia's information security operations, architecture, governance, compliance and business continuity programs designed to protect the company and its global portfolio of more than 100 brands.
Pete has more than 15 years of experience using technology to manage risk for telecommunications, retail, media, entertainment, financial and IT services companies. He is the inventor of several innovative proprietary IT security technologies that together have blocked more than 750 billion threats and prevented $100M in fraud.
Prior to Turner, Pete was the Chief Security Officer at EarthLink where he was responsible for the company’s security program and product portfolio. He also developed sophisticated proprietary fraud detection systems for Lynk Systems, an Atlanta-based financial services company that was acquired by the Royal Bank of Scotland and is now called WorldPay.
Executive Vice President, Chief Product and Information Security Officer, Comcast
Noopur Davis is Executive Vice President, Chief Product and Information Security Officer for Comcast Cable. In this role, she is responsible for overseeing the full range of cybersecurity functions for all Comcast Cable businesses, including all products and services delivered to its residential and business customers. Her responsibilities include product security and privacy, information and infrastructure security, data protection, security architecture and engineering, security operations and incident response, threat hunting, security intelligence and analytics, identity management, technical fraud, and the Legal Response Center. Additionally, Noopur serves as SVP, Product and Information Security for Comcast Corp.
Noopur joined Comcast from Intel, where she served as Vice President, Global Quality, Intel Security Group. Previously, she was a Visiting Scientist and Senior Member of Technical Staff at the Carnegie Mellon University Software Engineering Institute, a Principal of management consulting firm Davis Systems, and held various leadership and technical positions in Fortune 500 companies such as Chrysler and Intergraph.
She is a champion of women in technology and serves on the Advisory Board of Comcast/NBCUniversal TechWomen. She is the recipient of the WICT/SCTE•ISBE/Cablefax Women in Technology award, and has been included on the Cablefax 100, Cablefax Diversity, Cablefax Most Powerful Women and Top Women in Technology lists multiple times.
Noopur holds a Master of Science in Computer Science from the University of Alabama and a Bachelor of Electrical Engineering from Auburn University. She is a member of the Institute of Electrical and Electronics Engineers (IEEE), the Association of Computing Machinery (ACM), and the Women in Cable Telecommunications (WICT).
Executive Security Advisor, Cybersecurity Solutions Group, Microsoft
Jim Eckart is an Executive Security Advisor with the Microsoft Cybersecurity Solutions Group (CSG). In this role, he is a trusted advisor to IT, security, privacy, compliance, legal and business executives as they proceed on their digital transformation journeys. He regularly engages in public speaking, thought leadership, policy and standards engagements in support of secure digital transformation across the public and private sectors in the United States and internationally.
Jim joined Microsoft following prior Chief Information Security Officer (CISO) roles at Eli Lilly and Company and most recently The Coca-Cola Company. In these roles, Jim delivered global business-aligned digital risk programs, that balanced security, compliance and growth across multi-national organizations, global franchise systems and complex supplier networks.
As a cybersecurity executive, Jim has extensive experience explaining to boards of directors how difficult-to-understand cybersecurity programs translate into results that boards do understand - governance/risk/compliance, policy/standards/controls, third party risk management, information protection, insider threat, business continuity and shop floor security. Jim also regularly contributes thought leadership in forums such as the World Economic Forum’s Global Future Council on Cybersecurity, Gartner’s Information Risk Management Research Board, the National Technology Security Coalition, and others.
Jim is originally from Indianapolis, Indiana and now resides with his family in Atlanta, Georgia. He received his Bachelor of Science degree from Purdue University. He went on to earn his Chief Information Security Officer certification from the Heinz College of Information Systems and Public Policy at Carnegie Mellon University. In his free time, he enjoys golfing and motorcycling with his family.
Chief Information Security Officer, Equifax
As the Chief Information Security Officer, Jamil Farshchi is responsible for ensuring the security of the company’s digital assets as well as transforming the Equifax cybersecurity program into a world-class capability. Farshchi, an award-winning change leader, has spent his career building industry-leading cybersecurity programs to protect some of the world’s most sensitive assets, particularly in times of urgent need.
Most recently, Farshchi, in his role as CISO, successfully led a similar rebuilding effort to mature The Home Depot into an information security leader following what was one of the largest cyber breaches in history. Prior to The Home Depot, Farshchi was named the first CISO at Time Warner Inc. in 2014, and was responsible for the defense of entities such as Warner Bros., CNN, and HBO.
Before taking on his role at Time Warner, Farshchi was the VP of Global Information Security at Visa, where he was responsible for protecting over $7 trillion of payment card transactions annually and transforming Visa’s cyber program into one of the most mature within the financial services industry.
In 2009, Farshchi served as the CISO at the Los Alamos National Laboratory with responsibility for defending some of the United States’ most sensitive national security and nuclear weapon assets. He has also served in a variety of risk, operational, and technology leadership roles at organizations including Sitel Corp., NextWave Wireless, and the National Aeronautics and Space Administration (NASA).
Currently, he serves on the Board of Directors for the Institute for Information Security and Privacy at Georgia Tech and the Piedmont Park Conservancy, and he is also a mentor in the Columbia University Technology Management program.
Farshchi holds a bachelor’s degree in Business Administration from the University of Oklahoma and a master’s degree from the Wharton School at the University of Pennsylvania. He also completed the Harvard Business School’s Program for Leadership Development.
Gowen joined Synovus in 1995 after a 16-year career with IBM Corporation where he served in various engineering and management positions. He began his career with Synovus in the Information Technology area as Vice President of Network Services and Support. He served in various leadership roles in Information Technology including Director of Technology and Strategic Infrastructure. Gowen was named Senior Director of Procurement in 2008 with responsibilities for procurement, contracting, and vendor management. He was named a Group Executive in 2011 and his responsibilities were expanded to include serving as Chief Procurement Officer and overseeing Synovus’ Corporate Real Estate group. Gowen was named Chief Information Security Officer in February 2015.
As Chief Information Security Officer, Gowen is responsible for all aspects of information security and business continuity including identity and access management, security architecture, security operations, IT risk assessments, audit and regulatory interface, disaster recovery coordination, business continuity planning, and crisis management. He is also responsible for setting the tactical as well as strategic direction for Synovus’ enterprise vision, strategy, and program to ensure that information assets and technology are adequately protected.
Gowen’s education includes:
B.S., Mechanical Engineering, Georgia Institute of Technology
M.S., Mechanical Engineering, Georgia Institute of Technology
Synovus Leadership Institute
Chief Information Security Officer and Group Executive, Mastercard
Ron Green is Group Executive and Chief Information Security Officer. He leads a global team that ensures the safety and security of the Mastercard network as well as internal and external products and services. He is responsible for Information Security Operations, Architecture and Engineering, Security Event Management and Incident Response. Mr. Green also oversees cryptographic key management, business continuity, disaster recovery, and emergency management.
Mr. Green joined Mastercard in 2014 after serving as deputy chief information security officer at Fidelity Information Services (FIS). There, he led a team responsible for North American Information Security Operations, including security architecture and engineering programs, security testing, and governance. Prior to this position, Mr. Green was Director, Investigation and Protections Operations at Blackberry where he was responsible for global cyber and physical investigations, security operations centers, network security architecture, technical surveillance countermeasures, and threat intelligence programs. He also served as a senior vice president across several areas at Bank of America.
Mr. Green has extensive experience working with international and federal law enforcement agencies both as a special agent in the United States Secret Service and as an officer in the United States Army. With the Secret Service, Mr. Green worked protection and fraud investigations. He was one of the first agents to receive formal training on seizing and analyzing electronic evidence, and he worked on a number of international cyber crime investigations. Mr. Green serves on several advisory councils including the Financial Services Information Sharing and Analysis Center and the Overseas Security Advisory Council. He holds a bachelor’s degree in mechanical engineering from the United States Military Academy at West Point; is a graduate of the FBI’s Domestic Security Executive Academy; and holds a graduate certification in Information Assurance from George Washington University.
Vice President, Information Security and Privacy, Graham Holdings
Stacey Halota joined Graham Holdings Company (then The Washington Post Company) in 2003. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance, and other data protection efforts. Halota has more than 25 years of experience in the information technology, security, and privacy field. Before joining Graham Holdings, she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice.
Ms. Halota serves on the advisory boards of CyberVista, Y/L Ventures, and the International Consortium of Minority Cybersecurity Professionals. She is a Certified Information Systems Security Professional (CISSP) and a Certified Information Privacy Professional (CIPP).
Vice President and Chief Information Security Officer, Eli Lilly and Company
Meredith Harper serves as vice president and chief information security officer at Eli Lilly and Company. She is responsible for the company’s global information security program.
Prior to joining Lilly in 2018 as senior director, deputy chief information security officer, Meredith served as chief information privacy and security officer at Henry Ford Health System, where she had ultimate responsibility for the protection of Henry Ford’s provider, insurance, retail and research businesses.
Meredith is an active member of the Health Care Compliance Association where she holds dual certifications in healthcare compliance and privacy. She is certified as a Healthcare Information Security & Privacy Practitioner through the International Information System Security Certification Consortium Inc. and a Certified Information Security Manager through the Information Systems Audit and Control Association.
She earned a master’s degree in health services administration and a bachelor’s degree in computer information systems from the University of Detroit Mercy. She also earned a master’s of jurisprudence in health law from Loyola University Chicago School of Law.
Meredith serves on several advisory boards in support of empowering women and minorities to embark upon careers in technology, especially in information security. She has also served her community for 29 years through her Diamond Life membership in Delta Sigma Theta Sorority Inc.
CISO and EVP Information Security Services, US Bank
Tim Held serves as Chief Information Security Officer and Executive Vice President of Information Security Services for U.S. Bank. He is responsible for leading a multidisciplinary information security team operating across the United States, Europe, and Asia focusing on prevention, detection, and response. Areas of responsibility include architecture, engineering, security operations, incident response, data loss prevention, vulnerability assessment services, online fraud detection, security monitoring, insider threats, and cyber threat intelligence.
Tim has 21 years of information technology experience, with 17 focused on information security and risk management. His diverse background blends rich leadership experience with deep technical acumen. Prior to joining U.S. Bank in 2005, Tim enjoyed a successful career in both leadership and technical hands-on roles at Fifth Third Bancorp, Jireh Consulting Group, and AAA Travel and Insurance Services. Areas of responsibility included security consulting, security architecture, application development, network security, biometric development, employee fraud, and theft detection.
He is an active member and advisor on the committee for the Association of Certified Fraud Examiners. He is also active in various security and fraud working groups within the industry, including participation with BITS, FS/ISAC, and OWASP. Tim earned a Master of Science in Information Security Management from Colorado Tech University, an NSA school of excellence. He also earned professional certificates in Information Systems Security, Information Systems Security Management, Security Certification and Accreditation, and Project Management (PMI sponsored). Additionally, Tim attended Stanford University’s Advanced Computer Security Program, and the Pacific Coast Banking School at the University of Washington.
CISO in Residence
Elizabeth Joyce is SVP and CISO of State Street. In her previous role as Vice President and CISO at Hewlett Packard Enterprise Services, Joyce was responsible for building world-class, extensible security capabilities that protected HPE’s assets and workforce, as well as enabling and extending business capabilities. All aspects of information security – strategy, architecture and operations; product security, information and threat management; governance, risk and compliance; third party assessment; identity and access management; and security transformation and training fell under her purview.
Previous to this role, Joyce was the Chief Information Security Officer for HP’s Software Division where she was responsible for end-to-end security and infrastructure services. She joined HP through its Autonomy acquisition where she was the Chief Security Officer and Group Operations Infrastructure leader.
Earlier on, Joyce held leadership roles at Iron Mountain as the Senior Vice President for Worldwide Service Delivery in charge of all aspects of post-sale delivery, and at Symantec as Vice President & General Manager for Enterprise Services – Americas with P&L and operational responsibilities. She started her career as a technical consultant for executive information systems, middleware solutions, and security in the US and Europe.
Joyce has led large operational and small technical teams and has successfully executed several turnarounds – improving solutions through innovation and a focus on delivery excellence, ensuring customer satisfaction as a priority while meeting profitability targets.
Joyce holds a Ph.D. in information security from University of Plymouth, UK and BSc in Computer Science Honors from University College, Dublin.
VP & CISO, Dollar Tree Inc.
Dr. Kevin McKenzie is Vice President of Information Technology and Chief Information Security Officer (CISO) for Dollar Tree Stores Inc. Dollar Tree is a publicly traded Fortune 150 company with revenues in excess of $20 billion that encompasses both Dollar Tree and Family Dollar retail stores. Headquartered in Chesapeake, Virginia, Dollar Tree operates thousands of stores across all 48 states of the contiguous United States along with five Canadian provinces.
Strategically, Kevin is responsible for establishing the vision, mission, and security posture for the combined Dollar Tree enterprise and tactically accomplishes this through his oversight of Governance and Risk Compliance, Security Operations, and Network Security. Kevin holds an undergraduate degree in Management, a master’s degree in Industrial Management, and a Doctorate in Career and Technology Education from Clemson University. He also holds the Certified Information Systems Security Professional (CISSP) and ITIL professional certifications.
In addition to his corporate officer role, Kevin remains an actively engaged member of the faculty at Clemson University. He serves on the strategic advisory board for the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the technology advisory board for Tidewater Community College. Additionally, he’s also an advisory board member for tech companies in the security industry. He has helped author multiple Congressional testimonies and personally participated in a Congressional town hall event about information security topics.
In 2013, Kevin was named the ISE Southeast Executive of the Year Award Winner and, later that year, the North America Information Security Executive of the Year for the Public & Academic Sector by Tech Exec Networks (T.E.N.). That same year, Kevin also received the America’s Information Security Leadership Award (ISLA) by ISC2—representing all of North America, South America, and Central America. In 2017, Kevin was honored and recognized as a ‘Roaring 10’ award recipient of Clemson University where ten alumni are named annually who have made an impact in business, leadership, community, educational, and/or philanthropic endeavors while upholding the university’s core values of honesty, integrity, and respect.
Previously, Dr. McKenzie was CISO and Executive Director for the Office of Information Security and Privacy at Clemson University where he established the university’s strategic direction in information security, mentored and taught students as a Research Professor in Electrical and Computer Engineering, created a student-led Security Operations Center (SOC) designed as an immersive experience for the students, served as Chief Security Officer to multiple statewide healthcare organizations comprising more than $7 billion in healthcare transactions, and protected one of the nation’s premier higher education environments classified as a top-tier Highest Research Activity (R1) research institution under the Carnegie Classification of Institutions of Higher Education.
Chief Information Security Officer, LabCorp
Jim is a leading cybersecurity and risk management practitioner with broad international experience in creating, transforming, and sustaining architectures that protect organizations and their information assets from today’s threats. He is a tenured professional who has experience in the technical trenches as well as in the boardroom, with a focus on the international banking/finance and healthcare sectors.
As the first Chief Information Security Officer and VP of IT Risk Management for one of the world’s largest life sciences companies, Jim is responsible for all cyber risk and protection worldwide. Leading a team of 150 security professionals, Jim has built a leading edge Office of Information Security (OIS) that is integrated into the business beginning with mergers and acquisitions through all clinical and laboratory operations. The OIS includes behavior management, security operations, data protection and informatics, identity management, business resiliency, crisis management, governance, risk and compliance for all internal and regulatory requirements. Using contemporary techniques such as machine learning, artificial intelligence, deception technologies and advanced analytics, Jim has reduced the corporate cyber exposure by 90% with reduction in staff overhead for incident response and service outages by 93%. Jim is also responsible for IT risk management enterprise-wide and exposure to the balance sheet using statistical models and financial risk mitigation techniques to align with the risk tolerance set by the Board of Directors.
Previous to LabCorp, Jim was the first Chief Information Security Officer for the Mayo Clinic and the first Chief Information Security Officer for The World Bank. He has been an information security and risk management practitioner for more than 30 years, with broad experience in all aspects of creating, transforming, and sustaining architectures for protecting organizations and their information assets.
Corporate Chief Information Security Officer, Unisys
Mathew Newfield joined the Unisys leadership team as the Corporate Chief Information Security Officer in March 2018. He leads the Unisys Corporate Information Security team with responsibility for design, development, and implementation of the company's corporate information security and risk programs across all regions and functions. Newfield has over 19 years of experience in information technology with a focus on security, software as a service operations, risk auditing and management, and international mergers and acquisitions.
Prior to joining Unisys, he was the Director of Global Managed Security Services for IBM where he had responsibility for delivery services in 133 countries and managed a staff of 1,500 security professionals. Newfield led the Managed Security Practice that performed Device Management, Threat Intelligence, Managed Security Information and Event Management, Account Governance, Project Management, Deployment Services, New Service Integration Business Operations, Compliance/Governance and Architecture Services. Newfield was also the Business Unit Information Security Officer and Global Process Officer for IBM's Security Services Organization. During his time at IBM, Newfield streamlined operational processes and developed cost reduction methodologies that improved cost control, profitability, and client delivery. Prior to IBM, Newfield held senior security leadership roles at Cybertrust, RSA, and DDC Advocacy.
Newfield is a published author on topics related to security, a speaker on cybersecurity, and has been an instructor at the SANS Institute. In addition, he holds a Bachelor of Science degree in Industrial and Organizational Psychology from George Mason University.
Senior Director, Information Security, Aaron’s
As the Senior Director of Information Security at Aaron’s, David is accountable for information security and risk leadership, strategy, budget, and operational excellence. He is a servant leader and mentor to a robust team of information security professionals and managers covering Application Security, Incident Response, Governance Risk and Compliance, Emerging Technology Security, Endpoint Protection, and Information Protection.
David has spent over 20 years in the information technology industry in various roles. He previously served as a Manager of the Threat, Attack and Penetration testing services team, Application Security Architect, deployment manager, and various lead developer roles for Caterpillar Inc. He has additionally held positions at companies including State Farm Insurance and the Central Intelligence Agency.
David is a regular speaker at colleges, corporations, and industry conferences including the (ISC)2 Security Congress, ISSA, and ISACA conferences, is active on various industry advisory boards, and is the Education Chair for the Atlanta chapter of InfraGard.
SVP and Global CISO, TransUnion
Jasper Ossentjuk joined TransUnion in 2014 as the SVP and Global Chief Information Security Officer, bringing years of experience as an IT and information security leader. Jasper is a passionate and vigilant leader of information security. His information security responsibility for TransUnion spans across 30+ countries protecting over a billion consumer files and 50+ petabytes of data.
Before joining TransUnion, Jasper was an information technology and security leader at HSBC from 2002 – 2014. While at HSBC, Jasper served as the CISO for North America and later as the CISO for HSBC’s Global Retail Banking business overseeing the security for 50 million customers, 6000 branches, and 28,000 ATMs. Prior to that, Jasper held technology and leadership positions at Accenture as part of the Financial Services Practice.
Jasper holds a master’s degree in Project Management from the George Washington University School of Business and a bachelor's degree with a dual major in Management Information Systems and Operations Management from the University of Arizona. He is also CISSP-certified.
Chief Information Security Officer, Hearst
Michael Palmer is the chief information security officer for Hearst, a leading diversified media, information and services company with over $10 billion in annual revenue. Hearst’s portfolio of more than 360 companies spans cable television networks such as A&E, HISTORY, Lifetime and ESPN; global financial services leader Fitch Group; and Hearst Health, a group of medical information and services businesses. Palmer leads enterprise-wide vision, strategy and architecture of information security and technology risk management. Palmer brings his expertise to evangelize IT security across Hearst’s portfolio, integrating IT security as a critical component of business operations.
Formerly, Palmer served as a key member of the NFL’s executive team, responsible for governing the league’s cybersecurity strategy, policies and programs while protecting its brand, intellectual property and assets. As the first chief information security officer in the NFL, Palmer’s inaugural role was the result of his ingenious work ethic, dedicated problem solving and ability to pitch the business case for having an information security office. Palmer recognized a need in the organization and created the CISO office from the ground level in 2012.
Palmer’s background includes 20+ years of broad cybersecurity and enterprise risk management experience, including deep specialization in corporate technology infrastructure, identifying threats and pinpointing vulnerabilities. Palmer works to expose inherent business risks and is adept at spearheading strategies on how to best address them. As a proven trailblazer, change agent and subject matter expert in information security, Palmer works closely with his colleagues, providing guidance on security and risk issues.
An industry thought leader, Palmer serves on the Grambling State University Technology Advisory Board and Rochester Institute of Technology Computer Security Advisory Board. In his work at the colleges, he helps to shape the educational programs that train the next generation of cyber defenders. Some of Palmer’s awards include the CISO Executive Summit Breakaway Leadership Award (2018), Global Leadership Forum (GLF) Superstar (2018) and Information Technology Senior Management Forum (ITSMF) Member of the Year (2017).
Palmer also co-chairs the governing body of the New York CISO Executive Summit (Evanta), an organization that fosters collaboration and knowledge sharing across the New York CISO community. He is a member of the programming committee for RSA 2019 CISO Boot Camp and CISO Insight track, creating educational content for the world’s largest cybersecurity conference.
Passionate about diversity and inclusion in the technology space, Palmer serves on the International Consortium of Minority Cybersecurity Professionals (ICMCP) Strategic Advisory Board to help bridge the great cyber divide, working to attract more women and minorities into the information security industry. Previously, Palmer also served as a committee chair of the NFL’s Diversity Council, a governing body that works to provide increased opportunities and exposure to women and diverse professionals within the NFL.
Palmer earned a U.S. Department of Homeland Security Secret Clearance and holds several industry certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Manager (CIPM) and Information Technology Infrastructure Library V3 (ITIL V3).
He obtained a bachelor’s degree in business administration with a major in computer information systems from Baruch College. He is also part of the Department of Homeland Security Commercial Facilities Workgroup Governing Board of Directors and Information Technology Senior Management Forum (ITSMF).
North America CISO, McKesson
Peeyush Patel joined McKesson in September 2019 as North America CISO. In this role, Peeyush is responsible for overall strategy, leadership, and governance of the North America and enterprise security strategy that protects the electronic assets and supporting infrastructure including the company’s supply chain and engineering systems, corporate systems, and intellectual property. Peeyush leads various risk committees and structures to help business partners accelerate in a safe and sound manner by enabling the best and brightest resources in the organization.
Peeyush is an information technology and information security expert with over 15 years of experience building and directing risk management programs and information security for large, global organizations. His scope has included developing group-wide risk management, security policy, and strategy programs that include a comprehensive breadth of information security and technology risk.
Prior to McKesson, Peeyush was the Chief Product Security Officer for Experian, responsible for the strategy, leadership, and governance of Experian’s Product Security, Security Operations, Data Protection, and Offensive Security programs. Previously, he was Head of Information Security Shared Services and Technology Risk Management for two major financial services institutions where he established, grew, and managed Information Security, Technology Audit, and Technology Risk organizations that provided global security services.
CISO, Ohio State University
With more than 20 years of experience in the Security, Risk and Resiliency profession, Helen Patton (CRISC, CISA) brings a wealth of experience in managing information, technology and operational risk for global organizations, and advocates using Information Risk and Security Management to enable the mission of the Institution.
Since July 2013 Helen has assumed the role of Chief Information Security Officer at The Ohio State University, where she works to enable a risk-aware culture. She manages the Enterprise Security team, and oversees Information Risk and Control Governance across University units. The Security team is responsible for Information Security policies and Standards, as well as providing Security products and services. Helen chairs the University Information Security Advisory Board, which governs the execution of the University’s award-winning Information Security Framework.
Prior to working at OSU, Helen spent nine years in a Fortune 50 Financial Services firm, where she was responsible for creating Risk and Resiliency programs and operations which delivered pragmatic risk delivery capabilities to internal and external clients.
Helen works to encourage collaboration across and between industries, to enable better information security practices. She believes in improving diversity in the Information Security profession, and mentors people interested in pursuing a career in Security, Privacy and Risk Management.
Helen has a Master’s degree in Public Policy, and holds certifications as a Certified Information Systems Auditor and Certified In Risk and Systems Control, from ISACA. She is also a member of the State of Ohio Attorney General Cybersecurity Advisory Board, the Information Systems Security Association, Women for Economic and Leadership Development, and the CISO Executive Roundtable.
Head of Cyber Strategy, BNP Paribas
Mishu Rahman is Head of Cyber Strategy at BNP Paribas, leading business enablement through holistic IT and IS operations transformation, policy, budget, M&A, GRC, and talent development.
Before that, he was senior director (nonpolitical civil servant) under two Presidents, leading digital transformation and the national cybersecurity roadmap, partnering with LoB CIOs and CISOs (e.g. Healthcare, Treasury) managing the President’s $9 billion cyber budget amid a $90 billion IT investment powering the global behemoth with over 3.4 million employees and 275 locations worldwide. He spearheaded strategy and the execution of the $50 billion 15-year shared service initiative, underpinning the worldwide technology stack (mix of cloud, cybersecurity, IT, and network solutions) resulting in $20 million per month in savings, enhanced business agility, and robust cybersecurity capabilities. Mr. Rahman guided dozens of Group CIOs and CISOs to align digital and cyber strategy, design roadmaps, and transition to a secure end state, doing so by connecting risk and opportunity to business strategy, bridging the cyber risk-value proposition gap, and influencing LoB C-Suites and Boards, US Congress policies, and funding.
Prior to this role, Mr. Rahman was regional director of IT and Cyber supporting counter-terrorism operations at DHS where he led technology modernization, tackling technical debt that lends itself to vulnerabilities, by partnering with LoBs on shadow IT and fragile security governance. He also created CDO organizations to standardize data classification and security, ensuring interoperability and speed of information sharing, complimenting information security from another vector.
Before DHS, Mr. Rahman contributed to strategic and tactical programs throughout DoD, managing the critical Joint Staff IT portfolio under the Vice Chairman of the Joint Chiefs of Staff (CIO) in one tour, leading Wargaming (e.g. threat intel and incident response planning for domestic and international scenarios) in another tour, and engineered next-generation secure multi-billion dollar military communication systems (e.g. space and ground networks) deployed worldwide in another tour. He began his career designing and deploying encrypted software-defined radio communication systems, securing and expediting coordination for New Jersey and Pennsylvania first responders.
Mr. Rahman brings a business lens with outcome and ROI accountability, understanding of geopolitical forces at play behind cyber-attacks across sectors, tactical tradecraft from national security, and technical rooting to champion policy, strategy, and execution tradeoff decisions. He holds a Bachelor of Science degree in Electrical Engineering from Virginia Tech and professional development at Stanford and National Defense University.
CISO, Motorola Mobility
Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC. Richard participates in corporate, community, private, and government security councils and working groups, setting standards, policies, and solutions for current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the organization's security effort by developing an international team to tackle targeted attacks, cyber-crime, and emerging threats to mobile devices. He has organized, developed, and deployed practices, tools, and techniques to protect the enterprise's intellectual property worldwide. A much-in-demand international speaker on information security, Richard has spoken at many of the leading security conferences and seminars around the world.
Chief Information Security Officer, Oceaneering
Eric Seagren currently serves as the Chief Information Security Officer at Oceaneering International. Eric’s career in IT started in 1996 and has progressed through various positions including desktop support, server administration, network engineering, risk management, disaster recovery, and cybersecurity across diverse fields such as banking, real estate, oil and gas, aerospace, and defense. This breadth and depth of experience helps Eric understand information technology with a “big picture” perspective. Leveraging this broader perspective, Eric’s focus is to design security policies and solutions that respect the business needs and operational requirements of the organization, maximizing effectiveness while minimizing impact. Eric has experience working in organizations of all levels of IT security maturity, including building a security program from the ground up.
Eric holds a Bachelor of Science in Business: Information Systems. He is also a published author with multiple publishing credits and technical certifications including CRISC, CISA, CISSP-ISSAP. Some of Eric’s publications include “Secure Your Network for Free" and “How to Cheat at Configuring Open Source Security Tools” (co-authored).
Oceaneering International is a global organization with offices in 25 countries and does business in the aerospace, entertainment, material handling, military and defense, and oil and gas industries.
VP and Deputy CISO, Hewlett Packard Enterprise
Drew Simonis is a Vice President and serves as the Deputy CISO at Hewlett Packard Enterprise (HPE). He has worked in some of the largest and most complex environments in the public sector and the private sector with firms such as IBM, AT&T, EDS and Symantec. Prior to joining HPE, Drew spent 8 years as the CISO for Willis Group Holdings (now Willis Towers Watson). Insurance exposed Drew to formal risk management and analysis methodologies and is also where he began to develop an affinity for quantitative measurement of cyber risk as a better means to justify a security program and engage with business leadership. Drew has co-authored several books on security technology and architecture and articles on cyber organizational paradigms. Drew lives in North Texas and holds a Master of Science Degree in Computer Science from James Madison University.
CISO, Globe Life
Duaine Styles is a visionary security strategist who joined Globe Life in March 2015. Duaine holds a Master’s degree in Information Systems, a Bachelor’s degree in Accounting, and is licensed as a Certified Public Accountant in the state of Texas. His experience has spanned multiple finance, IT, and risk disciplines within the retail, finance, and healthcare industries.
Reporting administratively to the General Counsel / Chief Risk Officer and routinely updating Board Members on information security, he is implementing an enterprise risk management approach to information risk and information security governance. Current responsibilities include information security, privacy, business continuity planning, emergency preparedness, and breach management.
Prior to joining Globe Life, Duaine ran a consolidated security function and had the responsibilities of a Chief Security Officer as the VP Security at AmeriCredit / GM Financial for over 11 years.
Throughout his career Duaine has consistently focused on giving back to the profession through coaching his staff and mentoring fellow professionals to their potential, speaking at security conferences and participating in the governing body of various security focused events. He was also a founding officer of the ISSA’s Fort Worth Chapter (2007) and the Chairman of the Information Security Leadership Forum’s initial pilot chapter in Dallas (2013).
Duaine also holds the following active professional licenses and certifications: Certified Public Accountant, Certified Chief Information Security Officer, Certified Information Systems Security Professional, Certified in Risk and Information Systems Control, Certified Information Systems Auditor, Certified Internal Auditor, ITIL Foundations Certificate in IT Service Management, ISO27001 Lead Implementer, and SABSA Foundations.
CISO, NCR Corporation
Bob Varnadoe is the Chief Information Security Officer for NCR Corporation. His duties include overall information security and operational / IT aspects of NCR’s privacy program, IT risk management, compliance company-wide, training and awareness for information security, and oversight of the deployment of security technologies. Bob works with NCR’s lines of business (Professional Services, Legal, Internal Audit, Customer Services and Hardware/Software Engineering) to develop and build out the company-wide strategy for information security. He also represents the IT organization as a part of NCR’s Enterprise Risk Management committee.
Prior to NCR, Bob was with Fiserv Corporation where he was responsible for information security within Fiserv’s corporate risk organization. His team was responsible for information security oversight, governance, and strategy across Fiserv’s business units. The team also provided consulting to Fiserv’s divisions and operating units for information security matters. During his tenure at Fiserv, Bob led teams focused on information security engineering and operations for network infrastructure, distributed systems, and mainframe systems. He also led teams focused on application security testing, consulting, and information security strategy, and he built Fiserv’s security operations center.
Bob joined Fiserv through the acquisition of CheckFree Corporation where he was responsible for information security strategy within CheckFree’s corporate function. Prior to joining CheckFree, Bob was IT Director for an architecture and engineering firm in Atlanta. He has over 20 years of experience in data networking and information systems, 15 years of which were spent exclusively in the security field. Bob holds a bachelor’s degree in electrical engineering from the Georgia Institute of Technology.
CISO, JPMorgan Chase
Jason Witty is the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. An award-winning CISO, Jason was recognized as a 2015 “CISO Superhero” at I.S.E. North America; the 2014 I.S.E. North America People’s Choice Award winner; 2013 “CISO of the Year” by the Information Systems Security Association of Chicago and the Association of Information Technology Professionals; and one of Information Security Magazine’s 2013 “Security 7” representing the Financial Sector. He is a highly rated public speaker, frequently keynoting on cyber security topics at large events including CSA Cloud Summit, Finsec, Infosec Europe, RSA Conference, SecureWorld, and others.
Before joining JPMorgan Chase, Jason was Executive Vice-President and Chief Information Security Officer at U.S. Bancorp, providing singular accountability for all information security controls in the company. And before U.S. Bancorp, Jason was the Senior Vice President and Cyberthreat Prevention Services Executive at Bank of America. He was responsible for a team of information security professionals spanning 8 countries who provided information security risk prevention and deterrence services, globally. He was simultaneously accountable for all information security controls outside of the United States for Bank of America Merrill Lynch, covering 48 countries.
Jason is a certified Information Systems Security Management Professional (ISSMP) who has played major leadership roles in information security throughout his career. He has 23 years of information technology experience, 21 focusing on information security risk management. Before his role at Bank of America, Jason was the First Vice-President of Security Services for LaSalle Bank N.A. He also led the internal Information Security team at The Options Clearing Corporation and served as Director of Global Security Architecture for Aon Corporation at its world-wide headquarters in Chicago. He combines strong organizational management and leadership skills with a high degree of technical knowledge, the result of hands-on information security experience early in his career at Allstate Insurance, N.A.S.A. Langley, Siemens, and Jefferson Laboratories.
Over his career, Jason has been involved in 54 acquisition related network integrations, set up secure eCommerce environments, and led multiple cross-industry forums.
Providing industry leadership, Jason is Vice-Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS/ISAC), a Board Advisor for ChicagoFIRST, Arbor Networks, and Qualys, and is a member of the Executive Committee of the Cloud Security Alliance (CSA). He was also on the Program Committee of the RSA Conference (2013-2016) and serves as FBI’s Chicago Infragard Sector Chief for Finance. Previously, he was the Chicago OWASP Chapter President (2006-2010).