Recently retired, Ms. Allison's responsibilities in her role as Vice President & Chief Information Security Officer were to protect Johnson & Johnson information technology systems and business data worldwide. This included ensuring that the company’s information security posture supports business growth objectives, protects public trust in the Johnson & Johnson brand, and meets legal/regulatory requirements. Marene was a member of the company’s Compliance committee and presents to the Johnson & Johnson Board of Directors on cybersecurity risk. With more than 260 companies in 60 countries worldwide, Johnson & Johnson is a global leader in consumer health, pharmaceutical products, and medical devices.
Prior to joining Johnson & Johnson, Marene was Chief Security Officer and Vice President for Medco, the largest pharmacy benefit manager in the United States. Marene was responsible for all aspects of the company's security, regulatory compliance including physical and logical security, and executive protection as well as HIPAA, Payment Card Industry, Medicare, prescription fraud, and IT controls.
Prior to that, Marene was with Avaya as head of Global Security where she worked on securing the World Cup network in Korea and Japan in 2002. Before joining Avaya, she was Vice President of Loss Prevention and Safety for the Great Atlantic and Pacific Tea Company. Before joining the corporate world, she served as a Special Agent in the FBI working on undercover drug operations in Newark, NJ, and also working on terrorist bombings in San Diego, CA. She developed and participated in the nuclear terrorism exercise, Compass Rose ’88, the largest mock terrorism incident exercise by the federal government.
Marene has a Bachelor of Science degree from The United States Military Academy at West Point, in the first class to include women. She has served in the US Army in the Military Police at Ft Hood, TX, Ft Chaffee, AR and Ft McClellan, AL. She has served on the Defense Advisory Committee on Women in the Services appointed by the Secretary of Defense and the Overseas Security Advisory Committee appointed by the Secretary of State. Marene is a founding member of West Point Women and currently serves on their Board of Directors. She is also on the Board of Directors for H-ISAC (Health Information Sharing and Analysis Center) and ASIS International. Marene is married, has a son, a wonderful daughter-in-law and grandson, and lives in Bucks County, Pennsylvania.
Executive Vice President, Chief Risk Officer, & Global Chief Information Security Officer, Sage Group
Ben joined Sage Group as Global CISO in 2018 after 16 years in the British Government. Sage is the UK’s largest technology company and the world's leading provider of integrated accounting, payroll, and payments systems to entrepreneurs and small and medium businesses. At Sage, Ben is responsible for protecting the global technology estate, products, and cloud services for 3 million customers in 23 countries.
In 2018, Ben left the UK Government as Deputy Government Chief Security Officer, based in the Cabinet Office. Ben was responsible for all aspects of protective security policy and coordination across 48 government departments and over 400,000 civil servants. Ben’s remit included cyber and information security, personnel security, counterterrorism, counterespionage, and investigation of serious incidents and breaches, including contravention of the Official Secrets Act. While in government Ben led transformative security reforms to redesign organizational structures, unlock government access to commodity technology and public cloud and modernize decades old security policies and practices.
Global Business Chief Information Security Officer, World Wide Technology, Inc.
Mario joined World Wide Technology in 2013 after 28 years of professional experience in security in both the government and private sectors. During his tenure with the government Mario served as the Chief Information Security Officer for the Defense Intelligence Agency where he was responsible for information technology, data integrity and security, and global network communications. In this executive role Mario was instrumental in the establishment of key global information security capabilities for the Intelligence Community involving mitigation of advanced threats and implementation of security readiness and monitoring practices. He has served on special assignments to include the largest ever technology exploitation and forensic mission searching for evidence of weapons of mass destruction. Mario’s information security expertise has been called upon for Congressional testimony that ultimately established today’s federal standards for cyber protection.
As the CISO, Mario delivers consulting services to clients by working with executives and addressing the demands of security on a global and enterprise scale. He leads a team of professionals with expertise to assist clients in defining comprehensive security and privacy programs mapped to business imperatives. This includes advanced technology solutions to support a range of clients and working with them to meet organizational requirements for establishing, implementing, monitoring, and maintaining a highly capable security program.
Mario has received special recognition to include Executive Performance of the Year, Civilian Accommodation Award(s), Distinguished Performance, and Special Achievement from the Director of FBI and Director of National Intelligence Community. He holds a B.S. in Computer Science/Information Systems and is a Certified Information Security Manager (CISM).
Vice President & Chief Information Security Officer, Campbell Soup Company
Martin Bally is the Vice President and Chief Information Security Officer of Campbells and has over 23 years of experience in cybersecurity. Martin has global experience in Information, Cyber, Manufacturing, Digital, and Product Development Security.
Martin has held the Global CISO position at Stellantis, formally FCA, American Axle & Manufacturing, Diebold, and TRW Automotive. Martin is a trusted advisor to the Board of Directors and Executive Leadership. He has prior experience in manufacturing, legal, and fintech industries. He has also managed a P&L of 20+ million for security services. In 2020, Martin was recognized as a top 100 CISO by Cyber Defense Magazine.
Martin was on the Board of Directors for the Automotive Information Sharing and Analysis Center (Auto ISAC) and currently sits on the Cloud Security Alliance - Detroit Chapter. He also sits on the Customer Advisory Board for Proofpoint, a U.S.-based enterprise security company. Martin holds a Master of Science in Information Assurance from Norwich University. He also holds the Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), Certified Information Security Manager (CISM), the Certified in Risk and Security Controls (CRISC) security certifications, and the DDN Masterclass Boardroom Certified Qualified Technology Expert QTE.
Chief Information Security Officer and General Partner, Edward Jones Investments
Scott Benson is the Chief Information Security Officer for Edward Jones. Scott has spent over 20 years in the Information Security field in various lines of defense. Previously a CISO for a large financial institution headquartered in Chicago, Scott has an extensive background with Information Security frameworks, cyber defense, intrusion detection and incident response. Scott also worked extensively with various banking regulatory agencies throughout his career. Scott is a Certified Information Systems Security Professional (CISSP) and a member of the International Information System Security Certification Consortium (ISC)2.
Chief Information Security Officer, TaxSlayer
Michael Blache is the Chief Information Security Officer of TaxSlayer, a software development company specializing in tax preparation software for professional and individual tax preparers. Promoted to this role in 2015, Michael has been instrumental in organizing and structuring the organization’s first dedicated Information Security Department operating separately from the IT Department. Michael is responsible for the vision and mission of TaxSlayer’s Information Security team in regards to security operations, regulatory compliance, disaster recovery, and business continuity.
In 2004, Michael first joined the TaxSlayer team as an IT Manager. In his first six months on the job, he was promoted to the position of Director of Information Technology. During his 11 years as IT Director, he drove the transformation of the organization’s information technology infrastructure during a time of expansive growth. Michael was responsible for standing up TaxSlayer’s first network operations center allowing round the clock monitoring of critical systems. He was selected by TaxSlayer’s executives to receive the organization’s highly coveted “Moving Your Division to the Next Level” award in 2005 and 2012.
Prior to joining TaxSlayer, Michael worked as a network administrator for a managed service provider in the private sector and as an Information Technology specialist in the Navy and Air Force. With over 20 years of experience, his diverse background is a testament to Michael’s ability to adapt technologies to meet the operational and security needs of various industries.
Michael holds a Bachelor of Science in Information Technology degree from South University and a Master of Science in Information Assurance degree from Norwich University. Michael holds several industry certifications, most notable of which is the Certified Information Systems Security Professional certification. Michael is an active member of the Greater Augusta ISSA Chapter and ISACA.
Chief Information Security Officer, Hound Labs, Inc.
Don Boian is the Chief Information Security Officer (CISO) for Hound Labs, Inc. He is responsible for developing and implementing a robust information security program, ensuring Hound Labs and its assets, as well as the information and assets of its customers, are protected from both internal and external threats as the Company brings its flagship product, the Hound marijuana breathalyzer, to market.
An accomplished technology leader and award-winning information security expert, Don is an information security leader with more than 34 years of experience. In addition to his role as Cybersecurity Outreach Director at Huntington Bank, Boian also serves as a cybersecurity consultant at the Department of Energy’s Special Technologies Laboratory. He retired from the National Security Agency in 2016 after almost 30 years of service. His roles included operational and leadership positions in both offensive and defensive cyber operations and included a Joint Duty Assignment as the Technical Director for the Chief of Operations (J3) USCYBERCOM. Boian won many awards including the Chairman Joint Chief of Staff (CJCS) Joint Civilian Service Commendation Award (CDR USCYBERCOM) in 2011.
Senior Vice President & Global Chief Information Security Officer, Aflac
Tim joined Aflac as the Chief Information Security Officer in April 2014. In this role, Tim is responsible for the Aflac Information Security Program, which includes Threat and Vulnerability Management, Security Operations and Incident Response, Information Technology Compliance and Risk Management, Security Engineering, and Disaster Recovery. Through the execution of the security program, Tim is the executive responsible for protection and availability of the information assets of the leading provider of supplemental and voluntary insurance products in the world. Tim leads various risk committees and structures to help business partners accelerate in a safe and sound manner.
Prior to Aflac, Tim was Senior Vice President, Business Continuity and Information Assurance at SunTrust Bank. Tim was responsible for SunTrust’s Corporate Threat and Vulnerability Management, Information Security Monitoring and Investigation, Business Resumption, Disaster Recovery, Incident Response/Crisis Management, Technology Risk Project Office, Records and Information Management programs. Tim led a team of professional risk managers in ensuring the protection, preservation, and availability of critical corporate information and resources. Tim integrated these functions building a capability that provided a unified approach in determining threats, developing mitigation strategies and solutions, and managing through incidents. Tim has successfully tested this integrated concept in the management of virus, weather, technology outages, and distributed denial of service attacks.
Prior to SunTrust, Tim served as First Vice President, Technology Risk Management, and Chief Information Security Officer at People's United Bank in Bridgeport, Connecticut. Tim was the executive charged with protecting People’s United Bank’s information, information systems, and technology. During his tenure, Tim built an effective technology risk management organization and led the company through a technology integration and organization program upon the acquisition of a bank of near equal size. Tim also served on the State of Connecticut Judicial Committee on Identity Theft to assist in building requirements for protecting sensitive personal information introduced into the judiciary through legal actions.
Tim was a career military professional serving in leadership positions throughout his 23-year career. In his final assignment, Tim was the program manager for a command risk management function at one of the US Air Force's Major Command Headquarters.
Director Global Cybersecurity Risk, The Coca Cola Company
Kristin Cornish currently serves as Director Global Cybersecurity Risk at the Coca-Cola Company. In this role, Kristin is responsible for broad cyber risk management and monitoring across the Coca-Cola Company, including regulatory cyber compliance with PCI DSS, Privacy regulations (GDPR, CCPA), and Sarbanes-Oxley (SOX). Kristin leads a team responsible for assessing third party and internal cyber risk and developing and maintaining cyber security policy. Working closely with Coca-Cola’s Global Chief Information Security Officer, Kristin is building a manufacturing cyber security risk management capability, spanning multiple regional and global stakeholder functions.
An almost 8-year veteran of the Coca-Cola Company, Kristin has held positions of increasing responsibility in both the Cyber Security and Internal Audit functions. Prior to her current role, Kristin spent 2 years as a Senior Manager, Technology Controls, leading efforts to improve understanding and support of technological internal controls supporting SOX financial reporting, improved management of control deficiencies, and improved processes to strengthen the IT control environment-both across the Coca-Cola Company Technology function and within large acquisitions of the Company. Kristin began her tenure at Coca-Cola within the IT internal audit team, where she spent over 3 years, including most recently as an IT Audit Manager.Prior to her time at Coca-Cola, Kristin has both internal and external technology and financial audit experience at the Kimberly-Clark Corporation and PwC. Kristin holds a Certified Information Systems Security Professional (CISSP) certification from the International Information System Security Consortium (ISC2), a Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA) from the Information Systems Audit and Control Association (ISACA), an active CPA license from the Virginia Board of Accountancy. In addition to ISC2 and ISACA, Kristin is an active member of the Atlanta chapter of the Institute of Internal Auditors (IIA). She holds an B.S. in Management from the Georgia Institute of Technology and a Master’s in Business Administration from Georgia State University.
CISO in Residence
John Dickson is VP of Infrastructure, Support Operations and Cybersecurity (CISO) at Republic National Distributing Company (RNDC), an industry leader and the nation’s second largest wine and spirits distributor. In his role, John leads a comprehensive IT team covering Information Security & Governance, Enterprise Communications, Data Center and Cloud Services, Warehouse Automation and Technology Support Operations. He is a results driven, business focused IT leader with extensive experience and a proven track record of translating business requirements into functional systems for Republic National Distributing Company. John’s career at RNDC spans 23 years, starting in a Network Management role and progressing through a Directorship of Infrastructure to today’s role over four operational areas and one hundred team members.
Prior to RNDC, John managed Information Technology services for Transdyn Controls, a leading systems integrator for Public Utilities and Intelligent Transportation Systems. Prior to taking an IT leadership role at Transdyn, John helped implement SCADA systems for the Boston Central Artery Tunnel, the George Washington Bridge, the New York Department of Environmental Protection and numerous water treatment facilities around the world.
John is passionate about motorsports, aviation, Georgia Tech Yellow Jacket Football and spending time with his family in Woodstock, GA.
Chief Information Security Officer, Equifax
As the Chief Information Security Officer, Jamil Farshchi is responsible for ensuring the security of the company’s digital assets as well as transforming the Equifax cybersecurity program into a world-class capability. Farshchi, an award-winning change leader, has spent his career building industry-leading cybersecurity programs to protect some of the world’s most sensitive assets, particularly in times of urgent need.
Most recently, Farshchi, in his role as CISO, successfully led a similar rebuilding effort to mature The Home Depot into an information security leader following what was one of the largest cyber breaches in history. Prior to The Home Depot, Farshchi was named the first CISO at Time Warner Inc. in 2014, and was responsible for the defense of entities such as Warner Bros., CNN, and HBO.
Before taking on his role at Time Warner, Farshchi was the VP of Global Information Security at Visa, where he was responsible for protecting over $7 trillion of payment card transactions annually and transforming Visa’s cyber program into one of the most mature within the financial services industry.
In 2009, Farshchi served as the CISO at the Los Alamos National Laboratory with responsibility for defending some of the United States’ most sensitive national security and nuclear weapon assets. He has also served in a variety of risk, operational, and technology leadership roles at organizations including Sitel Corp., NextWave Wireless, and the National Aeronautics and Space Administration (NASA).
Currently, he serves on the Board of Directors for the Institute for Information Security and Privacy at Georgia Tech and the Piedmont Park Conservancy, and he is also a mentor in the Columbia University Technology Management program.
Farshchi holds a bachelor’s degree in Business Administration from the University of Oklahoma and a master’s degree from the Wharton School at the University of Pennsylvania. He also completed the Harvard Business School’s Program for Leadership Development.
Chief Information Security Officer, Synovus
Gowen joined Synovus in 1995 after a 16-year career with IBM Corporation where he served in various engineering and management positions. He began his career with Synovus in the Information Technology area as Vice President of Network Services and Support. He served in various leadership roles in Information Technology including Director of Technology and Strategic Infrastructure. Gowen was named Senior Director of Procurement in 2008 with responsibilities for procurement, contracting, and vendor management. He was named a Group Executive in 2011 and his responsibilities were expanded to include serving as Chief Procurement Officer and overseeing Synovus’ Corporate Real Estate group. Gowen was named Chief Information Security Officer in February 2015.
As Chief Information Security Officer, Gowen is responsible for all aspects of information security and business continuity including identity and access management, security architecture, security operations, IT risk assessments, audit and regulatory interface, disaster recovery coordination, business continuity planning, and crisis management. He is also responsible for setting the tactical as well as strategic direction for Synovus’ enterprise vision, strategy, and program to ensure that information assets and technology are adequately protected.
Gowen’s education includes:
B.S., Mechanical Engineering, Georgia Institute of Technology
M.S., Mechanical Engineering, Georgia Institute of Technology
Synovus Leadership Institute
Executive Vice President & Chief Security Officer, Mastercard
Ron Green is Group Executive and Chief Information Security Officer. He leads a global team that ensures the safety and security of the Mastercard network as well as internal and external products and services. He is responsible for Information Security Operations, Architecture and Engineering, Security Event Management and Incident Response. Mr. Green also oversees cryptographic key management, business continuity, disaster recovery, and emergency management.
Mr. Green joined Mastercard in 2014 after serving as deputy chief information security officer at Fidelity Information Services (FIS). There, he led a team responsible for North American Information Security Operations, including security architecture and engineering programs, security testing, and governance. Prior to this position, Mr. Green was Director, Investigation and Protections Operations at Blackberry where he was responsible for global cyber and physical investigations, security operations centers, network security architecture, technical surveillance countermeasures, and threat intelligence programs. He also served as a senior vice president across several areas at Bank of America.
Mr. Green has extensive experience working with international and federal law enforcement agencies both as a special agent in the United States Secret Service and as an officer in the United States Army. With the Secret Service, Mr. Green worked protection and fraud investigations. He was one of the first agents to receive formal training on seizing and analyzing electronic evidence, and he worked on a number of international cyber crime investigations. Mr. Green serves on several advisory councils including the Financial Services Information Sharing and Analysis Center and the Overseas Security Advisory Council. He holds a bachelor’s degree in mechanical engineering from the United States Military Academy at West Point; is a graduate of the FBI’s Domestic Security Executive Academy; and holds a graduate certification in Information Assurance from George Washington University.
Vice President, Information Security and Privacy, Graham Holdings
Stacey Halota joined Graham Holdings Company (then The Washington Post Company) in 2003. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance, and other data protection efforts. Halota has more than 25 years of experience in the information technology, security, and privacy field. Before joining Graham Holdings, she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice.
Ms. Halota serves on the advisory boards of CyberVista, Y/L Ventures, and the International Consortium of Minority Cybersecurity Professionals. She is a Certified Information Systems Security Professional (CISSP) and a Certified Information Privacy Professional (CIPP).
Senior Director of Information Security, Chipotle Mexican Grill
Shawn Harris is the Senior Director of Information Security at Chipotle Mexican Grill (NYSE: CMG). In this role, he is responsible for Security Architecture, Engineering, Operations as well as Governance, Risk and Compliance teams.
With over 25 years of cybersecurity experience, Shawn holds multiple industry certifications, including Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), Certified Cloud Security Professional (CCSP). He is on the board of directors for Hackers for Change and is an advisory board member of several prestigious organizations including Cybersecurity Competency Group (CSCG), RSA Conference Program Committee, and the Microsoft Cybersecurity Customer Advisory board. He is the co-chair of the CSA Cloud Control Matrix working group and was named one of Security Magazine’s Top Cybersecurity Leaders in 2021. Shawn has spoken at several esteemed events, most notably the RSA Conference and ISC2 World Congress.
Shawn is passionate about building and strengthening highly engaged teams, fostering a culture of growth and forward-thinking mindsets. He coaches through challenges to empower individuals to think and operate independently and drive innovation. When not working, you can find Shawn in his home-built campervan exploring the Southwest with his wife and two dogs.
Chief Information Security Officer, Haleon
Lori Havlovitz has recently transitioned to a new role as the Chief Information Security Officer at Haleon. Prior to her new role, Lori lead the global information security team at Cardinal Health which included cybersecurity operations, information security architecture, technology risk management, IT compliance, and IT resiliency. While at Cardinal Health, Lori has held roles of increasing responsibility in applications development and shared services as well as enterprise architecture.
Lori was with Cardinal Health for 20 years. Before joining the organization, Lori worked with Nationwide Insurance focusing on system integration project management in the property and casualty business.
Diversity and inclusion is a passion for Lori. She has held a variety of roles including chairing the Women’s Initiative Network and as an executive sponsor for the Women in Information Technology employee-led group at Cardinal Health. Lori has also been a key leader in the creation of two sponsorship programs for technology employees – one focused on women and one focused on Black and African American employees.
Lori makes community outreach a focus including non-profit leadership and volunteering. She served as the secretary and vice president of Adaptive Sports Connection (formerly known as The Adaptive Adventure Sports Coalition). Lori is a two-time cancer survivor and volunteers in the Help Others Through Peer Experiences program at The Ohio State University Comprehensive Cancer Center.
Chief Inofrmation Security Officer & Executive Vice President Information Security Services, US Bank
Tim Held serves as Chief Information Security Officer and Executive Vice President of Information Security Services for U.S. Bank. He is responsible for leading a multidisciplinary information security team operating across the United States, Europe, and Asia focusing on prevention, detection, and response. Areas of responsibility include architecture, engineering, security operations, incident response, data loss prevention, vulnerability assessment services, online fraud detection, security monitoring, insider threats, and cyber threat intelligence.
Tim has 21 years of information technology experience, with 17 focused on information security and risk management. His diverse background blends rich leadership experience with deep technical acumen. Prior to joining U.S. Bank in 2005, Tim enjoyed a successful career in both leadership and technical hands-on roles at Fifth Third Bancorp, Jireh Consulting Group, and AAA Travel and Insurance Services. Areas of responsibility included security consulting, security architecture, application development, network security, biometric development, employee fraud, and theft detection.
He is an active member and advisor on the committee for the Association of Certified Fraud Examiners. He is also active in various security and fraud working groups within the industry, including participation with BITS, FS/ISAC, and OWASP. Tim earned a Master of Science in Information Security Management from Colorado Tech University, an NSA school of excellence. He also earned professional certificates in Information Systems Security, Information Systems Security Management, Security Certification and Accreditation, and Project Management (PMI sponsored). Additionally, Tim attended Stanford University’s Advanced Computer Security Program, and the Pacific Coast Banking School at the University of Washington.
Vice President & Deputy Chief Information Security Officer, Southern Company
Curley Henry, Vice President and Deputy Chief Information Security Officer for Southern Company, is responsible for strategic cybersecurity initiatives and leads security architecture and consulting, cyber risk and assurance, and identity governance across the enterprise (IT) and critical infrastructure (OT). Curley has 25+ years’ experience in information technology and cybersecurity where he has created and led diverse teams to develop, implement and maintain effective strategies to reduce cyber security risk.
Curley works closely within the utility industry, engaging with state public service commissions, Department of Energy, the National Labs, Electric Power Research Institute (EPRI), and leaders from other utilities. He also engages in the cybersecurity technology industry, working closely with executives who are developing innovative solutions to pressing challenges.
Before joining Southern Company, Curley served in senior leadership roles at E* Trade Financial, Hewlett-Packard, and IBM. Earlier in his career, Curley was a Department of Defense consultant where he led a team to design, build and manage the first 24x7 security operations center for the U.S. Army Reserve Command. He began his career in the military and was a founding member of the U.S. Army Reserve’s Information Operations Command, which provided cyber security and information assurance support to installations and units across the continental Unites States.
A native of Columbus, GA, Curley studied engineering at Georgia Institute of Technology (Georgia Tech) before joining the military. He holds a bachelor’s degree in Computer Information Systems from Saint Leo University along with several security and technical certifications. He also serves on the Industrial Advisory Board for the new School of Cybersecurity and Privacy at Georgia Tech.
Chief Information Security Officer, Norfolk Southern Corporation
Darren Highfill serves as the Chief Information Security Officer, protecting critical information assets, business systems, and computer hardware for Norfolk Southern Corporation. He is responsible for maintaining, developing, and leading the team of cybersecurity professionals comprising Norfolk Southern’s Information Security program.
The Information Security team is responsible for the monitoring of compliance to cybersecurity policies and standards and works cooperatively with other groups within the business units responsible for information security. The Information Security program includes teams responsible for identity and access management, cybersecurity architecture, cybersecurity operations, a cybersecurity operations center, disaster recovery planning, business recovery planning, general office emergency incident response planning, cybersecurity awareness training, employee and customer privacy protection, and industrial controls cybersecurity protection.
Darren’s background is focused on cybersecurity for critical infrastructure and operations technology – in particular, within electric power transmission and distribution, with experience in the development and application of national and international cybersecurity standards as well as cybersecurity governance, architecture, policy, and risk management. He has been focused on cybersecurity solutions for critical infrastructure since 2004.
Senior Vice President & Chief Information Security Officer, Voya Financial, Inc.
Stacy Hughes is senior vice president (SVP) and chief information security officer (CISO) for Voya Financial, Inc. (NYSE: VOYA), which helps Americans become well planned, well invested and well protected.
In this role, Hughes is responsible for advancing the enterprise vision, strategy and roadmap for an industry-leading cybersecurity program and supporting Voya’s focus on providing products, solutions and technologies that help Americans become well planned, well invested and well protected. Her focus is to drive alignment of Voya’s information security investments and plans to deliver leading-edge security technologies and capabilities across Voya’s enterprise infrastructure. She also leads the effort to anticipate and proactively mitigate information security risks, while supporting business growth and innovation.
Hughes has more than 20 years of experience leading complex IT initiatives within Fortune 500 financial technology organizations. Prior to joining Voya, she held the position of CISO at Global Payments Inc., where she held other leadership positions across governance, compliance, accounting and audit functions. Hughes has been an active industry leader in payment security, serving on the Payment Card Industry (PCI) Security Standards Council Board of Advisors and was recognized by PaymentsSource in 2020 as one of the most Influential Women in Payments.
Hughes is a member of the Susan G. Komen Southeast Regional Leadership Council after serving for over two years on the Atlanta Board. She enjoys mentoring cybersecurity students to encourage and develop the next generation of leaders. Hughes was also recognized by the Atlanta Business Chronicle as one of the 2021 Women of Influence, which honors those who have made significant strides in their careers and are making a difference in their communities.
Senior Vice President & Chief Information Security Officer, Discover Financial
Shaun currently serves as the Senior Vice President, Chief Information Security Officer for Discover Financial Services. In this role, he leads the Information Security organization with overall responsibility for implementing the information security strategy and objectives, including strategies to monitor and address current and emerging risks and a strong cyber engineering function.
Shaun has over 20 years of IT experience with specialization in information security and risk management. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. He was Vice President, Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives. Most recently, he served as Managing Director, Chief Information Security Officer at Barclays International.
Shaun is a graduate of the University of Maryland and has an MBA from the George Washington University School of Business. He serves on the board of the Financial Services Information Sharing and Analysis Center (FS-ISAC), is an adjunct professor at Carnegie Mellon University, and Army combat veteran. Shaun is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.
Chief Information Security & Digital Trust Officer, Arizona State University
Donna Kidwell is an internationally recognized thought leader who leads teams and manages technology initiatives within research universities to prepare students for the challenging and ever-changing nature of work and learning. Today, Ms. Kidwell is the Chief Information Security and Digital Trust Officer at Arizona State University.
Building trust is more precious than ever in today’s data driven world and Donna is working with colleagues to ensure that the digital experiences for the ASU family are safe, secure and trustworthy, including compliance with GDPR, FERPA, and Privacy By Design - just to name a few!
Donna teaches and mentors entrepreneurs in innovators in the U.S. and speaks on these topics at international conferences.
Donna is passionate about generating wealth through the production of new knowledge and has worked to implement innovation, commercialization and entrepreneurship programs in Brazil, Colombia, Egypt, France, Hungary, India, Indonesia, Jordan, Kazakhstan, Kenya, Korea, Mexico, Norway, South Africa and Russia.
Chief Trust Officer, AON Cyber Solutions
Kate Kuehn has been an active thought leader in Security & Advanced Network Technologies for over 20 years. As the Chief Trust Officer (CTrO) for cyber security at Aon, she aligns global cyber initiatives with internal practice and policy to drive trust, transformation, and risk mitigation internally, with clients, and within the entire cyber community.
Early in her career, she had been given the opportunity to work with and lead some of the most innovative technologies that have shaped our industries. She led some of the industry’s first projects in DDOS, Ethernet as a network (CPA), SaaS and IaaS, and was on the front line with some of the earliest attacks against the financial services markets.
Kate has purposely executed multiple roles across her career from CISO, CEO, Board of Director, Advisor, strategic business development / alliances, leading sales and engineering teams, and now as a CTrO (Chief Trust Officer. In her role at Aon, before her role at Aon, she has worked for companies including vArmour, Senseon, BT Group plc, and Verizon. The culmination of her experience ensures Kate always brings expertise and a fresh perspective on emerging trends within cybersecurity.
Kate has two main passions in life: bleeding-edge technology that helps secure our world and developing world-class people and companies. Kate is a trusted advisor in the industry and holds positions on several boards including Redshield and Cybermainacs She is currently an Advisory Board Member for vArmour, Senseon, rThreat, and Net Thunder. She was also recently appointed to the IEEE steering committee for Cyber Security, and collaborates regularly with ISSA, SINET & WSTA.
In addition to professional endeavors, Kate loves to give back to her community. She is active in a number of STEM initiatives including CORNCON, the Docent Group and the University of California, Berkeley. Kate also spends time as a volleyball coach at her children’s school.
Director of IT Security, Cintas
Jacob (Jake) Lorz is a highly respected cybersecurity executive with a proven track record of success in multiple industries, including manufacturing, aerospace, defense, biometric identification, and software development. With over 20 years of experience, he has developed and implemented effective security strategies, managed complex security projects, and led high-performance security teams. Jake began his career as a network analyst at Globe Motors, an aerospace and automotive manufacturing organization. He quickly rose through the ranks and helped to forge a new international IT department at the parent company, SAFRAN, located in Paris, France. In this role, Jake was the infrastructure and security lead responsible for all international deployments. After his success at deploying complex security projects to international subsidiaries, Jake took on the challenge of being the Chief Information Security Officer at MorphoTrak, a biometric identification software division of SAFRAN, in Southern California. In this role, he was responsible for overseeing all aspects of the company's information security program, including policy development, compliance, and security operations. Jake then transitioned to a customer-facing role at IDEMIA where he was the Director of IT Security and responsible for protecting GovCloud-hosted biometric identification systems for Local, State, Federal, and International law enforcement agencies. Under his leadership, IDEMIA achieved compliance with several industry standards, including FBI CJIS compliance.
Jake joined Cintas Corporation as the Director of IT security in 2021 where his expertise and leadership have allowed him to build a world-class and threat-resilient information security program. The program tripled in size and scope in less than one year, and Jake’s leadership and efforts led an independent third-party assessor to rate the Cintas information security program maturity level to be ahead of organizations of similar size.
Jake is widely regarded as a thought leader in the cybersecurity industry. He serves as co-chair of the Cincinnati Cybersecurity Collaboration Forum's Leadership Board, as a member of the Cincinnati Information Systems Security Association (ISSA) Advisory Board, and he sits on the Verizon Cybersecurity Customer Advisory Board. Jake holds a bachelor's degree in Management Information Systems, a master's degree in Business Administration, and he is finishing a second master's degree in Information Technology with a focus on Data Driven Cybersecurity from the University of Cincinnati. Jake also maintains professional industry certifications, including CISSP, CISM, and CRISC certifications.
Vice President & Chief Information Security Officer, Premera Blue Cross
Dr. Adrian M. Mayers joined Premera Blue Cross in November 2019 as Vice President, IT and Chief Information Security Officer (CISO) for Premera Blue Cross.
Dr. Mayers is responsible for providing and optimizing an enterprise-wide security program and architecture that minimizes risk, enables business imperatives, and further strengthens Premera’s security posture. He works closely with Premera’s leadership team to establish and maintain a comprehensive program to protect employees, information assets, and technologies, and mature the corporate culture from security awareness to accountability.
Before joining Premera, Dr. Mayers held senior management positions at Vertafore, Microsoft, Nokia, and Securiguard. He has a strong passion for remaining on the cutting edge of technology and business innovation. Throughout his 20-year career, he has dealt with various aspects of corporate security, such as anti-fraud operations, cybersecurity, intellectual property protection, counterespionage, and loss prevention.
He holds multiple professional certifications including CISM, CCSP, CFE, CPP, CISA, and CDPSE. He earned his doctorate in Business Administration specializing in International Business from Northcentral University, an MBA from Athabasca University, a graduate certificate in Cybersecurity from Harvard University, a graduate certificate in Counterintelligence from the American Military University, and an Engineering Technologies diploma from John Abbott College. His academic research pursuits focus on cyber warfare, national security, intelligence analysis, special operations forces, and foreign policy.
CISO in Residence
Dr. Kevin McKenzie is Vice President of Information Technology and Chief Information Security Officer (CISO) for Dollar Tree Stores Inc. Dollar Tree is a publicly traded Fortune 150 company with revenues in excess of $20 billion that encompasses both Dollar Tree and Family Dollar retail stores. Headquartered in Chesapeake, Virginia, Dollar Tree operates thousands of stores across all 48 states of the contiguous United States along with five Canadian provinces.
Strategically, Kevin is responsible for establishing the vision, mission, and security posture for the combined Dollar Tree enterprise and tactically accomplishes this through his oversight of Governance and Risk Compliance, Security Operations, and Network Security. Kevin holds an undergraduate degree in Management, a master’s degree in Industrial Management, and a Doctorate in Career and Technology Education from Clemson University. He also holds the Certified Information Systems Security Professional (CISSP) and ITIL professional certifications.
In addition to his corporate officer role, Kevin remains an actively engaged member of the faculty at Clemson University. He serves on the strategic advisory board for the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the technology advisory board for Tidewater Community College. Additionally, he’s also an advisory board member for tech companies in the security industry. He has helped author multiple Congressional testimonies and personally participated in a Congressional town hall event about information security topics.
In 2013, Kevin was named the ISE Southeast Executive of the Year Award Winner and, later that year, the North America Information Security Executive of the Year for the Public & Academic Sector by Tech Exec Networks (T.E.N.). That same year, Kevin also received the America’s Information Security Leadership Award (ISLA) by ISC2—representing all of North America, South America, and Central America. In 2017, Kevin was honored and recognized as a ‘Roaring 10’ award recipient of Clemson University where ten alumni are named annually who have made an impact in business, leadership, community, educational, and/or philanthropic endeavors while upholding the university’s core values of honesty, integrity, and respect.
Previously, Dr. McKenzie was CISO and Executive Director for the Office of Information Security and Privacy at Clemson University where he established the university’s strategic direction in information security, mentored and taught students as a Research Professor in Electrical and Computer Engineering, created a student-led Security Operations Center (SOC) designed as an immersive experience for the students, served as Chief Security Officer to multiple statewide healthcare organizations comprising more than $7 billion in healthcare transactions, and protected one of the nation’s premier higher education environments classified as a top-tier Highest Research Activity (R1) research institution under the Carnegie Classification of Institutions of Higher Education.
Senior Vice President & Global Chief Information Security Officer, McKesson
Michael C. McNeil is the current Senior Vice President, Global Chief Information Security
Officer (CISO) at McKesson Corporation. McNeil is responsible for enhancing and overseeing
McKesson’s information and operational technology security strategy program, as well
managing information security governance. He will also ensure the execution of McKesson’s
cybersecurity strategy across the enterprise. McNeil has an extensive background in
cybersecurity and significant experience in the healthcare industry. Most recently, he served as
the Global Product & Security Officer for Royal Philips where he deployed consistent processes
across the entire portfolio of healthcare products and services. He has also held senior
leadership positions at Medtronic, Liberty Mutual Group, Pitney Bowes, and Reynolds &
Reynolds. Michael holds several board and executive member positions, including the
Healthcare and Public Health Sector Coordinating Council (HSCC) Executive Committee, the
Health Information Sharing and Analysis Center (H-ISAC), the National Black MBA
Association (NBMBAA) and the Association for the Advancement of Medical Instrumentation
(AAMI). He has also provided expert testimony before Congress on matters concerning
cybersecurity and data privacy. Michael holds an MBA from Northwestern University, J.L.
Kellogg Graduate School of Management and a Bachelor of Science Degree from the University
of Illinois. Michael and his wife, Devita, are the proud parents of two children and are doting
grandparents. Michael is an avid listener of Smooth Jazz and he loves traveling to jazz festivals
in his spare time.
Vice President & Global Resident Chief Information Security Officer, Proofpoint
Lucia Milică Stacy serves as VP, Global Resident Chief Information Security Officer at Proofpoint, a leading cybersecurity and compliance company. She is a senior technology leader with over 20 years of extensive technical and business experience. In her previous role, Lucia was the VP, Chief Information Security Officer & Chief Privacy Officer for Polycom, where she managed all aspects of data privacy and information security. She has also held leadership and technical roles in IT governance & strategy, security risk and compliance, corporate and product security, data privacy, and IT infrastructure at other companies, including HP, Palm, Wells Fargo, and Franklin Templeton. Many organizations in the cybersecurity industry and broader business community have asked her to speak at their conferences, symposiums, and other events. She has also extended her contributions to her profession by serving as an advisory board member and active participant with the cybersecurity industry and relevant industry groups, including board membership on the National Technology Security Coalition, and service with the Department of Health and Human Services (HHS) 405(d) Cybersecurity Task Group, SC Media Advisory Board, and Forbes Technology Council. She has a Master of Science in Information and Cybersecurity degree from the University of California, Berkeley. She also holds Master’s in Business Administration and Juris Doctorate degrees.
Chief Information Security Officer and Vice President of Global Enterprise Information Security, UnitedHealth Group/Optum
Allison Miller serves as the Chief Information Security Officer and Senior Vice President for Optum. Allison has accountability for the Enterprise Information Security Officers for the Group, Security Incident Response/Technical Investigations, Security Policy and Global Cyber Regulatory Programs. In her existing role, Allison has developed a global security framework for the enterprise with a focus towards patient safety, security of clinical operations and a global cyber crisis response plan.
Prior to her role with the Global Enterprise Information Security Office, Allison served as the Director of National Healthcare Compliance for UnitedHealthcare, Chief Privacy Officer for OptumHealth and Deputy Chief Privacy Officer, National Privacy Director for UnitedHealthcare.
In addition to global cybersecurity, Allison has over 20 years of experience in health information systems and crisis management. During her tenure at UnitedHealth Group, Allison developed systems to identify the gaps in care and predict health outcomes for individuals with chronic conditions. Allison is a volunteer EMT and First Responder in the State of Louisiana serving residents during Hurricanes Katrina and Isaac. Most recently, Allison had the privilege of serving Refugees in Greece providing healthcare support to the clinicians on the frontlines.
Allison’s undergraduate (BA) studies were in Political Science and Sociology; she has completed Executive Education & Management post-college at Wharton, Kellogg Executive Education and MIT Sloan. She was part of the cohort that authored and attained the ISC2 Healthcare Information Security and Privacy Professional Certification and holds her HCISSP, in addition to holding certifications from GIAC, ISACA, HCCS and other technology areas of focus beyond security.
Allison continues to volunteer her time across organizations to help raise the level awareness regarding emerging cyber security landscape and the threats they present to patient care globally. In 2021, Allison partnered with the University of Minnesota to launch the Center for Medical Device Cybersecurity, the first program focused on the intersection of cyber risk, medical devices, and the delivery of patient care. The mission of the CMDC is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.
Allison is passionate about diversity and inclusion. She serves on the Board of Directors for Women in Cybersecurity (WiCys), Strategic Advisor to Black Girls in Cyber, CyberIreland and speaks publicly at schools and colleges around the globe.
Corporate Chief Information Security Officer, Unisys
Mathew Newfield joined the Unisys leadership team as the Corporate Chief Information Security Officer in March 2018. He leads the Unisys Corporate Information Security team with responsibility for design, development, and implementation of the company's corporate information security and risk programs across all regions and functions. Newfield has over 19 years of experience in information technology with a focus on security, software as a service operations, risk auditing and management, and international mergers and acquisitions.
Prior to joining Unisys, he was the Director of Global Managed Security Services for IBM where he had responsibility for delivery services in 133 countries and managed a staff of 1,500 security professionals. Newfield led the Managed Security Practice that performed Device Management, Threat Intelligence, Managed Security Information and Event Management, Account Governance, Project Management, Deployment Services, New Service Integration Business Operations, Compliance/Governance and Architecture Services. Newfield was also the Business Unit Information Security Officer and Global Process Officer for IBM's Security Services Organization. During his time at IBM, Newfield streamlined operational processes and developed cost reduction methodologies that improved cost control, profitability, and client delivery. Prior to IBM, Newfield held senior security leadership roles at Cybertrust, RSA, and DDC Advocacy.
Newfield is a published author on topics related to security, a speaker on cybersecurity, and has been an instructor at the SANS Institute. In addition, he holds a Bachelor of Science degree in Industrial and Organizational Psychology from George Mason University.
Vice President of Risk & Chief Information Security Officer, Aaron’s
As the Vice President of Risk & Chief Information Security Officer at Aaron’s, David is accountable for information security and risk leadership, strategy, budget, and operational excellence. He is a servant leader and mentor to a robust team of information security professionals and managers covering Application Security, Incident Response, Governance Risk and Compliance, Emerging Technology Security, Endpoint Protection, and Information Protection.
David has spent over 20 years in the information technology industry in various roles. He previously served as a Manager of the Threat, Attack and Penetration testing services team, Application Security Architect, deployment manager, and various lead developer roles for Caterpillar Inc. He has additionally held positions at companies including State Farm Insurance and the Central Intelligence Agency.
David is a regular speaker at colleges, corporations, and industry conferences including the (ISC)2 Security Congress, ISSA, and ISACA conferences, is active on various industry advisory boards, and is the Education Chair for the Atlanta chapter of InfraGard.
Chief Information Security Officer, Hearst
Michael Palmer is the chief information security officer for Hearst, a leading diversified media, information and services company with over $10 billion in annual revenue. Hearst’s portfolio of more than 360 companies spans cable television networks such as A&E, HISTORY, Lifetime and ESPN; global financial services leader Fitch Group; and Hearst Health, a group of medical information and services businesses. Palmer leads enterprise-wide vision, strategy and architecture of information security and technology risk management. Palmer brings his expertise to evangelize IT security across Hearst’s portfolio, integrating IT security as a critical component of business operations.
Formerly, Palmer served as a key member of the NFL’s executive team, responsible for governing the league’s cybersecurity strategy, policies and programs while protecting its brand, intellectual property and assets. As the first chief information security officer in the NFL, Palmer’s inaugural role was the result of his ingenious work ethic, dedicated problem solving and ability to pitch the business case for having an information security office. Palmer recognized a need in the organization and created the CISO office from the ground level in 2012.
Palmer’s background includes 20+ years of broad cybersecurity and enterprise risk management experience, including deep specialization in corporate technology infrastructure, identifying threats and pinpointing vulnerabilities. Palmer works to expose inherent business risks and is adept at spearheading strategies on how to best address them. As a proven trailblazer, change agent and subject matter expert in information security, Palmer works closely with his colleagues, providing guidance on security and risk issues.
An industry thought leader, Palmer serves on the Grambling State University Technology Advisory Board and Rochester Institute of Technology Computer Security Advisory Board. In his work at the colleges, he helps to shape the educational programs that train the next generation of cyber defenders. Some of Palmer’s awards include the CISO Executive Summit Breakaway Leadership Award (2018), Global Leadership Forum (GLF) Superstar (2018) and Information Technology Senior Management Forum (ITSMF) Member of the Year (2017).
Palmer also co-chairs the governing body of the New York CISO Executive Summit (Evanta), an organization that fosters collaboration and knowledge sharing across the New York CISO community. He is a member of the programming committee for RSA 2019 CISO Boot Camp and CISO Insight track, creating educational content for the world’s largest cybersecurity conference.
Passionate about diversity and inclusion in the technology space, Palmer serves on the International Consortium of Minority Cybersecurity Professionals (ICMCP) Strategic Advisory Board to help bridge the great cyber divide, working to attract more women and minorities into the information security industry. Previously, Palmer also served as a committee chair of the NFL’s Diversity Council, a governing body that works to provide increased opportunities and exposure to women and diverse professionals within the NFL.
Palmer earned a U.S. Department of Homeland Security Secret Clearance and holds several industry certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Manager (CIPM) and Information Technology Infrastructure Library V3 (ITIL V3).
He obtained a bachelor’s degree in business administration with a major in computer information systems from Baruch College. He is also part of the Department of Homeland Security Commercial Facilities Workgroup Governing Board of Directors and Information Technology Senior Management Forum (ITSMF).
Divisional Vice President, Chief Information Security Officer, Globe Life
Mike Priest is an Information Security leader with over 20 years of experience in IT and Information Security. Mike has a diverse background supporting organizations in both the public and private sector including insurance, healthcare, and defense industries. Mike has a strong background in creating and executing business-aligned strategy and governance, utilizing various frameworks, methods, and standards including NIST, ISO, ITIL, TOGAF, FIPS, HIPAA, PCI DSS, and others. Mike holds a B.S. in Information Systems and an M.S. in Cybersecurity from the University of Maryland Global Campus as well as several industry certifications.
Chief Information Security Officer, InterContinental Exchange (ICE)
Steve Pugh has served as Chief Information Security Officer (CISO) of Intercontinental Exchange, Inc. (NYSE: ICE) since September 2021. He leads the cybersecurity program for all of ICE, including the New York Stock Exchange, securing critical economic infrastructure across multiple subsidiaries, geographies and regulatory jurisdictions. Further, Pugh is responsible for cybersecurity across regulated futures and options exchanges, central counterparty clearing houses (CCPs), trade repositories, equities venues and systemically important financial market utilities (SIFMUs).
Prior to joining ICE, Pugh served as the former Chief Information Security Officer of the White House Military Office and has more than 25 years of experience in cybersecurity, national security, and intelligence. Most recently, he was the Chief Security Officer for Twilio.
Pugh has served under three U.S. Presidents as a military communications aide. He spent 18 years in the U.S. Air Force as a cyber warfare officer and deployed in support of Operation Iraqi Freedom. Pugh holds a Bachelor of Computer Science from Valdosta State University and a Master of Management from the University of Phoenix. He serves as a board member for the non-profit Savvy Cyber Kids which focuses on cyber safety for preschool through high school students.
Chief Administrative and Compliance Officer, Scientific Games
Steve brings 28 years of government experience to Scientific Games, including 22 years with the Federal Bureau of Investigation. He oversees all aspects of Information Security, Information Technology, Compliance, Human Resources, Procurement, Facilities and Internal Auditing for the company. He joined Scientific Games in 2018 as the Chief Compliance Officer and Director of Global Security, lending his extensive experience as a senior executive with the FBI’s Operational Technology Division and Criminal Investigative Division. During his tenure at the FBI, most recently as the Assistant Director of the FBI’s Criminal Investigative Division in Washington, D.C., Steve held a number of positions related to criminal and cyber threats, financial crimes, foreign corruption, money laundering and illicit finance. He was nominated for the Presidential Rank Award granted by the U.S. government to career senior executives, and was a finalist for the Samuel J. Heyman Service to America Medals. Previously, Steve was a highly decorated employee of the Tennessee Bureau of Investigation, receiving a Medal of Valor from the State of Tennessee for his work on high-profile criminal investigations. Steve holds a Bachelor of Business Administration in Accounting from East Tennessee University, and an MBA from Duke University. Additionally, he has earned a Business Law Certificate from Vanderbilt University and is a Certified Fraud Examiner.
Executive Chairman, RedSeal, Inc.
Ray is presently Executive Chairman of RedSeal, Inc. an enterprise cyber security company based in San Jose, CA and founder of FiftySix Investments LLC, a seed stage investment fund.
In 2013 Ray transitioned to Partner Emeritus of Venrock, an early-stage tech investment partnership originally formed by the Rockefeller family. During his 25-year career at Venrock he invested in 53 early-stage technology companies. He led both the Internet and energy investment programs and was a member of the management committee for Venrock. His market leading cyber security investments included Check Point Software, Vontu, PGP, Imperva, CloudFlare, and Shape Security to name a few.
His Venrock track record included 9 IPOs that resulted in his being listed on the Forbes Midas List. A leader in the venture industry he was elected by his peers as chairman of the National Venture Capital Association for 2012-13. He serves on the boards of Check Point Software Technology (NASDAQ:CHKP), Roku, Inc. (NASDAQ: ROKU) and several private companies.
Chief Information Security Officer, Motorola Mobility
Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC. Richard participates in corporate, community, private, and government security councils and working groups, setting standards, policies, and solutions for current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the organization's security effort by developing an international team to tackle targeted attacks, cyber-crime, and emerging threats to mobile devices. He has organized, developed, and deployed practices, tools, and techniques to protect the enterprise's intellectual property worldwide. A much-in-demand international speaker on information security, Richard has spoken at many of the leading security conferences and seminars around the world.
Chief Information Security Officer, Oceaneering
Eric Seagren currently serves as the Chief Information Security Officer at Oceaneering International. Eric’s career in IT started in 1996 and has progressed through various positions including desktop support, server administration, network engineering, risk management, disaster recovery, and cybersecurity across diverse fields such as banking, real estate, oil and gas, aerospace, and defense. This breadth and depth of experience helps Eric understand information technology with a “big picture” perspective. Leveraging this broader perspective, Eric’s focus is to design security policies and solutions that respect the business needs and operational requirements of the organization, maximizing effectiveness while minimizing impact. Eric has experience working in organizations of all levels of IT security maturity, including building a security program from the ground up.
Eric holds a Bachelor of Science in Business: Information Systems. He is also a published author with multiple publishing credits and technical certifications including CRISC, CISA, CISSP-ISSAP. Some of Eric’s publications include “Secure Your Network for Free" and “How to Cheat at Configuring Open Source Security Tools” (co-authored).
Oceaneering International is a global organization with offices in 25 countries and does business in the aerospace, entertainment, material handling, military and defense, and oil and gas industries.
Chief Information Security Officer & Executive Vice President, TransUnion
Bill Shields is an information security executive with over 22 years’ experience, including ten years in senior leadership roles. His leadership philosophy is people-driven – he believes in empowering people to drive success through a balance of security and the overall user experience.
His passion for security springs from his engineering background, solving complex problems through creative thinking, and using data and analytics to drive thoughtful decisions. His background spans skills in strategy, financial decision making, resourcing and engineering, giving him a unique perspective and ability to build programs from the ground up or take existing programs to the next level.
His past efforts have focused specifically on the engineering and defense discipline, including critical security functions such as incident response, forensics, investigations and security tool engineering and operations; using intelligence to defend a technology ecosystem.
In his current role, Bill leads a global organization that supports end-to-end security efforts across the business, leading a team of talented group of seasoned analysts, engineers and leaders to protect TransUnion systems, data and associates.
Chief Information Security Officer & Senior Vice President, Ingram Micro
Forrest Smith is the Senior Vice President and Chief Information Security Officer at Ingram Micro -- a $55B global leader in technology distribution, cloud solutions and supply chain services with operations in 52 countries and sales in 160. Forrest is responsible for all aspects of Cybersecurity and data protection. His focus is creating a secure environment that protects and data and services of more than 40,000 employees and 200,000 customers in 160 countries.
Forrest previously served as Vice President, Chief Information Security Officer at Nissan Motor Company (TYO: 7201), a $104B automotive manufacturer. Nissan’s 300,000 employees — design, manufacture, and sell over 100 different vehicle models in most countries around the globe. Forrest also held positions in enterprise architecture, infrastructure, and data center management at Nissan.
Prior to Nissan, Forrest held a variety of application development and leadership roles at IBM.
Forrest was a founding board member of the Auto ISAC (Information Sharing and Analysis Center) and was instrumental in expanding membership to tier 1 and tier 2 automotive suppliers. Forrest is currently a board member of the IT ISAC.
Forrest was also a deputized law enforcement officer and certified digital forensic examiner. During his time at the Williamson County Sheriff’s Department, he performed numerous high-tech crimes investigations and digital forensic exams as an unpaid volunteer.
Chief Information Security Officer, Penn Mutual
Mark Strosahl joined Penn Mutual in March 2022 after serving as Business Information Security Officer (BISO) at Principal Financial Group for their Retirement, Banking, and Trust and Custody business lines. During his 14 years at Principal, Mark served in various IT & Security roles and presented on information security to hundreds of clients. Mark also served as a board member of the SPARK Data Security Oversight Board, co-chair of the Retirement Industry Council for FS-ISAC, and a member of InfraGard.
Mark received a master of business administration degree from Iowa State University, a master's certificate of Cybersecurity from Harvard University Extension and a bachelor’s degree in Management Information Systems from Iowa State University. He holds 4 cyber security certifications including Certified Chief Information Security Officer (C-CISO), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and Certified Information Security Manager (CISM). He also holds his Series 99 and is registered with HTK.
Chief Information Security Officer, NCR Corporation
Bob Varnadoe is the Chief Information Security Officer for NCR Corporation. His duties include overall information security and operational / IT aspects of NCR’s privacy program, IT risk management, compliance company-wide, training and awareness for information security, and oversight of the deployment of security technologies. Bob works with NCR’s lines of business (Professional Services, Legal, Internal Audit, Customer Services and Hardware/Software Engineering) to develop and build out the company-wide strategy for information security. He also represents the IT organization as a part of NCR’s Enterprise Risk Management committee.
Prior to NCR, Bob was with Fiserv Corporation where he was responsible for information security within Fiserv’s corporate risk organization. His team was responsible for information security oversight, governance, and strategy across Fiserv’s business units. The team also provided consulting to Fiserv’s divisions and operating units for information security matters. During his tenure at Fiserv, Bob led teams focused on information security engineering and operations for network infrastructure, distributed systems, and mainframe systems. He also led teams focused on application security testing, consulting, and information security strategy, and he built Fiserv’s security operations center.
Bob joined Fiserv through the acquisition of CheckFree Corporation where he was responsible for information security strategy within CheckFree’s corporate function. Prior to joining CheckFree, Bob was IT Director for an architecture and engineering firm in Atlanta. He has over 20 years of experience in data networking and information systems, 15 years of which were spent exclusively in the security field. Bob holds a bachelor’s degree in electrical engineering from the Georgia Institute of Technology.
Senior Vice President & Chief Information Security Officer, Cardinal Health
Brian is a Senior Vice President and the Chief Information Security Officer at Cardinal Health. In this role, he is responsible for implementing the overall information security strategy for the global organization, including areas such as cyber operations, security architecture, resiliency, compliance, third-party risk management, commercial solutions security, and the Business Information Security Officer organization. Over his 19+ year career at Cardinal, he has spent time leading teams in Risk Management & Compliance, IT Shared Services, IT Service Management, and in business-facing roles supporting Operations and highly-regulated platforms. These unique experiences have helped provide him a well-rounded perspective on security challenges from both a technical (infrastructure and applications) and business operations perspective – and they are being put to use as he helps Cardinal continue to grow and expand its information security capabilities.
Brian holds dual bachelor’s degrees in Accountancy and Management Information Systems from Miami University in Oxford, Ohio. He gives back to his community through involvement in various charity activities, as well as supporting emerging cybersecurity programs at his alma mater and local school district. He is also an advocate for diversity, equity, and inclusion in the information technology and security field, and serves as the executive sponsor for the Women in Technology employee resource group at Cardinal Health. In his spare time, he enjoys spending time with his wife and two sons, being actively involved in their church, traveling, and rooting on his favorite sports teams.
CISO Chief of Staff, AbbVie
Steven Weber is the Chief of Staff to the CISO of AbbVie. In this role, he is responsible for managing the departmental budget and project portfolio, leading global security awareness and communications, coordinating AbbVie’s industry collaboration efforts, and managing cross department information security activities.
Prior to joining AbbVie, Steven spent 18 years with Cardinal Health. In his final role, he led the governance, risk and compliance team within the information security function. This included IT compliance, third party risk management, IT risk governance and IT risk management.
Steven and his family are avid global travelers exploring the world and learning new cultures.
Chief Information Security Officer & Executive Vice President, Truist Financial Corporation
Howard Whyte is an Executive Vice President and the Chief Information Security Officer (CISO) at Truist Financial Corporation. As CISO, Mr. Whyte is responsible for execution of the Corporation’s Information Security Program and alignment with enterprise programs and business objectives, ensuring that information assets and technologies are protected.
Prior to joining Truist in January 2022, Mr. Whyte served as CISO at Boeing, where he was responsible for the protection of Boeing’s information and computing resources globally and for managing information technology risk. Earlier, Mr. Whyte worked for more than 20 years as an executive leader of information technology and security in the federal government, military, and private sector. He served as the Chief Information Officer and Chief Privacy Officer at the Federal Deposit Insurance Corporation (FDIC), where he acted as an advisor to the chairman, board members, and senior executives on all strategic issues relating to information technology, including governance, investments, program management, strategic planning, and security. Previously, he was the CISO at FDIC and worked to reduce cybersecurity risk by implementing an around-the-clock security operations center and incorporating threat intelligence into security operations.In addition, he led the Threat Management Center at Goldman Sachs, focusing on cybersecurity detection, protection, response, and recovery on a global scale. He also served as the CISO and deputy CISO at NASA, where he provided direction and future vision on a wide range of information technology solutions for mission and corporate systems.
Earlier in his career, he was a senior information officer in the U.S. Army Network Enterprise Technology Command and the Defense Information Systems Agency; a telecommunications manager at Interim HealthCare; and an information management officer in the U.S. Army.
Mr. Whyte’s primary area of responsibility for Truist includes managing and overseeing the Corporate Cyber Security Department, which consists of Cyber Operations; Vulnerability Management and Data Protection; Identity and Access Management; Cyber Governance, Risk, and Compliance; Cyber Architecture and Strategy; Cyber Strategic Initiatives and Shared Services Management; as well as the Divisional CISOs, who serve as security liaisons to the business.
Mr. Whyte holds a Bachelor of Science degree in Management Studies from the University of Maryland and a Master of Business Administration from the University of Phoenix.
Chief Information Security Officer, The Chemours Company
Reginald Williams joined The Chemours Company in 2018 as the Chief Information Security Officer. He was instrumental in leading a 24-month Cyber Transformation program for Chemours with an emphasis on maturity and business alignment and as a high-impact results-oriented and customer-focused Information Security / Information Risk executive with over 25 years of experience, has helped multiple global corporations in their strategic execution of global cyber & information security programs. Reginald consistently executes a Cyber Risk-based methodology that aligns with Internal Audit and External Audit to develop annual audit plans for technology including post-audit activities regardless of the nature being statutory, regulatory or required under corporate governance. He thinks outside the box by understanding the relationships between Law, Policy, Regulations and Best Practices needed to accomplish corporate targets. He has served in high-profile consulting and leadership roles to gain the strong business acumen needed to develop CIO / CISO level security programs, and security solutions to address the information risks in data protection for corporate and customer data.
Reginald is very efficient in mapping regulations, frameworks, and best practices into a simplified framework in alignment with Business and Technology goals.This creates a manageable security program that helps the business meets their objectives. He has extensive experience in assessing and designing global security programs that use information risk which requires data protection across 9 of the 16 DHS sectors of Critical Infrastructure including: Chemical, Nuclear, Energy, Manufacturing, Financial Services, Dams and Transportation to name a few. These skills have been applied across a number of industries including: Chemical, Manufacturing, Internet and Technology, Energy, Medical, Financial, Healthcare, start-ups and various Fortune 500s.
Reginald is a results-oriented CISO that transformed a global Security Operation Center into a detection and response focus with the goal being to proactively hunt threats in the enterprise and respond to those threats before they become cyber incidents thus keeping the threat posture of the corporation at a manageable level. He has chaired multiple Cyber / Risk steering committees with each providing senior executive leadership the data needed to inform the Board, including a quarterly cadence with the Board on all matters related to Cybersecurity and Information Risk.
President & CEO, Technology Association of Georgia
Larry Williams is the President and CEO of the Technology Association of Georgia (TAG). Williams is also the President of the National Technology Security Coalition (NTSC)
Williams brings more than 25 years of experience in global branding, international trade and finance, public and industrial policy, and administration and management to the NTSC. As the former president and CEO of The Beacon Council, Miami-Dade County's official economic development partnership, Williams helped facilitate local, national and international business growth and expansion programs.
Under Williams’ leadership The Beacon Council created and executed a new economic development framework to help the area grow and secure investments in today innovation economy. This is resulted in $687 million in new investment, 119 company relocations or expansions, and more than 4,500 new jobs.
From 2011 to 2014 Williams helped shape the vision for Atlanta’s tech
sector as vice president of technology development at the Metro Atlanta
Chamber. He provided leadership and direction to the Chamber’s Mobility
Task Force, positioning Atlanta as a global hub of mobile technology,
and to the Technology Leadership Council.
Chief Security Officer, USAA
Jason Witty is currently the Chief Information Security Officer for USAA. Prior to his transition to USAA, Jason was the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. An award-winning CISO, Jason was recognized as a 2015 “CISO Superhero” at I.S.E. North America; the 2014 I.S.E. North America People’s Choice Award winner; 2013 “CISO of the Year” by the Information Systems Security Association of Chicago and the Association of Information Technology Professionals; and one of Information Security Magazine’s 2013 “Security 7” representing the Financial Sector. He is a highly rated public speaker, frequently keynoting on cyber security topics at large events including CSA Cloud Summit, Finsec, Infosec Europe, RSA Conference, SecureWorld, and others.
Before joining JPMorgan Chase, Jason was Executive Vice-President and Chief Information Security Officer at U.S. Bancorp, providing singular accountability for all information security controls in the company. And before U.S. Bancorp, Jason was the Senior Vice President and Cyberthreat Prevention Services Executive at Bank of America. He was responsible for a team of information security professionals spanning 8 countries who provided information security risk prevention and deterrence services, globally. He was simultaneously accountable for all information security controls outside of the United States for Bank of America Merrill Lynch, covering 48 countries.
Jason is a certified Information Systems Security Management Professional (ISSMP) who has played major leadership roles in information security throughout his career. He has 23 years of information technology experience, 21 focusing on information security risk management. Before his role at Bank of America, Jason was the First Vice-President of Security Services for LaSalle Bank N.A. He also led the internal Information Security team at The Options Clearing Corporation and served as Director of Global Security Architecture for Aon Corporation at its world-wide headquarters in Chicago. He combines strong organizational management and leadership skills with a high degree of technical knowledge, the result of hands-on information security experience early in his career at Allstate Insurance, N.A.S.A. Langley, Siemens, and Jefferson Laboratories.
Over his career, Jason has been involved in 54 acquisition related network integrations, set up secure eCommerce environments, and led multiple cross-industry forums.
Providing industry leadership, Jason is Vice-Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS/ISAC), a Board Advisor for ChicagoFIRST, Arbor Networks, and Qualys, and is a member of the Executive Committee of the Cloud Security Alliance (CSA). He was also on the Program Committee of the RSA Conference (2013-2016) and serves as FBI’s Chicago Infragard Sector Chief for Finance. Previously, he was the Chicago OWASP Chapter President (2006-2010).