Board of Directors

The NTSC Board of Directors embodies a broad cross section of enterprise companies with a vested interest in protecting the security of their customers and employees. The NTSC's board influences the strategic direction of our organization.

Selim Aissi Chief Informatioin Security Officer, Blackhawk Network Marene Allison Vice President & Chief Information Security Officer, Johnson & Johnson Ben Aung Executive Vice President, Chief Risk Officer, & Global Chief Information Security Officer, Sage Group Martin Bally Vice President & Chief Information Security Officer, Campbell Soup Company Scott Benson Chief Information Security Officer and General Partner, Edward Jones Investments Michael Blache Chief Information Security Officer, TaxSlayer Don Boian Chief Information Security Officer, Hound Labs, Inc. Tim Callahan Senior Vice President & Global Chief Information Security Officer, Aflac Kristin Cornish Director Global Cybersecurity Risk, The Coca Cola Company John Dickson Vice President, Infrastructure and Cybersecurity Chief Information Security Officer, Republic National Distributing Company Jamil Farshchi Chief Information Security Officer, Equifax Kevin Gowen Chief Information Security Officer, Synovus Ron Green Chief Information Security Officer and Group Executive, Mastercard Stacey Halota Vice President, Information Security and Privacy, Graham Holdings Shawn Harris Senior Director of Information Security, Chipotle Mexican Grill Lori Havlovitz Chief Information Security Officer, Haleon Tim Held Chief Inofrmation Security Officer & Executive Vice President Information Security Services, US Bank Curley Henry Executive Director, Cyber Security Strategy and Architecture, Southern Company Darren Highfill Chief Information Security Officer, Norfolk Southern Corporation Shaun Khalfan Senior Vice President & Chief Information Security Officer, Discover Financial Donna Kidwell Chief Information Security & Digital Trust Officer, Arizona State University Kate Kuehn Chief Trust Officer, AON Phil Malatras Chief Security Officer of the Western Digital Federal Business & Senior Director of Global Information Security, Western Digital Kevin McKenzie Vice President & Chief Information Security Officer, Dollar Tree Inc. Michael McNeil Senior Vice President & Global Chief Information Security Officer, McKesson Lucia Milică Vice President & Global Resident Chief Information Security Officer, Proofpoint Allison Miller Chief Information Security Officer and Vice President of Global Enterprise Information Security, UnitedHealth Group/Optum Mathew Newfield Corporate Chief Information Security Officer, Unisys David Nolan Vice President, Information Security, Aaron’s Michael Palmer Chief Information Security Officer, Hearst Mike Priest Divisional Vice President, Chief Information Security Officer, Globe Life Steve Pugh Chief Information Security Officer, InterContinental Exchange (ICE) Stephen Richardson Chief Administrative and Compliance Officer Ray Rothrock Executive Chairman, RedSeal, Inc. Richard Rushing Chief Information Security Officer, Motorola Mobility Eric Seagren Chief Information Security Officer, Oceaneering William Shields Chief Information Security Officer & Executive Vice President, TransUnion Mark Strosahl Chief Information Security Officer, Penn Mutual Bob Varnadoe Chief Information Security Officer, NCR Corporation Brian Waeltz Senior Vice President & Chief Information Security Officer, Cardinal Health Steven Weber CISO Chief of Staff, AbbVie Reginald Williams Chief Information Security Officer, The Chemours Company Jason Witty Chief Security Officer, USAA

Selim Aissi

Chief Informatioin Security Officer, Blackhawk Network

Dr. Selim Aissi leads cybersecurity for Blackhawk Networks as their Chief Information Security Officer. Aissi brings more than 20 years of experience in numerous leadership positions in the technology and financial industries. Most recently, he was Senior Vice President & Chief Security Officer at ICE Mortgage Technology (previously known as Ellie Mae) where he was responsible for security engineering, operations, strategy, cyber resilience, GRC and third-party risk.

Before joining ICE Mortgage Technology, Selim was Chief Security Officer for Ellie Mae where he was responsible for Security Engineering, Operations, Strategy, Governance Risk & Compliance, and Disaster Recovery & Business Continuity.

Prior to joining Ellie Mae, Selim was the Vice President of Global Information Security at Visa. In that role, Selim transformed Visa’s information security program into the industry leader, led critical security programs including product security innovation, and enabled global growth and data center expansion. He also led the definition of security technologies for protecting Visa’s data, networks, data centers, digital wallets, applications, endpoint devices, and other core capabilities for corporate network as well as issuer- and consumer-facing products and services. Selim was recognized for leading company-wide security initiatives including Apple Pay, Visa’s APAC Data Center, and Visa’s Data Protection Programs.

Previously, Selim spent over 11 years at Intel where he held senior management and technology roles and championed several security technologies for Intel’s server, desktop, and mobile products. Prior to Intel, Selim held senior engineering positions at General Dynamics – Land Systems Division (M1A2 Battle Tank Vehicle Electronics), General Motors (Embedded Software Center of Excellence), and Applied Dynamics International.

Selim earned his B.S., M.S., and Ph.D. in engineering from the University of Michigan, Ann Arbor. He has filed over 100 patents in various areas of computer and information security, many of which are deployed in computing systems (e.g., Intel Trusted Platform Module, Trusted eXecution Technology) and consumer products (e.g., Visa Checkout, Apple Pay).

Selim serves on a number of advisory boards including startups (Black Duck Software, Dataguise, MagicCube), leading venture capital firms (Ten Eleven Ventures, BGV), and security organizations (UC Berkeley CISO Institute, Bay Area CISO Executive Governing Body, Intel Security Executive Advisory Board). He was named by IT Security Magazine as one of the “Top 59 Most Influential Security Experts” and was co-author of the book Security for Mobile Networks and Platforms (Artech House).

Marene Allison

Vice President & Chief Information Security Officer, Johnson & Johnson

Ms. Allison has responsibility for protecting Johnson & Johnson information technology systems and business data worldwide. This includes ensuring that the company’s information security posture supports business growth objectives, protects public trust in the Johnson & Johnson brand, and meets legal/regulatory requirements. Marene is a member of the company’s Compliance committee and presents to the Johnson & Johnson Board of Directors on cybersecurity risk. With more than 260 companies in 60 countries worldwide, Johnson & Johnson is a global leader in consumer health, pharmaceutical products, and medical devices.

Prior to joining Johnson & Johnson, Marene was Chief Security Officer and Vice President for Medco, the largest pharmacy benefit manager in the United States. Marene was responsible for all aspects of the company's security, regulatory compliance including physical and logical security, and executive protection as well as HIPAA, Payment Card Industry, Medicare, prescription fraud, and IT controls.

Prior to that, Marene was with Avaya as head of Global Security where she worked on securing the World Cup network in Korea and Japan in 2002. Before joining Avaya, she was Vice President of Loss Prevention and Safety for the Great Atlantic and Pacific Tea Company. Before joining the corporate world, she served as a Special Agent in the FBI working on undercover drug operations in Newark, NJ, and also working on terrorist bombings in San Diego, CA. She developed and participated in the nuclear terrorism exercise, Compass Rose ’88, the largest mock terrorism incident exercise by the federal government.

Marene has a Bachelor of Science degree from The United States Military Academy at West Point, in the first class to include women. She has served in the US Army in the Military Police at Ft Hood, TX, Ft Chaffee, AR and Ft McClellan, AL. She has served on the Defense Advisory Committee on Women in the Services appointed by the Secretary of Defense and the Overseas Security Advisory Committee appointed by the Secretary of State. Marene is a founding member of West Point Women and currently serves on their Board of Directors. She is also on the Board of Directors for H-ISAC (Health Information Sharing and Analysis Center) and ASIS International. Marene is married, has a son, a wonderful daughter-in-law and grandson, and lives in Bucks County, Pennsylvania.

Ben Aung

Executive Vice President, Chief Risk Officer, & Global Chief Information Security Officer, Sage Group

Ben joined Sage Group as Global CISO in 2018 after 16 years in the British Government. Sage is the UK’s largest technology company and the world's leading provider of integrated accounting, payroll, and payments systems to entrepreneurs and small and medium businesses. At Sage, Ben is responsible for protecting the global technology estate, products, and cloud services for 3 million customers in 23 countries.

In 2018, Ben left the UK Government as Deputy Government Chief Security Officer, based in the Cabinet Office. Ben was responsible for all aspects of protective security policy and coordination across 48 government departments and over 400,000 civil servants. Ben’s remit included cyber and information security, personnel security, counterterrorism, counterespionage, and investigation of serious incidents and breaches, including contravention of the Official Secrets Act. While in government Ben led transformative security reforms to redesign organizational structures, unlock government access to commodity technology and public cloud and modernize decades old security policies and practices.

Martin Bally

Vice President & Chief Information Security Officer, Campbell Soup Company

Martin Bally is the Vice President and Chief Information Security Officer of Campbells and has over 23 years of experience in cybersecurity. Martin has global experience in Information, Cyber, Manufacturing, Digital, and Product Development Security.

Martin has held the Global CISO position at Stellantis, formally FCA, American Axle & Manufacturing, Diebold, and TRW Automotive. Martin is a trusted advisor to the Board of Directors and Executive Leadership. He has prior experience in manufacturing, legal, and fintech industries. He has also managed a P&L of 20+ million for security services. In 2020, Martin was recognized as a top 100 CISO by Cyber Defense Magazine.

Martin was on the Board of Directors for the Automotive Information Sharing and Analysis Center (Auto ISAC) and currently sits on the Cloud Security Alliance - Detroit Chapter. He also sits on the Customer Advisory Board for Proofpoint, a U.S.-based enterprise security company. Martin holds a Master of Science in Information Assurance from Norwich University. He also holds the Certified Information Systems Security Professional (CISSP), Certified Chief Information Security Officer (CCISO), Certified Information Security Manager (CISM), the Certified in Risk and Security Controls (CRISC) security certifications, and the DDN Masterclass Boardroom Certified Qualified Technology Expert QTE.

Scott Benson

Chief Information Security Officer and General Partner, Edward Jones Investments

Scott Benson is the Chief Information Security Officer for Edward Jones. Scott has spent over 20 years in the Information Security field in various lines of defense. Previously a CISO for a large financial institution headquartered in Chicago, Scott has an extensive background with Information Security frameworks, cyber defense, intrusion detection and incident response. Scott also worked extensively with various banking regulatory agencies throughout his career. Scott is a Certified Information Systems Security Professional (CISSP) and a member of the International Information System Security Certification Consortium (ISC)2.

Michael Blache

Chief Information Security Officer, TaxSlayer

Michael Blache is the Chief Information Security Officer of TaxSlayer, a software development company specializing in tax preparation software for professional and individual tax preparers. Promoted to this role in 2015, Michael has been instrumental in organizing and structuring the organization’s first dedicated Information Security Department operating separately from the IT Department. Michael is responsible for the vision and mission of TaxSlayer’s Information Security team in regards to security operations, regulatory compliance, disaster recovery, and business continuity.

In 2004, Michael first joined the TaxSlayer team as an IT Manager. In his first six months on the job, he was promoted to the position of Director of Information Technology. During his 11 years as IT Director, he drove the transformation of the organization’s information technology infrastructure during a time of expansive growth. Michael was responsible for standing up TaxSlayer’s first network operations center allowing round the clock monitoring of critical systems. He was selected by TaxSlayer’s executives to receive the organization’s highly coveted “Moving Your Division to the Next Level” award in 2005 and 2012.

Prior to joining TaxSlayer, Michael worked as a network administrator for a managed service provider in the private sector and as an Information Technology specialist in the Navy and Air Force. With over 20 years of experience, his diverse background is a testament to Michael’s ability to adapt technologies to meet the operational and security needs of various industries.
Michael holds a Bachelor of Science in Information Technology degree from South University and a Master of Science in Information Assurance degree from Norwich University. Michael holds several industry certifications, most notable of which is the Certified Information Systems Security Professional certification. Michael is an active member of the Greater Augusta ISSA Chapter and ISACA.

Don Boian

Chief Information Security Officer, Hound Labs, Inc.

Don Boian is the Chief Information Security Officer (CISO) for Hound Labs, Inc. He is responsible for developing and implementing a robust information security program, ensuring Hound Labs and its assets, as well as the information and assets of its customers, are protected from both internal and external threats as the Company brings its flagship product, the Hound marijuana breathalyzer, to market.

An accomplished technology leader and award-winning information security expert, Don is an information security leader with more than 34 years of experience. In addition to his role as Cybersecurity Outreach Director at Huntington Bank, Boian also serves as a cybersecurity consultant at the Department of Energy’s Special Technologies Laboratory. He retired from the National Security Agency in 2016 after almost 30 years of service. His roles included operational and leadership positions in both offensive and defensive cyber operations and included a Joint Duty Assignment as the Technical Director for the Chief of Operations (J3) USCYBERCOM. Boian won many awards including the Chairman Joint Chief of Staff (CJCS) Joint Civilian Service Commendation Award (CDR USCYBERCOM) in 2011.

Tim Callahan

Senior Vice President & Global Chief Information Security Officer, Aflac

Tim joined Aflac as the Chief Information Security Officer in April 2014. In this role, Tim is responsible for the Aflac Information Security Program, which includes Threat and Vulnerability Management, Security Operations and Incident Response, Information Technology Compliance and Risk Management, Security Engineering, and Disaster Recovery. Through the execution of the security program, Tim is the executive responsible for protection and availability of the information assets of the leading provider of supplemental and voluntary insurance products in the world. Tim leads various risk committees and structures to help business partners accelerate in a safe and sound manner.

Prior to Aflac, Tim was Senior Vice President, Business Continuity and Information Assurance at SunTrust Bank. Tim was responsible for SunTrust’s Corporate Threat and Vulnerability Management, Information Security Monitoring and Investigation, Business Resumption, Disaster Recovery, Incident Response/Crisis Management, Technology Risk Project Office, Records and Information Management programs. Tim led a team of professional risk managers in ensuring the protection, preservation, and availability of critical corporate information and resources. Tim integrated these functions building a capability that provided a unified approach in determining threats, developing mitigation strategies and solutions, and managing through incidents. Tim has successfully tested this integrated concept in the management of virus, weather, technology outages, and distributed denial of service attacks.

Prior to SunTrust, Tim served as First Vice President, Technology Risk Management, and Chief Information Security Officer at People's United Bank in Bridgeport, Connecticut. Tim was the executive charged with protecting People’s United Bank’s information, information systems, and technology. During his tenure, Tim built an effective technology risk management organization and led the company through a technology integration and organization program upon the acquisition of a bank of near equal size. Tim also served on the State of Connecticut Judicial Committee on Identity Theft to assist in building requirements for protecting sensitive personal information introduced into the judiciary through legal actions.

Tim was a career military professional serving in leadership positions throughout his 23-year career. In his final assignment, Tim was the program manager for a command risk management function at one of the US Air Force's Major Command Headquarters.

Kristin Cornish

Director Global Cybersecurity Risk, The Coca Cola Company

Kristin Cornish currently serves as Director Global Cybersecurity Risk at the Coca-Cola Company. In this role, Kristin is responsible for broad cyber risk management and monitoring across the Coca-Cola Company, including regulatory cyber compliance with PCI DSS, Privacy regulations (GDPR, CCPA), and Sarbanes-Oxley (SOX). Kristin leads a team responsible for assessing third party and internal cyber risk and developing and maintaining cyber security policy. Working closely with Coca-Cola’s Global Chief Information Security Officer, Kristin is building a manufacturing cyber security risk management capability, spanning multiple regional and global stakeholder functions.

An almost 8-year veteran of the Coca-Cola Company, Kristin has held positions of increasing responsibility in both the Cyber Security and Internal Audit functions. Prior to her current role, Kristin spent 2 years as a Senior Manager, Technology Controls, leading efforts to improve understanding and support of technological internal controls supporting SOX financial reporting, improved management of control deficiencies, and improved processes to strengthen the IT control environment-both across the Coca-Cola Company Technology function and within large acquisitions of the Company. Kristin began her tenure at Coca-Cola within the IT internal audit team, where she spent over 3 years, including most recently as an IT Audit Manager.

Prior to her time at Coca-Cola, Kristin has both internal and external technology and financial audit experience at the Kimberly-Clark Corporation and PwC. Kristin holds a Certified Information Systems Security Professional (CISSP) certification from the International Information System Security Consortium (ISC2), a Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA) from the Information Systems Audit and Control Association (ISACA), an active CPA license from the Virginia Board of Accountancy. In addition to ISC2 and ISACA, Kristin is an active member of the Atlanta chapter of the Institute of Internal Auditors (IIA). She holds an B.S. in Management from the Georgia Institute of Technology and a Master’s in Business Administration from Georgia State University.

John Dickson

Vice President, Infrastructure and Cybersecurity Chief Information Security Officer, Republic National Distributing Company

John Dickson is VP of Infrastructure, Support Operations and Cybersecurity (CISO) at Republic National Distributing Company (RNDC), an industry leader and the nation’s second largest wine and spirits distributor. In his role, John leads a comprehensive IT team covering Information Security & Governance, Enterprise Communications, Data Center and Cloud Services, Warehouse Automation and Technology Support Operations. He is a results driven, business focused IT leader with extensive experience and a proven track record of translating business requirements into functional systems for Republic National Distributing Company. John’s career at RNDC spans 23 years, starting in a Network Management role and progressing through a Directorship of Infrastructure to today’s role over four operational areas and one hundred team members.

Prior to RNDC, John managed Information Technology services for Transdyn Controls, a leading systems integrator for Public Utilities and Intelligent Transportation Systems. Prior to taking an IT leadership role at Transdyn, John helped implement SCADA systems for the Boston Central Artery Tunnel, the George Washington Bridge, the New York Department of Environmental Protection and numerous water treatment facilities around the world.

John is passionate about motorsports, aviation, Georgia Tech Yellow Jacket Football and spending time with his family in Woodstock, GA.

Jamil Farshchi

Chief Information Security Officer, Equifax

As the Chief Information Security Officer, Jamil Farshchi is responsible for ensuring the security of the company’s digital assets as well as transforming the Equifax cybersecurity program into a world-class capability. Farshchi, an award-winning change leader, has spent his career building industry-leading cybersecurity programs to protect some of the world’s most sensitive assets, particularly in times of urgent need.

Most recently, Farshchi, in his role as CISO, successfully led a similar rebuilding effort to mature The Home Depot into an information security leader following what was one of the largest cyber breaches in history. Prior to The Home Depot, Farshchi was named the first CISO at Time Warner Inc. in 2014, and was responsible for the defense of entities such as Warner Bros., CNN, and HBO.

Before taking on his role at Time Warner, Farshchi was the VP of Global Information Security at Visa, where he was responsible for protecting over $7 trillion of payment card transactions annually and transforming Visa’s cyber program into one of the most mature within the financial services industry.

In 2009, Farshchi served as the CISO at the Los Alamos National Laboratory with responsibility for defending some of the United States’ most sensitive national security and nuclear weapon assets. He has also served in a variety of risk, operational, and technology leadership roles at organizations including Sitel Corp., NextWave Wireless, and the National Aeronautics and Space Administration (NASA).

Currently, he serves on the Board of Directors for the Institute for Information Security and Privacy at Georgia Tech and the Piedmont Park Conservancy, and he is also a mentor in the Columbia University Technology Management program.

Farshchi holds a bachelor’s degree in Business Administration from the University of Oklahoma and a master’s degree from the Wharton School at the University of Pennsylvania. He also completed the Harvard Business School’s Program for Leadership Development.

Kevin Gowen

Chief Information Security Officer, Synovus

Gowen joined Synovus in 1995 after a 16-year career with IBM Corporation where he served in various engineering and management positions. He began his career with Synovus in the Information Technology area as Vice President of Network Services and Support. He served in various leadership roles in Information Technology including Director of Technology and Strategic Infrastructure. Gowen was named Senior Director of Procurement in 2008 with responsibilities for procurement, contracting, and vendor management. He was named a Group Executive in 2011 and his responsibilities were expanded to include serving as Chief Procurement Officer and overseeing Synovus’ Corporate Real Estate group. Gowen was named Chief Information Security Officer in February 2015.

As Chief Information Security Officer, Gowen is responsible for all aspects of information security and business continuity including identity and access management, security architecture, security operations, IT risk assessments, audit and regulatory interface, disaster recovery coordination, business continuity planning, and crisis management. He is also responsible for setting the tactical as well as strategic direction for Synovus’ enterprise vision, strategy, and program to ensure that information assets and technology are adequately protected.

Gowen’s education includes:
B.S., Mechanical Engineering, Georgia Institute of Technology
M.S., Mechanical Engineering, Georgia Institute of Technology
Synovus Leadership Institute

Ron Green

Chief Information Security Officer and Group Executive, Mastercard

Ron Green is Group Executive and Chief Information Security Officer. He leads a global team that ensures the safety and security of the Mastercard network as well as internal and external products and services. He is responsible for Information Security Operations, Architecture and Engineering, Security Event Management and Incident Response. Mr. Green also oversees cryptographic key management, business continuity, disaster recovery, and emergency management.

Mr. Green joined Mastercard in 2014 after serving as deputy chief information security officer at Fidelity Information Services (FIS). There, he led a team responsible for North American Information Security Operations, including security architecture and engineering programs, security testing, and governance. Prior to this position, Mr. Green was Director, Investigation and Protections Operations at Blackberry where he was responsible for global cyber and physical investigations, security operations centers, network security architecture, technical surveillance countermeasures, and threat intelligence programs. He also served as a senior vice president across several areas at Bank of America.

Mr. Green has extensive experience working with international and federal law enforcement agencies both as a special agent in the United States Secret Service and as an officer in the United States Army. With the Secret Service, Mr. Green worked protection and fraud investigations. He was one of the first agents to receive formal training on seizing and analyzing electronic evidence, and he worked on a number of international cyber crime investigations. Mr. Green serves on several advisory councils including the Financial Services Information Sharing and Analysis Center and the Overseas Security Advisory Council. He holds a bachelor’s degree in mechanical engineering from the United States Military Academy at West Point; is a graduate of the FBI’s Domestic Security Executive Academy; and holds a graduate certification in Information Assurance from George Washington University.

Stacey Halota

Vice President, Information Security and Privacy, Graham Holdings

Stacey Halota joined Graham Holdings Company (then The Washington Post Company) in 2003. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance, and other data protection efforts. Halota has more than 25 years of experience in the information technology, security, and privacy field. Before joining Graham Holdings, she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice.

Ms. Halota serves on the advisory boards of CyberVista, Y/L Ventures, and the International Consortium of Minority Cybersecurity Professionals. She is a Certified Information Systems Security Professional (CISSP) and a Certified Information Privacy Professional (CIPP).

Shawn Harris

Senior Director of Information Security, Chipotle Mexican Grill

Shawn Harris is the Senior Director of Information Security at Chipotle Mexican Grill (NYSE: CMG). In this role, he is responsible for Security Architecture, Engineering, Operations as well as Governance, Risk and Compliance teams.

With over 25 years of cybersecurity experience, Shawn holds multiple industry certifications, including Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), Certified Cloud Security Professional (CCSP). He is on the board of directors for Hackers for Change and is an advisory board member of several prestigious organizations including Cybersecurity Competency Group (CSCG), RSA Conference Program Committee, and the Microsoft Cybersecurity Customer Advisory board. He is the co-chair of the CSA Cloud Control Matrix working group and was named one of Security Magazine’s Top Cybersecurity Leaders in 2021. Shawn has spoken at several esteemed events, most notably the RSA Conference and ISC2 World Congress.

Shawn is passionate about building and strengthening highly engaged teams, fostering a culture of growth and forward-thinking mindsets. He coaches through challenges to empower individuals to think and operate independently and drive innovation. When not working, you can find Shawn in his home-built campervan exploring the Southwest with his wife and two dogs.

Lori Havlovitz

Chief Information Security Officer, Haleon

Lori Havlovitz has recently transitioned to a new role as the Chief Information Security Officer at Haleon. Prior to her new role, Lori lead the global information security team at Cardinal Health which included cybersecurity operations, information security architecture, technology risk management, IT compliance, and IT resiliency. While at Cardinal Health, Lori has held roles of increasing responsibility in applications development and shared services as well as enterprise architecture.

Lori was with Cardinal Health for 20 years. Before joining the organization, Lori worked with Nationwide Insurance focusing on system integration project management in the property and casualty business.

Diversity and inclusion is a passion for Lori. She has held a variety of roles including chairing the Women’s Initiative Network and as an executive sponsor for the Women in Information Technology employee-led group at Cardinal Health. Lori has also been a key leader in the creation of two sponsorship programs for technology employees – one focused on women and one focused on Black and African American employees.

Lori makes community outreach a focus including non-profit leadership and volunteering. She served as the secretary and vice president of Adaptive Sports Connection (formerly known as The Adaptive Adventure Sports Coalition). Lori is a two-time cancer survivor and volunteers in the Help Others Through Peer Experiences program at The Ohio State University Comprehensive Cancer Center.

Tim Held

Chief Inofrmation Security Officer & Executive Vice President Information Security Services, US Bank

Tim Held serves as Chief Information Security Officer and Executive Vice President of Information Security Services for U.S. Bank. He is responsible for leading a multidisciplinary information security team operating across the United States, Europe, and Asia focusing on prevention, detection, and response. Areas of responsibility include architecture, engineering, security operations, incident response, data loss prevention, vulnerability assessment services, online fraud detection, security monitoring, insider threats, and cyber threat intelligence.

Tim has 21 years of information technology experience, with 17 focused on information security and risk management. His diverse background blends rich leadership experience with deep technical acumen. Prior to joining U.S. Bank in 2005, Tim enjoyed a successful career in both leadership and technical hands-on roles at Fifth Third Bancorp, Jireh Consulting Group, and AAA Travel and Insurance Services. Areas of responsibility included security consulting, security architecture, application development, network security, biometric development, employee fraud, and theft detection.

He is an active member and advisor on the committee for the Association of Certified Fraud Examiners. He is also active in various security and fraud working groups within the industry, including participation with BITS, FS/ISAC, and OWASP. Tim earned a Master of Science in Information Security Management from Colorado Tech University, an NSA school of excellence. He also earned professional certificates in Information Systems Security, Information Systems Security Management, Security Certification and Accreditation, and Project Management (PMI sponsored). Additionally, Tim attended Stanford University’s Advanced Computer Security Program, and the Pacific Coast Banking School at the University of Washington.

Curley Henry

Executive Director, Cyber Security Strategy and Architecture, Southern Company

Curley Henry, Vice President and Deputy Chief Information Security Officer for Southern Company, is responsible for strategic cybersecurity initiatives and leads security architecture and consulting, cyber risk and assurance, and identity governance across the enterprise (IT) and critical infrastructure (OT). Curley has 25+ years’ experience in information technology and cybersecurity where he has created and led diverse teams to develop, implement and maintain effective strategies to reduce cyber security risk.

Curley works closely within the utility industry, engaging with state public service commissions, Department of Energy, the National Labs, Electric Power Research Institute (EPRI), and leaders from other utilities. He also engages in the cybersecurity technology industry, working closely with executives who are developing innovative solutions to pressing challenges.

Before joining Southern Company, Curley served in senior leadership roles at E* Trade Financial, Hewlett-Packard, and IBM. Earlier in his career, Curley was a Department of Defense consultant where he led a team to design, build and manage the first 24x7 security operations center for the U.S. Army Reserve Command. He began his career in the military and was a founding member of the U.S. Army Reserve’s Information Operations Command, which provided cyber security and information assurance support to installations and units across the continental Unites States.

A native of Columbus, GA, Curley studied engineering at Georgia Institute of Technology (Georgia Tech) before joining the military. He holds a bachelor’s degree in Computer Information Systems from Saint Leo University along with several security and technical certifications. He also serves on the Industrial Advisory Board for the new School of Cybersecurity and Privacy at Georgia Tech.

Darren Highfill

Chief Information Security Officer, Norfolk Southern Corporation

Darren Highfill serves as the Chief Information Security Officer, protecting critical information assets, business systems, and computer hardware for Norfolk Southern Corporation. He is responsible for maintaining, developing, and leading the team of cybersecurity professionals comprising Norfolk Southern’s Information Security program.

The Information Security team is responsible for the monitoring of compliance to cybersecurity policies and standards and works cooperatively with other groups within the business units responsible for information security. The Information Security program includes teams responsible for identity and access management, cybersecurity architecture, cybersecurity operations, a cybersecurity operations center, disaster recovery planning, business recovery planning, general office emergency incident response planning, cybersecurity awareness training, employee and customer privacy protection, and industrial controls cybersecurity protection.

Darren’s background is focused on cybersecurity for critical infrastructure and operations technology – in particular, within electric power transmission and distribution, with experience in the development and application of national and international cybersecurity standards as well as cybersecurity governance, architecture, policy, and risk management. He has been focused on cybersecurity solutions for critical infrastructure since 2004.

Shaun Khalfan

Senior Vice President & Chief Information Security Officer, Discover Financial

Shaun currently serves as the Senior Vice President, Chief Information Security Officer for Discover Financial Services. In this role, he leads the Information Security organization with overall responsibility for implementing the information security strategy and objectives, including strategies to monitor and address current and emerging risks and a strong cyber engineering function.

Shaun has over 20 years of IT experience with specialization in information security and risk management. Shaun has held roles in increasing responsibility at the Department of Defense, culminating in the role of Chief Information Security Officer for the Department of Homeland Security, U.S. Customs and Border Protection. He was Vice President, Chief Information Security Officer at Freddie Mac where he was responsible for company-wide cybersecurity risk reduction efforts, security architecture, securing cloud transition, modern software delivery transformation, and end-user experience enhancement initiatives. Most recently, he served as Managing Director, Chief Information Security Officer at Barclays International.

Shaun is a graduate of the University of Maryland and has an MBA from the George Washington University School of Business. He serves on the board of the Financial Services Information Sharing and Analysis Center (FS-ISAC), is an adjunct professor at Carnegie Mellon University, and Army combat veteran. Shaun is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and a graduate of the Department of Defense Executive Leadership Development Program.

Donna Kidwell

Chief Information Security & Digital Trust Officer, Arizona State University

Donna Kidwell is an internationally recognized thought leader who leads teams and manages technology initiatives within research universities to prepare students for the challenging and ever-changing nature of work and learning. Today, Ms. Kidwell is the Chief Information Security and Digital Trust Officer at Arizona State University.

Building trust is more precious than ever in today’s data driven world and Donna is working with colleagues to ensure that the digital experiences for the ASU family are safe, secure and trustworthy, including compliance with GDPR, FERPA, and Privacy By Design - just to name a few!

Donna teaches and mentors entrepreneurs in innovators in the U.S. and speaks on these topics at international conferences.

Donna is passionate about generating wealth through the production of new knowledge and has worked to implement innovation, commercialization and entrepreneurship programs in Brazil, Colombia, Egypt, France, Hungary, India, Indonesia, Jordan, Kazakhstan, Kenya, Korea, Mexico, Norway, South Africa and Russia.

Kate Kuehn

Chief Trust Officer, AON

Kate Kuehn has been an active thought leader in Security & Advanced Network Technologies for over 20 years. As the Chief Trust Officer (CTrO) for cyber security at Aon, she aligns global cyber initiatives with internal practice and policy to drive trust, transformation, and risk mitigation internally, with clients, and within the entire cyber community.


Early in her career, she had been given the opportunity to work with and lead some of the most innovative technologies that have shaped our industries. She led some of the industry’s first projects in DDOS, Ethernet as a network (CPA), SaaS and IaaS, and was on the front line with some of the earliest attacks against the financial services markets.


Kate has purposely executed multiple roles across her career from CISO, CEO, Board of Director, Advisor, strategic business development / alliances, leading sales and engineering teams, and now as a CTrO (Chief Trust Officer. In her role at Aon, before her role at Aon, she has worked for companies including vArmour, Senseon, BT Group plc, and Verizon. The culmination of her experience ensures Kate always brings expertise and a fresh perspective on emerging trends within cybersecurity.


Kate has two main passions in life: bleeding-edge technology that helps secure our world and developing world-class people and companies. Kate is a trusted advisor in the industry and holds positions on several boards including Redshield and Cybermainacs She is currently an Advisory Board Member for vArmour, Senseon, rThreat, and Net Thunder. She was also recently appointed to the IEEE steering committee for Cyber Security, and collaborates regularly with ISSA, SINET & WSTA.


In addition to professional endeavors, Kate loves to give back to her community. She is active in a number of STEM initiatives including CORNCON, the Docent Group and the University of California, Berkeley. Kate also spends time as a volleyball coach at her children’s school.

Phil Malatras

Chief Security Officer of the Western Digital Federal Business & Senior Director of Global Information Security, Western Digital

Phil Malatras is the Chief Security Officer of the Western Digital Federal business, and a Senior Director of Global Information Security at Western Digital. He has been an IT and InfoSec leader for more than 25 years spanning multiple technology and functional disciplines. He leverages that breadth of knowledge and experience to effectively balance the priorities of the business with the realities of modern cybersecurity risks and challenges.

Prior to joining Western Digital in 2016, Phil spent five years at Broadcom, 13 years at Cisco Systems, plus early career positions in software engineering and IT infrastructure and services management. He holds an MS in Computer Science preceded by a BS in Computers and Management.

Kevin McKenzie

Vice President & Chief Information Security Officer, Dollar Tree Inc.

Dr. Kevin McKenzie is Vice President of Information Technology and Chief Information Security Officer (CISO) for Dollar Tree Stores Inc. Dollar Tree is a publicly traded Fortune 150 company with revenues in excess of $20 billion that encompasses both Dollar Tree and Family Dollar retail stores. Headquartered in Chesapeake, Virginia, Dollar Tree operates thousands of stores across all 48 states of the contiguous United States along with five Canadian provinces.

Strategically, Kevin is responsible for establishing the vision, mission, and security posture for the combined Dollar Tree enterprise and tactically accomplishes this through his oversight of Governance and Risk Compliance, Security Operations, and Network Security. Kevin holds an undergraduate degree in Management, a master’s degree in Industrial Management, and a Doctorate in Career and Technology Education from Clemson University. He also holds the Certified Information Systems Security Professional (CISSP) and ITIL professional certifications.

In addition to his corporate officer role, Kevin remains an actively engaged member of the faculty at Clemson University. He serves on the strategic advisory board for the International Consortium of Minority Cybersecurity Professionals (ICMCP) and the technology advisory board for Tidewater Community College. Additionally, he’s also an advisory board member for tech companies in the security industry. He has helped author multiple Congressional testimonies and personally participated in a Congressional town hall event about information security topics.

In 2013, Kevin was named the ISE Southeast Executive of the Year Award Winner and, later that year, the North America Information Security Executive of the Year for the Public & Academic Sector by Tech Exec Networks (T.E.N.). That same year, Kevin also received the America’s Information Security Leadership Award (ISLA) by ISC2—representing all of North America, South America, and Central America. In 2017, Kevin was honored and recognized as a ‘Roaring 10’ award recipient of Clemson University where ten alumni are named annually who have made an impact in business, leadership, community, educational, and/or philanthropic endeavors while upholding the university’s core values of honesty, integrity, and respect.

Previously, Dr. McKenzie was CISO and Executive Director for the Office of Information Security and Privacy at Clemson University where he established the university’s strategic direction in information security, mentored and taught students as a Research Professor in Electrical and Computer Engineering, created a student-led Security Operations Center (SOC) designed as an immersive experience for the students, served as Chief Security Officer to multiple statewide healthcare organizations comprising more than $7 billion in healthcare transactions, and protected one of the nation’s premier higher education environments classified as a top-tier Highest Research Activity (R1) research institution under the Carnegie Classification of Institutions of Higher Education.

Michael McNeil

Senior Vice President & Global Chief Information Security Officer, McKesson

Michael C. McNeil is the current Senior Vice President, Global Chief Information Security

Officer (CISO) at McKesson Corporation. McNeil is responsible for enhancing and overseeing

McKesson’s information and operational technology security strategy program, as well

managing information security governance. He will also ensure the execution of McKesson’s

cybersecurity strategy across the enterprise. McNeil has an extensive background in

cybersecurity and significant experience in the healthcare industry. Most recently, he served as

the Global Product & Security Officer for Royal Philips where he deployed consistent processes

across the entire portfolio of healthcare products and services. He has also held senior

leadership positions at Medtronic, Liberty Mutual Group, Pitney Bowes, and Reynolds &

Reynolds. Michael holds several board and executive member positions, including the

Healthcare and Public Health Sector Coordinating Council (HSCC) Executive Committee, the

Health Information Sharing and Analysis Center (H-ISAC), the National Black MBA

Association (NBMBAA) and the Association for the Advancement of Medical Instrumentation

(AAMI). He has also provided expert testimony before Congress on matters concerning

cybersecurity and data privacy. Michael holds an MBA from Northwestern University, J.L.

Kellogg Graduate School of Management and a Bachelor of Science Degree from the University

of Illinois. Michael and his wife, Devita, are the proud parents of two children and are doting

grandparents. Michael is an avid listener of Smooth Jazz and he loves traveling to jazz festivals

in his spare time.

Lucia Milică

Vice President & Global Resident Chief Information Security Officer, Proofpoint

Lucia Milică Stacy serves as VP, Global Resident Chief Information Security Officer at Proofpoint, a leading cybersecurity and compliance company. She is a senior technology leader with over 20 years of extensive technical and business experience. In her previous role, Lucia was the VP, Chief Information Security Officer & Chief Privacy Officer for Polycom, where she managed all aspects of data privacy and information security. She has also held leadership and technical roles in IT governance & strategy, security risk and compliance, corporate and product security, data privacy, and IT infrastructure at other companies, including HP, Palm, Wells Fargo, and Franklin Templeton. Many organizations in the cybersecurity industry and broader business community have asked her to speak at their conferences, symposiums, and other events. She has also extended her contributions to her profession by serving as an advisory board member and active participant with the cybersecurity industry and relevant industry groups, including board membership on the National Technology Security Coalition, and service with the Department of Health and Human Services (HHS) 405(d) Cybersecurity Task Group, SC Media Advisory Board, and Forbes Technology Council. She has a Master of Science in Information and Cybersecurity degree from the University of California, Berkeley. She also holds Master’s in Business Administration and Juris Doctorate degrees.

Allison Miller

Chief Information Security Officer and Vice President of Global Enterprise Information Security, UnitedHealth Group/Optum

Allison Miller serves as the Chief Information Security Officer and Senior Vice President for Optum. Allison has accountability for the Enterprise Information Security Officers for the Group, Security Incident Response/Technical Investigations, Security Policy and Global Cyber Regulatory Programs. In her existing role, Allison has developed a global security framework for the enterprise with a focus towards patient safety, security of clinical operations and a global cyber crisis response plan.

Prior to her role with the Global Enterprise Information Security Office, Allison served as the Director of National Healthcare Compliance for UnitedHealthcare, Chief Privacy Officer for OptumHealth and Deputy Chief Privacy Officer, National Privacy Director for UnitedHealthcare.

In addition to global cybersecurity, Allison has over 20 years of experience in health information systems and crisis management. During her tenure at UnitedHealth Group, Allison developed systems to identify the gaps in care and predict health outcomes for individuals with chronic conditions. Allison is a volunteer EMT and First Responder in the State of Louisiana serving residents during Hurricanes Katrina and Isaac. Most recently, Allison had the privilege of serving Refugees in Greece providing healthcare support to the clinicians on the frontlines.

Allison’s undergraduate (BA) studies were in Political Science and Sociology; she has completed Executive Education & Management post-college at Wharton, Kellogg Executive Education and MIT Sloan. She was part of the cohort that authored and attained the ISC2 Healthcare Information Security and Privacy Professional Certification and holds her HCISSP, in addition to holding certifications from GIAC, ISACA, HCCS and other technology areas of focus beyond security.

Allison continues to volunteer her time across organizations to help raise the level awareness regarding emerging cyber security landscape and the threats they present to patient care globally. In 2021, Allison partnered with the University of Minnesota to launch the Center for Medical Device Cybersecurity, the first program focused on the intersection of cyber risk, medical devices, and the delivery of patient care. The mission of the CMDC is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

Allison is passionate about diversity and inclusion. She serves on the Board of Directors for Women in Cybersecurity (WiCys), Strategic Advisor to Black Girls in Cyber, CyberIreland and speaks publicly at schools and colleges around the globe.

Mathew Newfield

Corporate Chief Information Security Officer, Unisys

Mathew Newfield joined the Unisys leadership team as the Corporate Chief Information Security Officer in March 2018. He leads the Unisys Corporate Information Security team with responsibility for design, development, and implementation of the company's corporate information security and risk programs across all regions and functions. Newfield has over 19 years of experience in information technology with a focus on security, software as a service operations, risk auditing and management, and international mergers and acquisitions.

Prior to joining Unisys, he was the Director of Global Managed Security Services for IBM where he had responsibility for delivery services in 133 countries and managed a staff of 1,500 security professionals. Newfield led the Managed Security Practice that performed Device Management, Threat Intelligence, Managed Security Information and Event Management, Account Governance, Project Management, Deployment Services, New Service Integration Business Operations, Compliance/Governance and Architecture Services. Newfield was also the Business Unit Information Security Officer and Global Process Officer for IBM's Security Services Organization. During his time at IBM, Newfield streamlined operational processes and developed cost reduction methodologies that improved cost control, profitability, and client delivery. Prior to IBM, Newfield held senior security leadership roles at Cybertrust, RSA, and DDC Advocacy.

Newfield is a published author on topics related to security, a speaker on cybersecurity, and has been an instructor at the SANS Institute. In addition, he holds a Bachelor of Science degree in Industrial and Organizational Psychology from George Mason University.

David Nolan

Vice President, Information Security, Aaron’s

As the Senior Director of Information Security at Aaron’s, David is accountable for information security and risk leadership, strategy, budget, and operational excellence. He is a servant leader and mentor to a robust team of information security professionals and managers covering Application Security, Incident Response, Governance Risk and Compliance, Emerging Technology Security, Endpoint Protection, and Information Protection.

David has spent over 20 years in the information technology industry in various roles. He previously served as a Manager of the Threat, Attack and Penetration testing services team, Application Security Architect, deployment manager, and various lead developer roles for Caterpillar Inc. He has additionally held positions at companies including State Farm Insurance and the Central Intelligence Agency.

David is a regular speaker at colleges, corporations, and industry conferences including the (ISC)2 Security Congress, ISSA, and ISACA conferences, is active on various industry advisory boards, and is the Education Chair for the Atlanta chapter of InfraGard.

Michael Palmer

Chief Information Security Officer, Hearst

Michael Palmer is the chief information security officer for Hearst, a leading diversified media, information and services company with over $10 billion in annual revenue. Hearst’s portfolio of more than 360 companies spans cable television networks such as A&E, HISTORY, Lifetime and ESPN; global financial services leader Fitch Group; and Hearst Health, a group of medical information and services businesses. Palmer leads enterprise-wide vision, strategy and architecture of information security and technology risk management. Palmer brings his expertise to evangelize IT security across Hearst’s portfolio, integrating IT security as a critical component of business operations.

Formerly, Palmer served as a key member of the NFL’s executive team, responsible for governing the league’s cybersecurity strategy, policies and programs while protecting its brand, intellectual property and assets. As the first chief information security officer in the NFL, Palmer’s inaugural role was the result of his ingenious work ethic, dedicated problem solving and ability to pitch the business case for having an information security office. Palmer recognized a need in the organization and created the CISO office from the ground level in 2012.

Palmer’s background includes 20+ years of broad cybersecurity and enterprise risk management experience, including deep specialization in corporate technology infrastructure, identifying threats and pinpointing vulnerabilities. Palmer works to expose inherent business risks and is adept at spearheading strategies on how to best address them. As a proven trailblazer, change agent and subject matter expert in information security, Palmer works closely with his colleagues, providing guidance on security and risk issues.

An industry thought leader, Palmer serves on the Grambling State University Technology Advisory Board and Rochester Institute of Technology Computer Security Advisory Board. In his work at the colleges, he helps to shape the educational programs that train the next generation of cyber defenders. Some of Palmer’s awards include the CISO Executive Summit Breakaway Leadership Award (2018), Global Leadership Forum (GLF) Superstar (2018) and Information Technology Senior Management Forum (ITSMF) Member of the Year (2017).

Palmer also co-chairs the governing body of the New York CISO Executive Summit (Evanta), an organization that fosters collaboration and knowledge sharing across the New York CISO community. He is a member of the programming committee for RSA 2019 CISO Boot Camp and CISO Insight track, creating educational content for the world’s largest cybersecurity conference.

Passionate about diversity and inclusion in the technology space, Palmer serves on the International Consortium of Minority Cybersecurity Professionals (ICMCP) Strategic Advisory Board to help bridge the great cyber divide, working to attract more women and minorities into the information security industry. Previously, Palmer also served as a committee chair of the NFL’s Diversity Council, a governing body that works to provide increased opportunities and exposure to women and diverse professionals within the NFL.

Palmer earned a U.S. Department of Homeland Security Secret Clearance and holds several industry certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (CCISO), Certified in Risk and Information Systems Control (CRISC), Certified Information Privacy Manager (CIPM) and Information Technology Infrastructure Library V3 (ITIL V3).

He obtained a bachelor’s degree in business administration with a major in computer information systems from Baruch College. He is also part of the Department of Homeland Security Commercial Facilities Workgroup Governing Board of Directors and Information Technology Senior Management Forum (ITSMF).

Mike Priest

Divisional Vice President, Chief Information Security Officer, Globe Life

Mike Priest is an Information Security leader with over 20 years of experience in IT and Information Security. Mike has a diverse background supporting organizations in both the public and private sector including insurance, healthcare, and defense industries. Mike has a strong background in creating and executing business-aligned strategy and governance, utilizing various frameworks, methods, and standards including NIST, ISO, ITIL, TOGAF, FIPS, HIPAA, PCI DSS, and others. Mike holds a B.S. in Information Systems and an M.S. in Cybersecurity from the University of Maryland Global Campus as well as several industry certifications.

Steve Pugh

Chief Information Security Officer, InterContinental Exchange (ICE)

Steve Pugh has served as Chief Information Security Officer (CISO) of Intercontinental Exchange, Inc. (NYSE: ICE) since September 2021. He leads the cybersecurity program for all of ICE, including the New York Stock Exchange, securing critical economic infrastructure across multiple subsidiaries, geographies and regulatory jurisdictions. Further, Pugh is responsible for cybersecurity across regulated futures and options exchanges, central counterparty clearing houses (CCPs), trade repositories, equities venues and systemically important financial market utilities (SIFMUs).

Prior to joining ICE, Pugh served as the former Chief Information Security Officer of the White House Military Office and has more than 25 years of experience in cybersecurity, national security, and intelligence. Most recently, he was the Chief Security Officer for Twilio.

Pugh has served under three U.S. Presidents as a military communications aide. He spent 18 years in the U.S. Air Force as a cyber warfare officer and deployed in support of Operation Iraqi Freedom. Pugh holds a Bachelor of Computer Science from Valdosta State University and a Master of Management from the University of Phoenix. He serves as a board member for the non-profit Savvy Cyber Kids which focuses on cyber safety for preschool through high school students.

Stephen Richardson

Chief Administrative and Compliance Officer

Steve brings 28 years of government experience to Scientific Games, including 22 years with the Federal Bureau of Investigation. He oversees all aspects of Information Security, Information Technology, Compliance, Human Resources, Procurement, Facilities and Internal Auditing for the company. He joined Scientific Games in 2018 as the Chief Compliance Officer and Director of Global Security, lending his extensive experience as a senior executive with the FBI’s Operational Technology Division and Criminal Investigative Division. During his tenure at the FBI, most recently as the Assistant Director of the FBI’s Criminal Investigative Division in Washington, D.C., Steve held a number of positions related to criminal and cyber threats, financial crimes, foreign corruption, money laundering and illicit finance. He was nominated for the Presidential Rank Award granted by the U.S. government to career senior executives, and was a finalist for the Samuel J. Heyman Service to America Medals. Previously, Steve was a highly decorated employee of the Tennessee Bureau of Investigation, receiving a Medal of Valor from the State of Tennessee for his work on high-profile criminal investigations. Steve holds a Bachelor of Business Administration in Accounting from East Tennessee University, and an MBA from Duke University. Additionally, he has earned a Business Law Certificate from Vanderbilt University and is a Certified Fraud Examiner.

Ray Rothrock

Executive Chairman, RedSeal, Inc.

Ray is presently Executive Chairman of RedSeal, Inc. an enterprise cyber security company based in San Jose, CA and founder of FiftySix Investments LLC, a seed stage investment fund.


In 2013 Ray transitioned to Partner Emeritus of Venrock, an early-stage tech investment partnership originally formed by the Rockefeller family. During his 25-year career at Venrock he invested in 53 early-stage technology companies. He led both the Internet and energy investment programs and was a member of the management committee for Venrock. His market leading cyber security investments included Check Point Software, Vontu, PGP, Imperva, CloudFlare, and Shape Security to name a few.


His Venrock track record included 9 IPOs that resulted in his being listed on the Forbes Midas List. A leader in the venture industry he was elected by his peers as chairman of the National Venture Capital Association for 2012-13. He serves on the boards of Check Point Software Technology (NASDAQ:CHKP), Roku, Inc. (NASDAQ: ROKU) and several private companies including Team8 and TAE Technologies, a clean fusion energy company.

Richard Rushing

Chief Information Security Officer, Motorola Mobility

Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC. Richard participates in corporate, community, private, and government security councils and working groups, setting standards, policies, and solutions for current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the organization's security effort by developing an international team to tackle targeted attacks, cyber-crime, and emerging threats to mobile devices. He has organized, developed, and deployed practices, tools, and techniques to protect the enterprise's intellectual property worldwide. A much-in-demand international speaker on information security, Richard has spoken at many of the leading security conferences and seminars around the world.

Eric Seagren

Chief Information Security Officer, Oceaneering

Eric Seagren currently serves as the Chief Information Security Officer at Oceaneering International. Eric’s career in IT started in 1996 and has progressed through various positions including desktop support, server administration, network engineering, risk management, disaster recovery, and cybersecurity across diverse fields such as banking, real estate, oil and gas, aerospace, and defense. This breadth and depth of experience helps Eric understand information technology with a “big picture” perspective. Leveraging this broader perspective, Eric’s focus is to design security policies and solutions that respect the business needs and operational requirements of the organization, maximizing effectiveness while minimizing impact. Eric has experience working in organizations of all levels of IT security maturity, including building a security program from the ground up.

Eric holds a Bachelor of Science in Business: Information Systems. He is also a published author with multiple publishing credits and technical certifications including CRISC, CISA, CISSP-ISSAP. Some of Eric’s publications include “Secure Your Network for Free" and “How to Cheat at Configuring Open Source Security Tools” (co-authored).

Oceaneering International is a global organization with offices in 25 countries and does business in the aerospace, entertainment, material handling, military and defense, and oil and gas industries.

William Shields

Chief Information Security Officer & Executive Vice President, TransUnion

Bill Shields is an information security executive with over 22 years’ experience, including ten years in senior leadership roles. His leadership philosophy is people-driven – he believes in empowering people to drive success through a balance of security and the overall user experience.

His passion for security springs from his engineering background, solving complex problems through creative thinking, and using data and analytics to drive thoughtful decisions. His background spans skills in strategy, financial decision making, resourcing and engineering, giving him a unique perspective and ability to build programs from the ground up or take existing programs to the next level.

His past efforts have focused specifically on the engineering and defense discipline, including critical security functions such as incident response, forensics, investigations and security tool engineering and operations; using intelligence to defend a technology ecosystem.

In his current role, Bill leads a global organization that supports end-to-end security efforts across the business, leading a team of talented group of seasoned analysts, engineers and leaders to protect TransUnion systems, data and associates.

Mark Strosahl

Chief Information Security Officer, Penn Mutual

Mark Strosahl joined Penn Mutual in March 2022 after serving as Business Information Security Officer (BISO) at Principal Financial Group for their Retirement, Banking, and Trust and Custody business lines. During his 14 years at Principal, Mark served in various IT & Security roles and presented on information security to hundreds of clients. Mark also served as a board member of the SPARK Data Security Oversight Board, co-chair of the Retirement Industry Council for FS-ISAC, and a member of InfraGard.

Mark received a master of business administration degree from Iowa State University, a master's certificate of Cybersecurity from Harvard University Extension and a bachelor’s degree in Management Information Systems from Iowa State University. He holds 4 cyber security certifications including Certified Chief Information Security Officer (C-CISO), Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), and Certified Information Security Manager (CISM). He also holds his Series 99 and is registered with HTK.

Bob Varnadoe

Chief Information Security Officer, NCR Corporation

Bob Varnadoe is the Chief Information Security Officer for NCR Corporation. His duties include overall information security and operational / IT aspects of NCR’s privacy program, IT risk management, compliance company-wide, training and awareness for information security, and oversight of the deployment of security technologies. Bob works with NCR’s lines of business (Professional Services, Legal, Internal Audit, Customer Services and Hardware/Software Engineering) to develop and build out the company-wide strategy for information security. He also represents the IT organization as a part of NCR’s Enterprise Risk Management committee.

Prior to NCR, Bob was with Fiserv Corporation where he was responsible for information security within Fiserv’s corporate risk organization. His team was responsible for information security oversight, governance, and strategy across Fiserv’s business units. The team also provided consulting to Fiserv’s divisions and operating units for information security matters. During his tenure at Fiserv, Bob led teams focused on information security engineering and operations for network infrastructure, distributed systems, and mainframe systems. He also led teams focused on application security testing, consulting, and information security strategy, and he built Fiserv’s security operations center.

Bob joined Fiserv through the acquisition of CheckFree Corporation where he was responsible for information security strategy within CheckFree’s corporate function. Prior to joining CheckFree, Bob was IT Director for an architecture and engineering firm in Atlanta. He has over 20 years of experience in data networking and information systems, 15 years of which were spent exclusively in the security field. Bob holds a bachelor’s degree in electrical engineering from the Georgia Institute of Technology.

Brian Waeltz

Senior Vice President & Chief Information Security Officer, Cardinal Health

Brian is a Senior Vice President and the Chief Information Security Officer at Cardinal Health. In this role, he is responsible for implementing the overall information security strategy for the global organization, including areas such as cyber operations, security architecture, resiliency, compliance, third-party risk management, commercial solutions security, and the Business Information Security Officer organization. Over his 19+ year career at Cardinal, he has spent time leading teams in Risk Management & Compliance, IT Shared Services, IT Service Management, and in business-facing roles supporting Operations and highly-regulated platforms. These unique experiences have helped provide him a well-rounded perspective on security challenges from both a technical (infrastructure and applications) and business operations perspective – and they are being put to use as he helps Cardinal continue to grow and expand its information security capabilities.

Brian holds dual bachelor’s degrees in Accountancy and Management Information Systems from Miami University in Oxford, Ohio. He gives back to his community through involvement in various charity activities, as well as supporting emerging cybersecurity programs at his alma mater and local school district. He is also an advocate for diversity, equity, and inclusion in the information technology and security field, and serves as the executive sponsor for the Women in Technology employee resource group at Cardinal Health. In his spare time, he enjoys spending time with his wife and two sons, being actively involved in their church, traveling, and rooting on his favorite sports teams.

Steven Weber

CISO Chief of Staff, AbbVie

Steven Weber is the Chief of Staff to the CISO of AbbVie. In this role, he is responsible for managing the departmental budget and project portfolio, leading global security awareness and communications, coordinating AbbVie’s industry collaboration efforts, and managing cross department information security activities.

Prior to joining AbbVie, Steven spent 18 years with Cardinal Health. In his final role, he led the governance, risk and compliance team within the information security function. This included IT compliance, third party risk management, IT risk governance and IT risk management.

Steven and his family are avid global travelers exploring the world and learning new cultures.

Reginald Williams

Chief Information Security Officer, The Chemours Company

Reginald Williams joined The Chemours Company in 2018 as the Chief Information Security Officer. He was instrumental in leading a 24-month Cyber Transformation program for Chemours with an emphasis on maturity and business alignment and as a high-impact results-oriented and customer-focused Information Security / Information Risk executive with over 25 years of experience, has helped multiple global corporations in their strategic execution of global cyber & information security programs. Reginald consistently executes a Cyber Risk-based methodology that aligns with Internal Audit and External Audit to develop annual audit plans for technology including post-audit activities regardless of the nature being statutory, regulatory or required under corporate governance. He thinks outside the box by understanding the relationships between Law, Policy, Regulations and Best Practices needed to accomplish corporate targets. He has served in high-profile consulting and leadership roles to gain the strong business acumen needed to develop CIO / CISO level security programs, and security solutions to address the information risks in data protection for corporate and customer data.

Reginald is very efficient in mapping regulations, frameworks, and best practices into a simplified framework in alignment with Business and Technology goals.This creates a manageable security program that helps the business meets their objectives. He has extensive experience in assessing and designing global security programs that use information risk which requires data protection across 9 of the 16 DHS sectors of Critical Infrastructure including: Chemical, Nuclear, Energy, Manufacturing, Financial Services, Dams and Transportation to name a few. These skills have been applied across a number of industries including: Chemical, Manufacturing, Internet and Technology, Energy, Medical, Financial, Healthcare, start-ups and various Fortune 500s.

Reginald is a results-oriented CISO that transformed a global Security Operation Center into a detection and response focus with the goal being to proactively hunt threats in the enterprise and respond to those threats before they become cyber incidents thus keeping the threat posture of the corporation at a manageable level. He has chaired multiple Cyber / Risk steering committees with each providing senior executive leadership the data needed to inform the Board, including a quarterly cadence with the Board on all matters related to Cybersecurity and Information Risk.

Jason Witty

Chief Security Officer, USAA

Jason Witty is currently the Chief Information Security Officer for USAA. Prior to his transition to USAA, Jason was the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. An award-winning CISO, Jason was recognized as a 2015 “CISO Superhero” at I.S.E. North America; the 2014 I.S.E. North America People’s Choice Award winner; 2013 “CISO of the Year” by the Information Systems Security Association of Chicago and the Association of Information Technology Professionals; and one of Information Security Magazine’s 2013 “Security 7” representing the Financial Sector. He is a highly rated public speaker, frequently keynoting on cyber security topics at large events including CSA Cloud Summit, Finsec, Infosec Europe, RSA Conference, SecureWorld, and others.

Before joining JPMorgan Chase, Jason was Executive Vice-President and Chief Information Security Officer at U.S. Bancorp, providing singular accountability for all information security controls in the company. And before U.S. Bancorp, Jason was the Senior Vice President and Cyberthreat Prevention Services Executive at Bank of America. He was responsible for a team of information security professionals spanning 8 countries who provided information security risk prevention and deterrence services, globally. He was simultaneously accountable for all information security controls outside of the United States for Bank of America Merrill Lynch, covering 48 countries.

Jason is a certified Information Systems Security Management Professional (ISSMP) who has played major leadership roles in information security throughout his career. He has 23 years of information technology experience, 21 focusing on information security risk management. Before his role at Bank of America, Jason was the First Vice-President of Security Services for LaSalle Bank N.A. He also led the internal Information Security team at The Options Clearing Corporation and served as Director of Global Security Architecture for Aon Corporation at its world-wide headquarters in Chicago. He combines strong organizational management and leadership skills with a high degree of technical knowledge, the result of hands-on information security experience early in his career at Allstate Insurance, N.A.S.A. Langley, Siemens, and Jefferson Laboratories.

Over his career, Jason has been involved in 54 acquisition related network integrations, set up secure eCommerce environments, and led multiple cross-industry forums.

Providing industry leadership, Jason is Vice-Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS/ISAC), a Board Advisor for ChicagoFIRST, Arbor Networks, and Qualys, and is a member of the Executive Committee of the Cloud Security Alliance (CSA). He was also on the Program Committee of the RSA Conference (2013-2016) and serves as FBI’s Chicago Infragard Sector Chief for Finance. Previously, he was the Chicago OWASP Chapter President (2006-2010).