2017 Award Winners

Mr. Patric Versteeg, credits obtaining the CCISO designation with rising to the level of CISO for Novamedia, the governing organization for the biggest charity lotteries in Europe. With offices in UK, NL, Sweden, and Germany, Novamedia is the world’s third largest contributor to charities.

As CISO of the Nigerian Stock Exchange Ms. Favour Femi-Oyelole brought with her a depth of skills spanning a wide range of industries and sectors. She is incredibly self-driven, motivated, positive, and innovative. She started the information security department from scratch at The Exchange, delivering 20 policies within 6 months of joining. Now managing over 120 such policies, she has consistently raised the bar of security awareness across the organization and market participants. Her interview on the Global CISO Forum will be coming soon!

Technical Expertise

Cisco, Riverbed, Juniper, Linux (Red Hat, Mandriva, Suse, Centos …), Unix, HP, IBM,

Sun, PHP, C/C++, SQL, Oracle, Sendmail, , DNS, DDNS, DHCP, NetCool, Optivity,

NMAP, Satan, , QIP, SSH, Unix Anti-Virus Tools, Veritas Nerve Center, LDAP, Open

NMS, Nagios, HP OpenView, ITO, NNM, OVO, Port Sentry and Security Scanning and

Detection Tools, various Auditing and Penetration Testing tools, Share Point 2010, ISO

27001/27002, DFF, Identity Management, NIST, OSSTM, ISSAF, Vmware, Xen Center,

Xen (or Zen), NexPose, Metasploit, AppScan, OWASP, Backtrack, Penetration,

Vulnerability, Reconnaissance, Scanning, Footprinting, Enumeration, NMap, network

security, operating system security, web application security, internal IS Audit.

Tobias Gondrom is the CTO Security at Huawei, responsible for the security of Huawei’s products and solutions, among them SDN, NFV, IoT and more. He is a global board member of OWASP (Open Web Application Security Project, with 40,000 participants, over 200 chapters and 3 major global AppSec conferences) and former chairman until December 2015. He has about 20 years of experience leading global teams in information security, software development, application security, cryptography, electronic signatures and global standardization organizations, working for independent software vendors and large global corporations in the technology, financial and government sector. And he holds the most senior business degree from London Business School, the Sloan Masters in Leadership and Strategy. Over the years, he has trained and advised more than a hundred CISOs and senior information security leaders around the world on the management and organization of security teams and programs. Since 2003 he is the chair of working groups of the IETF (www.ietf.org), including the current chair of the DOTS (DDoS Open Threat Signaling) WG, a member of the IETF security directorate, and since 2014 member of the IETF Administrative Oversight Committee (IAOC) and the chair of the IETF Trust. He has been in a number of project and chapter leadership roles for OWASP since 2007. Currently, he is serving as global board member, leading the OWASP CISO Report and Survey project and a contributor to the OWASP CISO Guide. Mr. Gondrom has also been serving as a member of the NIS Platform of the European Commission, advising the European Union on Cyber Security and Risk Management. He serves on the board of the CSA Hong Kong and Macau chapter and was an ISC2 CSSLP and CISSP Instructor. Tobias has authored the Internet security standards RFC 4998, RFC 6283 and RFC 7034, co-authored the OWASP CISO Guide, OWASP CISO Survey Report and the book Secure Electronic Archiving“ and is a frequent keynote speaker at conferences and author of articles on security.

Over more than 35 years, Bob van Graft has acquired a wealth of ICT knowledge and experience at the Dutch Ministry of Defense, the Dutch Ministry of Security and Justice and now as CIO and Director of Information Technology at VU Amsterdam – one of the top 5 Dutch universities according to the Leiden Ranking 2016.

Every day, there are about 30,000 users – employees, students, researchers – active on the network of VU Amsterdam. Safety is therefore a must, just like a 24/7 availability. Business continuity, security and talent development are key words for Bob in this proces.

As CIO and Director of Information Technology, Bob is always looking for new ideas and stimulating his staff to bring the network, infrastructure, security, applications, customer support, desktop engineering of VU Amsterdam to the next level. Be a frontrunner, is his credo.

Craig has spent 15 years building holistic security functions that combine the range of security disciplines under a single effective function. His wide ranging experience has allowed him to build truly business aligned security teams that achieve demonstrable results in risk reduction and demonstrate an ability to align security as a differentiator in the market place.

Craig brought to CDK extensive security experience and qualifications, including being a Certified Chief Information Security Officer (CCISO) and a Certified Information Systems Security Professional (CISSP). He lives in Fareham, England with his wife Kerry and their two young children.  In his spare time, he is an avid runner, having competed this year in a number of Ultra-Marathons.

Craig’s rare combination of business experience and expert security knowledge consistently allows him to demonstrate the ability to position security as a business enabler and not simply a ‘cost centre’.

An enigmatic and inspirational leader in the field, he is often called upon to represent his views in industry leading publications and through high profile speaking engagements.

Haripal currently serves as solutions director for Optiv, a market-leading provider of end-to-end cyber security solutions. In this role, he is responsible for leading and enabling a team that advises clients on their security solutions architectures.

Haripal learned early in his IT career that he had a passion for information security. Since then, he has focused on security and risk strategy, tactics, infrastructure, regulatory compliance and IS audit. He has a strong understanding and knowledge of IT governance, IT infrastructure and applications as well as regulatory compliance such as GDPR, FISMA, SOX 404, GLBA, OCC, FFIEC Standards, HIPAA and internal/external audit processes.

Mr. Mazzola is an accomplished security executive with over twenty years of experience managing global cyber security centers, building enterprise risk management programs and leading cross-functional security teams. He is currently the Executive Director of Global Cybersecurity Operations for Las Vegas Sands Corp., a Fortune 500 company based in Las Vegas, Nevada. His responsibilities include a global portfolio of Incident Response, Threat Intelligence, Digital Forensics, eDiscovery, Data Loss Prevention & Investigations, Cyber security Engineering as well as multiple Security Operations Centers (SOCs) strategically positioned throughout North America and Asia.

He currently serves on several boards and committees for publicly traded companies and institutions of higher education advising them on cyber security programs and industry best practices; including Guidance Software, University of Nevada Las Vegas, Dartmouth College, Southern Utah University, Cyber Strategies Corp., SNCA and ISC2. Additionally, he has worked to advance cyber security training and education programs as a Professor with the University of Maryland, Instructor at Amgen University, key advisor for the Cyber Education Program and co-author of the Information Security Management Handbook, Seventh Edition.

Cory has held leadership positions with industry-leading companies such as IBM, Verizon Business, General Dynamics, Computer Sciences Corporation, FireEye-Mandiant, U.S. Air Force, U.S. Department of Homeland Security, Amgen, University of Maryland and the Royal Bank of Canada. He managed national cybersecurity operations for the federal government in Washington DC and developed global cyber security incident response programs for the United States military. Additionally, he has helped build major cyber centers for governments and financial institutions around the world.

He is a regular contributor to several publications and guest speaker at industry events and international conferences. With faculty and fellowship posts, he regularly hosts cyber security training academies and workshops with international schools, universities and training organizations. Cory has an M.S. In Information Assurance, B.S. in Information Systems Management and several key industry certifications – GIAC/GPEN, CISSP, C|CISO, MCSE, etc. He also has advanced certifications from Cornell University, Carnegie Mellon, Stanford, Harvard and Dartmouth College.

He is author of two books on security, guides and several articles for main italian Security IT magazines.

He invented brand new services for security awareness, security compliance and risk management.

He started his career in security late in 1995, working firstly for local companies where he had the opportunity to develop from scratch security functions and security portfolios with great success.

Later he moved to international security consulting companies as Principal Security Consultant where he was asked to support customers in almost all continents. In this role he worked with enterprises and foreign governments to increase their security posture in the areas of compliance, risk management and technical countermeasures.

More recently Marco took over the responsibility of the Italian security consulting function of a telco company as Head of Security Italy, where he managed to push and optimize the security proposition.

Actually he is Senior Enterprise Security Architect for a well known international company for which he is responsible for South Europe and Middle East.

Sean has a 22+ year record of accomplishments ranging from launching an Internet Service Provider division, to building a national cybersecurity and compliance consulting business. He has a demonstrated ability to develop go to market strategies and aligning internal and external resources to execute and achieve successful business outcomes. In addition to his business acumen, Sean possesses deep expertise in cybersecurity, risk management, compliance, security governance, and security program development. He has held leadership roles for several large integrators such as Presidio, BlackBox, and MTM Technologies, and has had the privilege of consulting for many fortune 100 and 500 companies over his career.

Sean has previously held roles ranging from Principle Security Consultant to Director of Cybersecurity, and has recently been promoted to Sr. Director of Information Security to oversee security and compliance for Presidio in preparation for their IPO. He has successfully revamped Presidio’s security program to ensure compliance with SOX, PCI, HIPAA, and to align with ISO 27001 and the NIST Cybersecurity Framework.

Sean has two undergraduate degrees, as well as an MBA from West Chester University, and maintains numerous certifications including, CCISO, CISSP, CISA, CISM, CEH, CCNP, and PCI QSA. He has years of experience in ethical hacking, social engineering, compliance auditing for PCI DSS and HIPAA, risk assessments, and risk management, as well as policy development and implementation.

He is frequently requested as a keynote speaker for security related events around the country. Some of his latest speaking engagements include the 2017 Orlando ISSA Security Seminar, the 2016 Shriners IT Symposium, Ask the Expert 2015 & 2016, Tech Know Seminars in 2015 & 2016, and Exchange 2014 & 2015.

Sean currently lives with his wife and 10 children in the heart of Lancaster County Pennsylvania, approximately 60 miles outside of Philadelphia, where he gives back to his community through various volunteer positions. He has also served outside of the United States on humanitarian missions bringing aid to countries such as Grenada and Honduras.

At Cooley Mike built and is responsible for maintaining an ISO 27001:2013 certified Information Security Management System. His team maintains security policies, procedures, and controls that service over 2000 people worldwide.

Prior to Cooley, Mike served as an officer in the United States Navy aboard the USS SQUALL (PC-7) and USS ANCHORAGE (LSD-36). Mike is a graduate of the United States Naval Academy and holds a Bachelor’s of Science in Economics and a Master’s in Business Administration. Mike also holds industry leading certifications, including, Certified Chief Information Security Officer (C|CISO) and Certified Information Systems Security Professional (CISSP).

Blake has over 25 years of experience leading Information Technology Strategy, Development and Operations for several public and private companies in the Consulting, Telecommunications and Financial Services industries.

Blake holds a Bachelor of Science degree in Mechanical Engineering from Southern Methodist University, and a Strategic IT Management Certificate from the Scandinavian International Management Institute in Copenhagen, Denmark. Blake is currently working on a Master of Science degree in Information Security and Assurance at Western Governor’s University. Blake holds a number of industry certifications including CEH, CHFI, C-CISO, CISM and CISSP.

In 2011 and 2012, Blake’s efforts were recognized in the InformationWeek 500 listing of the most innovative business technology companies in the United States. In 2011, Ryan was ranked 130th, and in 2012, Ryan’s ranking rose to 98th. In both cases, Ryan was the highest ranked corporate tax services firm on the list.

In December 2012, Blake was named by Computerworld magazine as one of its 2013 “Premier 100 IT Leaders.” The Computerworld Premier 100 IT recognition is an international lifetime award that shines a spotlight on technology and business leaders from a broad range of organizations.

Outside the world of technology, Blake is a retired Rugby player, enjoys supporting his Rugby Club and the sport of Rugby at every available opportunity.

Jorge Mario is a professional with more than 17 years of experience in information technology, information security strategy, information security frameworks, vulnerability assessment, application and network penetration testing (OSSTMM & OWASP), information security awareness programs, consultancy, leader of several regional and global projects.

Jorge Mario has sought to strengthen his Information Security knowledge with certifications such as C|CISO, CISSP, CISA, CISM, CPTE CSWAE, Lead Auditor ISO 27001 & 22301, Cobit 5, ITIL v2011. As well as his executive knowledge by studying Masters degrees in Leadership, Business Administration, Project Management, Talent Management, and a PhD in Human Dynamics and Mental Health.

Aware that the most important Factor in information security is the Human Factor, he has introduced strategies such as Gamification in his information security awareness programs.

Hemant is an Information Security & Risk Management Professional offering 11 years of strong, decisive executive leadership in well-known organizations. He is a continuous learner with a passion for innovation in security risk management to drive bottom-line business contributions (optimizes security investments, avoid losses from security incidents, improve customer retention, enhance business decision-making, reduce corporate liability). At his current role, he is cultivating and leading a highly technical team, incorporating analytical, operational, research & development and vulnerability assessment skills in Information Security Risk management field within the organization. He is an active cyber security evangelist and speaker in various national and International forums. He has executed end-to-end implementation of ISO 27001, PCIDSS & ISO 20000 based projects with various clients in EMEA & APAC. His core competencies encompass information technology/information security strategy, policy and governance, security architecture, risk management, data privacy, vulnerability assessment, penetration testing and application security, ISO implementations and cyber security awareness trainings. Specially Hemant is passionate about cyber security awareness; he conducts awareness sessions for Senior Management, Board of directors, Students at colleges and for corporate employees. He has won various security awards for his overall contribution in Information Risk Management field.

Mr. John Young, an IT Leader with over 20 years’ experience managing teams in the public and private sectors of which two were BAFTA Award winners. Working under the parent company Novamedia, for our charity lottery based in the UK. Novamedia is the world’s third largest contributor to charities.