CISO Forum Speaker Committee

Paul previously served as the Chief Information Security Officer (CISO) at HD Vest Financial Services and has over 20 years of various security experiences. Those experiences include time spent as a Special Agent with the Air Force Office of Special Investigations, leading a global information security program for DynCorp International’s logistics and air operations for various government contracts, and leading the Drug Enforcement Administration’s Aviation Division vulnerability management program. Paul also takes part in the Strategic Threat Assessment & Response (STAR) work group lead by the IRS to help protect taxpayers and the integrity of the tax ecosystem. In addition, Paul has been a finalist in 2013, 2014, 2015 and 2016 for Certified CISO of the Year through EC-Council and now serves on the awards committee. Paul also serves on a variety of Cyber Security Advisor Boards and has a deep dedication to the information security community by mentoring other security professionals.
Paul holds a Master of Science in Management with a concentration in Information Systems Security and a Bachelor of Science in Business Administration in Information Technology from Colorado Technical University. Paul also holds the following information security certifications, Certified Chief Information Security Officer (C|CISO), Certified Information Systems Security Professional (CISSP), Certified Information Security Manger (CISM), Certified in Risk and Information Systems Control (CRISC), and GAIC Certified Incident Handler (GCIH).

Alan is director of risk, security and compliance at Ooyala – a media workflow software vendor. Previously he worked at the UK national broadcaster, the BBC and at Spanish telecoms company Telefonica. Alan started his career as a network engineer, was a researcher and a consultant before joining the UK public sector in various cyber security leadership roles.

Andrew Smeaton is a globally-experienced certified information security executive with a proven record of success in complex multi-stakeholder environments in Europe, North America and the Middle East. Andrew has over 21 years of experience across multiple governmental, banking and financial sectors. He is experienced in Cyber Security & Risk Management including acquisitions and disaffiliations and has a track record of developing and implementing security strategies from development through execution.
Andrew currently engages in two different arenas:
Chief Information Security Officer for MIB. In his role of Chief Information Security Officer, he serves as the senior enterprise security and business continuity professional who directly manages teams to develop and promote comprehensive security and business continuity/disaster recovery planning programs for the organization which was formed by 420 insurance entities (members) housing healthcare information that supports the industries’ policy and claim management functions.
Director of Security Strategy for Arcanum. Arcanum is a strategic intelligence company which provides services to sovereign governments and multinational corporations. Arcanum’s team includes experts from intelligence, law enforcement, military, cyber security, diplomacy and legal backgrounds with in-depth knowledge required to operate globally and discreetly on the largest multi-jurisdictional cases. In addition, Arcanum has exceptional intellectual resources with an executive leadership team consisting of senior leaders from the world’s most powerful intelligence and law enforcement agencies from the U.S., U.K. and France.
Andrew’s experience ranges from building Information Security groups from the ground up as well as assessing and improving mature systems to minimize risk. He thrives in transitioning reactive information security environments into cultures where proactive prevention of information security risk is the norm, tailoring reporting such that data-driven executive insight can identify ongoing or emerging data risks.
In addition to his corporate experience, Andrew has also served on the executive boards for international conferences and advised government agencies on information security subjects.
Andrew’s skill set includes Security Risk Management, Security Program Development, Risk Assessment Methodologies, Application and Infrastructure reviews, Business Continuity (BC) and Disaster Recovery (DR), Security Training and Awareness, Data Loss Prevention (DLP), Audit and Regulatory Compliance, Mainframe, New Technology Research and Implementation, Application Security, Project Management (PM), Change Management (CM), Cloud Adoption Frameworks, and Cloud Security. Additionally he comes from an IT background which allows him to understand business requirements outside of the security environment and collaboratively create solutions that work for the business.
He has several industry recognized certifications including the Harvard Cyber Risk Management certificate, C|CISO, CISSP, CGIET, CISA, CISM and CRISC. He holds a HNC and is completing an MSc in Cyber Security.

Nikesh Dubey – C|CISO, CISSP, CISM, CISA, CRISC is the recipient of an international Award for his work and contributions to the information security industry. He was recognized as the finalist for the CISO of the Year Global award by EC-Council in 2013 for contributing to the Information Security Industry, showing tremendous professional growth and achievement and promoting strong innovative security practices. He was the recipient of ISACA’s Harold Weiss Award for outstanding Achievement for sustained contributions to the IT Governance, Risk and Compliance community through innovative concepts, tireless drive, leadership and passion. An experienced Information Security & GRC Professional, he has had the opportunity to understand core issues, real-world challenges, various implementations and stakeholder expectations of Information Security and GRC programs. He has authored and published articles internationally on innovative Assurance and technology concepts. Nikesh continues to contribute and support Global drivers, Key players and proponents of Information Security and Assurance programs. A strong advocate of Security and GRC principals, he serves as the CISO for AGC Networks (USA) and is leading AGC’s Security Advisory practice in North America.

With more than 25 years of management on Information Technology, Change Management and Security experience, Carlo is currently Chief Information Security Europe at Essilor International.

Carlo is responsible for providing strategic information security leadership promoting the establishment of European security standards, solutions and best practices across the 120 Essilor subsidiaries across Europe.

He holds several professional certifications including C|CISO. Carlo also earned a bachelor in Industrial Chemistry and a Master in Business Sciences. He also has extensive knowledge and experience on ISO 27k, Change Management, Scrum Agile, Technology Innovation, and Transformation.