Speakers 2019

2019 Speakers

CISO Forum Speaker Committee

rashmi airan - Speakers 2019

Rashmi Airan

Corporate and Motivational Speaker

Rashmi Airan is a corporate and motivational speaker who shares a unique and vulnerable story that will be a game-changer for your audience!

Rashmi Airan is a corporate and motivational speaker who shares a unique and vulnerable story that will be a game-changer for your audience! Rashmi is a “recovering lawyer and investment banker”, a woman leader and an entrepreneur in her community. Rashmi is now an internationally recognized keynote and motivational speaker and TEDx presenter with clients that include the FBI, Sotheby’s Int’l, MGM Resorts, and Columbia Law School. She shares her story to illustrate the multitude of factors that influence our choices. Rashmi sets forth the business discipline necessary for decision-making. Rashmi uncovers the mental process of problem-solving that leads to organizational cultures with integrity. She energizes any audience to harness the power of vulnerability to ensure our corporations create strategies that are risk-informed. As a leader in her community and beyond, Rashmi will empower women to be leaders in the face of adversity and challenges.

Don’t Risk It: Be Ethically Vigilant! One oversight, one moment of turning your head the other way is all it takes to alter the course of your entire career. That’s the lesson Rashmi Airan learned after approving a few creative transactions during her time as a real estate lawyer. After serving time in prison for bank fraud, Rashmi speaks about the importance of being ethically vigilant.

JuanGomez web - Speakers 2019

Juan Gomez-Sanchez

CISSP-ISSAP, C|CISO, Chief Security Officer, Lennar Corporation

Juan Gomez has supported a range of organizations in the development and planning of security programs to meet requirements for establishing, implementing, monitoring, and maintaining a security posture.

With over 25 years of experience, Juan Gomez-Sanchez has focused his entire professional life to Information Security. As a security practitioner, Juan held leadership positions building and implementing enterprise security programs at Delta Airlines, CheckFree Corporation (now Fiserv) and Florida’s Turnpike Enterprise (PCI Level 1 Merchant). As a consultant, Juan worked for Cybertrust (now Verizon Business Security Solutions), Optima Consulting, and Worldwide Technology, providing trusted advisory services and managing the delivery of security consulting services to a wide range of clients by working with executives to address the demands of security on a global and enterprise scale.

He has supported a range of organizations in the development and planning of security programs to meet requirements for establishing, implementing, monitoring, and maintaining a security posture.

Juan is currently the Chief Security Officer at Lennar Corporation. Lennar (NYSE:LEN) is ranked as one of the fastest growing ($20B) Fortune 150 companies that has built the reputation as one of America's smartest and most innovative real state, financial services, property development, and capital management companies.

As the Chief Security Officer, responsibilities encompass all physical and information security initiatives in support of 6 lines of business, 12,000 associates and over 1,000 locations operating in 22 US states and 44 markets.

Lennar’s first Chief Security Officer reports to the Chief Financial Officer and is accountable to the Board of Directors. Responsible for creating the Enterprise Security Office from the ground-up and implementing a world-class security program that encompasses: Security Governance, Security Risk and Compliance Management, Security Architecture and developing a portfolio of shared enterprise services that includes: Physical Security, Security Awareness, Incident Response, Identity and Access Management, Application Security, Business Continuity, Disaster Recovery, Security Monitoring and Litigation Support.

Juan is also very active in the security industry; he contributed as subject matter expert and exam writer for the CISSP certification and ISSAP concentration. He is also the chair of the board of advisors for C|CISO certification by the EC-Council.

Understanding hacker advances in AI is critical to stop the new generation of cyber threats. What techniques can we teach our AI's to examine and prevent new exploitations? Learn about historical and current AI use by hackers and defenders. Plus, what is next for AI advances on both sides.

LoisB web - Speakers 2019

Lois Boliek

Director, Security and Risk Management Practice, Hewlett Packard Enterprise

Boliek has a proven track record as well as field experience in security practice leadership, sales support and portfolio development.

Lois Boliek is the global manager for the HP Technology Consulting IT Assurance Program. The goal of IT Assurance is to integrate security across all service portfolios and advanced solutions. The focus is to “assure” security is architected into all client solutions and offer security-enabling services as a competitive differentiator for HP Technology Consulting. Boliek has a proven track record as well as field experience in security practice leadership, sales support and portfolio development.

Justin S - Speakers 2019

Justin Somaini

Founding Partner, Somaini LLC

With over 18 years of Information Security experience he's seen as a leader in industry by promoting an evolution of the security and risk management models.

Justin Somaini has long been recognized as an industry leader in Cyber Security. Justin Somaini has held many Chief Information Security Officer roles. With over 18 years of Information Security experience he's seen as a leader in industry by promoting an evolution of the security and risk management models. Through his public speaking and industry involvement he's given extensive talks and interviews on the threat landscape, public policy, security management and risk management. Justin has also held security leadership roles at VeriSign, Charles Schwab and PricewaterhouseCoopers LLP.

StuartSmith web - Speakers 2019

Stuart D. Smith

Enterprise Security Architect for Delta Air Lines

Stuart has over 18 years of professional experience in the Information Security field for both the Department of Defense and the private sector.

Stuart Smith is the Enterprise Security Architect for Delta Air Lines. He is responsible for developing enterprise-wide reference architectures for various security capabilities; providing detailed technical security requirements for large, complex projects; and supporting various business initiatives across the company to ensure systems and technologies are deployed in a safe and secure manner. He also supports the CISO’s organization as an information security subject matter expert and represents information security on the Executive Architecture Review Board.

Prior to working at Delta, Stuart was at SunTrust Banks, in various roles over several years, including working as an Executive Security Advisor in the Enterprise Security team. He was responsible for providing strategic security consulting for the Wholesale line of business as well as other areas within the bank.

Stuart has over 18 years of professional experience in the Information Security field for both the Department of Defense and the private sector, including working a contractor for the Army in information assurance and intelligence role. Prior to his career in cybersecurity, Stuart spent 11 years in the United States Army, serving in duty stations around the world and combat operations in the Middle East. He regularly speaks at security conferences and events around the country on a wide range of technology and cybersecurity topics.

Stuart is a graduate of Liberty University and has a Bachelor’s in Management Information Systems, a Master’s in Cyber Security, and a Master’s in Theological Studies. He holds both CISSP (Certified Information Systems Security Professional) and CISM (Certified Information Security Manager) certifications.

When not at work, Stuart enjoys officiating men’s college and high school lacrosse, riding his Harley Davidson, and he is an avid long-distance target shooter.

CarlosCarillo web - Speakers 2019

Carlos Carillo

Global Threat Intelligence Liaison for IBM Security

Over his career in the United States Air Force and as a civilian in the private sector, he responded to breaches affecting th

Mr. Carrillo serves as the Global Threat Intelligence Liaison for IBM Security. As IBM's Global Threat Intelligence Liaison he established and maintains a global network of trusted partners that share information on advanced cyber threats. Carlos began his career in information security in 1997 while serving as a Communications Officer in the United States Air Force Office of Special Investigations. Over his career in the United States Air Force and as a civilian in the private sector, he responded to breaches affecting the Department of Defense and led complex intrusion investigations for Fortune 500 corporations. Carlos also developed courses on network intrusion investigations and served as an instructor for FBI cyber agents. Additionally, he was a founding member of Mandiant’s Threat Intelligence group. Mr. Carrillo holds a B.S. degree in Computer Science and a M.S. degree in Information Assurance.

michael herrick - Speakers 2019

Michael Herrick

Matterform

Michael Herrick is a serial entrepreneur with more than 25 years experience building technology companies. He is the founder and CEO of Matterform, a tech strategy firm and software development shop.

Michael Herrick is a serial entrepreneur with more than 25 years experience building technology companies. He is the founder and CEO of Matterform, a tech strategy firm and software development shop. He has launched software products on everything from floppy disks to SAAS and he debuted ecommerce shopping cart technology three months before the launch of Amazon.com. Michael’s passion for big problems has led him in recent years to focus on healthcare technology. He is the senior risk analyst for HIPAA.host, securing healthtech startups, hospitals, and healthcare practices. Michael is also the co-founding CTO of Medicheck, a Guadalajara startup bringing electronic health records to Latin America. Michael’s cybersecurity consulting is driven by his unique perspective combining technology and policy with an unwavering focus on human-centered design. Michael and his family live in downtown Albuquerque, New Mexico.

How to Conduct an Effective HIPAA Risk Assessment

How do you decide where to focus your efforts and resources to improve privacy, security, and compliance at your hospital, clinic, or healthcare practice? Your best tool is the risk assessment. It’s required by HIPAA, it’s the foundation of any compliance plan, and it’s also a strategic best practice for any small business.

Unfortunately, too many healthcare organizations haven’t conducted a risk assessment in the last 12 months. A surprising number have never conducted a risk assessment. If your organization hasn’t conducted a risk assessment in the last 12 months, you’re not only unprepared for a HIPAA audit, you’re unprepared to honor the trust your patients have placed in you.

And if you have conducted a risk assessment, is it just a compliance checkmark, just a red-tape exercise to satisfy a bureaucratic mandate? Because that’s a real missed opportunity. Smart CIOs and practice managers see the risk assessment as a way to create business value and improve operations. HIPAA compliance doesn’t come from marks on a checklist; it grows out of mature business processes. Your risk assessment charts that course.

This training will teach you how to conduct an effective risk assessment that meets the requirements of the Office of Civil Rights. You’ll learn how to identify systems and trace the path of Protected Health Information through your organization. You’ll learn how to spot vulnerabilities and document your existing security controls. Most importantly, you’ll learn how realistically evaluate risk levels, set priorities, and guide strategic business decisions.

If you’re losing sleep over HIPAA and cybersecurity, this training is for you! You can turn that millstone into a milestone and get your compliance strategy on track.

donna gallaher - Speakers 2019

Donna Gallaher

New Oceans Enterprises, LLC

Ms. Gallaher serves on the Board of Directors of the Technology Association of Georgia Information Security Society.

Ms. Gallaher served as a C-Level Strategic Advisor in IT and Cyber Strategy for multiple global companies for over 15 years drawing from her previous successes in engineering, solution selling, IT operations and leadership. She provides value to clients by thoroughly understanding business and regulatory requirements, assessing obstacles and translating technical challenges into business risks allowing technology to function as a business enabler.

Ms. Gallaher serves on the Board of Directors of the Technology Association of Georgia Information Security Society, Evanta CISO Southeast Governing Body and is active in the Georgia ISSA and Cloud Security Alliance chapters. She is active in the lobby efforts to shape cyber security legislation and her recent articles have been published on the National Technology Security Coalition website.

Ms. Gallaher holds CISSP, CCISO, CIPP/E, CIPM, ITIL and Open FAIR certifications and is designated a Fellow of Information Privacy by IAPP. She is a graduate of Auburn University with a Bachelor of Science in Electrical Engineering.

Present your risk assessments to your board of directors in the language they understand - financial loss. "FAIR" or "Factor Analysis of Information Risk" is the quantitative risk analysis methodology that works with common frameworks while adding context for truly effective risk management.

stacey jenskins - Speakers 2019

Stacey Jenkins, M. Psych

CRUX Conception

Stacey resides in Fort Wayne, Indiana, and has over 20 years of Law Enforcement (LEO) and teaching experience.

Stacey Jenkins resides in Fort Wayne, Indiana, and has over 20 years of Law Enforcement (LEO) and teaching experience.

With five years as a Special Agent with the DEPARTMENT OF HOMELAND (DHS) and currently working as a Detective with the Fort Wayne (Indiana) Police Dept., Gang, and Violent Crimes Unit. Jenkins is also a Lecturer, Adjunct Professor and a Ph.D. Candidate (Forensic Psychology), at Walden University

Engaging The Audience: Protecting data, the psychological aspects of Data Breaching and the prevention of Data loss, by using criminal/psychological profiling techniques.

alex holden - Speakers 2019

Alex Holden

Hold Security, LLC

Holden is credited with the discovery of many high-profile breaches including Adobe Systems, initial vendor breach....

Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field.

Holden is credited with the discovery of many high-profile breaches including Adobe Systems, initial vendor breach that led to the discovery of the JPMorgan Chase breach, the independent discovery of the Target breach and the Veraz (Equifax Argentina) breach. In 2014, he discovered the largest breach of data to-date. Dubbed the CyberVor breach, he recovered a cache of over 1.2 billion stolen credentials gathered from over 420,000 exploited web sites.

Understanding hacker advances in AI is critical to stop the new generation of cyber threats. What techniques can we teach our AI's to examine and prevent new exploitations? Learn about historical and current AI use by hackers and defenders. Plus, what is next for AI advances on both sides.

curtis jackson - Speakers 2019

Curtis Jordan

Team Lead, Threat Intelligence at Recorded Future

Curtis Jordan is TruSTAR's lead security engineer where he manages engagement with the TruSTAR network of security operators from Fortune 100 companies.

Curtis Jordan is TruSTAR's lead security engineer where he manages engagement with the TruSTAR network of security operators from Fortune 100 companies and leads security research and intelligence analysis. Prior to working with TruSTAR, Jordan worked at CyberPoint International as their threat analyst and computer network operations developer, specializing in obfuscation and anti-virus detection avoidance as it relates to how malware evolves and the workflow of cybercriminals. In previous roles with Booz Allen Hamilton and Boeing, Jordan's experience included hardware, software and malware reverse engineering, and software development. Jordan is an Army veteran who served with the 101st Military Intelligence Battalion and the 36th Signal Battalion.

Prior Speaking engagements:

USTADA Rwanda & Kenya Cybersecurity Delegation (2018) US Trade and Development Agency

(ISC)2 NCR Chapter Member Meeting - Powering Your Intelligence Exchange Mar 21, 2017 (ISC)2 National Capital Region

CyberCon 2016 - Research Tools for CISO's Sep 27, 2016 Baker Donelson

The current challenges in cybersecurity echo the intelligence fusion obstacles experienced prior to 9-11. The attacks exposed a big flaw in how data was siloed within and across agencies. We need a reformation of cybersecurity starting with a foundation built on intelligence management and fusion.

perry carpenter - Speakers 2019

Perry Carpenter

Author of "Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors"

Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands.

Perry Carpenter (author of, "Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors" from Wiley Publishing) currently serves as Chief Evangelist and Strategy Officer for KnowBe4, the world's most popular security awareness and simulated phishing platform.

Previously, Perry led security awareness, security culture management, and anti-phishing behavior management research at Gartner Research, in addition to covering areas of IAM strategy, CISO Program Management mentoring, and Technology Service Provider success strategies. With a long career as a security professional and researcher, Mr. Carpenter has broad experience in North America and Europe, providing security consulting and advisory services for many of the best-known global brands.

Perry holds a Master of Science in Information Assurance (MSIA) from Norwich University in Vermont and is a Certified Chief Information Security Officer (C|CISO).

Behold the powers of behavioral alchemy! Are you ready to unleash 4 "Trojan Horses for the Mind" that will change the way you communicate forever? How about a magic wand that will help manifest secure behaviors and shape culture? Attend this session and harness the power.

paul curtz - Speakers 2019

Paul Kurtz

TruSTAR Technology

He served in senior positions relating to critical infrastructure and counterterrorism on the White House's National Security and Homeland Security Councils.

Paul Kurtz is an internationally recognized expert on cybersecurity and the co-founder and CEO of TruSTAR. Paul began working on cybersecurity at the White House in the late 1990s. He served in senior positions relating to critical infrastructure and counterterrorism on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush.

After leaving government, Paul has held numerous private sector cybersecurity positions including founding the Cyber Security Industry Alliance (Acquired by Tech America), Executive Director of SAFECode, Managing Partner of Good Harbor Consulting in Abu Dhabi, and CISO of CyberPoint International.

Paul’s work in intelligence analysis, counterterrorism, critical infrastructure protection, and non-proliferation of weapons of mass destruction influenced his approach to cybersecurity. Specifically, the fields highlighted the need to build an exchange platform which addresses barriers to sharing information--bureaucratic, legal, and market risk and concerns--while providing immediate value to operators defending networks.

AlexisWilliams web - Speakers 2019

Alexis Williams

Manager, Events and Field Marketing, Corelight

In 10 years with Sourcefire Research (VRT), he wrote the team’s first malware sandbox and established its global customer outreach and intelligence sharing program.

Alex is a veteran open source security evangelist with a deep engineering background. In 10 years with Sourcefire Research (VRT), he wrote the team’s first malware sandbox and established its global customer outreach and intelligence sharing program. He has spoken at conferences across the globe on topics from “Malware Mythbusting” to “Using Bro/Zeek Data for IR and Threat Hunting”, and was a contributing author for “Practical Intrusion Analysis”, and oft-used textbook for university courses on IDS. His security engineering background also includes 5 years at Cisco and Tenable.

Good network security comes from having an operational advantage – knowing your network better than your attackers, and being able to respond quickly to things outside the norm. By providing comprehensive evidence about what’s happening on your network, in a format designed for security team efficiency, Corelight data is a foundational component of effective network defense programs. This talk will discuss how to use that data to improve existing SOC and NOC operations, in order to sustain your operational advantage in both the course of normal business and against adversaries of all types.

Registrations will only be accepted from Director-level or above information security practitioners. All registrations are subject to approval and will be rejected if this requirement is not met.

Register Here!