2014 CISO Awards Nomination
This award, available only to EC-Council Certified CISOs (CCISOs), recognizes an individual’s outstanding work in information security. We will be honoring one CCISO who has contributed to the information security industry, shown tremendous professional growth and achievement, and has promoted strong, innovative security practices.
This award was open to only VPs and C-Level information security professionals who have shown tremendous growth and who have impacted the security industry with their innovation and commitment.
This award, available only to Chief Information Officers (CIOs) recognizes an individual’s outstanding work in information security. Good CISOs know that security cannot be achieved without the support of management.
Paul Horn is currently the Chief Information Security Officer (CISO) at HD Vest Financial Services. Prior to HD Vest Paul was with DynCorp International LLC, where he was responsible for information security and held various roles such as CISO and Sr. CyberSecurity Manager. DynCorp International is a multi-billion dollar Top 10 defense contractor operating in over 25 countries across 5 continents. Paul challenged the status quo and was instrumental in changing the company culture incorporating information security into everyday functions; developed the first ever corporate security awareness program focusing on real world intelligence and the dissemination of information to make decisions within seconds to enhance the security posture of the enterprise; employed a “Security Awareness-Raiser” that promoted employee participation and feedback for securing their network and endpoints in exchange for rewards resulting in a n increase of awareness by over 1000%; lead to a business case to increase the current team by 3 FTEs and supplemented his team’s kills by expanding service offerings by implementing more automation within the enterprise and enrolling staff in a multitude of advanced training opportunities around network and endpoint security and encouraged professional certifications from recognized industry leaders.
Mike is CISO and Chief Cyber Security Strategist for Hewlett Packard Enterprise Security and has responsibility for the EMEA Cyber Security strategy for the Public Sector. This is Director level position in the company with a divisional T/O in excess of $28Billion. His interests include European Union Governmental relations and the Cyber Security Digital Agenda. He is a commentator and speaker representing HP at European Commission events covering 28 Member Nations across Europe on the evolving cyber threat landscape and the impact that the rapid growth of the internet has on society, government and organisations. Prior to this role Mike was the CEO and CISO of a successful Cyber Security Group and co-founder of Executive Risk Magazine – Cyber Security & Risk for Executives.
Paul Medici has been involved with Information Security for almost twenty years. During that time at State Street Bank and Fidelity Investments he has been involved for all aspects of Information Security, Business Contingency Planning, Disaster Recovery, Server support, Database and Desktop Support.
The past fifteen years Paul has been focused on the Information Security world. Leading a team, most recently he developed a Security Consulting Practice at Fidelity in which the team oversees the implementation of over 500+ projects a year to assure that all of those projects comply with Fidelity’s Policies and Procedures around Information Security.
Rakesh Radhakrishnan is a Principal (IT Security) Architect at Amgen. He has a total of 25 years of experience in IT and 15+ years in Information Security covering all 5 domains of the CISO program. Rakesh is extremely passionate about “Aligning Aspired (Target ESA) with Applied Architecture” and he believes in the critical nature of the partnership and teamwork between the Chief Security Architect office of an Organization and the CSO office. All the Architecture Assessments, Target ESA definitions/designs, innovation, solution design, integration models, problem solving (predicting future issues/problems as well), design patterns and reusable code/artifacts produced by Security Architects can ONLY be put to good use if it is aligned with the CSO programs associated with governance, empowerment, program management, policy & standards, compliant SW acquisition, organizational structuring and so on. Hence he truly enjoys the ISACA COBIT 5 model for Information security that addresses the governance challenges of IS along with SEI’s Architecture Led Program Management for Architecture led governance and acquisition management.
Ms. Veda Woods is the Chief Information Security Officer (CISO) and the Deputy Chief Information Officer (CIO) with the Recovery Accountability and Transparency Board (Board). She serves as the key security advisor for the Board and is responsible for the secure development, coordination, implementation and oversight of federal funds, law enforcement information and applicable assets. She also serves as Chief Privacy Officer and the Senior Designated Authorizing Official for Records Management respectively. She is a member of the International Association of Privacy Professionals (IAPP), the Armed Forces Communications and Electronics Association (AFCEA) International, Bethesda Chapter, and the Federal Small Agency CISO Advisory Council. Ms. Woods is a Cum Laude graduate of Norwich University where she earned a Master’s of Science in Information Assurance. She holds a Bachelor’s of Science in Information Systems Management from the University of Maryland University College (UMUC) and has participated in the Graduate School USA Senior Executive Service (SES) Leadership Development Program. In support of her continued interest in the security and privacy challenges applicable to the healthcare field, Ms. Woods earned her Graduate Certificate in Professional Studies in Public Health Informatics from the University of Maryland.
Ahmed Baig is currently a Sr. Director – Corporate Strategy, Risk & Excellence in SmartWorld (A Dubai Government Entity) and prominent speaker and cyber security expert in the MENA region; Ahmed previously was Head of information security and compliance at Dubai World Trade Center (U.A.E Government Entity) was a CISO at an Abu Dhabi Government Entity and Head – Business Management and Advisory Services at TECOM (A Member of Dubai Holding). He brings to his current role more than 14 years of experience in Risk Management & Compliance, and Information Security Advisory Services; He has previously worked on projects for Major Airlines, Banks, Defense and Federal Agencies across the Middle East. He is the Chief Architect for CGMS (Corporate Governance Management System) and ITGMS (IT Governance Management System) frameworks covering Risk Management, IT Governance, Information Security, and Business Continuity in service providers and government entities. He has been a key member of eSecurity domain within Interstandards (Web Security Standard) developed regionally and also been part of OISSG. Ahmed’s key assignments as principal consultant for various ISMS projects to help clients comply with required standards and regulations mainly ADSIC, ISO 27001, ISO 20000, ITIL, ISF and CobIT. Experience also includes auditing of security solutions, architecture & Policy Compliance. Ahmed Baig has a Master’s in IT (UK) and PgD in Strategic Business IT (UK) and has several professional certifications to his credit some of which are CRISC, CBCP, CISM, CISA, CISSP, ITIL, ISO 27001 / 20000, BS 25999 and others. More info available @ Linkedin Profile: https://ae.linkedin.com/in/qurram
Over 35 years of experience in providing Executive Level management in the area Information Technology field as a CIO, CSO, and CISO. Mark retired as a Colonel (select) after 22 years of service to his county in the U.S. Army. During his military service Mark was nominated, selected and received the honor to work at the White House as the CIO/CISO for President Clinton, supporting the VP, the White House Staff, and the U.S. Secret Service managing all the classified automation and telecommunications. Mark join the civilian sector as the Senior IT Executive (CIO/CSO) for World Airways – the largest US wide body long-hall charter airline. He has also had the opportunity of working as the Deputy CIO (over Global Operations) and CISO for InterCall – the world’s largest conferencing company. Mark just concluded his position as the Chief Information Security Officer (CISO) for TravelClick – a Software as a Service (SaaS) company in the hospitality industry working with over 30,000 hotels worldwide. Mark’s educations include being a Certified Chief Information Officer, a Certified Information Security Manager, a Certified Project Management Professional, a Masters Degree, a graduate of the National Defense University, and a Bachelors degree from the University of Florida. Mark’s Honors include being a published Information Security and Cyber Security specialist, a noted speaker and panel member in the Information Security field. A CISO of the year finalist in 2013, and a InfoSec Project award winner in 2013. His military honors include the Legion of Merit, the Presidential Service Badge, the Soldiers Medal (highest peace time valor award in the army). His civilian volunteer honors include, being a life member of the Peachtree City Fire Department volunteering over 20 years in the fire service, with numerous firefighting awards, also being a Lieutenant Colonel in the Georgia State Defense Force and a LtCol in the Civil Air Patrol.
Mr. Fal Ghancha is an IT Security professional having experience in the Information Technology field focusing mainly in IT Policies, IT Projects, Compliance, Risk & Audit Management, Corporate Investigations & forensics. Mr. Ghancha currently serves as Sr. Manager IT at Welspun Group of companies, supporting 21 locations globally where he is responsible for setting the road map and strategy for Information Security Solutions, Data Center operations, IT transformation Projects, & Managing IT SO partner. He has done projects like IT Security Dashboard, DLP, 2FA, VPN solutions, Firewalls, AntiVirus, Patch Management – Software deployment, VA-PT, ESM, Policy Gap Analysis, Large Scale Multimedia Projects which have been awarded by multiple organizations globally. Mr. Ghancha was awarded as TOP 100 CISO of India – 2014 by InfoSec Maestros.
Mr. Kooliyankal is an exuberant Information Security professional with 20 years of experience in the Information Technology and Cyber Security arena. In the role as Global Head of Information Security/Chief Information Security Officer (CISO), he drives the Information security and business continuity programs at ADS Holding/ADS Securities, one of the most prestigious organizations in the region. Before joining ADS Securities, he was serving Abu Dhabi Securities Exchange (ADX) and Emirates Telecommunication Corporation (ETISALAT) for more than 15 years in Information Security, Business Continuity, IT Infrastructure, and network domains. Mr. Kooliyankal is one of the champions of Cyber Security with in depth knowledge on technology and business domains. He professionally grown up with deep level technical experience, which helped in driving and managing organization wide information security program aligned with business strategy. Being one of the best and foremost experts in the region with demonstrable ISO 27001 (International Standard for Cyber/Information Security) experience, he successfully implemented the framework in live and complicated environments. His practical expertise includes Cyber Security, Information Security, IT Management, Business Continuity, ITIL (IT Infrastructure Library) Framework and COBIT (IT Governance). He has transformed organizations to optimized Information security maturity level from literally non-existent status. His approach is holistic in nature, by defining foolproof processes; designing and implementing required technologies and educating the users (through comprehensive awareness program).
Global Security Officer and the GRC Officer, Fidelity National Information Services (FIS)Kashif Latif is the Global Security and GRC Officer working for FIS RICS group. He is a seasoned Information Security Officer, GRC Officer and Program Manager offering in-depth acumen in enterprise Security, Risk, Compliance, Governance and Architecture practices culled from over 18 years of experience spanning vital information security management, IT service management and GRC roles.
He has successfully Implemented security program based on modern security architecture principle like Innovation, Agile Architecture, Vendor Independence Products, Federated and Distributed Solutions supported by Agile Iterative Portfolio and Program Management approach using matrix organizations and supplemented by modern GRC tools. He recently received “The Face of GRC Industry Award” at GRC Summit 2014 for his contribution toward GRC industry specially for designing the first “Continuous Compliance solution” over Metric Stream GRC platform.
Mark Leary, vice president and CISO of Xerox, has more than 30 years of experience in security management and technical intelligence. As Xerox’s first CISO, Leary is responsible for day-to-day leadership, management and oversight of the company’s information security function in risk and compliance management, security operations, and business continuity planning to guard against increasing cyber threats. Before joining Xerox, Mark served as CISO for professional services firm TASC, and earlier served as director and deputy CISO for Northrop Grumman where he focused on the company’s internal security. Mark has three graduate degrees with concentrations in IT, security and business management, including a doctor of management from the University of Maryland.
Michael Molinaro is a Vice President (IT Security and Risk Executive) of a company considered part of U.S. critical infrastructure. Mike is heavily engaged with many security organizations from ISSA, ISC2, ISACA, AFCEA, ASIS and ACFE. Drawing upon his years with the United States Army and New Jersey Army National Guard, he is also active with InfraGuard.
Mike believes in promoting security and grooming tomorrow’s security engineers, analysts, and leaders by doing more than simply being a good example. It requires action, involvement, and sponsorship by companies. This is why Mike serves on the board at MOSI, the Museum of Science and Industry and sponsors events like ISC’s B-Sides Security Conferences in Tampa and Orlando, where emerging digital security forensic and ethical hackers can share techniques and promote staying one step ahead of the actual hackers.
As a member of the NCTA (National Cable & Telecommunications Association), which is instrumental in developing standards with the Federal Government for “Critical Infrastructure” within the United States Communications sector, Mike is a member of the Cybersecurity working group tasked with improving the security of all national members. Mike is also a member of the IBG (Industry Bot-Net Group), which is affiliated with CSRIC (Communications Security, Reliability, and Interoperability Council) of the FCC to promote security and solutions for the industry.
During the Republican National Convention in 2012, Mike headed the task force to architect and ensure cybersecurity, which effectively defended against hacktavists and hackers such as Anonymous and the Black Bloc, who could have created disruption. Mike worked closely with local, state, and federal law enforcement and governmental agencies. This long list included: the US Secret Service, Department of Homeland Security, FDLE (Florida Department of Law Enforcement), FBI, US Marshal’s Service, US military and the City of Tampa.
Vanessa Lapins is a technological innovator specializing in the development of IT infrastructures that drive transformation, innovation and optimize enterprise business goals. She is currently implementing a secure, private cloud powered by IBM’s SoftLayer services in alignment with Novitex’s Integrated Document Life Cycle™ (IDLC™) end-to-end business strategy. Lapins brings more than 25 years of expertise to IT with a sophisticated knowledge of integrating business workflows and IT infrastructure to produce scalable, secure and reliable enterprise platforms that power real solutions for clients’ business needs.
2013 CISO of the Year – Sanath Manatunge