Awards Atlanta 2016

2016 Award Winners

CCISO of the Year
Luis Noguerol

luis

CISO of the Year
Medha Balodkar

medha

Most Improved Information Security Program of the Year
Juan Gomez-Sanchez

juan

Innovative Project of the Year
Chen Heffer

ChenHeffer-2

Award Categories

CCISO of the Year

This award, available only to EC-Council Certified CISOs (C|CISOs), recognizes an individual’s outstanding work in information security. We will be honoring one C|CISO who has contributed to the information security industry, shown tremendous professional growth and achievement, and has promoted strong, innovative security practices. When submitting your nomination package for this award, please be sure to include a summary of your work and career advancement over the last year, how you have positively impacted the information security industry. Your entry will be evaluated by a panel of highly qualified information security executives, so make sure that what you present will impress your audience.


Nominate

CISO of the Year

This award, available only to Information Security Executives (VP, CISO, etc.), recognizes an individual’s outstanding work in information security. We will be honoring one executive who has contributed to the information security industry, shown tremendous professional growth and achievement, and has promoted strong, innovative security practices. When submitting your nomination package for this award, please be sure to include a summary of your work and career advancement over the last year and how you have positively impacted the information security industry. Your entry will be evaluated by a panel of highly qualified information security executives, so make sure that what you present will impress your audience.


Nominate

Innovative Security Project of the Year

This award is intended to recognize the most innovative security project of the year. The nomination must include the following details:

  • Brief description of the project and its goals
  • How the project supported the business/organization by being:
    • Cost effective
    • Impactful to the business or security operations
    • Creative in its use or creation of new models
    • Groundbreaking
    • Measurable – please include statistics on how the project impacted budget, time, or other measurable indicators.

Nominate

Most Improved Information Security Program of the Year

This award is intended to recognize improvements in information security programs that have made use of innovative strategies to bring value quickly to a security program and the overall business/organization’s goals. The nomination must include the following:

  • A baseline of the security program before improvements including measurable indicators
  • The methods used to improve the program
  • Challenges encountered and the solutions implemented to overcome them A thorough analysis of the program after improvements were implemented including measurable indicators

Nominate

2016 Finalists

Categories:

CISO of the YearCCISO of the YearInnovative Security Project of the YearMost Improved Information Security Program of the Year

CISO of the Year

Syed AzherSyed AzherChief Information Security Officer at Impact Group
BIO
With over 14-years of global experience, Syed is a seasoned individual in information security, risk management and technology leadership. He is currently the Chief Information Security Officer (CISO) at the Impact Group, in Bahrain. The Impact Group provides innovative solutions and services to private, public and government entities in a number of sectors such as Management Consultancy, Real Estate, and Interior Design. Prior to joining the Impact Group, Syed held senior management positions as the Technology Head and Chief Information Officer for a number of blue-chip organizations in the banking and technology sectors.

Recognized as a critical thinker, Syed is a trusted advisor to both government and organizations in the fields of cyber resilience, technology architecture, digital transformation, technology operations, controls and compliance. In this role Syed has helped organizations transform their technology risk management and cybersecurity capabilities by first engaging stakeholders to align their business and technology objectives, and then building the necessary foundation to achieve the desired outcomes.

Syed serves as a board member for the Bahrain Information Technology Society, leads Executive Advisory Board for Arvensys Technologies in Australia and DifferentX a New Zealand based technology start-up Company. He is also a community leader for P3 (Portfolio/Program/Project) for ISACA International, USA. He is a moderator for security roundtables and panel events, and is a sought after speaker on cyber-security and transforming individuals into high performing technology teams.

Syed is passionate about sharing his knowledge and experience in digital transformation, cyber-security, and mentoring/coaching all type of organizations including non-profit entities. His professional affiliations are: ISACA, PMI, ISC2, and his professional qualifications include: CISSP, CISM, CGEIT, CEH, ITIL Expert, PMP, PRINCE2, and ISO 27001 Lead Auditor. Syed holds a MBA from Chifley Business School at Torren University, Australia, a postgraduate in Business Administration and Information Technology from the University of Wales, United Kingdom, and he has also completed a number of cybersecurity programs from the Massachusetts Institute of Technology.

Aizuddin Mohd GhazaliAizuddin Mohd GhazaliHead / Vice President, IT Risk & Security Management at Sime Darby Group
BIO
Aizuddin is an information security, risk, compliance and audit professional with more than 20 years of working experience in various industries including telecommunications, financial, trading, manufacturing, plantation, property, motors, heavy equipment, energy, utilities, healthcare and shared services.

He is an ISACA member and professionally certified as CISA (Certified Information Systems Auditor) and CRISC (Certified in Risk and Information Systems Control) with broad knowledge in IT Governance and Controls Framework i.e. COBIT, RiskIT and ISO27001, as well as practical experience in IT risk assessment, IT policy management, data analytics, vulnerability assessment, penetration tests, security architecture and solutions, data protection, security incident monitoring, identity & access management, digital forensic and audit techniques. To note his achievement in information security profession and leadership, he has been awarded as 2015 Cyber Security Professional of the Year (by Cyber Security Malaysia) and currently nominated as Finalist of EGS Global CISO 2016. In addition, he also received other prestigious awards in 2010 for Information Security Project of the Year (by Cyber Security Malaysia) and Best Security Strategy Finalist (by MIS Asia). He has spoken in various public conferences including ComputerWorld Mobile Forum 2015, ComputerWorld Malaysia Security Summit 2016, Trend Micro Cybercrime Malaysia 2016 and ASEAN CISO Summit 2016.

At present, he is the Head of IT Risk & Security Management for the Sime Darby Group. Sime Darby is a key player in the Malaysian economy as well as a diversified multinational, with businesses in key growth sectors namely, plantations, industrial equipment, motors, property and energy & utilities with operations in more than 20 countries.

Michael D. MolinaroMichael D. MolinaroChief Information Security Officer

Vice President, Information Technology

BioReference Laboratories, Inc.

BIO
Mr. Molinaro has specialized in transforming and building secure, quantitatively repeatable and compliant Information Technology and Enterprise Risk and Security Departments. Flexible information services can be delivered quickly and secure by developing and integrating proven mature methodologies in security, risk, project, software-development, quality and service management with Business Process Management (BPM) Software in business and technology. Mr. Molinaro has been assisting organizations in business and technology engineering and process improvement and low code deployments over a 33 year career. His experience spans multiple industry verticals that include military, manufacturing/engineering, software/ecommerce, retail, telecommunications/cloud, healthcare, education, insurance and medical diagnostics/Biotech. Mr. Molinaro has held technical and management positions at leading companies and organizations such as the United States Army, Cellular One, MCI Telecommunications Inc., Movado, Ground Travel Technology Team Inc., AEGIS Insurance Services Inc., Bright House Networks and Bio Reference Laboratories.

Mr. Molinaro holds a Bachelors of Science in Electronics Engineering Technology with a focus in robotics and software automation and a Master’s of Science in Information Technology and Cybersecurity from the Florida Institute of Technology, and is currently pursuing an MBA. Mr. Molinaro is also a veteran of the United States Army Signal Corp and was nominated runner-up for the CISO of the year by the EC-Council security group and CIO of the year by the Tampa Bay Technology Forum in 2014. He formerly held several “technical” certifications and currently maintains multiple IT, security and risk certifications; CISSP (Certified Information Systems Security Professional), CGEIT (Certified in the Governance of Enterprise IT), C|CISO (Certified Chief Information Security Officer), CRISC (Certified in Risk and Information Systems Controls), CISM (Certified Information Security Manager), ITIL (Version 3 Foundations Certification).

Mr. Molinaro was the leader and architect of the overall Cyber defense of the 2012 Republican National Convention in Tampa, Florida (National Public Event) as well as the head of the IT Dept. Mr. Molinaro’s team was the cyber eyes and ears of this National Public Event. His breadth of experience and use of standardized methodology in information systems, risk, security, project management, business process engineering, policy making, power & radio engineering and software development has provided solutions and strategies in design, operations, maintenance and repair that greatly contributed to increasing and improving the corporate bottom line, quality, customer service, security and compliance effectiveness of many businesses. His methods and practices are based on sound and proven scientific and discrete engineering techniques used by the most successful organizations worldwide and he has met and exceeded corporate and customer satisfaction challenges. These practices are those developed, successfully deployed and greatly promoted by Carnegie-Mellon and other prestigious and well known engineering, scientific Universities and businesses worldwide.

BobbyDominguezBobby DominguezChief Strategy & Security Officer

Lynx Technology Partners, Inc.

Listen to Podcast!

BIO
Bobby Dominguez is an accomplished Internet pioneer and an acknowledged security, risk, and privacy expert. Mr. Dominguez has successfully integrated information security into top-level business initiatives at Home Shopping Network, PSCU Financial Services, and PNC Bank, where he implemented a new technology risk management framework. Under his leadership, the Sykes Global Security and Risk Management team was nominated and selected as one of the 5 best by 2008 SC Magazine “Best Security Team in the US.” Mr. Dominguez was also selected as one of the top 5 Chief Security Officers for the 2009, 2010, and 2013 SC Magazine “CSO of Year.” In 2012 he was a finalist for (ISC)2 Americas Information Security Leadership Awards.

A 2014 graduate of the FBI Citizen’s Academy, Mr. Dominguez is the President of the Board of Directors for the FBI Infragard, Vice-President of ISSA Tampa Bay, and an active member of the US Secret Service Electronic Crimes Task Force. He is a recognized professional in the security field, having contributed to the publication of several ANSI security standards and holding certifications, including ASIS CPP, SANS GSLC, (ISC)2 CISSP, ISACA CRISC, ITIL, EC-Council C|CISO, PMI PMP, and Program & Portfolio Management (PPMC).

Mr. Dominguez enjoys sailing, SCUBA diving, reading, traveling, and attending the occasional hacker convention.

Youseff-2Youssef ElmaltyHead of Cyber Security – IBM
BIO
Youssef Elmalty is an internationally renowned cybersecurity expert specializing in cyber crime and defense. Based out of Singapore, Youssef is currently the head of cybersecurity for IBM and provides thought leadership across multiple IBM Security Consulting & Delivery domains. This includes Security Strategy, Risk, Compliance, Security Assessments and Incident Response. Youssef helps clients from various industries such as government, defense and telecommunication build their cyber security maturity programs. Youssef holds numerous professional certifications such as CISSP, CISM, CISA, GIAC, CEH, LPT, OSCP, PCI QSA, and ISO27001. Academically, Youssef holds BSc in Computer Science from Middlesex University and a MSc in Security Science from EC Council University.

Amit-GhodekarAmit Ghodekar

Chief Information Security Officer, Motilal Oswal Financial Services Ltd.

BIO
I have done immense contribution to information Security Industry for last 10 years by various means, be it developing new talent for the industry or be it securing my organization for any kind of info sec threat, I have been always on top to ensure that I contribute to the industry.

In last 10 years I also kept myself upgrading by learning & newer certifications in the industry such as ISO27001 LA, CEH,ECSA,LPT, CISA etc, I also encouraged my teams to have these certifications & learnings to combat next generation cyber threat. While doing these all I also written many articles for newspapers on Cyber Security & also was part of many TV channels programs on Cyber Security, the same can be views on Facebook page https://www.facebook.com/ghodekaramit, all my TV interviews can be watched on https://www.youtube.com/user/amitghodekar. I have also been awarded by CISO Platform as most influential CISO & community contributor.

I had worked on some of the most successful information security projects & I can say most successful one of the such project was Transaction Monitoring System which was in house developed Fraud detection Engine, this Engine was able to detect any kind of fraud or suspicious transaction happening to any of the online trading platform, the extend of this system was such a success that due to this system in last 5 years there was no online fraud was happened in the organization. Apart from this I also worked & implemented some of the world class info sec projects to name few those are in listed below.

  • Data Loss Prevention (DLP)
  • Mobile Device Management (MDM)
  • Identity & Access Management
  • Intrusion prevention system (IPS)
  • Application Security
  • Network Security
  • IT Governance

Presently I am working with Motilal Oswal Financial Services as VP, CISO, Motilal Oswal Financial Services Ltd. (MOFSL) was founded in 1987 as a small sub-broking unit, with just two people running the show. Focus on customer-first-attitude, ethical and transparent business practices, respect for professionalism, research-based value investing and implementation of cutting-edge technology has enabled us to blossom into an almost 3000 member team. Today we are a well-diversified financial services firm offering a range of financial products and services such as Wealth Management, Broking & Distribution, Asset Management, Institutional Equities, Private Equity, Investment Banking Services, and Home Finance, We are headquartered in Mumbai and as of March 31st, 2015, had a network spread over 591 cities and towns comprising 1,504 Business Locations operated by our Business Associates and us.

Pavankumar-BolisettyPavankumar Bolisetty B.E., M.S.CEH, CHFI, ECSA, CISSP, CISA, CIW.SA, MCSE, CCNA, SCJP, SND, ITIL, ISO 27001 L.A.

Listen to Podcast!

BIO
Pavankumar Bolisetty, is a Cyber Security professional with over 12 years of experience and a stellar history of achievements in leading and executing projects on Information security assessment, advisory, incident management, risk management, application & Infrastructure security architecture, and compliance programs of PCI DSS, HIPAA, GLBA, ISO 27K. He is well known in the security community and is referred to as the “Indian Firewall” by India Today and Silicon India magazines.

Educational Profiling of Pavankumar Bolisetty

Pavankumar Bolisetty was born and brought up at Jaggayyapet, Andhra Pradesh, India.

He has done Bachelor of Engineering, in Computer Science from University of Madras and Master of Science in Advanced Networking and Telecommunications from International Institute of Information Technology, Pune, India.

His interest in information security has driven him to acquire almost 12 certifications in the field of information security. Some of the major popular certifications include Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Electronic Commerce Council Certified Security Analyst (ECSA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Internet Web Master Security Analyst (CIWSA). Some of his other certifications include, MCSE, CCNA, SCJP, SND, ITIL, and ISO 27001 L.A.

Professional Profiling of Pavankumar Bolisetty

Pavankumar Bolisetty currently works as the Global Head of Information Security for Wave Crest Holdings Limited, which has offices and data centers across three continents and six countries. He is also founder of E Com Security Solutions Pvt. Ltd., an online cyber security company that provides information security assessment and advisory services to the Organizations worldwide.

He has assisted more than 300 Organizations that include critical IT infrastructure, global financial institutions, and Fortune 500 companies. He has investigated more than 5000 data breaches and incidents and also been involved in the investigation of the data breaches in the country.

Accolades and Acclaims conferred upon Pavankumar Bolisetty

Pavankumar Bolisetty has been conferred with InfoSec Maestro and winner of TOP CISO’s of India in 2016 in the All India Infosec Conference summit. He was also the winner and has been felicitated with the Top CISO award by CISO Platform in 2015 and also as a Youngest Security Professional by trade publication, an International Magazine in 2006.

Background

Pavankumar Bolisetty is a speaker on various verticals of Information Security and conducted workshops on ethical hacking and cyber forensics across India where 500 + professionals were trained. He has also presented papers on Information Security at various Conferences.

Pavankumar Bolisetty is son of a famous author and surgeon, Dr. Yogi Ram Bolisetty and is always inspired with his determination. He follows his father’s strategy for success by principle of three “I”, in which “I” stands for Intelligence, Industry and Interest.

MedhaBhalodkarMedha BhalodkarChief Information Security Officer

Columbia University

Listen to Podcast!

BIO
Medha Bhalodkar is the Chief Information Security Officer of Columbia University and has served as the university’s first CISO since 2006. With growing responsibilities in functions and complexities over the last decade, Medha now leads multiple teams of information security professionals to manage Columbia’s IT Policies, IT Risk Assessment & Governance, Application Security, Identity Access Management and Network Security across its 17 schools and Global Centers. Medha has built robust and dynamic security and risk frameworks and she shines through her expertise in Enterprise Risk Management. She has also been appointed as an Advisory Board Member of Columbia University’s Masters of Science in Enterprise Risk Management (MSERM) Program, which was created to prepare risk management professionals across a variety of industries in rapidly evolving global and regulatory environments.

Medha has over 25 years of experience in various aspects of Information Technology, Security, Auditing and Risk Management, spending over 15 years in the Financial Industry and over 10 years in the Education and Healthcare industry. She is a recognized Risk Management and Information Security professional and serves on a number of governing bodies, steering committees of professional organizations and is a frequent panel speaker at major NY conferences. Medha has a number of security certifications (e.g., CISA, CGEIT, CRISC, CICA, ITIL, and Cloud Security Certifications) and a B.S. from Bombay University. Medha is proud of her role as a woman in IT and strives to mentor and guide young women in an often male dominated profession.  Medha was named the 2015 North America Information Security Executive of the Year by (ISE) and her team was recognized with the 2015 North America Project of the Year for their IT Risk Management and Privacy Program.

marvin-marinMarvin MarinProgram Manager

NetCentrics

Listen to Podcast!

BIO
With over 17 years of cybersecurity experience, Marvin Marin is a sought after expert in cybersecurity, risk assessment, and risk management. Marvin currently serves as a technical program manager at NetCentrics Corporation, a Herndon, VA-based provider of enterprise systems management, solutions engineering, service delivery, IT operations, information assurance, computer network defense, and cybersecurity for the Departments of Defense (DoD), Homeland Security and other federal agencies. Marvin currently leads two task orders overseeing multiple divisions within the United States Coast Guard Cyber Command and is rated as a certified Computer Network Defense Service Provider Manager. One of these task orders assisted the Coast Guard with being the first armed service to fully transition to the Risk Management Framework (RMF), which encompasses over 80,000 assets including 244 cutters across nine geographically dispersed districts.

Beyond his regular duties, Marvin is a recognized thought leader and author on the subject of cybersecurity. Marvin has authored and co-authored seven articles in the past year ranging in topics from identifying cybersecurity risks in the supply chain to increasing security by recommending that security operations centers monitor the web application layer. Marvin’s blog on Have Developers Become Overly Dependent on Dependencies? was published by SIGNAL. Marvin was also the lead author on an article, Cybersecurity: Facing a labor shortage or skills shortage that discusses the need for certification bodies to adapt to the need for professionals to prove them beyond a knowledge exam and demonstrate practical skills. Marvin has opined on increasing automation into the Risk Management Framework to support systems certifications by leveraging a well-known benchmark, the Cyber Command Readiness Inspection (CCRI).

Marvin has served as a trusted advisor within the United States Marine Corps and United States Navy, earning the appointments of Marine Corps Validator and Fully Qualified Navy Validator. These appointments recognize Marvin’s ability to independently verify and validate that a system meets the technical and non-technical requirements set forth by the service component and that an appropriate synthesis of the analysis of paired-threat/vulnerability, countermeasure, and mission impact information is conducted. Marvin has also directly contributed to the annual accreditation of over 300 systems including responsibility over all Marine Corps aviation systems, platforms, and simulators as well as the Joint Strike Fighter.

Marvin has served as a board member and vice-chair for the Global Information Assurance Certification (GIAC) Certified Incident Handler (GCIH) certification. He was also the lead author and lecturer for an incident response and forensics course developed for the U.S. Secret Service Criminal Investigative Division, for which he was awarded a letter of commendation. Marvin has also presented on the topic of web application security at the Coast Guard Academy Cyber Symposium with An Aggressive Proactive Security Testing Program is Your Best Defense. Marvin presented at the first Annual Northern Virginia Community College Hackathon on DoDI 8570/8140.

Marvin is a member of the International Information System Security Certification Consortium (ISC2), Information Systems Audit and Control Association (ISACA), a full member of the Institute of Information Security Professionals (IISP), a Professional Member of the British Computer Society (BCS) and a volunteer with the Cloud Security Alliance (CSA). Marvin also holds the following certifications: Certified Chief Information Security Officer (C|CISO), Certified Information Systems Security Professional (CISSP) Information Systems Security Management Professional (ISSMP), Certified Information Security Manager (CISM), Certificate of Cloud Security Knowledge (CCSK), eLearnSecurity Junior Penetration Tester (eJPT) and Microsoft Certified Professional (MCPS). Marvin holds a graduate certificate from Cornell University and is currently attending Royal Holloway, University of London for graduate studies in Information Security.

JaredCarstensen-1

Jared CarstensenChief Information Security Officer, CRH plc

BIO
Jared Carstensen is the Chief Information Security Officer for CRH plc, with responsibility for the leadership, direction and delivery of global information security activities across 31 countries, 3900 operating locations for the FTSE 100 company.

Since joining CRH, Jared’s key interactions include the Board, Audit Committee, Regional Leadership teams through to the 90,000 employees. Jared is currently the youngest CISO across any of FTSE 100 companies. Prior to joining CRH, his 15 year career started as an IT manager, operating a global security consultancy firm, through to leading the Cyber Risk Services team at a ‘Big 4’ Consulting firm in Ireland.

Jared has delivered a number of ground-breaking and ‘world-first’ security programmes across various industries and sectors including Financial Services, Pharmaceutical, Government, Law Enforcement, Technology, Defense Bodies, Telecommunications, Retail, Products & Services. Jared combines years of international experience with a proven record of integrating and streamlining security practices and standards such as ISO 27001/22301/20000/38500, PCI DSS, NIST, HIPAA, and GLBA along with other requirements into daily business operations and practices.

Jared has led large, complex security programmes across the Americas, Europe, Africa and Asia Pacific (APAC) regions. He currently holds the C|CISO, CISSP, GCIH, CRISC, SSCP, CCSK credentials (among others). Jared is Associate Faculty member at the National College of Ireland, where he lectures and assisted in the developed the MSc in Cloud Computing. He is a keen contributor the global security industry and regularly volunteers his time to help those new to the security industry, whilst promoting fresh and innovative approaches to tackling security challenges. He is a member of the IT Governance Expert Panel, and has spoken at over 100+ of the leading security events globally.

Jared authored ‘Cloud Computing: Assessing the Risks’ in 2014, which listed as a Top 50 technology seller on Amazon.com, with endorsements from Kaspersky, Deloitte, McAfee & others. Jared is currently authoring his next book, focusing on cyber security for business leaders and is keen to help others solve current security challenges. In 2013, Jared formed the Irish (ISC)2 Chapter, of which he is currently President, with over 300+ members. He volunteers as part of the ‘Safe & Secure’ initiative which trained over 2,500 school children on internet safety in 2014-2015.

He is a firm advocate of making security simple and actionable for all – something he practices throughout his daily interactions and activities.

CCISO of the Year

AdeniranSerikiNiran SerikiSenior Cyber Security Consultant,

External Consultant, EU Institutions

Chief Information Security Officer – Shekinah Information Security Consultancy Ltd. UK.

BIO
Niran Seriki is a Certified Chief Information Security Officer (C|CISO), a Certified Information Security Manager (CISM), a Cyber Security Conference Speaker & an experienced Senior Cyber Security Consultant with expertise in Cyber Security and Enterprise Security Strategy.

Niran has great expertise in dealing with Senior Board Level Management on Enterprise Security Strategy & Programs, identifying, developing, implementing and maintaining cyber security-related processes to reduce the organization’s operational and cyber risks.

He has over 27 years’ international, technical and management experience, planning and running global security projects, with specific passionate interests in Global Threat Intelligence Management, Vulnerability Management, Compliance and Risk Management.

He is quite passionate about Cyber Security and making Security work without jeopardizing Business progress and achievement in organizations.

Niran is a regular Conference Speaker at various European Cyber Security Conferences, including Data Risk Management in Financial Services Summit 2015 & 2016; Cyber Impact Gateway 2015; SC Congress Amsterdam 2016, Enterprise Security and Risk Management Conference, Amsterdam 2016 and several others as well as hosting webinars on BrightTalk.

In addition to a Bachelor’s Degree and a Master’s Degree in Information Security from Royal Holloway, University of London, Niran has several professional and industry certifications including C|CISO (Certified Chief Information Security Officer), CISM (Certified Information Security Manager), ITIL Version 3 and Prince 2 as well as the ISO27001 Lead Auditor and several industry trainings.

In Sept 2015, Niran won the Global C|CISO of the year 2015 Finalist Award by EC-Council in Atlanta, GA.

Currently, Niran consults for the European Union Institutions through a Consortium led by ATOS while concurrently serving as the Chief Information Security Officer (CISO) of Shekinah Information Security Consultancy based in the United Kingdom. He also consults for the private sector.

paulhornPaul Horn

CISO,

HD Vest Financial Services

BIO
Paul is the CISO at HD Vest Financial Services. He is a security professional with over 14 years of various security experiences that includes time spent as a Special Agent with the Air Force Office of Special Investigations, lead a global information security program for a major defense contractor supporting logistics and air operations for various government contracts as well as led the Drug Enforcement Administration’s Aviation Division vulnerability management program and has been a finalist in 2013 and 2014 for Certified CISO of the Year through EC-Council. In his free time Paul serves on Advisor Boards for information security related topics and has a deep dedication to the information security community by mentoring other security professionals to become future CISOs and participated in the National Institutes of Standards and Technologies (NIST) request for information regarding the framework for improving critical infrastructure.

LuisODr. Luis O. Noguerol

Information System Security Officer – Chief Technology Officer

BIO
Dr. Luis O. Noguerol is the Information System Security Officer, (ISSO), for the National Oceanic and Atmospheric Administration (NOAA) Southeast Region Fisheries Science Center. He has over 31 years of experience in Information Technology and Information Security in a variety of areas such as: U.S. Federal, State and Municipal Governments, Education, Private Banking, Private Sector consulting, and the Aerospace Industry.

He earned his PhD in Management and Information System and Technologies, a MS in Mathematics, a MS in Information Security, a BS in Electronics and Radar Systems, and a BS in Networks and Telecommunications. In addition, he holds 33 Information Technology certifications some being: Certified Chief Information Security Officer (C|CISO), Certified Information System Security Professional (CISSP), EC-Council Certified Ethical Hacker (CEH), EC-Council Computer Hacking Forensic Investigator (CHFI), ISO 27002 Lead Auditor, IASSCCertified Lean Six Sigma Black Belt (ICBB), Certified Business Architect (CBA), Check-Point Certified Security Master (CCSM), and Cisco Certified Network Professional (CCNP).

Dr. Noguerol has been a featured speaker at Information Technology/Information Security events, most recently at the National Institute of Standards and Technology (NIST), and in New York where he presented to the Bank of China’s upper management. He has also been a featured speaker internationally in multiple countries in Europe, Central America, and South America as well as in multiple TV / radio station shows with national and international coverage.

He is the President & CEO of Advanced Division of Informatics and Technology, Inc. (ADITusa, Inc.) ADITusa, Inc. focuses on minimizing the security risks associated with electronic data leakage while maximizing the economic efficiency of businesses through the application of innovative technological solutions in the information security, networking, and e-cloud environments. His transformational leadership style and passion for Information Security has earned him recognition and awards such as: The Biltmore Who’s Who Executive and Professional of the Year, 2011 Honors Edition; in 2012 ADITusa was recognized among 17 of the Small Businesses Top Performers by The Business Leader Institution; in 2012 Dr. Luis O. Noguerol and ADITusa, Inc. were recognized as Top Businesses and Business Leaders in the U.S. South Region by Business Leader Magazine; The Covington Who’s Who Executive and Professional of the Year 2013; New Horizons Computer Learning Centers “Top 10 New Horizons Technical Instructor in the World” 2015; and New Horizons Instructor of the year 2015. In addition, due to his community conscience mindset, he donates time to teach Information Security classes to low income minority members of the local community from 2010, and still.

Dr. Luis O. Noguerol’s passion for Information Security and technology, is not only as strong today as it was over 31 years ago but has driven him as a professional, an executive, and as a mentor.

Innovative Security Project of the Year

Untitled-2Dan Nagle

Listen to Podcast!

BIO
Dan Nagle has over a decade of experience designing, managing, and implementing software projects. His college and early career had a strong focus in embedded systems (BS in Computer Engineering, where he graduated valedictorian for his major). From there, he has been involved everywhere from the development of low-level embedded processors to high-level web interfaces and desktop clients.

Currently, he is a principal software engineer for the SVSI division of Harman Professional Solutions developing web interfaces, back-end servers, and desktop control software for devices distributing HD video over networks. His responsibilities have touch all the major platforms: Web portals, Android, iOS, Windows, Mac, and Linux (servers and desktop, ARM and Intel).

In his spare time, he performs independent research. His research in HTML5 became a book published by CRC Press. His open source network utility, Packet Sender, gets downloaded 300 times / day the world over and ranks #1 with Google when searching for the problems it solves. He can also be found speaking at conferences and user groups to discuss his projects or software development in general.

AdeniranSerikiNiran SerikiSenior Cyber Security Consultant,

External Consultant, EU Institutions

Chief Information Security Officer – Shekinah Information Security Consultancy Ltd. UK.

BIO
Niran Seriki is a Certified Chief Information Security Officer (C|CISO), a Certified Information Security Manager (CISM), a Cyber Security Conference Speaker & an experienced Senior Cyber Security Consultant with expertise in Cyber Security and Enterprise Security Strategy.

Niran has great expertise in dealing with Senior Board Level Management on Enterprise Security Strategy & Programs, identifying, developing, implementing and maintaining cyber security-related processes to reduce the organization’s operational and cyber risks.

He has over 27 years’ international, technical and management experience, planning and running global security projects, with specific passionate interests in Global Threat Intelligence Management, Vulnerability Management, Compliance and Risk Management.

He is quite passionate about Cyber Security and making Security work without jeopardizing Business progress and achievement in organizations.

Niran is a regular Conference Speaker at various European Cyber Security Conferences, including Data Risk Management in Financial Services Summit 2015 & 2016; Cyber Impact Gateway 2015; SC Congress Amsterdam 2016, Enterprise Security and Risk Management Conference, Amsterdam 2016 and several others as well as hosting webinars on BrightTalk.

In addition to a Bachelor’s Degree and a Master’s Degree in Information Security from Royal Holloway, University of London, Niran has several professional and industry certifications including C|CISO (Certified Chief Information Security Officer), CISM (Certified Information Security Manager), ITIL Version 3 and Prince 2 as well as the ISO27001 Lead Auditor and several industry trainings.

In Sept 2015, Niran won the Global C|CISO of the year 2015 Finalist Award by EC-Council in Atlanta, GA.

Currently, Niran consults for the European Union Institutions through a Consortium led by ATOS while concurrently serving as the Chief Information Security Officer (CISO) of Shekinah Information Security Consultancy based in the United Kingdom. He also consults for the private sector.

ChenHeffer-2Chen Heffer

Cyber Security Officer, Douglas County Government, Colorado.

BIO
Chen Heffer is an international cyber security expert with over 20 years of experience in both military and civilian cyber security worldwide. He is currently the Cyber Security Officer at Douglas County Government in Colorado.

Chen has brought a unique innovative approach to the cyber efforts in the county and other local and state governments in Colorado. His approach is based on gathering intelligence and constantly learning the adversaries’ offensive approaches. He has implemented a variety of advanced cyber systems that constantly monitor the county’s assets. Chen’s motto is: “The more you invest in intelligence, the less you invest in cyber warfare” focusing on being one step ahead all the time.

Prior to his work in Douglas County, Chen worked for Kaiser Permanente as a PCI ISA, and served as the CISO of global enterprises such as SpaceNet, Gilat Satellite networks and Deloitte Israel. Chen is the Director of the CISA training program in ISACA Denver and leads the CISA efforts in Colorado. He is experienced in Cyber Warfare, Critical Infrastructure Protection, Technology Risk Management and Compliance and serves as a mentor in governmental cyber mentorship programs.

Most Improved Information Security Program of the Year

Paul MediciPaul Medici

Director at Fidelity Investments

BIO
Paul Medici has been involved with Information Security for almost twenty years. During that time at State Street Bank and Fidelity Investments he has been involved for all aspects of Information Security, Business Contingency Planning, Disaster Recovery, Server support, Database and Desktop Support.

The past fifteen years Paul has been focused on the Information Security world. Leading a team, most recently he developed a Security Consulting Practice at Fidelity in which the team oversees the implementation of over 500+ projects a year to assure that all of those projects comply with Fidelity’s Policies and Procedures around Information Security.

ChadCottleChad Cottle

Chief Information Security Officer

City of Lexington, KY

Listen to Podcast!


BIO

Chad Cottle is an award winning IT veteran with over 25 years experience in programming/database design, GIS, networking/systems administration, business resilience, big data, project management and information security.

Progressive and forward-thinking, Lexington, KY is a university city with a burgeoning technology and startup community. Chad serves as the Chief Information Security Officer and holds certifications in project management, ITIL, systems administration as well as C|CISO, CEH, CHFI and CASP.

Recognizing a deficiency in the city’s approach to security, Chad seized the opportunity to build an InfoSec program from the ground-up using proven frameworks and project management best practices. Keenly aware that security is not a destination, but rather a journey, he has buckled up and plans to enjoy the long ride.

In his spare time, Chad dabbles in zymurgy, producing delightful IPAs and most quaffable Cabernets. He is also the guitarist and lead mischief maker for the band “The Berenstain Conspiracy.”

Juan Gomez-SanchezJuan Gomez-Sanchez

CISSP-ISSAP, CISM, C|CISO, PCIP

Chief Security Officer, Lennar Corporation


BIO

With over 20 years of experience, Juan Gomez-Sanchez has focused his entire professional life to Information Security. As a security practitioner, Juan held leadership positions building and implementing enterprise security programs at Delta Airlines, CheckFree Corporation (now Fiserv) and Florida’s Turnpike Enterprise (PCI Level 1 Merchant). As a consultant, Juan worked for Cybertrust (now Verizon Business Security Solutions), Optima Consulting, and Worldwide Technology, providing trusted advisory services and managing the delivery of security consulting services to a wide range of clients by working with executives to address the demands of security on a global and enterprise scale.

He has supported a range of organizations in the development and planning of security programs to meet requirements for establishing, implementing, monitoring, and maintaining a security posture.

Juan is currently the Chief Security Officer at Lennar Corporation. Lennar (NYSE:LEN) is ranked as one of the fastest growing ($9.4B) Fortune 500 companies that has built the reputation as one of America’s smartest and most innovative real state, financial services, property development, and capital management companies.

As the Chief Security Officer, responsibilities encompass all physical and information security initiatives in support of 7 lines of business, close to 9,000 associates and 1,000 locations operating in 17 US states and 44 markets.

Lennar’s first Chief Security Officer reports to the Chief Financial Officer and is accountable to the Board of Directors. Responsible for creating the Enterprise Security Office from the ground-up and implementing a world-class security program that encompasses: Security Governance, Security Risk and Compliance Management, Security Architecture and developing a portfolio of shared enterprise services that includes: Physical Security, Security Awareness, Incident Response, Identity and Access Management, Application Security, Business Continuity, Disaster Recovery, Security Monitoring and Litigation Support.

Juan is also very active in the security industry; he contributed as subject matter expert and exam writer for the CISSP certification and ISSAP concentration. He is also a member of the board of advisors for C|CISO certification by the EC-Council

2015 Award Winners

CCISO of the Year
Neil Gaudreau

Neil-Gaudreau-1

CISO of the Year
Ben Halpert

BenHalpert

Innovative Project of the Year
Paul Medici

PaulMedici

Most Improved Information Security Program of the Year
Bobby Malek

Bobby Malek

2014 Award Winners

CCISO of the Year
Paul Medici

ecATL_1373

CIO of the Year
Vanessa Lapins

ecATL_1345

CISO of the Year
Mark Leary

ecATL_1360