SecureWorld Boston 2024

Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Henryk has actively been part of the technology space for over 25 years. He has worked at various companies ranging from start-ups to established global Fortune organizations. Throughout his career, he's worn many hats and titles, focusing on his passion for cybersecurity, business goals, and program building. Having been the first security leader in many of his roles, Henryk understands the challenges of urgent bootstrapping. He has created an approach and track record based on collaboration, risk management, and perspective. In his current role, Henryk oversees the security program for multiple platforms that help support the compensation analysis and planning needs for over 10,000 companies.

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

Brian currently leads the cybersecurity and privacy program as Vice President, Global Security & Privacy at SharkNinja, a relentless innovator and global leader in the housewares industry. Previously, he served as head of IT security & compliance at Hasbro, where for seven years he led the maturity of a global cybersecurity program designed to meet everchanging cyber risk of a company that evolved from a toy manufacturer to a global entertainment company serving the film, unscripted TV, and online gaming industries. Prior to Hasbro, he served as Director of IT Compliance for Upromise, the Boston-based pioneer of loyalty and 529 college savings programs, where he led development of the company's PCI and SOX compliance programs.

Brian established himself as a leader in cybersecurity, privacy, and compliance program development. His career path differs from many IT professionals; he started his professional career in technology sales with Cabletron Systems in the mid-90s where he was first exposed to information technology and shifted to a career in IT operations in 2001. He was drawn to the structure of process and controls, which led to a role in IT security & compliance in 2005.

Brian has a passion for developing teams with a focus on individual team member success and career growth. He attributes relationship and team-building skills developed early in his career as a sales professional as keys to his program development and leadership success.

Education:
BS, Management Science, Bridgewater State University
Executive Leadership Professional Coach Program, AIIR Professional Consulting
Executive Leadership Certificate, Business Engagement & the Information Security Professional, Tuck School of Business
Executive Leadership Certificate, Harvard Leadership Management Program

Roy Wattanasin is an information security professional. He is an avid speaker providing thought leadership at many conferences and webinars. Roy enjoys incident response and building security programs. He is involved with many computer security groups including the Boston Application Security Conference (BASC), OWASP Boston and other local associations. Roy is a member of multiple advisory groups, including SecureWorld Boston. He was previously an adjunct instructor at Brandeis University as part of the Health and Medical Informatics program. He is the co-founder of the decade-old program.

Chris Usserman is the Chief Technologist with Infoblox Federal. Chris has over 33 years’ experience in the U.S. Intelligence Community helping clients understand and incorporate cyber business intelligence to improve cyber security programs. With a focus on the U.S. Government and public sector, Chris brings a public/private perspective to enhance the security posture of multiple sectors and communities of interest. Chris regularly speaks at domestic and international conferences on building more effective and mature cyber security programs. Prior to Infoblox, Chris served in several leadership roles, including Senior Director, Applied Intelligence and Director, Government Programs at iSIGHT Partners (now Mandiant Threat Intelligence). Chris was also a Lead Research Scientist (Cyber Ops) at Lockheed Martin’s Advanced Technology Laboratories and served 14 years in the U.S. Air Force.

Graham is a Pre-Sales Manager at Syxsense and has been working in the IT and Security industries for the last seven years. Before working at Syxsense, he was an IT Analyst for a major DOE and DOD Security manufacturing company. He currently holds the RHCE and Security Plus certifications.

Stanley Hammond has been in the IT field for the past 20 years and in the information security since 2006. He is currently a Senior Security Engineer in the healthcare field in Massachusetts. Throughout his career he has worked for non-profits, non-government organizations, higher education, and both public and private sector organizations. He is currently working in multiple areas including security awareness, incident response and proactive maintenance. He holds several industry recognized certifications including CISSP, CISM, CISA, HCISPP and CDPSE.

A 22-year veteran of the United States Secret Service, Senior Special Agent Sean Donlon currently manages the Burlington office, overseeing investigations of cyber and financial crimes in the state of Vermont. Prior to his post in Vermont, Senior Special Agent Donlon served as an assistant attaché for the Secret Service in the United States embassy in Rome, Italy, where he was responsible for liaising with foreign law enforcement in over 60 countries, including those in Southern Europe, West Africa and the entirety of the Middle East. While there, he coordinated with the Polizia di Stato, Italy’s state police, in managing the European Cyber Fraud Task Force.

SSA Donlon began his law enforcement career with the Secret Service in Los Angeles, where he received training as a network intrusion specialist, responding to computer-related incidents throughout Southern California and serving as the deputy squad leader for the Los Angeles Cyber Fraud Task Force. In the years that followed, SSA Donlon continued to pursue training in a variety of cyber crime-fighting specialties before becoming a certified instructor at the James J. Rowley Training Center, the Service’s training academy.

Senior Special Agent Travis Kaylor has spent the last 22 years in a variety of roles both domestic and abroad, focused on the dual mission of the United States Secret Service across both protection and investigations. He began his career as a Uniformed Division Officer assigned to the White House Branch and later as a Special Agent in the Washington Field Office. He was assigned to the New York Field Office where he led multi-agency fraud investigations, followed by an assignment to Former President William Clinton's protection detail. Currently, SSA Kaylor is assigned to the Boston Field Office and is a leader of the New England Cyber Fraud Task Force where he pursues complex, transnational cybercrime investigations involving foreign targets perpetrating cyber-attacks including ransomware, business email compromises, and network intrusions. During this tenure, SSA Kaylor represented the USSS as the Liaison Officer assigned to Europol's European Cybercrime Centre, Joint Cybercrime Action Task Force (J-CAT). In this role, he coordinated the most significant USSS-led cybercrime investigations within Europol, and worked collaboratively with more than 20 member countries on transnational cybercrime investigations.

SSA Kaylor is certified in Digital Forensics Incident Response - Network Intrusion (DFIR-NI), which manages the incident response capabilities of the USSS to cyber incidents. DFIR-NI provides investigative resources, cyber training, and operational resources to identify, mitigate, deconflict and facilitate the remediation of network intrusions, unauthorized access, malicious hacking, and other cyber based incidents. This includes intrusions into the financial sector, attacks against commercial enterprises, and violations of federal law.

SSA Kaylor is a graduate of Marist College in Poughkeepsie, New York and is pursuing a master’s degree at Boston College in their Cybersecurity Policy and Governance program.

Peter LaRoche has served as a Network Intrusion Forensic Analyst (NIFA) with the US Secret Service out of the Manchester Resident Office since September 25, 2023. As a NIFA, Mr. LaRoche is responsible for providing expert guidance to the Secret Service as well as federal, state, and local partners in network and digital forensics. This includes the investigation of cyber related crimes such as network intrusions, ransomware, business email compromises, cryptocurrency related scams, the imaging and processing digital media, and conducting computer forensics examinations in support of criminal investigations.

NIFA LaRoche has over 20 years of law enforcement experience. He began as a Patrol Officer with the Nashua NH Police Department in 2003 and served as a member of the department’s Accident Reconstruction Unit, Unmanned Aerial Systems (UAS) Unit, and Computer Forensics Unit from which he retired as a Detective in 2023. In addition to his role as a Digital Forensics Examiner with the Nashua Police Department, he was also a Forensic Examiner for the NH Internet Crimes Against Children (ICAC) Task Force, Federally Deputized Task Force Officer with the United States Secret Service (USSS), and member of the New England Cyber Fraud Task Force (NECFTF). He is recognized as an expert in digital forensics in multiple legal jurisdictions in New Hampshire.

NIFA LaRoche holds numerous certifications related to digital forensics and network intrusion investigations and has attended well over 1000 hours of training in the field. He is a graduate of Skidmore College in Saratoga Springs, New York.

Senior Information Technology/Security Executive with over 25 years of experience at premier institutions successfully building services and client relationships, developing methodologies, and integrating cross-functional skills. Specializes in information security and risk management, compliance, knowledge management, strategy, business continuity, and operational efficiency. Reputation for leading new initiatives focused on transforming operations, establishing partner/industry relationships, increasing revenue, and reducing cost and risk exposure. Proactive leader with intense focus on customers and beneficial outcomes.

Oren Koren is the Co-Founder and Chief Product Officer of Veriti. Oren brings 19 years of experience in cybersecurity, advanced threat analysis, and product management,. Prior to founding Veriti, Oren was a Senior Product Manager at Check Point Software Technologies, where he led AI-based innovations and advanced data analytics projects redefining threat hunting and SIEM applications. Before Check Point, Oren served for 14 years at the prestigious 8200 unit and was responsible for different cybersecurity activities and research. Oren won the Israeli Security Award and 3 MOD awards for cutting-edge innovations in cyber security.

Idan Gour is the CTO and co-founder of Astrix Security, a leading enterprise solution securing app-to-app interconnectivity. Having served as a leader in the elite class of the Israeli Military Intelligence Unit 8200, his hands-on offensive and defensive cyber experience affords him a unique attacker point of view. Previously, Gour also led software development at Deep Instinct, a deep-learning AI cybersecurity company.

Tim Gallo leads the Google Global Solutions Architecture Team that covers Security Risk Solutions, including Cyber Threat Intelligence, traditional Intelligence Operations, Managed Detection and Response, Security Controls Validation, and Attack Surface Management and asset discovery. He Joined Google Cloud through the acquisition of Mandiant by Google in 2022, he had spent 5 years at Mandiant prior to the acquisition in a variety of field facing roles covering the aforementioned topics. Before joining Mandiant, Tim leveraged his over 20 years’ experience in information security and intelligence operations to aid in the development and deployment of a number of solutions. Including building client and organizational expertise in Intelligence Guided Cyber Network Defense (IGCND). This included the development and product management of some of the first cyber intelligence solutions ever brought to market. These solutions have included threat and vulnerability management tools, IOC prediction algorithms, intelligence services, and strategic intelligence consulting. Today he spends his days helping clients understand the importance of Intelligence as a guiding principle for building out effective security processes and operations and helping clients and vendors find ways to leverage technologies responsibly to build their cyber defense centers and security operations practices. Every once in a while he can be found out in the desert, sometimes on his Harley with a flamethrower, sometimes with just a flamethrower.

Dana Tannatt graduated from Norwich University with a master’s degree in information security and assurance. He is also a member of the Upsilon Pi Epsilon honor society for Computing and Information Disciplines. He has been a Security and Privacy software specialist for more than 18 years. He has extensive experience with Identity Access Governance and Data Security. He is now at Thales as one of their premiere Data and Application Security Specialists.

Ashley-Yvonne Howard is an experienced cloud security strategist with a master's degree in Cybersecurity from the University of Denver, complementing her undergraduate degrees in German Language and Literature & Film Studies, which reflects her unique fusion of art and science. With a career marked by unwavering determination and adaptability, she has thrived in various technical roles at General Motors, LogRhythm, AttackIQ and Expel within the cybersecurity field, spanning red, blue, and purple team domains.

Frederick Webster leads Blue Cross & Blue Shield of Rhode Island’s cybersecurity program as their Information Security Officer. He has over 15 years of experience in the IT and Information Security fields with a background in Security Operations, Business Continuity and Information Assurance. He has experience in Healthcare, Retail Pharmacy, Pharmacy Benefits Management, and MSSP industries. Frederick is a credentialed ISACA CISM with a BS. in Management of Information Systems and an MBA.

Mark Ostrowski is the Head of Engineering for the East region of US at Check Point Software Technologies. Mark has over 25 years’ experience in IT security and has helped design and support some of the largest security environments in the country. As an evangelist and member of the Office of the CTO at Check Point Software, Mark provides thought leadership for the IT security industry, outlining the current threat landscape and helping organizations understand how they can proactively mitigate and manage risk in our world of digital transformation. Mark actively contributes to national and local media discussing cybersecurity and its effects in business and at home on media outlets such as the Today Show on NBC, Good Morning America on ABC, and the Wall Street Journal.

As CrowdStrike’s Senior Vice President of Counter Adversary Operations, Adam Meyers leads the Threat Intelligence line of business for the company. Meyers directs a geographically dispersed team of cyber threat experts tracking criminal, state-sponsored, and nationalist cyber adversary groups across the globe and producing actionable intelligence to protect customers. He oversees the development and deployment of AI, machine learning, reverse engineering, natural language processing, and other technologies to detect suspicious and malicious cyber behavior and stop increasingly sophisticated adversaries. Meyers’ work in combining human intelligence and intelligence derived from technology continues to transform cybersecurity.

Meyers works closely with other departments within CrowdStrike to ensure the smooth and speedy integration of intelligence into CrowdStrike’s entire lineup of products and services. His team brings unprecedented insights into the activities of cyber threat actors, providing strategic and technical guidance to Fortune 100 businesses, major financial institutions, key government agencies, and other CrowdStrike customers. SC Magazine recently honored CrowdStrike’s record of achievement under Meyers with the 2019 Trust Award for Best Threat Intelligence Technology. Almost every week you will see Myers commenting on recent cyber threats and cyber attacks in leading broadcast, print, and online media.

Adam earned a Bachelor of Arts degree from the George Washington University where he studied Political Science, and Computer Science.

Dan Murphy has 20+ years of experience in the cybersecurity space, specializing in web security, distributed systems, and software architecture. As a Chief Architect at Invicti, his focus is on ensuring that Invicti products across the entire organization work together to provide a scalable, performant, and secure dynamic analysis experience.

Jon Fredrickson is Vice President & Chief Information Security Officer for Surgery Partners. Prior to Surgery Partners, Jon has held various leadership & CISO positions across healthcare in both the provider and payor markets. Jon has developed a pragmatic approach to implementing cyber security solutions and assisting his organizations in properly measuring and managing cyber risk. He graduated from the University of Rhode Island with a B. A. in Economics. Jon is a member of the Association for Executives in Healthcare Information Security, the Healthcare Sector Coordinating Council (HSCC) and is a Certified Information Security Manager.

Dmitriy is currently a Senior Vice President, Information Security at SEMrush. From 1999 to 2007 Dmitriy had first-hand experience with servers, networks and datacenters, and NOCs and SOCs as he worked and consulted for defense contractors, public and private financial and medical companies, and non-profits. Between 2007 and 2018, Dmitriy spent 11 years at CyberArk software, helping them go public as he was building and managing a cyber-security professional services team, personally participating in incident response and remediation for some of the largest breaches in US history, and then serving as a Cloud Security Architect for SaaS products utilizing CSA CCM and CIS CSC. In 2018, and until summer of 2023, Dmitriy helped Avid Technology, a pioneer and a leader in the movie and music industry since 1987, to establish its information security and product security functions.

Dmitriy holds Boardroom Qualified Technical Expert (QTE) certification from the Digital Directors Network (DDN) and serves on Advisory Boards for multiple information security start-ups, such as Oort (acquired by Cisco), The Cybernest, Exium, SaaSLicense (acquired by IBM), and advises venture capital, and private equity firms. He is a member of the GIAC Advisory Board, holds the GISF, GCED and CISSP certifications, and served as a SANS Mentor for all three.

Pat is a Principal Solutions Engineer for Lacework and has been with the company for 3.5 years. He spent the previous ~10 years working for Boston based Cyber Security companies in similar roles and prior to that focused on implementation and consulting work for data automation workflows. Having been in security for the past 10 years and seeing the power of data and automation throughout his career, Pat is excited to be with Lacework and helping his customers solve the variety of complex problems that come with securing public cloud environments.

Anna has 10 years of experience researching and advising organizations on cloud adoption with a focus on security best practices. As a Gartner Analyst, Anna spent six years helping more than 500 enterprises with vulnerability management, security monitoring, and DevSecOps initiatives. Anna's research and talks have been used to transform organizations' IT strategies and her research agenda helped to shape markets. Anna is the Director of Thought Leadership at Sysdig, using her deep understanding of the security industry to help IT professionals succeed in their cloud-native journey.

Anna holds a PhD in Materials Engineering from the University of Michigan, where she developed computational methods to study solar cells and rechargeable batteries.

Debra Brown brings over 25 years of experience in cybersecurity. Starting her career at Xerox and then honing her experience in high-growth startups like Ping Identity and Chainalysis, Debra excels in introducing innovative security technologies to the market. Her dedication extends beyond her professional sphere as she is also a passionate learner, book lover, and a devoted mother and wife in a loving, blended family.

Prior to his current role at CrowdStrike, Rob Solomon was a Senior Solutions Architect in the ISV segment at AWS, helping software companies migrate and modernize on AWS to accelerate their pace of innovation and operational efficiency. From past roles in SaaS operations and during his time at AWS, Rob experienced first-hand the challenges of implementing and managing cybersecurity in a fast-paced environment. As a Senior Cloud Solution Architect for the AWS alliance at CrowdStrike, Rob advocates for a comprehensive, results-oriented approach that helps customers focus on delivering business value instead of trying to untangle the complexities of hybrid cloud security. Rob enjoys spending time with family in coastal Maine, hiking and working on home improvement projects.

Kevin is the founder and director of the Master of Science in Cybersecurity Policy and Governance Program at Boston College, and an Assistant Professor of the Practice at Boston College Law School and in Boston College’s Carroll School of Management’s Business Law and Society Department. Along with his teaching at Boston College, Kevin is a Cybersecurity Research Affiliate at the MIT Sloan School of Management, and he has taught courses at the U.S. Naval Academy, where he was also the Deputy General Counsel to the Superintendent.

With over 20 years of combined cybersecurity, data privacy, business, law enforcement, military, national security, higher education, and teaching experience, he has worked as an analyst and an attorney for the U.S. Department of Justice, U.S. Navy, U.S. Department of Defense, law firms in Boston and Washington, D.C., and as the general counsel for an international software company based in Seattle, Washington. Kevin also is an expert witness and consultant with the Analysis Group and serves as a Director for the Board of Reading Cooperative Bank, a Trustee for the Board of Boston College High School, an Advisory Board Member for HYCU, Inc. and CyberSaint Security, and as a Member of the Boston College Law School Business Advisory Council. From 2016-2017, he was the Panel Lead for the Collegiate Working Group for the U.S. Department of Homeland Security's National Initiative for Cybersecurity Education (NICE). Kevin regularly provides expert commentary regarding cybersecurity and national security concerns for varying local, national, and international media outlets.

Howard Goodman, with a distinguished career spanning two decades, has emerged as a pivotal figure in cybersecurity, seamlessly integrating strategic planning with hands-on cybersecurity applications across numerous sectors. His significant contributions to organizations like Skybox Security highlight his prowess in navigating through the intricate realms of cybersecurity. A U.S. Navy veteran and holder of a Ph.D. in Cyber Operations, specializing in meticulously formulating and implementing security strategies.

Throughout his journey, he has consistently demonstrated a steadfast ability to deliver tangible results, adeptly crafting strategies while precisely evaluating the risks, issues, and benefits of long-term initiatives. His unique talent lies in skillfully communicating complex technical concepts to both senior executives and non-technical stakeholders, ensuring a thorough understanding of the projects and strategies under his leadership. Dr. Goodman's trajectory in the field reveals a leader who not only navigates through the complexities of the digital and cybersecurity domain but also stands as a reliable guide, ensuring strategic and secure operations in all his endeavors.

Josephine Wolff is an associate professor of cybersecurity policy at The Fletcher School at Tufts University. Her research interests include liability for cybersecurity incidents, international Internet governance, cyber-insurance, cybersecurity workforce development, and the economics of information security. Her first book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018 and her second book "Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks" came out from MIT Press in 2022. Her writing on cybersecurity has also appeared in Slate, the New York Times, the Wall Street Journal, the Financial Times, The Washington Post, The Atlantic, and Wired.

Myriah Jaworski is a Member, Data Privacy and Cybersecurity, at Clark Hill Law. She represents clients in data breach actions, technology disputes, and in the defense of consumer class actions and related regulatory investigations stemming from alleged privacy torts and violations of the TCPA, BIPA, IRPA, and other state and federal privacy laws. Myriah also works with clients to devise and implement privacy and security compliance programs and to evaluate and implement new technologies, including enterprise-wide AI and machine learning tools. She is also been recognized as a Super Lawyer® for her Civil Litigation practice in 2018, 2019, 2020, and 2021.

Dan Hopkins, VP of Engineering at StackHawk, has been a software engineer for 20 years, working at high-growth startups such as VictorOps and LivingSocial and large high-tech companies such as Splunk. For the last ten years, he has focused on building tools for progressive engineering teams adopting DevOps and DevSecOps practices.

Dave has more than 15 years experience in enterprise information security and brings a strong track record of innovation and customer focus to SentinelOne. Prior to SentinelOne, he was the VP of Product and VP of Solutions Architecture at ProtectWise and helped launch and build the company from stealth to a successful exit to Verizon. Dave helped define the network detection and response market and has helped many organizations develop detection and response strategies and to embrace cloud delivered technologies. He has also led Firewall Product Management at McAfee and has held various roles in sales engineering, product management and support at Websense, Intel, McAfee and Secure Computing.

Sean is a Senior Manager in Wolf’s DenSecure group. His role entails developing security reviews and managing projects, including security reviews, penetration tests, social engineering, and threat emulation. Sean has over ten years of experience in consulting and has worked extensively in the financial, healthcare, education, and software sectors.

Sean is also Wolf’s Lead QSA responsible for carrying out PCI DSS audits and mentoring Associate QSAs.

John is a 30-year industry veteran in IT and cybersecurity and has worked for some of the most recognizable brands in cybersecurity such as Palo Alto Networks, Cisco Systems, Blue Coat (now Symantec), and Websense (now Forcepoint). John has been a guest speaker and panelist at numerous industry events and tradeshows and has served as a subject matter expert in advanced threat detection and remediation techniques.

Jake currently manages the Data Foundations team at Okta after transitioning from Principal Engineer on Okta's Defensive Cyber Operations team. He previously led data platform teams at Shopify and CarGurus, has taught various O'Reilly courses, and regularly contributes to data-oriented OSS projects.

Amit Zimerman, Co-Founder and Chief Product Officer at Oasis, is a seasoned leader with a diverse technical and product background. Before co-founding Oasis, he played pivotal roles at CyberMDX, and Microsoft, bringing a wealth of product and security expertise. Amit also had significant contributions during his seven-year tenure in Israeli Military Intelligence forces as a leader of some of the high profile cyber projects at the time.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Senior Information Technology/Security Executive with over 25 years of experience at premier institutions successfully building services and client relationships, developing methodologies, and integrating cross-functional skills. Specializes in information security and risk management, compliance, knowledge management, strategy, business continuity, and operational efficiency. Reputation for leading new initiatives focused on transforming operations, establishing partner/industry relationships, increasing revenue, and reducing cost and risk exposure. Proactive leader with intense focus on customers and beneficial outcomes.

Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Esmond Kane brings more than two decades of expertise as a distinguished leader in information security, safeguarding vital sectors. With a rich leadership background at prestigious institutions like Harvard University, Mass General Brigham, and Steward Health Care, he also serves on the advisory boards of multiple companies, providing valuable insights on cyber matters. Kane excels as a trusted consultant to top executives and founders, ensuring secure IT operations, regulatory compliance, and resilient design. His stellar track record is a testament to his recognized authority in the field.

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.

VJ Viswanathan is a seasoned technology executive recognized and awarded for innovation, business capability transformation, and thoughtful mentorship. Most recently, VJ is the founding partner at CYFORIX, a global cybersecurity research, advisory, and strategic consulting firm delivering solutions to public and private sectors. He also serves as the CEO at TORQE, a specialized advisory firm focused on analytics, automation, and convergent technologies. VJ is the co-host of ELEVATEINTEL, a podcast series at the nexus of technology, social, and defense.

With more than 25 years of pioneering enterprise technology, cybersecurity, privacy, and compliance & risk management experience, VJ has a detailed track record of designing, implementing, and leading highly successful programs, products, and services at multinational Fortune 100 brands spanning CPG, telecom, media, supply chain, healthcare, and finance segments. As a strategic thought leader, VJ has delivered the first of its kind "Supply Chain Security" & “Omni-channel Risk Management” frameworks. As a published author and featured keynote speaker at global industry events, he approaches disruptive digital paradigms with innovation, creativity, and active collaboration with his key industry peers, researchers, national & international law enforcement, and defense groups.

VJ is an active mentor at various incubators and accelerators groups, serves as an advisory board member for growth stage companies. As a strategic adviser to VC & PE firms, he specializes in developing market analysis, competitive product road maps, and guides in opportunity mapping. As a board member and subject matter advisor to CEOs and corporate directors, VJ evaluates and audits enterprise technology and cybersecurity programs for veracity and operational effectiveness.

VJ is passionate about animal rights and giving back to the technology and security industry. He has created a rescue and foster care group for large breed dogs. He is actively engaged with academic institutions and purpose-driven professional groups like Minorities in Cyber Security, where he serves as a board member and chair of mentorship programs to develop the next generation talent through coaching and facilitating scholarships for technology and cybersecurity education.

From 1999 to 2007, Dmitriy had first-hand experience with servers, networks and datacenters, and NOCs and SOCs as he worked and consulted for defense contractors, public and private financial and medical companies, and non-profits. Between 2007 and 2018, Dmitriy spent 11 years at CyberArk software, helping them go public as he was building and managing a cyber-security professional services team, personally participating in incident response and remediation for some of the largest breaches in US history, and then serving as a Cloud Security Architect for SaaS products utilizing CSA CCM and CIS CSC. Dmitriy holds Boardroom Qualified Technical Expert (QTE) certification from the Digital Directors Network (DDN) and serves on Advisory Boards for multiple information security start-ups, such as Oort, Exium, SaaSLicense (acquired by Apptio), and advises venture capital, and private equity firms. He is a SANS Mentor, a member of the GIAC Advisory Board and holds the GISF, GCED and CISSP certifications.

John Fanara is the Director of IT Security at Plymouth Rock Assurance, a leading auto and home insurer in the Northeast. Before joining Plymouth Rock, John served as CISO at the Risk Management Foundation of the Harvard Medical Institutions (CRICO). John has been overseeing Security and IT Infrastructure teams for over 22 years and has a passion for maturing security programs. John is a Certified Information Systems Security Professional (CISSP).

Esmond Kane brings more than two decades of expertise as a distinguished leader in information security, safeguarding vital sectors. With a rich leadership background at prestigious institutions like Harvard University, Mass General Brigham, and Steward Health Care, he also serves on the advisory boards of multiple companies, providing valuable insights on cyber matters. Kane excels as a trusted consultant to top executives and founders, ensuring secure IT operations, regulatory compliance, and resilient design. His stellar track record is a testament to his recognized authority in the field.

Justin Armstrong is a security, privacy, and regulatory compliance consultant with over 25 years of experience in the Healthcare Industry. He worked as a vCISO at FractionalCISO, managed security at Healthcare Cybersecurity startup Tausight, and led Product Security at MEDITECH, a top three Electronic Health Record vendor. He has engaged with Hospitals in nearly 100 ransomware incidents.

Recently he founded Armstrong Risk Management to provide guidance on security, privacy, and regulatory compliance to companies large and small.

He holds the CISSP and HCISPP certifications and obtained his Masters in Cybersecurity Leadership at Brandeis University.

Chad Barr is a seasoned leader in the field of information security, currently serving as the Director of Governance, Risk and Compliance (GRC) within the Risk Advisory Service practice at AccessIT Group (AITG). With a proven track record of success, Chad brings a wealth of experience to AccessIT Group.

As a visionary leader in the realm of cybersecurity, Chad has honed his skills across multiple disciplines, including security engineering, project management, risk management, and compliance. His extensive background underscores his ability to guide organizations toward robust and resilient security postures.

Ben originally asked ChatGPT to write his bio, but felt it was self-aggrandizing, pompous, and unbearably long. After many efforts to tell ChatGPT to tone it down a bit, he gave up and wrote it himself. Ben is a Cybersecurity and IT leader with over 25 years of experience. He specializes in rapidly maturing cybersecurity programs from scratch, aka getting bored with mature programs and starting over somewhere new. The result is a wide variety of experiences across industries in both public and private sectors. Ben has a passion for teaching that extends beyond standard security awareness training. In the "before times", Ben was a SCUBA instructor and taught Microsoft technical certifications. He is a board member of a local charity supporting elementary school aged children, of which he has three.

William (Bill) Kyrouz is Information Security Director at Paul Weiss, one of America’s most prestigious law firms. Bill has worked in the legal industry for about twenty years, with a four year stint in Higher Education Technology , and has served in dedicated Information Security roles for the last 12. Prior to Information Security he worked predominately in the realm of network management.

Bill has worked to stimulate the sharing of threat intelligence and security best practices within and across industries. In 2018 he was awarded the inaugural Security Professional of the Year Award from the International Legal Technology Association.

Diana knows what is required to develop and enhance an information security program. She specializes in gathering evidence, preparing for and conducting information security audits, and due diligence visits. Additionally, she is an expert in assisting small to mid-size companies in presenting their information security posture to potential business partners and clients, guiding them through the complex and sometimes daunting process of answering vendor security/posture questionnaires, developing a compliant information security program, and remaining compliant with ever-evolving client demands.
Diana has a Bachelor of Arts degree in English Literature from the University of Massachusetts and a Master’s in Information Systems from Northeastern University. She currently sits on the board of directors for the Boston Chapter of InfraGard. She holds several information security (CISSP/ISSAP & C|CISO), data privacy (CIPM, CIPP/E, CIPT), and cyber security law (GLEG) professional certificates.

Diana is originally from the island of Barbados in the West Indies. In her free time, she enjoys reading, star gazing, traveling, and, most of all, gardening.

Bill Bowman has been the first CISO at five different organizations over the last 20 years. He has been in Educational Technology, Financial Technology, and B2B Growth companies. He was the founding President for the (ISC)2 Eastern Massachusetts organization 10 years ago. Bill lives in Framingham with his wife and five children.

As CISO, Mr. Bowman is responsible for managing the global responsibilities associated with Information Security, Physical Security, Privacy, Disaster Recovery, Business Continuity, Incident Response, and Insurance. Mr. Bowman has successfully implemented PCI-DSS, SOC 1, SOC 2, ISO 27001, ISO 27701, ISO 27017, and ISO 27018. Specialties: Executive Core Qualifications: Leading Change, Leading People, Results Driven (Metrics), Risk based decision making, Business/Industry Acumen, Building Coalitions. Management development, Talent development Technical Qualifications: Information Security, IT & business risk, IT governance & compliance (SOX 404), Regulatory compliance (GDPR), DR/BC, Mobility, Networking, Cloud security, Cloud privacy, Application vulnerability management, and other technical and non-technical related items.

Katherine Chipdey has spent her career in Cybersecurity, consulting on how to simplify our understanding of the threat landscape and building programs for thousands of customers around EDR, SOAR, and MDR. At Automox, she helped build out the Solutions Engineer Team, where she focused on automating IT operations, reducing risk, and bridging that gap between security and IT for prospects and customers alike. Katherine now manages the technical channel relationships, enabling other IT and Security experts on how to use Automox in order to help their customers meet business needs and critical security goals like never before. Katherine has most enjoyed the opportunity to use her background and experiences in the the field to meet security/ IT teams, and enable them to be as successful as possible with their initiatives - where a relationship can be made, she will try, as those meaningful interactions and the growth, learning, and connection they bring are invaluable to her. Outside of work, she could spend forever talking about her travels, archery, and pups.

As the Global VP of Solutions Engineering at Hunters, Ian brings two decades of technology experience, specializing in application and database security, SOC operations, and SOAR. With a background in leading industry players, Ian’s contributions include several patents in the SOAR space, showcasing a sustained commitment to advancing cybersecurity solutions.

Clinton Herget is Field CTO at Snyk, the leader in Developer Security, where he focuses on crafting and evangelizing our strategic vision for the evolution of DevSecOps. A seasoned technologist, Clinton spent his 20-year career prior to Snyk as a web software developer, DevOps consultant, cloud solutions architect, and engineering director. Clinton is passionate about empowering software engineers to do their best work in the chaotic cloud-native world, and is a frequent conference speaker, developer advocate, and technical thought leader.

Helping CISOs achieve complete visibility of the sensitive content across the enterprise network, and recognize and mitigate risk associated with that content.

Aruna leads the Enterprise DLP and Insider Threat Management solutions at Proofpoint and joined the company in 2019 through the acquisition of ObserveIT. She has 20+ years’ experience in leading cybersecurity product and strategy at several organizations including Leidos, RSA, and Axeda (PTC). She is currently working within her organization and with customers on using AI/ML for Proofpoint’s suite of Information Protection solutions.

James brings more than 20 years of experience in Information Technology including seven years in cybersecurity within the manufacturing vertical. He has a passion for team development and attributes his program’s success to relationship and team building skills developed earlier in his career. He started his career in higher education and has since shifted to private sector organizations and holds several industry certifications including CISSP, CISA, PMP and PCIP.

A motivated builder and problem solver who loves working with others to create the solutions that drive innovation, optimization, and change.

David has been with Team Cymru since 2007. Prior, he served in the U.S. Marine Corps as a Non-Commissioned Officer. He then worked at Indiana University where he helped to build some of the most powerful computational systems of their day. He transitioned to cybersecurity and helped launch the Research and Education Networking ISAC. At Team Cymru, he has been an engineering leader, a Community Services team member, and a security analyst. David led efforts to secure the firm's intelligence infrastructure and established processes the firm relies on today. Currently, David assists CSIRT teams worldwide and fosters data sharing partnerships.

Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

Krista Arndt is the Chief Information Security Officer (CISO) at United Musculoskeletal Partners. As the CISO, Krista is responsible for the safety and security of all UMP and its practices' patients and employees. Krista accomplishes this by ensuring continued maturation and providing strategic direction for UMP's information security program in alignment with the business objectives. Additionally, Krista provides oversight of the security program's day to day operational effectiveness.

Prior to joining UMP, Krista served as the Director of Security Governance, Risk and Compliance for Voyager Digital, a leading cryptocurrency trading platform, where she was responsible for the development, maturation, and maintenance of Voyager's security program. Krista has served in various leadership and operational roles within the information security profession for 14 years within the financial and defense sectors, bringing a deep understanding of how strong security and privacy practices can help enable best in class care and peace of mind for UMP and its practices' patients.

Krista has a Bachelors Degree in Biology from Felician College and currently holds her Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications.

Krista is an active member of ISACA, Infragard's Philadelphia Chapter, as a member of both Neumann University's Business Advisory Council and Women in Cybersecurity-Delaware Valley Affiliate's Membership and Education Committees. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

A global CIO & CISO, Sue brings broad technology and operational experience to help companies secure and grow through innovation, and optimization in cloud, on-prem environments and acquisition. She’s held strategic positions at Microsoft, ActiveCampaign, Precisely, Episerver, Aramark, and CVS Pharmacy. Sue is the author of "So, You Want to be a CISO?" and is a sought-after speaker, investor, executive advisor and a multiple industry award winner in cybersecurity.

Julie Rizzo is a partner in the firm's Capital Markets practice group. Julie has substantial experience representing companies in a variety of capital markets and corporate governance matters. She focuses her practice on advising clients on SEC reporting and disclosure issues, stock exchange compliance, and environmental, social and governance (ESG) matters. She also regularly assists clients on a variety of capital market transactions.

Julie’s prior professional experience brings a unique perspective to clients. By spending over six years in an in-house role at a large, New York Stock Exchange listed technology company, Julie has an understanding of the inner workings of corporate legal departments and the need for in-house legal teams to be able to provide business-focused legal advice. Additionally, Julie has gained a deep understanding of the regulatory process after spending five years in the Division of Corporation Finance at the U.S. Securities and Exchange Commission, which allows her to advise clients on disclosure and compliance matters through a sharper, regulatory focused lens.

Mike has over 17 years of experience in the Information Security field, working in multiple industries around the Boston area. He has helped build and improve information security programs, deploy and manage awareness training to over 1,000 staff members, as well audit networks against the CIS Controls. He holds the CISSP certification, has a Masters in Information Assurance from Norwich University and has been a long time member of the Secureworld Boston Advisory Council.

Jim Coyle is the U.S. public sector CTO at Lookout Security, utilizing his 20+ years of knowledge and expertise to help close the security gap many government agencies and organizations face today. A cybersecurity industry thought leader exploring geo-political cyber related issues, the latest threats and defense strategies, as well as industry trends providing insights through his career. Jim is currently responsible for leading the charge to redesign and revolutionize cybersecurity programs of customers to battle today's threats.

Todd has been providing IT services nationally for over 25 years and draws inspiration and insight from participation in a wide range of executive boards and industry associations. He has an extensive background in strategic planning and implementation of business technology solutions, and founded his firm Envision Technology Advisors. As a presenter, Todd speaks throughout the country on a variety of technology and business topics including: Modern Workplace, Digital Transformation, Cybersecurity, and Evolving Digital Culture to fit the Modern Workforce.

In his free time, Todd works with several non-profits and is also an avid sailor, wood worker, and scuba diver.

Tommy Perniciaro is a highly experienced cybersecurity professional with over 20 years of experience in protecting critical network assets and data against cyber threats. Tommy has extensive experience with security technologies, including DDoS mitigation, intrusion detection and prevention systems, firewalls, SIEMs, and vulnerability scanners. In addition to cybersecurity expertise, Tommy has a strong background in network infrastructure design, implementation, and management. Tommy has a deep understanding of complex network topologies, protocols, and technologies, including switches, routers, firewalls, load balancers, and VPNs.

Brian Schwarzkopf is the Senior Director of Engineering for New England Enterprise at Fortinet. As an active leader in Fortinet’s wider engineering team, Brian and his team help organizations achieve their cybersecurity objectives with solutions for tooling, staffing and processes that enable greater security effectiveness. Whether in areas of automation and orchestration, evolving SOC teams in active threat hunting, and heightening overall visibility, Brian and the Fortinet team are oftentimes helping customers achieve a deeper convergence of networking and security, as organizations look to take advantage of next generation platform solutions from a leading and mature cybersecurity vendor.

Internationally recognized security thought leader. Expert on Threat Modeling, IoT Security, Threat Analysis and Risk Assessment (TARA), Cryptography, Application Security, and Agile Development Security.

Chad is a voting member of SAE Vehicle Cybersecurity Committee TEVEES18A that shapes the future of automotive security and leading a TARA standardization sub-committee.

With over 25 years of experience in the cybersecurity industry, he has dedicated a decade to HubSpot, concentrating on safeguarding the corporate environment through the deployment of various cutting-edge security tools. Nick holds multiple vendor certifications, including Netskopes NSCO&A and NSCI&I. As a client of various security vendors, Nick swiftly becomes a subject matter expert in their tools. He takes the lead in organizing communities and webinars, and also holds positions on advisory boards.

Michael Ferguson is the Global Director for Security Transformation at Netskope. He is a highly customer-focused security professional, having worked in the cyber security industry for over 15 years across the Asia Pacific Region. Michael has been CISSP certified for over 7 years, speaking at various industry events (e.g. Gartner, AusCert, and AISA) on Data Loss Prevention, Zero Trust and Cloud Security Initiatives. Michael has extensive web, data and cloud security experience, specializing in running DLP, Zero Trust and Insider Threat programs.

With nearly 10 years at HubSpot, Jared leads automation initiatives within the Corporate Security team, elevating security measures to new levels. With extensive experience in the cybersecurity field, he is dedicated to building automated solutions to safeguard HubSpot's environment, driven by a passion for detection and incident response.

Delgerbayar Lochin is a Fulbright Scholar and 2nd-year master’s student in the Information Security Policy and Management program at Carnegie Mellon University. Preceding his degree pursuit at CMU, he accumulated 8 years of experience in both private and public sectors. During this time, he held key roles such as Team Leader at the Cybersecurity Center of the Mongolian Armed Forces and Information and Communications Technology Officer at the National Security Council of Mongolia. Notably, while serving in the Armed Forces, Delgerbayar was deployed to Afghanistan under the NATO-led Resolute Support mission as a National Liaison Officer for the Mongolian Contingent.

In addition to his rich blend of education and experience, Delgerbayar is a Certified Information Systems Security Professional (CISSP).

Mendsaikhan Amarjargal, a Fulbright Scholar and a GXPN certificate holder (1103), is pursuing his graduate studies in Information Security Policy and Management at Carnegie Mellon University. Before embarking on his academic journey, Amarjargal amassed nine years of industry experience, during which he worked from an Information Security Analyst to the Chief Information Security Officer in one of Mongolia’s largest private sector companies. His commitment to the field extended beyond his professional obligations, as he served a seven-year tenure as a volunteer and later a board member for the Mongolian Computer Emergency Response Team and Coordination Center, an NGO NPO, where he also worked as a co-host for organizing cybersecurity conferences and ethical hacking competitions.

Dominic Keller has global experience across the cybersecurity, law and risk management fields. Dominic has worked as an attorney in Australia and California, a cyber risk consultant, and a cyber insurance broker with domestic and international companies across many industries. He holds the CISSP certification and has studied Corporate Strategy at the Chicago Booth School of Business.

Dominic has worked extensively with organizations in developing cyber risk management strategies incorporating cybersecurity, legal, insurance, and business goals. He has advised Boards, C-suites, and organizational leaders in implementing effective cyber risk governance approaches, and is a regular speaker at conferences and industry events.

Lior has vast experience in cybersecurity having worked as a practitioner, investor, and entrepreneur, providing him with a deep understanding of identifying key innovations and the business dynamics of building successful companies. Prior to Grip, Lior was CTO for YL Ventures and a member of the YL Ventures Insiders Network, and served as a training commander for the Israeli Intelligence Corps, Unit 8200.

Larry Wilson is an Information Security Manager at Point32Healt in Canton, MA. He was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.