SecureWorld Chicago 2023

Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.

Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.

With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).

Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.

Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.

In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.

Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.

Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.

HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020

ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data Privacy

CERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)

Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.

Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University.

Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.

Sarah Buerger serves as the Business Information Security Officer for The Kraft Heinz Company.

Mary Elizabeth Faulkner serves as VP, Chief Information Security Officer (CISO) and VP of IT Operations for Thrivent , its subsidiaries and affiliates. This role reports directly to the Chief Digital, Data & Technology Officer.

As the CISO and head of IT Operations, Mary Elizabeth is responsible for leading teams that execute the Fortune 500 diversified financial service organization’s information security strategy; provide management and oversight; support cyber defense engineering, identity and access management engineering and operations; incident response; information risk management and assurance services; technology service centers; fulfillment; IT incident response; and operations centers.

Mary Elizabeth has over 25 years of experience in information security, litigation advisory services, and audit. She has served in security advisory roles for a number of industries, including technology, insurance, retail, gaming, government, automotive and manufacturing. She has led global IT organizations driving maturity in information security, network and security operations.. Her experience spans across many domains of information security strategy, information risk management, cyber defense operations, cyber defense engineering, identity and access management, IT general controls, incident response, and forensic investigations.

Mary Elizabeth received a master’s in technology management from Georgetown University. She holds CRISC and CDPSE certifications. Mary Elizabeth is a Board of Director member for the FAIR Institute.

I am a high-performing, globally-experienced executive with extensive information security, product security, enterprise risk management and information technology leadership experiences. I believe my unique blend of leadership positions across these disciplines has given me a well-rounded and results-oriented approach.

I have demonstrated proficiency in driving transformational change through leadership vision, collaboration and execution. Recruited to Zebra Technologies as Chief Security Officer (CSO), I am providing strategic leadership for Zebra's information security, product security, business continuity, and corporate security programs across the global enterprise. Previously, as Caterpillar’s first CISO, I rallied support from numerous stakeholders, created a shared vision, and built a new program with measurable improvements. Recruited from Caterpillar to be Ecolab’s first CISO, I successfully realigned security priorities with business objectives, obtained executive support, achieved quick-wins, restructured the team and recruited talent.

My proven ability to interact and communicate well with all levels of large organizations, including executive management and the Board of Directors, is a crucial skill. A large part of any risk management position is effective, courageous and measured communications.

Key skills and attributes include: Leadership Vision | Execution | Communication | Executive presence with Board of Directors of Fortune 50-500 companies | Teamwork | Courage | 20+ years of Information Security, Cyber Security , Product Security, Information Technology, Corporate Security, and Enterprise Risk Management leadership experience | International experience

Lynn Dohm brings more than 25 years of organizational and leadership experience to the WiCyS team as the Executive Director. She has long been committed to cybersecurity education and for the last 14 years held active roles in grant-funded programs and nonprofits that assist in providing educational solutions for the cybersecurity workforce. She is passionate about the need for diverse mindsets, skill sets and perspectives to solve problems that never previously existed and aims to facilitate learning opportunities and discussions on leading with inclusion, equity and allyship. In addition to Lynn being awarded Top 100 Women in Cybersecurity by Cyber Defense Magazine, she accepted the Nonprofit of the Year Award for WiCyS in 2020 and 2021, is on numerous cybersecurity judging panels, advisory boards, and is an inaugural member of (ISC)2’s DEI Task Force. She has been interviewed on TV and radio throughout the nation and is a keynote presenter, panelist and moderator for multiple international conferences, events and organizations.

Dr. Fred Kwong has been in the information security and technology field for the past 20 years in working in education, financial, telecommunication, healthcare, and insurance sectors. He is an award-winning thought leader in security and currently works at DeVry University where he currently serves as the VP and Chief Information Security Officer. He is a member of several advisory boards and is a frequent speaker at national security forums on cyber security and information technology and is often asked to consult on matters of security and leadership

Fred also serves as an adjunct faculty member at Roosevelt and Benedictine Universities. He received his Bachelor of Arts in psychology and professional communications, Master of Business Administration in management information systems from Roosevelt University, and holds his Doctorate in organization development from Benedictine University. Fred has earned several certifications including the CISSP, CISA, CISM, CDPE, PCIP, PMP and ITILv3f.

Bob Reny is a recent addition to the CTO team at Exabeam. His 27 years of experience in information technology starting in systems administration and security in the US Air Force. This started a path for all things security, focusing on computer and networks. Bob has done network security design, firewall architecture, IPS deployment, network access control and end point security architecture. Large program security include zero trust, Operational Architecture safety/security. His expertise has supported customer organizations public and private. This covers scaling for many large federal agencies, global 1000 companies in many business verticals across finance, utilities, service, and technology. Bob has been a CISSP for the past almost 22 years and continues to help organizations evaluate the broad security policy to streamline Security Operations Center activities. This includes improving cross-functional processes for change management, incident response, event escalation, and response.

Monique Ferraro provides legal and technical expertise in support of HSB Global Cyber Products. Ms. Ferraro's cybersecurity and privacy experience spans more than twenty-five years in digital forensics, ediscovery, information security and privacy. Ms. Ferraro holds a master’s degree and a JD. She is a Certified Information Systems Security Professional (CISSP), a Fellow of Information Privacy, Certified Information Privacy Professional/US (CIPP/US), Certified Information Privacy Manager (CIPM) and Chartered Property Casualty Underwriter (CPCU).

Karen Painter Randall, partner and Certified Civil Trial attorney at Connell Foley LLP, chairs the firm’s Cybersecurity, Data Privacy and Incident Response Group. Considered a national thought leader, she has extensive experience advising clients on cyber risk mitigation and resiliency, privacy laws and regulations and incident response. The Connell Foley Team has been designated an authorized NetDiligence Breach Coach.

Karen provides counsel across all industries and organizations of all sizes on proactive measures to help identify, protect, detect, respond and recover from cyberattacks, focusing on ransomware, business email compromise insider and third party attacks. She drives strategic solutions on how to safeguard a business’s sensitive data, using security risk assessments, policies and procedures, security awareness training, incident response plans, tabletop exercises and cyber liability insurance. Karen has handled hundreds of incident response matters each year since 2010 for carriers and uninsured businesses. She leads the response effort, working with the client and leading vendors to contain/eradicate the attack, manage crisis communications, evaluate legal, contractual/regulatory notification requirements, manage internal workforce messaging, and prepare consumer notification, effectively utilizing resources to reduce exposure. Karen’s clients span multiple industries – financial services, healthcare, public entities, education, transportation and retail, including lawyers and other licensed professionals.

In addition, Karen oversees Connell Foley’s 24/7 Breach Response and Crisis Management Team, which provides immediate counsel designed for crisis management, preserving critical assets, mitigating harm to the business’s reputation, and limiting legal liability. Post-breach representation also includes defense of class action litigation, regulatory enforcement actions and investigations.

Karen received three presidential appointments to the American Bar Association’s Cybersecurity Legal Task Force, and was named the Task Force’s Private Sector Liaison. She founded/chairs the New Jersey State Bar Association Cybersecurity Legal Task Force and Institute. Additionally, Karen was selected by the University of South Carolina School of Law to lead its Cybersecurity Legal Task Force and serve as Director of its annual National Cybersecurity Institute. She also chairs the USLAW Network Cybersecurity and Data Privacy Group. Among her many honors, Karen has been named by NJBIZ as a “Leader in Law” for Cybersecurity and as a “Digi-Tech Innovator,” and by ROI-NJ to its “Influencers: Law” list for E-discovery/Cyber.

Violet Sullivan leads cyber consulting services at Crum & Forster. She works with insurance carriers, trade associations, and individual business clients from around the world providing expert guidance on cybersecurity threat management and response. She represents Crum & Forster within the legal, insurance, and risk management channels to develop long-term relationships, recurring revenue, and new business growth. Ms. Sullivan is a licensed attorney in Texas and Pennsylvania and a Certified Information Privacy Professional (CIPP/US), with her JD and MBA degrees from Baylor University. In addition to her full-time role, Violet serves as a professor of Cybersecurity & Privacy Law for Baylor Law School’s LL.M. Degree in Litigation Management, the first of its kind nationwide. Her diverse practice experience at both the individual and policy levels has prepared her for developing new tools and approaches to solving what is fast-becoming a pervasive and costly challenge in modern industry: how to respond to a cybersecurity incident.

Early in her career, Violet worked on the incident responses for some of the largest and most notable data breaches to date, including: Home Depot, Sony, and Anthem. Her experience in managing scaled breach responses led to her expertise and proficiency in proactively preparing organizations for cyber incidents. In the past eight years, she has facilitated over 450 cyber incident simulations (tabletops) for public and private sector companies, including many Fortune 100 companies.

As a cybersecurity and privacy attorney, Violet provides consulting services to respond to the needs of various cybersecurity programs. She reviews and develops customized incident response plans to ensure organizations are prepared to respond efficiently and effectively to a data breach. Violet also helps improve internal coordination by facilitating customized tabletop simulations focused on "pressure-testing" an organization's incident response procedures and protocols. Each of these customer-facing services mentioned has been built and developed for the purpose of creating long-standing relationships that turn to Violet for guidance, referrals, questions, and future projects.

As a cybersecurity and privacy professor, Violet developed the entire curriculum for an innovative course on cybersecurity and privacy law for licensed attorneys working toward their LL.M. degree. The specific focus on litigation management has made Sullivan’s course and her lecture series uniquely valuable to experts across the United States.

Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.

Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.

With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).

Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.

Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.

In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.

Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.

Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.

HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020

ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data Privacy

CERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)

Ve is a technologist at heart who graduated University of Iowa during the dot com boom. He started as a software engineer in airlines at Unisys, then moved to ecommerce in 2005 where he implemented omni channel experiences. Since 2011, he's been a solutions engineer helping grow market share for technologies like ATG, Endeca, Oracle, Sitecore, Salesforce, and now Okta.

Craig Riddell is an ephemeral identity enthusiast and has recently joined the Netwrix team as the North American Field CISO. Prior to joining Netwrix Craig was responsible for all of Identity at HP. He brings a wealth of knowledge and experience around modernizing identity solutions while reducing costs and improving security. Outside of work Craig is an avid reader, semi-retired rugby player and loves spending time with his wife and daughter.

For 30 years, JT Keating has been driven to deliver technology-based solutions that make enterprises more profitable, compliant, and secure. At Zimperium, JT is responsible for leading strategic initiatives/partnerships, tracking/reporting mobile threat data, and guiding product strategies.

Eric Vanderbur is a highly skilled computer security professional with a deep understanding of cybersecurity principles and a passion for protecting digital assets. With over 20 years of experience in the field, Eric has developed expertise in network security, endpoint security, cyber, threat intelligence, and incident response.

Throughout his career, Eric has worked with diverse organizations, including multinational corporations, educational and government agencies, to identify and mitigate security risks. Eric specializes in assisting these organizations with identifying risk exposures, implementing robust security technologies, and formulating proactive strategies to safeguard critical systems and data.

As an advocate for cybersecurity awareness, Eric has delivered numerous training sessions and workshops to educate both technical and non-technical stakeholders on best practices for maintaining a secure computing environment. He believes that a strong security posture requires a holistic approach, encompassing technology, processes, and human factors.

Bruce Coffing is an information security professional with over twenty-five years industry experience in information technology and cybersecurity. He is currently the Chief Information Security Officer for the City of Chicago. Prior to joining the City of Chicago, Mr. Coffing held Senior Vice President information security positions at Bank of America and was a Senior Manager at consulting firm Accenture. Mr. Coffing holds the Certified Information Systems Security Professional (CISSP) certification.

Glenn Kapetansky has a passion for building systems, organizations, and teams, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, architecture, development, quality assurance, deployment, operational support, financials, and project planning. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn's current focus areas—as Senior Principal and Chief Security Officer at Trexin Group—are agile management, data protection, and audit/regulatory compliance.

Glenn speaks and publishes on occasion. He has been named numerous times in various Who's Who, and is a repeat recipient of Bell Labs' Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Glenn's certifications and memberships include IEEE, ISC2 (CISSP), ISACA (CISA), and ITIL (SM).

Stephen Dougherty has over a decade of investigative experience. His career as a Financial Fraud Investigator in support of the federal government has played a pivotal role in criminal investigations, surrounding cyber-enabled financial crime, money laundering, human trafficking, identity theft, healthcare fraud, embezzlement, tax/government program fraud, dark web crimes, among others. Stephen’s main area of expertise is combatting money laundering in all its forms. Aside from this, Stephen has been proactive in identifying new and future trends in the world of financial crime. Such trends include the cyber security nexus of financial crimes and its ever-growing relationship in major financial crimes such as Business Email Compromise and the rise of the dark web and the use of virtual currency as a vehicle for facilitation of financial crimes. Stephen has been a leader and a mentor to other investigators teaching them how to uncover fraud internally and externally. Stephen is currently an investigator contracted to the U.S. Secret Service’s Global Investigative Operations Center (GIOC) in Washington D.C.

Tom Brennan is the CIO of the national law firm Mandelbaum Barrett PC and leads the U.S. arm of CREST International. In this role, he works with government and commercial organizations to optimize the value of CREST as a cybersecurity accreditation body and industry standards advocate, particularly for companies in the Cybersecurity & Infrastructure Security Agency’s 16 critical infrastructure sectors which are vital to U.S. security, national economy, and public health and safety. As CREST USA Chairman, Brennan spearheads strategic plans for CREST USA’s organizational growth while also serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protection worldwide.

As a proud U.S. Marine veteran, Brennan became involved with CREST International in 2016 while serving the Global Board of Directors for the Open Web Application Security Project (OWASP). Seeing similar goals, he became more active in the CREST organization and was nominated to lead the organization’s U.S. Advisory in 2019. Over his career, Brennan has amassed security expertise across the cybersecurity spectrum, including penetration testing, vulnerability assessment, application security, threat intelligence, and more. In addition to being CREST USA Chairman, he is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the information services advisory Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

Ricardo Lafosse is responsible for IT risk governance, software and product security, incident management, technical disaster recovery, and determining enterprise-wide security policies and procedures. Lafosse regularly presents on security topics at global conferences, including Defcon, MirCon, and ISACA CACS. Lafosse has more than 15 years of experience in information security for the government, finance, legal, and healthcare. Lafosse holds a Master’s in Information Assurance from the Iowa State University. He also holds the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) designations.

Greg enjoys inspiring, innovating, and collaborating to drive business value; time with family; backpacking adventures; and craft beer.

Tony serves as a Cybersecurity and Infrastructure Security Agency (CISA) Chief of Cybersecurity for Region 5 (Illinois, Indiana, Michigan, Minnesota, Ohio, and Wisconsin). Based in Chicago, he leads the cyber team, supporting the mission of strengthening the security and resilience of the nation's critical infrastructure. Before becoming the Cyber Chief for Region 5, Tony served as the Region 5 Cybersecurity Advisor (CSA), for six years. Prior to joining CISA, Enriquez served 23 years with the U.S. Secret Service and served eight years with the U.S. Army Signal Corp. Enriquez is a Certified Information Systems Security Professional (CISSP), has a bachelor’s degree from American Military University and a master’s degree from Johns Hopkins University.

Brian Yoshino serves as a Cybersecurity Advisor with the Cybersecurity and Infrastructure Security Agency (CISA) where he supports CISA’s mission of strengthening the security and resilience of the nation’s critical infrastructure. As a CSA, Mr. Yoshino is the liaison between federal services and state, local, tribal, and territorial governments, critical infrastructure, and private industry. He conducts various cyber preparedness, risk mitigation, and incident response coordination activities through public and private partnerships and outreach efforts. Mr. Yoshino has over two decades of experience in cybersecurity spanning the federal civilian and private sector communities. Prior to joining CISA, Mr. Yoshino held positions within the National Security Agency and the Executive Office of the President, White House Information Security Directorate. He holds numerous cybersecurity certifications including the SANS GIAC Security Expert (GSE) certification. He holds a bachelor’s degree from Northern Illinois University and a master’s degree in Information Security from Lewis University.

Madhu Dodda is a seasoned security professional who has been contributing to the growth and evolution of the Lookout security solutions for the past 10 years. Dodda has been building network & data security products at scale for over a decade. As Field CTO, he evangelizes on Zero Trust principles and helps organizations defend against modern cyberthreats and data protection.

Being an active member in the NIST SP 800-207 focus working group, he works with multiple cybersecurity vendors to define Zero Trust reference architecture for federal and commercial markets. Over a career spanning 18 years, he has built multiple security products both on-prem and cloud focusing on protecting the data.

Cedric Leighton is a CNN Military Analyst and a retired United States Air Force Colonel. On CNN, he has provided incisive commentaries on the Israel-Hamas War, the War in Ukraine, the U.S. withdrawal from Afghanistan, and numerous other conflicts around the world. His analysis has been seen by millions of viewers around the world and provided much needed context to some of the most pressing national security issues of our time. As a U.S. Air Force officer, Colonel Leighton served at U.S. Special Operations Command, the Joint Staff, and the National Security Agency, where he helped train the nation's cyber warriors. A Middle East combat veteran, he is the recipient of numerous military awards, including the Defense Superior Service Medal and the Bronze Star. After serving 26 years as a U.S. Air Force Intelligence Officer, Col. Leighton founded a strategic risk consultancy and became the co-founder of CYFORIX, where he advises multinational businesses on developing better cyber strategies designed to reduce risk and unpredictability.