SecureWorld Philadelphia 2025

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

Aaron Weaver manages the security program for a credit card processor. He also trains companies on secure code, threat modeling and cloud security. When he's not busy "securifying" he enjoys making sawdust in his workshop.

Tammy Klotz is a vibrant and accomplished executive with over three decades of diverse experience in the manufacturing industry, specializing in cybersecurity and transformational leadership. She offers keen expertise in navigating mergers, acquisitions, and divestitures within both publicly-traded and privately-held companies and is seasoned in security, risk, and compliance leadership. Tammy brings a dynamic and positive approach to problem solving, excelling in simplifying intricate IT and cybersecurity concepts and facilitating pragmatic, non-technical dialogues that resonate with business executives. She is recognized as a strong, knowledgeable, thoughtful security executive who excels in public speaking and thought leadership, striving to empower others through knowledge sharing.

Anahi Santiago is the Chief Information Security Officer at ChristianaCare Health System, the largest healthcare provider in the state of Delaware. Prior to CCHS, she spent over 10 years as the Information Security and Privacy Officer at Einstein Healthcare Network. In her role as CISO, Anahi has overall responsibility for the organization's cybersecurity and assurance program. She leads a team of information security professionals in supporting CCHS's strategic initiatives by collaborating with clinical and business leaders, managing cybersecurity risks, implementing policies and controls, generating overall awareness, and fostering a culture of security and safety.

Vana Khurana is CISSP, AWS Certified Architect (A), CCSP, CCSK, GSEC, and TOGAF certified. Vana serves as Director of Training and a Board Member of Cloud Security Alliance Delaware Valley Chapter. She is also an Adjunct Faculty at Temple University, Philadelphia. Vana has authored the book "IT Process Management," available on Amazon.

Joe Arahill is the Senior Manager of Information Security at Affiliated Distributors (AD). He oversees the people, processes, and technology that secures AD's infrastructure and business systems. Joe started his career in information security for a commercial loan software company, and for most of his career, he has worked in the financial sector, helping to secure systems and meet financial compliance requirements. Joe received his Bachelor of Science in Management of Information Systems and later a Master of Science in Information Assurance from Norwich University. In addition, Joe holds the CISSP and CISA certifications.

Eric Robuck is a cybersecurity powerhouse with over 20 years of experience in the field. As the founder and owner of The Valander Group, he leads a team of elite business experts dedicated to delivering top-notch cybersecurity solutions to business owners.

Eric's military background as a Warrant Officer specializing in information technology and security has honed his expertise in tackling the most complex cybersecurity challenges. With a deep understanding of programming, database design, electronic information transfer, and project management, Eric is uniquely equipped to develop and implement effective cybersecurity strategies for his clients.
Eric's professional certifications are equally impressive, including the CISSP, CEH, Security+, and AWS Practitioner. He has also pursued advanced education through master’s work in Cybersecurity and leadership in Cybersecurity, constantly pushing himself to enhance his skills and knowledge.

Beyond his role in the business world, Eric is a passionate educator and serves as a professor at Alvernia University. He teaches Cybersecurity, Programming, and AI, shaping the next generation of professionals with his real-world expertise and forward-thinking approach.

When he's not working or teaching, Eric enjoys spending quality time with his family or staying active on the golf course. With his diverse skill set, proven track record, and unwavering dedication, Eric is a trusted leader in cybersecurity, helping businesses safeguard their information from ever-evolving cyber threats.

Monica leads a global team of 150 cybersecurity analysts, providing 24x7x365 monitoring and response services. She oversees the delivery of Enterprise and XDR SOC services using SRA’s SCALR™ XDR platform, enhancing security capabilities while minimizing costs.

Monica specializes in talent leadership, performance and project management, enhancing efficiency and capacity planning with a focus on 24/7 service administration. She has experience managing projects in purple teaming, DFIR, and incident response, with a strength in process development and improvement. Monica brings nearly 15 years of experience in public education before switching careers to cybersecurity.

In her role as CSOC Senior Manager at SRA, she acts as a liaison across various organizational levels and within collaborative team environments, empowering and facilitating cross-functional teamwork with a team-first approach. Monica uses her well-honed management skills to ensure an organized workflow for herself and others while also looking for ways to continuously develop members of her team.

Monica holds a degree in Psychology and Education, along with Project Management certifications. Monica is active in the cybersecurity community in her region and has served as the board Secretary of WiCyS Delaware Valley for the past two years.

Molly Dodge has worked as a cybersecurity analyst in positions focused on risk assessment and awareness, internal training, and outreach. She currently works at the Federal Reserve Bank of Philadelphia, and was previously employed at Penn Medicine, the hospital network owned by the University of Pennsylvania. She is a Penn State graduate and holds a Certified Information Systems Security Professional (CISSP) certification. She lives with her husband and children near Doylestown, Pennsylvania.

David Lingenfelter is the Chief Information Security Officer at Penn Entertainment, responsible for ensuring the highest possible level of security for the rapidly changing risk landscape. David manages teams that oversee IT security and compliance for both the retail and digital aspects of the business. David believes that in order to implement a successful security program it’s important for everyone to understand the threats and risks that could adversely impact the business.

Prior to joining Penn Entertainment, David oversaw security for the MaaS360 mobile device management platform at IBM. During his tenure at IBM, David helped onboard and integrate the team supporting MaaS360 as part of the acquisition of Fiberlink Communications into IBM. Prior to the acquisition by IBM, David was the Information Security Officer at Fiberlink Communications working as part of the team that designed and built an early Software as a Service cloud model for its MaaS360 platform. David also led the charge for getting MaaS360 to be the first mobile device management platform certified for use by the federal government under the FedRAMP program.

As a member of the Cloud Security Alliance David was co-chair of the Mobile Working Group culminating in the publication of the “Security Guidance for Critical Areas of Mobile Computing”. David also gave input to early versions of the Cloud Control Matrix and other publications and is a former president of the Delaware Valley chapter of the Cloud Security Alliance. David’s career in IT security has always included a strong emphasis on awareness and understanding of the threats and risks associated with poor security. This passion for helping bring awareness to others and has lead David around the world giving presentations on multiple aspects of IT security and the overall impact on business and personal lives.

Justin is a cybersecurity architect and strategist at Fiserv, the world's largest fintech company. He has worked as a a technology and security professional for more than twenty years. His industry expertise is in financial services and software-as-a-service.

Yasser is a Principal Solutions Architect (Cloud Security SME) for Bitdefender and Security Practitioner with over 20 years of experience in Information Security. Along his career he has worked for Healthcare Providers, ISPs, MSPs and SOCs, among many other verticals and throughout multiple Information Security Domains. On his previous role as a Product Manager for Cloud Security, he enabled Sales, Technical Teams and Technical Partners and contributed to numerous architectural projects in both private and public sector. Regarding credentials and certifications, he possesses top Security Vendors Certifications such AWS and Azure as well as worldwide recognized credentials such as CISM (ISACA) and CISSP (ISC2).

Matthew's early passion for computers and game theory began with setting up computers at trade shows and managing an ISP while still in university. Raised across various countries, including Japan and Italy, as the child of government intelligence officers, he combined global knowledge with his tech interests. With over 30 years of experience, he has driven the success of multiple startups by integrating innovative technology. A skilled linguist, former National Guardsman, and the youngest candidate for Governor of Louisiana, Matthew excels in diplomacy, startup maturation, and optimizing business strategies.

Lindsay Kaye is the Vice President of Threat Intelligence at HUMAN Security. Her technical specialty spans the fields of malware analysis and reverse engineering, with a keen interest in dissecting custom cryptographic systems. Prior to her work at HUMAN, Lindsay served as Senior Director of Advanced Reversing, Malware, Operations and Reconnaissance as part of the Insikt Group at Recorded Future. She has proposed, won funding for and led research projects, particularly during her time at The MITRE Corporation. Outside of work, Lindsay writes articles on complex cybersecurity issues including data and trends analysis, technical pieces on reverse engineering and TTPs, and discussions on the business of the cybercriminal underground. Lindsay is an internationally-recognized cybersecurity speaker and author. She holds a BS in Engineering with a Concentration in Computing from Olin College of Engineering and an MBA from Babson College.

Bryan is a 20+ year InfoSec career professional currently serving as CISO for an auto finance company and teaching the next generation of InfoSec pros.

Michael joined Island in October 2024 as Field CTO, bringing over 30 years of data networking, operations, and cybersecurity domain expertise.

He formerly served as Head of Technical Marketing and Chief Cybersecurity Evangelist at SentinelOne where he was responsible for messaging and strategic development of their XDR product roadmap as well as the identity security portfolio. Prior to SentinelOne he held the title of Chief Technical Strategist for McAfee.
Michael was the co-founder and CTO of NitroSecurity – later acquired by McAfee - where he was responsible for developing and implementing their overall SIEM technology vision and roadmap and has held senior technical management positions at Cabletron and Avaya.

Michael studied Computer and Electrical Engineering at the Georgia Institute of Technology and received an honorary MBA from Bentley University where he helped create the Information Age MBA curriculum. He is also an adjunct professor teaching cybersecurity courses at Rochester Institute of Technology in New York and Norwich University in Vermont.

Andy Stone is an accomplished IT executive with a passion for technology and creating innovative solutions that solve business problems and deliver results. As CTO, Americas, at Pure Storage, Andy is focused on delivering next-gen data storage and protection technologies that help companies get better insights, improve time-to-market, and make breakthroughs.

Becky Fricker is the Director of Information Security at DAT Freight & Analytics, where she plays a pivotal role in protecting the company’s digital infrastructure. She oversees Security Operations and Product Security, including areas such as Endpoint Protection and Response, Continuous Threat Exposure Management, Incident Response, and Network Security. Becky holds a Certified Information Systems Security Professional (CISSP) certification, a globally recognized credential that demonstrates her ability to design, implement, and manage a robust cybersecurity program.

Her extensive background in cybersecurity began with 13 years of service in the NJ Air National Guard, where she held critical roles such as Installation Spectrum Manager and Installation Security Systems Manager. After transitioning to the civilian sector, Becky continued to build her expertise as a Network Security Engineer at Cooper University Health Care. She later took on senior roles in the financial sector and at one of Southern California’s largest utility companies, focusing on information security within critical infrastructure.

Her academic credentials include an Associate of Science in Electronic Systems Technology, a Bachelor of Arts in Communication and Media Studies, and a Master of Science in Information Technology, specializing in Cybersecurity. Known for her adaptability, mentorship, and strong communication skills, Becky is an invaluable member of the DAT team, continuously driving improvements in the company’s information security programs.

Dynamic leader and board member demonstrating over 20 years of diverse risk, compliance, information security, technology, and operations experience within the manufacturing, insurance, banking, financial services, and retail sector. Adept in developing and implementing strategic technology and risk solutions, performing research and analysis to keep employer advised regarding emerging technologies and management of risk. Security and DEI evangelist.

Sanjit Ganguli is VP, CTO-in-Residence at Zscaler, specializing in zero trust strategy, network transformation and digital experience monitoring engagements. For more than 20 years, he has worked in a variety of roles, including as a Gartner analyst and Deputy CTO at Riverbed. Sanjit was among the original analysts that coined and defined the Digital Experience Monitoring (DEM) and Artificial Intelligence for IT Operations (AIOps) markets. Sanjit also worked on the original SASE research. While at Zscaler, Sanjit has written three books on the topics of zero trust and SASE/SSE.

Sanjit’s current focus is on helping customers along their zero trust transformation journeys, which includes advising on best practices, aligning to industry and analyst frameworks, and adopting zero trust while maintaining user experience.

As a Senior Security Architect at Thales CPL, Ron has more than 30 years of experience in networking, cybersecurity, and encryption key management. His extensive background allows him to design and implement innovative security solutions that protect critical systems and sensitive data. Ron focuses on risk assessment, threat modeling, and compliance strategies, ensuring that clients' infrastructures are resilient against emerging threats. Throughout his career, he has enhanced security practices in cloud security and network architecture, with a particular emphasis on encryption protocols and key management strategies.

Keith McMenamin is the Vice President of Information Technology at VISIT PHILADELPHIA®, the region’s official tourism marketing agency. In his 17 years with VISIT PHILADELPHIA®, Mr. McMenamin is credited with building and securing the technical infrastructure for an award-winning organization that was responsible for creating $11 billion dollars in economic impact for the city of Philadelphia in 2022. Over the years, he quickly became a trusted advisor to C-Suite executives along with evolving into the “go-to tech guy” for friends and colleagues in the local tourism marketing and media industries. Keith is a regular speaker and panelist at national industry conferences, volunteer at local schools and founder of the Philly Tech Council.

Outside of the office Keith enjoys playing sports, spending time with his family and taking long vacations to Southern California.

Eric Robuck is a cybersecurity powerhouse with over 20 years of experience in the field. As the founder and owner of The Valander Group, he leads a team of elite business experts dedicated to delivering top-notch cybersecurity solutions to business owners.

Eric's military background as a Warrant Officer specializing in information technology and security has honed his expertise in tackling the most complex cybersecurity challenges. With a deep understanding of programming, database design, electronic information transfer, and project management, Eric is uniquely equipped to develop and implement effective cybersecurity strategies for his clients.
Eric's professional certifications are equally impressive, including the CISSP, CEH, Security+, and AWS Practitioner. He has also pursued advanced education through master’s work in Cybersecurity and leadership in Cybersecurity, constantly pushing himself to enhance his skills and knowledge.

Beyond his role in the business world, Eric is a passionate educator and serves as a professor at Alvernia University. He teaches Cybersecurity, Programming, and AI, shaping the next generation of professionals with his real-world expertise and forward-thinking approach.

When he's not working or teaching, Eric enjoys spending quality time with his family or staying active on the golf course. With his diverse skill set, proven track record, and unwavering dedication, Eric is a trusted leader in cybersecurity, helping businesses safeguard their information from ever-evolving cyber threats.

Monique St. John is the Chief Information Security Officer (CISO) and Associate Chief Information Officer (ACIO) at the Children’s Hospital of Philadelphia (CHOP). In this role, Monique supports the organization’s mission and strategic plan with responsibility for the enterprise Information Security program. With over 25 years of experience in technology, security, and service delivery, Monique relies on a collaborative leadership approach to ensure solutions protect CHOP, provide value, and enable the business. She is a trusted advisor, partners with colleagues to manage risk, and strives to balance security with technology innovation.

Eric Skinkle is the Business Continuity Manager at Children’s Hospital of Philadelphia (CHOP), a world class pediatric healthsystem. Eric’s responsibilities include leading the relaunch and oversight of the business continuity (BC) program, including business impact analysis, continuity plans and development of BC Champions. With a career spanning both private and public sectors, Eric has managed major projects including city and school operations continuity, mass vaccination clinics, and election-related work. He holds certifications from BCI, DRII, and FEMA as a Level 1 Professional Continuity Practitioner.

Senior professional with broad experience designing, building, and securing high-availability mission critical infrastructures for the infosec, financial services, energy, healthcare, travel, media, and retail sectors.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

When Kelly Meerbott began her coaching career more than 16 years ago, she recognized that resilience, adaptability, and strategic agility were among her greatest assets. She understood that leadership coaching wasn’t just about refining executive presence but also helping leaders in high-stakes environments harness their strength, clarity, and resilience to navigate complex and ever-evolving threats. This philosophy was coined by one of her clients, Meerbott Magic—a science-backed coaching methodology that empowers leaders to think critically, lead decisively, and create mission-driven, high-performance cultures in uncertainty.

Kelly’s ability to develop resilient, agile leaders is deeply personal. Growing up, she had a firsthand view of coaching excellence through her father, a professional golfer on the PGA Tour with 80 Top 10 finishes. Watching him, she saw the transformative power of expert guidance—how the right coaching could sharpen decision-making, elevate performance under pressure, and foster unwavering discipline. These lessons carried into her work with executives, government officials, and national security leaders, reinforcing her belief that elite leadership is built on agility, foresight, and the ability to drive results in unpredictable environments.

Today, Kelly is a trusted coach to CISOs, senior executives, and high-ranking military officers—many of whom have dedicated their careers to protecting national security, mitigating cyber threats, and defending critical infrastructure. She has worked with more than 500 high-ranking officers in the U.S. military, including those in cybersecurity, intelligence, and defense strategy, as well as leaders within the Department of Homeland Security (DHS). Her expertise in psychological safety, cognitive behavioral therapy (CBT), and trauma-informed leadership enables her to create a confidential, psychologically secure space where leaders can navigate the pressures of protecting critical data, anticipating cyber warfare, and mitigating national security risks.

Kelly holds multiple coaching certifications in Human and organizational Transformation, Unconscious Bias, Leadership, Cognitive Therapy, Communications, and Improvisation, uniquely positioning her to guide leaders through high-pressure environments where rapid decision-making and strategic thinking are essential. She is also a certified clinical trauma specialist, trained to work with professionals facing high-stakes operational stress and post-traumatic challenges.

Kelly received her undergraduate degree from the College of the Holy Cross and continues to shape the next generation of mission-driven, cyber-aware, and results-oriented leaders who are securing the future of national and corporate security.

Todd Bearman is the Chief Information Security Officer for TE Connectivity with responsibility for Information Security globally across nearly 150 countries with 75,000 employees.

Todd is responsible for ensuring collaboration and risk management across the corporate functions and business units where he leverages his leadership, technical, and business expertise to manage information and business risks. He manages the global Information Security Program defining strategy and executing on security initiatives.
Todd has over 25 years of information systems experience and has been involved with various aspects of Information Security for over 18 years.

Prior to working at TE Connectivity, Todd was CISO at Towers Watson, as well as Director of Information Security at Commerce Bank (now TD Bank). Previously, Todd has spent much of his career as a consultant, helping global companies implement and improve their security programs.

Mariano Mattei, VP of Cybersecurity and AI at Azzur Solutions, is an industry-leading expert with over 30+ years in cybersecurity, underscored by a deep commitment to AI innovation and software engineering excellence. Holding the title of Certified Chief Information Security Officer (CCISO), Mariano has pioneered AI integration within security frameworks across the Biotechnology, Pharmaceuticals, and Medical Device sectors. His proficiency lies in employing AI for advanced threat detection, risk management, and predictive security measures, always ensuring compliance with standards like GDPR and HIPAA. Mariano’s visionary leadership and strategic approach have been instrumental in fostering cybersecurity resilience through cutting-edge AI solutions. He recently graduated from Temple University’s Masters Program for Cyber Defense and Information Assurance.

Steve Naphy serves as Morgan Lewis's Chief Information Officer. In his role, Steve concentrates on leveraging data analytics and process to drive efficiency and effectiveness in both business operations and the delivery of legal services. He has over 20 years of experience working in information technology (IT), including previously running information security at the firm for six years. Prior to joining Morgan Lewis, Steve held significant InfoSec roles in the retail and distribution industry. He holds an M.S. in information systems from Widener University and a B.S. from Drexel University.

Michael Meyer is a visionary technology and security executive with 20+ years of expertise in technology, enterprise security, and financial regulatory compliance. As CTO & CISO at Spring Oaks Capital, he architects and deploys cutting-edge security frameworks that fortify AI driven digital solutions, mitigate emerging cyber threats, and drives business growth in a highly regulated industry. He holds a BA in Computer Science from Rutgers University and a Master’s in Technology Management from Georgetown University. A recognized thought leader and industry influencer, he has authored over 20 articles, spoken over 20 times and holds 11 security, risk and blockchain certifications, plus has served on 10 industry and corporate steering committees, helping to shape the future of technology, security, and compliance.

Mohammad Eshan is an Associate at BlackRock with a focus in Red Team and Cloud Security. After achieving his Bachelors and Masters in Cybersecurity from the Rochester Institute of Technology (RIT), he joined BlackRock’s Cyber Operations team, where he performs adversary emulation and deploys advanced tactics to assess and harden enterprise defenses.

Eshan has gained experience in information security through his time at MITRE and other endeavors. In his previous roles, he worked extensively on IoT Security, firmware analysis, and adversary tradecraft development, leveraging advanced reverse engineering techniques and offensive strategies to identify and weaponize critical weaknesses in emerging technologies.

My name is Dimitri Limanovski and I am a member of Security Operations at BlackRock and currently lead our Cyber Offence program. My responsibilities include malware analysis, adversary emulation, incident response and googling things I don't know. At this conference, we will discuss techniques for compromising Microsoft authentication tokens and the ways organizations can protect themselves against the token theft and abuse.

Brandi Burton has more than 25 years experience in information and cyber security, with a specialty in technology risk management. Brandi has successfully helped companies in various industries design and lead information security and risk management programs that enable the organization's business strategies while meeting stakeholder expectations and regulatory obligations. Brandi pairs her expertise in information security with a keen business acumen in order to bridge the gap between geek speak and awesome business outcomes.

Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

Currently the Lead Security Architect at Wawa, Chris has had multiple roles developing process and evangelizing security functions to the rest of the organization. Chris' undergraduate degree is from Drexel University, and he holds a Master's in Cybersecurity Strategy from George Washington University.

Reanna Schultz, from Kansas City, MO, holds both a Bachelor’s and Master’s degree in Cybersecurity. With over six years of professional experience, Reanna has contributed to various corporate environments, leveraging her expertise to strengthen cybersecurity practices.

Throughout her career, Reanna has worn many hats, including roles in Endpoint Security Engineering, Detection Engineering, and leading a Security Operations Center (SOC) team. In addition to her primary responsibilities, Reanna serves as an adjunct professor at the University of Central Missouri (UCM) and is also an entrepreneur.

Reanna is the founder of CyberSpeak Labs, a platform dedicated to fostering community engagement through collaboration. She hosts the podcast Defenders in Lab Coats, where she delves into cyber threats and occasionally invites passionate guests to share their insights.
Driven by her passion for cybersecurity, Reanna frequently travels to speak at events, sharing her industry knowledge and empowering others to improve their organizations' cybersecurity practices.

Weston started his career at Newrez where he focused on Desktop Administration, as well as Identity and Access Management. Weston has been at Tanium going on four years where he is now a Sr. Solutions Engineer, focusing on technical pre-sales engagements.

Stephen Gyarmati is a Principal Solutions Architect - Lead at Cohesity responsible for the Northeast region. In his current role, he interfaces with global and enterprise financial industry professionals to accelerate their adoption of the Cohesity data security and management platform. Stephen has also worked in Systems Engineering roles in the New York City metro area, including at both Cohesity and Commvault. Stephen has 10 years of experience in data protection and storage technologies, and he holds an MS in Information Systems degree from Drexel University.

Mr. Panos supports Google Cloud’s Manufacturing and Industry clients worldwide throughout their cloud transformation journeys and focuses on cybersecurity, regulatory compliance, risk management, and privacy.

Before joining Google, Nick was a Director of Customer Success at a late stage AI/ML startup where he led digital transformations for customers in heavily regulated industries. Prior to that role, Nick served in the US Navy for 20+ years as an aviator, intelligence officer, and accredited diplomat in Berlin, Germany where cybersecurity was a major part of his portfolio.

As a strategic advisor to the US Ambassador to Germany, Nick was directly involved in the implementation of the General Data Protection Regulation (GDPR), establishment of Germany’s quantum computing hub, and development of national cybersecurity policies to counter threats from nation-state actors.

Meet Michael Elkins, Chief Human and Information Security Officer at BAMFIST and a visionary in cybersecurity, enterprise risk, and digital transformation. With 26 years of experience, he has helped Fortune 500 companies and global organizations navigate the complexities of risk, compliance, and IT modernization-always with a sharp focus on practical, human-centric solutions. Elkins has led multimillion-dollar security initiatives, advised executives, boards, and investors, and even co-developed human-factored cybersecurity frameworks for NIST. His expertise spans governance, risk, and compliance (GRC), cybersecurity strategy, and resilient IT architecture, ensuring businesses remain secure and agile in an evolving digital world.

Divyesh Malkan is an experienced professional specializing in information security, risk management, and compliance. In addition to serving as a Director in Protiviti’s Security & Privacy consulting practice, he serves as President of the ISSA Delaware Valley Chapter.

Divyesh has 15+ years of experience, having developed expertise across various industries, including financial services, healthcare, government and defense, retail, manufacturing, and consumer products. His professional journey began with service in the United States Marine Corps, where he held diverse technology and security roles.

Following his military tenure, he transitioned to the private sector and worked as an engineer at various organizations prior to joining Protiviti where he helps clients identify and manage their cybersecurity risks.

Divyesh holds a master's degree in Cybersecurity Management & Policy and has earned several certifications, such as CISSP, CCNA, PCI QSA, and CCNA. Beyond his professional commitments, he enjoys spending time with his wife and three sons, going to the beach, exercising, and cooking.

Joe Arahill is the Senior Manager of Information Security at Affiliated Distributors (AD). He oversees the people, processes, and technology that secures AD's infrastructure and business systems. Joe started his career in information security for a commercial loan software company, and for most of his career, he has worked in the financial sector, helping to secure systems and meet financial compliance requirements. Joe received his Bachelor of Science in Management of Information Systems and later a Master of Science in Information Assurance from Norwich University. In addition, Joe holds the CISSP and CISA certifications.

Peter has over 10 years of experience in cybersecurity, working for financial industry companies such as JP Morgan Chase and The Bancorp. He holds multiple certifications, including CISSP, CEH, and CHFI.

Sara Ricci is an accomplished executive with a proven track record in global leadership roles, building new capabilities and enhancing organizational resilience. She is experienced in Risk Management and Technology Enablement in highly regulated financial and energy sectors. Sara excels at building trust and credibility with executives, clearly communicating risk concepts and strategies in non-technical terms to help drive business results.

As a Risk and Resilience leader, Sara leverages prior experience as Head of Information Risk Governance and Resilience at HBC and senior leadership roles at HCL Technologies, New York Power Authority, JP Morgan Chase, Citi, Bank of America and UBS. She has led global implementations of governance, risk management and compliance programs, aligning risk and reward with business strategy, specializing in Operational Risk, IT Risk, Information Security, Business Continuity, Enterprise Risk, Third Party Risk, Operational Resilience, Enterprise Resource Planning, Software development and Business Process improvements.

Sara actively collaborates across organizations and helped develop industry guidance for the financial and energy sectors, including maturity models in Resilience and Cybersecurity, whitepapers and benchmarking studies in Risk Appetite and Resiliency. MBA (Finance and Management), CRISC, CDPSE, CBCP, HSEEP, SCR.

Jordan L. Fischer, founding partner and owner of Fischer Law, LLC, is a self-proclaimed privacy and technology legal nerd and entrepreneur. With her background in owning and operating businesses, and her experience working across the globe, Jordan brings extensive experience and practical knowledge to the global intersection of law and technology. Jordan understands the many demands on businesses, and works to create a balanced approach to privacy and data security compliance.

Jordan works with businesses to continually evaluate and assess legal and business opportunities and risks to provide public and private sector clients with practical data privacy and cybersecurity counsel and business strategic advice. Jordan’s goal is to understand your business, your approach, your risks, and then work with you to create effective, long-lasting solutions to your data privacy and technology legal challenges.

With more than ten years of experience in data privacy, cybersecurity, and technology law, Jordan advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). Additionally, she provides counsel on biometric data laws, global data breach standards, and federal and state unfair business practices acts and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS).

Jordan regularly represents clients in contractual negotiations pertaining to technology, data management, security, and privacy, and she assists in the development of customized, right-sized compliance programs to address numerous regulatory requirements and industry best practices. She also advises clients on cross-border data management and information governance, developing business-oriented and cost-effective strategies for information security, data privacy, and technology compliance.

Jordan’s experience provides her the opportunity to represent clients in a wide range of industries, gaining valuable insight into sectors including agriculture, adtech, emerging technologies (blockchain, Internet of Things (IoT), and Artificial Intelligence (AI), gaming, healthcare, manufacturing, and pharmaceutical. She advises clients on third-party management, addressing the privacy and security of their supply chain. She also collaborates with clients to develop business solutions that incorporate privacy-by-design and security-by-design principles, fusing regulatory requirements with practical, real-world solutions.

In addition to her private practice, Jordan is a Cybersecurity Lecturer at the University of California, Berkeley. Her academic research investigates the convergence of law and technology, as well as the practical implications of regional data protection regulations in the context of the global economy.

Jordan is a globally recognized speaker on a wide range of technology and privacy law topics. In addition, she hosts the podcast Cybersecurity and Data Privacy: The New Frontier for the American Bar Association, which concentrates on data security, privacy, and related legal topics. On the podcast, Jordan discusses a variety of topics focused on law, technology, privacy, and cybersecurity from the perspective of various industries.

Jordan is a Certified Information Privacy Professional for Europe (CIPP/E) and a Certified Information Privacy Professional for the United States (CIPP/US), as well as a Certified Information Privacy Manager (CIPM), as certified by the International Association of Privacy Professionals. She is a certified trainer for the International Association of Privacy Professionals.

HONORS & RECOGNITIONS
Lawyer on the Fast Track, The Legal Intelligencer (2023)
Pennsylvania Super Lawyers® Rising Star honoree (2019-2022)
Main Line Today – Top Lawyers – Cybersecurity (2021, 2022)
ABA ‘On the Rise – Top 40 Young Lawyers’, 2022 Honoree
SC Media – 2022 Women In IT Security, Honoree in the Advocate Category
Exeleon Magazine – 30 Most Transformational Leaders to Follow in 2022
Host, American Bar Association’s ‘Cybersecurity and Data Privacy: The New Frontier’ Podcast
European Union ERASMUS Grant Recipient, 2020

ASSOCIATIONS & MEMBERSHIPS
American Bar Association, Business Law Fellow, 2020-2022
American Bar Association, Vice Chair of the Big Data Committee, 2022-2023
Pennsylvania Bar Association, Chair of the Cybersecurity and Data Privacy Committee
California Bar Association
New Jersey Bar Association
Forbes Business Council Member, 2022
International Association of Privacy Professionals (IAPP), Member
University of California, Berkeley, Cybersecurity Lecturer
former Thomas R. Kline School of Law, Drexel University, Law Professor
former Chestnut Hill College, Adjunct Professor
West Chester Friends School, Board Member
Appointed Fulbright Specialist in Cybersecurity and Data Privacy

CERTIFICATIONS
Certified Information Privacy Professional (CIPP) for United States law (US) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Professional (CIPP) for European law (E) through the International Association of Privacy Professionals (IAPP)
Certified Information Privacy Manager (CIPM) through the International Association of Privacy Professionals (IAPP)

For more than 25 years, Grant Asplund has been sharing his insights on how businesses can best protect themselves from sophisticated cyber-attacks in an increasingly complex world. As Check Point’s Evangelist, he travels the world enthralling audiences with his passionate and relational storytelling at conferences like RSA and Next100 CIOs and numerous media interviews. Grant’s wide range of cyber security experience informs his talks, having served in diverse roles ranging from sales, marketing, business development, and senior management for Dome 9, Blue Coat Systems, Neustar, and Altor Networks. As CEO of MetaInfo, he led its acquisition by Neustar. Grant is the host of the CISO Secrets podcast (cp.buzzsprout.com) and the Talking Cloud Podcast (www.talkingcloudpodcast.com) on Cloud security.

Ray is the Director of Netskope Threat Labs, a globally distributed team that specializes in cloud and network-focused threat research. His research background includes malware detection and classification, cloud app security, web security, sequential detection, and machine learning. Although his current focus is cybersecurity, his research has previously spanned other domains, including software anti-tamper and electronic warfare. In addition to his extensive research experience, Ray also has a background in education, teaching multiple math and programming courses during his academic career. He holds a Ph.D. in Electrical Engineering from Drexel University.

During his 20+ year career in cybersecurity, David has served as a recognized Philadelphia executive leader at major healthcare, CPG, insurance, and financial organizations in the region, including AtlantiCare, Cigna, Campbell Soup, Iroko Pharmaceuticals, and Beneficial Bank.

In David’s most recent role as Corporate Director of Cybersecurity for AtlantiCare, he provided cyber risk leadership, policy guidance, and oversight of security operations for more than 6,000 employees in a regional health system with more than 110 practice locations across Southern New Jersey.

David is also a Platinum Member of Philadelphia ISACA, a 20-year member of Philadelphia FBI InfraGard, and a founding member of the SecureWorld Philadelphia Advisory Council. In David’s spare time, he enjoys life with his family at the Jersey Shore and exploring the Pine Barrens. He is also a certified UAV operator and amateur astronomer.

Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

David B. Finkelstein studied criminal justice at Temple University and went on to Widener University School of Law. A year after graduating law school in 2007, David decided to pursue his lifelong goal of entering the United States Army as an Officer. On September 11, 2009, David was commissioned a Second Lieutenant in the Signal Corp branch, responsible for maintaining all Army technology, information security, and communications. He spent the next five and half years on active duty responsible for the IT infrastructure and Information Security. David is now in the U.S. Army Reserves and is currently with the 78th Training Division. In his military career, David has been accountable for more than 10,000 soldiers across many states, to include Alaska, Kansas, Colorado, Virginia, Missouri, New York, New Jersey, and Pennsylvania.

David has spent the last 17 years in cybersecurity and technology. He is passionate about making a difference and effecting change through security best practices that have an impact to any business. In 2014, with encouragement from friends, colleagues, and family, David decided to take on the biggest challenge of his career and go into healthcare. David has been with St. Luke's since 2014 and is enjoying every aspect of his career and professional growth. Over the last 11 years, David has seen St. Luke’s go through many changes in the way they think about Information Security, cyber protection, managing data, handling attacks and cyber threats, and understanding the overall need for Information Security maturity in the organization.

In his free time, David is an avid outdoorsman, avid fly fisherman, hunter, hiker, and family man. He enjoys going on long hikes, traversing waterfalls, and taking amazing vacation adventures with his fiancé’ Jodi and spending time with his seven children in all their activities. He loves to teach his family to hunt and fish and the value of nature and living off the land.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.