SecureWorld Seattle 2024

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company include coordinating business continuity program activities and leading the company through emerging privacy legislation management.

In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University. William completed his Bachelor of Science in Computer Science from the U.S. Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that, he also served as the regional CISO for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

William served in the U.S. Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

Director of Cybersecurity Programs at Seattle University. I've developed and directed cybersecurity, field services, and large-scale infrastructure with a track record in leading technology. I'm currently the Editor-in-Chief of The Journal of the Colloquium for Information Systems Security Education and Chair of IFIP WG11.8 that runs the World Information Security Education Conference.

Zabrina McIntyre is a Director with KPMG focusing on large scale cybersecurity transformations for clients with a focus on compliance. She holds the CISSP and PMP certifications and is working on her PCI QSA. She is a dedicated supporter of Women in Cybersecurity (WiCyS) and is currently on the leadership board for the Business Information Security Officer (BISO) Affiliate.

Basma is a cybersecurity professional with over 17 years of experience, specializing in solving complex operational challenges. Basma holds an M.Sc. in Cybersecurity Engineering and has been recognized with an award for Basma master's research paper, in addition to receiving the prestigious Microsoft Diamond Technology Award.

Basma is passionate about breaking barriers in cybersecurity, serving on the leadership team of CyVersity, acting as a NIST Cybersecurity Ambassador and serving as a VP, co-founder Women Cyber Guardians, and holding a leadership role alongside Basma. Outside of work, Basma enjoys baking, painting, creating clay and gemstone jewelry, writing lyrics, and traveling.

Ken Malcolmson is a Customer Security Officer in the Microsoft Security Solutions Area. In this role, he helps organizations develop and refine their security strategy, understand the evolving threat landscape, adjust their security posture to protect against threats, and realize value from the security and data protection technologies in Microsoft products and services.

Rodney Moseley, is a cyber security professional, Author, Speaker with expertise in defense protections , security compliance and threat mitigation. He started his Career from Texas Tech University and led his way to completing his Masters in eBusiness from the University of Phoenix. He is a husband and father of 3 currently living in the Great Northwest region. A member of the church of Christ.

Rodney has committed over 20 years in Management, Networking, and now Cyber Security Architecture. He Currently works for Microsoft as an enterprise consultant , IOT SME and smart concepts thinker. As an activist for the empowerment of disadvantaged communities , he encourages all who strive to achieve more and better their position. working on the board with CyVersity Seattle , NPHC Treasurer, and Past President of Zeta Pi Lambda of Alpha Phi Alpha Fraternity Incorporated and an enthusiastic jr pro photographer. As an advocate for the advancement of youth in technology , he aspires to help all those who wish to achieve greater & reach their dreams.

Ankit has been with Microsoft for over 12 years spanning roles from building and leading adoption of the most secure cloud native Microsoft managed Detection and Response platform. Over the years, he worked in several product teams as Cloud Compute and Security leader, ideated, defined and led cyber security initiatives from the ground up. In his current role, he's leading secure future initiatives to reduce attack surface area and build cyber resilience in Azure networks globally.

As the Chief Information Security Officer at REI, I lead a team of cybersecurity professionals who are passionate about protecting the company's data, systems, and customers. I have over 10 years of experience in cybersecurity, spanning various domains such as incident response, forensics, malware analysis, network security, and data protection.

My mission is to bring honesty, transparency, and integrity to the cybersecurity function, and to partner with other technology and business teams to ensure a balanced and pragmatic approach to our common goals. I leverage my expertise in cybersecurity strategy, policy, governance, and risk management to enable REI's growth and innovation. I also foster a culture of security awareness, education, and empowerment across the organization.

Adam Zoller is the Chief Information Security Officer for Providence, a system of passionate providers focused on partnering with people to simplify health care. With 50+ hospitals, 1000+ clinics, and hundreds of locally driven programs administered by over 120,000+ caregivers, Providence is improving the health of communities, especially the poor and vulnerable. In this role, Adam is responsible for driving information security strategy and execution across the organization's information ecosystem

Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Vanessa is an accomplished technology executive with over 30 years of experience. Currently she serves as a Corporate Board Director of the public company Liveperson (NASDAQ: LPSN), Boeing Employee Credit Union, and Prisidio. Formerly she was on the board of Carbon Black (NASDAQ: CBLK) and was part of the transaction to sell Carbon Black to VMware. Vanessa is also very active in angel investing and is a venture partner for Flying Fish Partners.

Vanessa has held senior leadership positions at organizations such as DocuSign, Expedia, U.S. Bank, and AT&T Wireless. Her expertise spans various domains, including technology architecture and engineering, risk management, cybersecurity, and compliance. Vanessa has a proven track record of successfully building and leading high-performance cybersecurity teams, implementing robust security frameworks and controls, and driving cultural change to foster a strong security mindset within organizations.

Vanessa's educational background includes a MBA from Stanford University, MS in Telecommunication from the University of Colorado, Boulder and a BS in Engineering from UC Berkeley. She also holds various cybersecurity certifications including CISSP, CRISC, CISM, and GSEC. Relative to her board work, she holds the National Association of Corporate Directors (NACD) Director Professionalism certification.

Erika Voss offers two decades of extraordinary success in a series of high level roles at top tier companies that include Capital One, Salesforce, Oracle Public Cloud, Microsoft Corporation and Amazon Web Services.

Erika’s invaluable expertise and broad business range have powered a history of developing successful process improvements that drive productivity, reliability, and client satisfaction. Such traits have consistently enabled Erika to achieve an impressive command of the skills needed to manage ongoing business planning processes while developing strategies to meet future challenges.

Upon being named as Vice President of Information Security for DAT Freight & Analytics, Erika will lead vision, strategy, and execution for all facets of security for this Fortune 500 Supply Chain Logistics corporation, while defining and revising policies, procedures, and best practices for security, including application security, access control, authentication, third party risk management, and intrusion detection. Dr.. Voss has dedicated herself and her vision as a leader who engages in projects with an “All-In” attitude.

With a forte for successfully building strong teams and holding a key role leading all facets of finance and strategy, Dr. Voss has successfully positioned companies, as a leading expert in its field with respect foundational security basics, fraud, identity, and cloud security practices contributing to the following successes:

● Effectively manages a team of product and application security engineers, architects, and DevSecOps personnel, continually
identifying opportunities to reinforce the company’s security posture.
● Engages directly with customers, providing information and guidance on the company’s security posture.
● Served as the CISO of the company’s cybersecurity program in line with all industry standards and regulatory requirements, including SOC2, PCI, SOX, and other industry regulations.

Combining her proven business instinct with an unprecedented disciplinary work ethic, Erika has continuously exceeded expectations in high stake environments throughout her career positioning herself as a key member of each company and a driving force for growth. Erika holds a Ph.D. in Cybersecurity from Northcentral University, as well as a Master of Science Degree in Security Administration and a Bachelor of Science Degree in Computer Operations Technology from Southwestern College.

Jake Rasko is a passionate technology leader with an unwavering belief in the transformative power of technology to change the world. With a diverse career spanning both IT and Security, he has honed his expertise in building, running, and maintaining critical infrastructure securely at a global scale.

Over the course of Jake’s professional journey, he has been a part of notable organizations such as Cruise, Salesforce, and most recently, HashiCorp. Now, as the Head of Security Engineering and Architecture at DAT Freight & Analytics, he is dedicated to building a more secure future for the nation’s supply chain.

With a career that began at the help desk and has since soared to leadership positions in global technology companies, Jake exemplifies the power of continuous growth and learning in the technology industry. His journey is a testament to his adaptability, vision, and unwavering commitment to leveraging technology for positive change.

John Brennan is the Managing Partner of Holly Ventures, a seed stage venture capital fund that exclusively invests in and supports cybersecurity entrepreneurs at their earliest stages. John has invested in over twenty security startups, with a focus on supporting founders from day one. Having previously served as a Senior Partner at YL Ventures, John's past portfolio work includes Axonius, Orca Security, Medigate, Hunters, Cycode, Vulcan Cyber, Spera, and many others. John holds an MBA from the University of Chicago and a Bachelor of Science from Trinity College in Connecticut.

Elizabeth Schaedler is a Splunk Security Advisor and works with customers to develop strategies aligning security and business risks, and how to use risk-based-alerting to address fraud. Elizabeth has an expansive 20-year data center and security background and has spent time in the HPC world in senior positions at Cray Research, HP, RSA, Sun Microsystems, and IBM. She lives in Portland, Oregon, and she and her husband are currently spending their free time clearing out Legos and Barbies left behind by two adult children.

Nicholas DiCola is a Security Jedi and the VP of Customers where he leads a global team. Before joining Zero Networks, Nicholas led the Cloud Security Customer Experience Engineering team helping customers unblock deployments and improving products. He also spent 22 years with the United States Marine Corps and retired as a Defensive Cyberspace Weapons Officer after 22 years of total service. He received a Bachelor of Science in Computer Networking and Master of Business Administration from Strayer University. He is a co-author of several books and holds many certifications such as CISSP and CEH. You can follow him on Twitter @MasterSecJedi, GitHub (https://github.com/dicolanl), and LinkedIn (https://www.linkedin.com/in/ndicola/).

Amanda Stowell is a passionate Information Security and Privacy Program Manager at A-dec, Inc., a leading dental manufacturer based in the Pacific Northwest. Over the past few years, Amanda has built A-dec’s cybersecurity program from the ground up, leveraging her expertise to design a robust framework that balances business needs with today’s evolving cyberthreat landscape. Previously, Amanda served as Global Information and Records Manager for ESCO, Inc., and the Weir Group PLC, where she developed a strong foundation in safeguarding data and ensuring compliance across diverse organizations.

Amanda advocates for information governance as a strategic approach to managing the entire lifecycle of organizational data. She ensures information is properly classified, stored, protected, and disposed of in line with regulatory requirements and industry standards. Her collaborative efforts across business units foster cross-functional partnerships that align goals, streamline processes, and support shared objectives. This approach promotes accountability and transparency, enabling teams to make informed decisions based on secure and accessible data. Amanda’s leadership has made information governance a key part of the organization’s risk management and operational strategy.

Amanda holds a Master of Science Degree in Archives and Records Administration from San Jose State University as well as a Bachelor of Science Degree in Social and Behavioral Sciences and a certificate in Human Resources Management from Linfield University. In her free time, Amanda enjoys quality time with her wife and three kids and indulging in her obsessions for console gaming and reading all the things.

Rich Teslow is a seasoned Senior Security Engineer at A-dec, Inc., a leading dental manufacturer in the U.S., based in the Pacific Northwest. With a career spanning over two decades, Rich has dedicated his professional life to the IT sector, specializing in safeguarding infrastructure and digital assets. His expertise covers a wide array of areas, including infrastructure architecture and design, enterprise security engineering, and system administration, where he has honed a deep technical skill set and an acute understanding of technology’s role in optimizing business operations.

In addition to his professional achievements, Rich is a passionate homelabber and active participant in the homelabbing community, continually exploring innovative technologies in servers, virtualization, networking, and storage. He extends his expertise beyond his day-to-day work through his popular YouTube channel, 2GuysTek. Rich’s content focuses on helping small to medium-sized businesses, as well as technology enthusiasts, with practical guidance on setting up and managing infrastructure. Whether it’s exploring the latest tech trends or demonstrating security best practices, Rich is committed to empowering others to navigate the complexities of IT and security.

Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Supportand. Currently, Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data. In addition to this, he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

Ade Gonzalez is a Senior Director of Security GRC and Data Security in Docusign. With over 15 years of experience, her expertise spans across building/managing high-performing teams and delivering board-critical programs around Security Governance, Strategy, Risk, Compliance, Data Protection and Cloud Security across various industries (financial services, technology, insurance and so on).

She also has experience working in different regions across the globe with established presence in South Africa, Ireland, UK and US. She holds a Masters (Cum Laude) in Computer Engineering, majoring in Artificial Intelligence. During her spare time, she enjoys travelling, food, exercising/fitness-related activities and spending quality time with her family, especially with her 3-year-old daughter and miniature-schnauzer.

Michelle Linders Wagner, a seasoned risk management executive, brings 25+ years of experience in enhancing compliance and risk posture for Fortune 500 firms. With cyber, compliance, and audit expertise, she builds high performing teams, swiftly identifying fit for purpose solutions that align with business strategy. While she is currently loving her job as the Head of Internal Audit at Docusign, Michelle has loved her prior positions, as well. At Deloitte, she transformed the global risk function; as an executive at Costco, she ran the second line of defense where she matured the global governance, risk, and compliance function; and at SAP, she drove high-priority risk and governance initiatives. Committed to excellence, Michelle excels in leading teams to solve intricate risk challenges.

Tony is a knowledgeable technical professional with 25+ years of experience developing, integrating, and leading technology projects for enterprise customers. He is effective in sales engineering, Internet security, project management, and computer networking. A skilled life-long student of managing the personal and technical challenges that arise from building something new.

Tim Gallo is the Head of Global Solutions Architects at Google, he specializes in Cyber Threat Intelligence and Risk everything from Intelligence Operations and Cyber Threat Profile development to risk based analytic approaches to Security Operations. He Joined Google Cloud through the acquisition of Mandiant by Google in 2022, he had spent 5 years at Mandiant prior to the acquisition in a variety of field facing roles covering the aforementioned topics. Before joining Mandiant, Tim leveraged his over 20 years’ experience in information security and intelligence operations to aid in the development and deployment of a number of solutions. Including building client and organizational expertise in Intelligence Led Security and Business Operations. This included the development and product management of some of the first cyber intelligence solutions ever brought to market. These solutions have included threat and vulnerability management tools, IOC prediction algorithms, intelligence services, and strategic intelligence consulting. Today he spends his days helping clients understand the importance of Intelligence as a guiding principle for building out effective security processes and operations and helping clients and vendors find ways to leverage technologies responsibly to build their cyber defense centers and security operations practices. Every once in a while he can be found out in the desert, sometimes on his Harley with a flamethrower, sometimes with just a flamethrower

Dan Migliore brings over 25 years of experience in the cybersecurity space, with an extensive security related background contributing to industry leaders such as VeriSign, Varonis, Accellion, and Verint. Currently, he serves as a Regional Manager at Fortinet, where he has dedicated the last six years to advancing enhanced security technologies.

Founded over 20 years ago in Sunnyvale, California, Fortinet is a leader in the evolution of cybersecurity and the convergence of networking and security. With a mission to secure people, devices, and data everywhere, Fortinet boasts the largest integrated portfolio of over 50 enterprise-grade products. Trusted by more than 755,000 customers, Fortinet’s solutions are among the most deployed, patented, and validated in the industry, reflecting Dan’s commitment to delivering proven cybersecurity everywhere it’s needed.

Paul has more than 30 years of experience working in the Information Security space including 8 years with the US Air Force. Paul was a principal at Digital Signature Trust back in the 90’s working on Public Key Cryptography utilizing Hardware Security Modules to create Root certificates for the Browsers for trusted Root Certificates including the first Entrust Root Certificate to be published in a browser. His experiences have led him to be a knowledgeable and experienced Trusted Security advisor for many fortune 500 customers over the years.

Marc Menninger is a seasoned corporate information security and risk management professional with more than twenty years of experience. He has held the Certified Information Security Systems Professional (CISSP) certification since 2000 and the Certified in Risk and Information System Controls (CRISC) certification since 2016. Marc’s career started with his service as a Computer and Communications Officer in the U.S. Air Force from 1992 to 1997. During his tenure, he led a team of 19 UNIX administrators, managing mobile Top Secret fiber optic networks. He was stationed at Langley Air Force Base in Virginia and Barksdale Air Force Base in Shreveport, LA, and served a short tour in the Persian Gulf during Operation Desert Shield.

Transitioning to civilian roles, Marc has navigated through several technical and leadership positions, building his expertise across the United States—from Dallas to San Francisco and, ultimately, Seattle. His roles have included Vice President of Corporate Information Security at Washington Mutual Bank, Security Manager at PEMCO Corporation, Senior Security Manager at Lighthouse eDiscovery, and Director of Cybersecurity at A Place for Mom. Presently, he serves as the Information Security Officer at AstrumU.

Marc's specialty areas encompass Enterprise Risk Assessment, Information Security Program Management, Governance, Risk and Compliance, and more. He lives near Seattle, WA, with his family.

Krista Arndt is the Associate CISO at SLUHN. As the Associate CISO, Krista is responsible for managing the security program's day to day operational effectiveness. Krista has been working in information security in various capacities for more than 15 years. In her previous roles, Krista assisted with developing and leading security programs in national healthcare, crypto, finance, and the Department of Defense. She currently holds her CISM and CRISC certifications and NHRA competition driver's license.

Krista is an active member of ISACA, serves as InfraGard Philadelphia Chapter’s Healthcare Sector Chief, serves on Neumann University's Business Advisory Council, and is Marketing Committee Chair for Women in CyberSecurity (WiCyS) Delaware Valley Affiliate. Through this service, Krista's mission is to give back to her community by providing mentorship and support for aspiring cybersecurity professionals, especially for women who wish to enter the field.

When off the clock, Krista takes her affinity for overcoming challenges to the garage and the race track, where she enjoys building and improving her own race car, competing as a driver in national drag racing events with her family, and using her racing as a forum to advocate for neurodiversity awareness and inclusion.

Chris is the Regional CISO, Americas at Okta, where he is responsible for corporate security compliance, third-party risk, and responding to customer security inquiries. Prior to Okta, Chris spent 6 years leading the adoption of Cloud Technologies at LinkedIn, helping them grow from 350 to over 6,800 employees. He started his career designing, developing, and delivering content management, system administration, and messaging solutions for customers such as Nestle, Cisco, AMD, Telus, and the US Department of Defense. During the winters, Chris has almost 15 years experience as a Ski Patroller, search & rescue, and teaching ski mountaineering & outdoor survival.

Winning in the software industry doesn’t come from faking it or even making it. Instead, it takes being great at it, because being exceptional results in a sustainable competitive advantage. Having been a part of great companies that have been honored with awards from Inc. 5000 Fastest Growing Companies, Deloitte Fast 500, Top 50 Best Places to Work in America, and Inc. Best Workplaces, as well as being named the #7 on Glassdoor’s Best Places to Work in America, John Gardiner knows what it takes to be great. His strategic leadership includes serving in numerous high growth software companies as the President, Chief Operating Officer, Chief Strategy Officer, and CFO, including the most successful investment in TA Associates’ 56-year history, earning a stunning 6013% ROI. A strong proponent of the Trust Product Practice, he knows the value it brings to an organizations’ business practices, culture, competitive differentiation, brand, and growth.

Sabino Marquez' approach to leading cybersecurity as a ‘Trust Product Practice’ has led to substantial returns on security investments, higher value-generation velocity, and enhanced equity valuations. Sabino leads the Trust Product organization as a go-to-market leader, working alongside the productive business to enable and defend value, and transforming stakeholder Trust into a powerful tool for competitive differentiation. Within his key areas of focus, Sabino ensures robust protection mechanisms are in place for stakeholder interests while also leveraging organizational Trust as a distinct advantage in a competitive market landscape. His work has not only brought him recognition as ‘2023 C100 Winner’, but he is also an esteemed thought leader who frequently shares insights in Security Magazine, The Wall Street Journal, and Cyber Security Tribe.

Lalitha Subramanian, Program Management Director at University of Washington Continuum College, has over a couple of decades of experience designing, developing, and delivering large-scale learning and development strategies and certification programs that empower working professionals build the right strengths, skills, and behaviors for organizational success and career progression. She has proven success coaching industry experts, university instructors, and private company leaders to evolve educational offerings, in the adoption of new technologies with accessibility standards, and has designed exemplary learner-driven digital education offerings to meet the needs of a dynamic global marketplace. Her expertise in educational pedagogical practices incorporating DEIBJ best practices for both in-class and virtual/online environments have been recognized at unit, university and at a national level.

Alejandro Ayala is a rising professional in the field of cybersecurity, pursuing a PhD in 2025 through an NSF Fellowship. Alejandro currently serves as a technical lead, ensuring program integration across multiple universities and industry. Alejandro contributes to the University of Washington’s Certificate in Risk Management in multiple roles. He is the co-founder and President of CyberAlumni, a community of practice focused on continuous professional cybersecurity education across the NCAE Schools. Alejandro has published in the Colloquium for Information Systems Security Education (CISSE), Springer Journal, Future Technologies Conference, and the Human Computer Interaction International Conference innovations in cybersecurity education.

Stuart collaborates closely with global clients, guiding them in harnessing observability data to enhance their application security posture throughout the entire SDLC. He is a passionate sneakerhead with a strong background in cybersecurity and networking, particularly WAF and DDoS, as well as Bot Management and Zero Trust.

Trevor Dunlap is a Principal Research Scientist at Chainguard. Trevor obtained a Ph.D. in Computer Science focusing on automatically enhancing vulnerability data to help provide richer information. He has been involved in research ranging from access control, robocalls, and the use of large language models in security domains. Beyond his technical expertise, he is a passionate advocate for securing open source software.

Kirsten Stoner is a Technologist on the Product Strategy team at Veeam Software. With 10 years of software experience, Kirsten has a specialized focus in all things data management including storage, cloud, cybersecurity, and analytics. Through her years working at Veeam, she leads the creation of technical content for product demonstrations, webinars and digital written collateral, engaging audiences globally. Kirsten holds the Veeam Certified Engineer (VMCE) credential with a drive to continuously learn more about customer pain points and the technologies they use to overcome them.

Erez Tadmor holds a two-decade career in the ever-evolving information security field, marked by his diverse background in managing various product portfolios and verticals. His expertise spans cloud and network security, automation & orchestration, IAM, fraud detection and prevention. As Tufin's Field CTO, he bridges the gap between customers, marketing, and product teams, educating stakeholders on network security technologies, cybersecurity best practices and Tufin's solutions. Erez holds a track record of strong leadership in both enterprise and startups cybersecurity product management and strategy development.

Chief Technology Officer at Washington State Department of Labor and Industries. Expert level grasp on IT Security governance and management of security in application, infrastructure and cloud domains. Spearheaded teams to do FedRAMP assessments of major cloud service provider giants in the industry. Certifications include CISSP, CCSP, CISA, PCIP, PMP, and AWS-SAA. Formerly PCI-QSA certified with a PCI assessor.

Troy Batterberry is the founder and CEO of EchoMark, a Software-as-a-Service (SaaS) company pioneering a new standard in information protection. The company was founded on that trust is central to empowering everyone to do their best work. Troy brings years of product and technology experience, including 25 years at Microsoft, where he most recently served as a Corporate Vice President as the product leader of Microsoft Teams Meetings, Calling, and Events. During his tenure, Troy also played an integral role in the growth and success of marquee Microsoft products, such as Windows, Explorer/Edge, Bing, Xbox, and MSN. Before joining Microsoft, Troy held engineering positions at Sony and within the U.S. Department of Defense. Troy is driven by a long-standing passion for creating new experiences and products.

In addition to his professional pursuits, Troy is a parent volunteer at his kids’ schools, spends time volunteering for Boy Scouts, and also enjoys time outdoors boating, hiking, and running. He holds an M.S. in Information Systems from the University of Southern California and a B.S. in Electrical and Electronic Engineering from North Dakota State University.

Chirag H. Patel is a solution-oriented technology and commercial attorney with extensive experience in emerging technologies, artificial intelligence (AI), data privacy, cybersecurity, contracts, e-commerce, and trade secrets. His multi-channel experience encompasses compliance, transactional review, and litigation.

Chirag’s practice spans diverse industries, including software, e-commerce, cryptocurrency, healthcare, financial services (traditional and FinTech), cannabis, commercial construction, and hospitality sectors.

His litigation practice includes multimillion-dollar contract disputes, high-stakes consumer class actions, and novel technology issues. Recent cases include national data breach class actions, privacy and wiretapping claims (CIPA), AI discrimination claims, software service (SaaS) and implementation contract disputes, business email compromise, cryptocurrency injunctions, and right of publicity of cases.

Chirag’s compliance practice focuses on AI, data privacy, and e-commerce. This includes development and advising on AU Acceptable Use Policies (AUPs), AI Audits, data privacy laws, and ecommerce laws. Among other regulatory regimes, Chirag has advised clients on compliance with the HIPPA Privacy Rule, the California Restore Online Shoppers Confidence Act (ROSCA), California Consumer Privacy Act (CCPA), California Automatic Renewal Law (CARL), and Federal Trade Commission (FTC) regulations.

Chirag has experience with commercial contract review and transactions. He conducts master contract reviews in various industry settings covering issues such as intellectual property rights, data ownership, and terms of service. He also has full-cycle M&A experience, including conducting privacy and cybersecurity due diligence.

As the Director of AI Infrastructure at Salesforce, Karim leads a key team responsible for designing and implementing cloud-based infrastructure and platform tools for the Salesforce AI Platform. Karim and his team focus on architecture, scaling, performance optimization, and infrastructure development to enhance system performance and scalability. They also create methodologies, tools, and frameworks that play a significant role in the 'go-to-production' process for an auto-scaled cloud system.

Milosz Goralczyk is a Lead Software Engineer, Scrum Master, Security Champion, and VTO rockstar for the AI Platform team at Salesforce. He owns services in model training areas for Generative AI and Predictive AI, expanding Salesforce Einstein AI impact in cutting-edge AI products. With a deep passion for ML, experimentation, and security, he plays a pivotal role in driving innovation and ensuring robust security standards within his team. Prior to his role at Salesforce, he contributed to Microsoft's Bing and Azure Active Directory, as well as several CRM-focused companies. An entrepreneur at heart, Milosz has founded and successfully managed two companies. He earned his master’s degree with honors from the Military University of Technology, where he published research papers from his work on object-oriented databases.

Charismatic, enthusiastic thought leader, strategy planner and achiever.

As Lead Product Security Engineer at Salesforce, Kaustubh works closely with engineers from the Salesforce AI Platform to ship secure-by-design products. Kaustubh leverages strong relationships with product teams and other stakeholders to reduce overall risk and security debt for the platform. He also helps scale security impact via automation, curating security patterns and paved roads, and championing security initiatives.

Eric is the Director of Strategy & Operations for Salesforce's AI Cloud, where he works on the company’s Trust commitments and leads strategic cross-functional initiatives. He is privileged to work with an exceptional team dedicated to delivering the most trusted AI CRM software on the market.

Before joining Salesforce, Eric built and led teams in the payments and Fintech industries, focusing on product innovation, business operations, and program management. His career includes roles at Visa, Citi Ventures, PayPal, Gap, and more.

A Silicon Valley native, Eric has lived and worked across Europe, earning his MBA from the Grenoble Graduate School of Business in France. He now resides in Silicon Valley with his family.

Danny Manimbo is a Principal with Schellman based in Denver, Colorado. As a member of Schellman’s West Coast / Mountain region management team, Danny is primarily responsible for leading Schellman's AI and ISO practices as well as the development and oversight of Schellman's attestation services. Danny has been with Schellman for 10 years and has over 13 years of experience in providing information security and data privacy audit and compliance services. Danny has achieved the following certifications relevant to the fields of accounting, auditing, and information systems security and privacy: • Certified Public Accountant (CPA) • Certified Information Systems Security Professional (CISSP) • Certified Information Systems Auditor (CISA) • Certified Internal Auditor (CIA) • Certificate of Cloud Security Knowledge (CCSK) • Certified Information Privacy Professional – United States (CIPP/US)

Kent Blackwell is a Director at Schellman, helping lead their penetration testing and offensive security practice. Kent has over fifteen years of experience serving clients in a multitude of industries, including the Department of Defense and top cloud service providers. He got his start in penetration testing evaluating systems as a civilian with the Air Force before later joining Schellman to help build the security practice. A security and privacy enthusiast, Kent is passionate about ensuring people can have confidence in the platforms to which they entrust their data.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Jean is an Executive Consultant, ISSA Distinguished Fellow, and honored as a 2015 SC Magazine “Woman of Influence”. With a global focus on strategy, architecture, and technology in the high tech and financial industries, she alternates between technical and executive leadership roles. Once focused on security and cryptography for the financial industry, her current focus is on the use and abuse of blockchains, augmented reality, and the Internet of Things (IoT).

Frank Simorjay (CISSP, ISSA Distinguished Fellow) is a cloud security and compliance subject matter expert. Frank works for Microsoft Azure global ecosystem organization as the Lead PM of the Azure automation Blueprint program, that includes the PCI automation blueprint. Frank has written an extensive library of papers, and blogs (http://cloudntech.blogspot.com/)

Frank Simorjay is a Principal Architect for the Power Platform team at Microsoft. He has developed an extensive library of security content as a cloud security architect and content developer. A CISSP and an ISSA Distinguished Fellow, Frank is recognized for his significant contributions to cybersecurity. He founded the ISC2 Seattle chapter and ISSA Puget Sound. Frank is passionate about promoting secure computing and smart cloud adoption.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

Lisa Plaggemier is Executive Director at the National Cybersecurity Alliance. She is a recognized thought leader in security awareness and education with a track record of engaging and empowering people to protect themselves, their families, and their organizations. Lisa is a University of Michigan graduate (Go Blue!) and while she wasn’t born in Austin, Texas, she got there as fast as she could.

Mr. Petru is the President of the Washington State InfraGard Chapter and a Fellow of the British Computer Society, The Chartered Institute for IT. He is an innovative, and technically sophisticated professional, offering substantial years of broad-based experience in evaluating large corporate systems. Powered with a comprehensive background in development and implementation, he has authored more than forty-seven different courses based on AIX, Encryption, Linux, Networking, Security, and Virtualization technologies, teaching to an audience of tens of thousands around the world for the past twenty-five years. Mr. Petru has spent more than two years in Ukraine over the past 20 years and has seen much change. Equipped with a proven track record of success in designing and implementing system and policy based on Confidentiality, Integrity, and Availability, to meet business continuity and disaster recovery for long-range strategic plans of Fortune 100 Companies. Mr. Petru is armed with stellar qualifications in all facets of project lifecycle development, from initial analysis and conceptual design to implementation, quality review, and enhancement to optimize operational efficiencies that improve business and IT operations.

Experienced Information Security Professional with a demonstrated history of working in the retail industry. Skilled in Operations Management, Sales, Management, Point of Sale (POS) / Fuel Systems, and Inventory Control. Strive to find ways information security can enable and support business and operations teams with solutions. Actively support public/private partnerships with local and federal agencies with emphases on infrastructure, cyber security and community outreach.

Maggie Amato is a dynamic cybersecurity leader with deep expertise in cloud security, AI security, and risk management across technology, healthcare, and federal sectors. As the Business Information Security Officer (BISO) for AI Cloud + CRM Apps at Salesforce, she plays an integral role in advising two Chief Technology Officers on holistic risk management strategies that align with the evolving demands of cutting-edge technologies. Throughout her career, Maggie has been at the forefront of innovation, leading the development of AI-specific security programs, advancing cloud security initiatives at Aetna, and forging impactful public-private partnerships in healthcare. Her leadership and strategic vision have consistently driven transformative security solutions that strengthen organizational resilience.

Rob Davidson brings many years of experience to his role as Chief Information Security Officer at Pacific Blue Cross and Pacific Blue Cross Solutions. His career started with Dell Canada and has progressed though several senior strategic and leadership positions at industry-defining organizations such as Microsoft and Hootsuite. Prior to his recent return to Vancouver, Rob worked through an extended tenure at Microsoft, from the original basics of networking through the launch of the Global Azure Cloud services.

Rob holds an Executive MBA and maintains his original CISSP certification. He enjoys the opportunity to share with and learn from others who are like-minded in his passion for the Security of People, Information, and Technology.

In addition to his core work, you will also find him engaged in Board of Directors (and Board advisory) positions, volunteer opportunities, and working to mentor and assist the next generation of security professionals.

William serves as the leader of AAA Washington’s information security and compliance efforts. He is responsible to establish a responsive, dynamic, and flexible cybersecurity program to meet continually changing information security, regulatory, and compliance needs in the organization.  William has been with AAA Washington since August of 2017. Other roles that William serves in the company include coordinating business continuity program activities and leading the company through emerging privacy legislation management.

In the evenings, William instructs graduate and undergraduate cybersecurity courses at the University of Washington and The Penn State University. William completed his Bachelor of Science in Computer Science from the U.S. Military Academy at West Point. He subsequently earned a Masters in Management Information Systems and an MBA from the University of Maryland. In December of 2018, he completed his Doctorate of Philosophy in Cybersecurity and Information Assurance from Capella University.

Prior to William starting at AAA Washington, he served five years as the Manager of IT Security Engineering at Puget Sound Energy. Prior to that, he also served as the regional CISO for Providence Health and Services. He has also served in similar positions with Alaska USA Federal Credit Union, Chugach Electric Association, and the State of Alaska, Department of Public Safety.

William served in the U.S. Army from 1990 to 1996 as an officer in the Infantry and is a combat veteran for Operation Desert Storm.

A proven senior security leader that drives business-centric innovation through strategy, empowering independence, and inspiring the next generation of enterprise growth from small to large enterprise. Experienced security strategist from Cloud to Enterprise Architecture, change/transitional management, application security, product development, vulnerability assessment, security operations, security engineering, process improvement, and enterprise transformation. A visionary who serves as a catalyst for sustainable change by empowering organizations and people in achieving breakthrough results as they travel to secure digital transformations. A leader that nurtures and empowers teams through communication in fostering cross-functional collaboration and achieving the organization’s goals. A driver of continuous improvement who eliminates single points of failure, transforming complex obstacles into tangible solutions.

Cynthia Damian is the Chief Information Security Officer at Valon Technologies, an up and coming fintech company innovating the financial and homeowner industry through technology. Cynthia has over 20 years of experience in cybersecurity and risk management holding security leadership and practitioner roles across small to large scale, global organizations including top Fortune companies. She is a mission-driven, people-centric security leader focused on making an impact through building, maturing and innovating cybersecurity and risk organizations with a track record of effectively managing risk and driving high-value outcomes for the business – protecting companies, employees and customers.

Cynthia has worked across diverse industries including companies such as Twitter/X, Salesforce, T-Mobile, and Starbucks. She also serves as a Board member, advisor, and mentor for various professional organizations in the security and tech community and is passionate about enabling diversity, equity and inclusion in the field one step at a time.

Becky Fricker is the Director of Information Security at DAT Freight & Analytics, where she plays a pivotal role in protecting the company’s digital infrastructure. She oversees Security Operations and Product Security, including areas such as Endpoint Protection and Response, Continuous Threat Exposure Management, Incident Response, and Network Security. Becky holds a Certified Information Systems Security Professional (CISSP) certification, a globally recognized credential that demonstrates her ability to design, implement, and manage a robust cybersecurity program.

Her extensive background in cybersecurity began with 13 years of service in the NJ Air National Guard, where she held critical roles such as Installation Spectrum Manager and Installation Security Systems Manager. After transitioning to the civilian sector, Becky continued to build her expertise as a Network Security Engineer at Cooper University Health Care. She later took on senior roles in the financial sector and at one of Southern California’s largest utility companies, focusing on information security within critical infrastructure.

Her academic credentials include an Associate of Science in Electronic Systems Technology, a Bachelor of Arts in Communication and Media Studies, and a Master of Science in Information Technology, specializing in Cybersecurity. Known for her adaptability, mentorship, and strong communication skills, Becky is an invaluable member of the DAT team, continuously driving improvements in the company’s information security programs.

Erika Voss offers two decades of extraordinary success in a series of high level roles at top tier companies that include Capital One, Salesforce, Oracle Public Cloud, Microsoft Corporation and Amazon Web Services.

Erika’s invaluable expertise and broad business range have powered a history of developing successful process improvements that drive productivity, reliability, and client satisfaction. Such traits have consistently enabled Erika to achieve an impressive command of the skills needed to manage ongoing business planning processes while developing strategies to meet future challenges.

Upon being named as Vice President of Information Security for DAT Freight & Analytics, Erika will lead vision, strategy, and execution for all facets of security for this Fortune 500 Supply Chain Logistics corporation, while defining and revising policies, procedures, and best practices for security, including application security, access control, authentication, third party risk management, and intrusion detection. Dr.. Voss has dedicated herself and her vision as a leader who engages in projects with an “All-In” attitude.

With a forte for successfully building strong teams and holding a key role leading all facets of finance and strategy, Dr. Voss has successfully positioned companies, as a leading expert in its field with respect foundational security basics, fraud, identity, and cloud security practices contributing to the following successes:

● Effectively manages a team of product and application security engineers, architects, and DevSecOps personnel, continually
identifying opportunities to reinforce the company’s security posture.
● Engages directly with customers, providing information and guidance on the company’s security posture.
● Served as the CISO of the company’s cybersecurity program in line with all industry standards and regulatory requirements, including SOC2, PCI, SOX, and other industry regulations.

Combining her proven business instinct with an unprecedented disciplinary work ethic, Erika has continuously exceeded expectations in high stake environments throughout her career positioning herself as a key member of each company and a driving force for growth. Erika holds a Ph.D. in Cybersecurity from Northcentral University, as well as a Master of Science Degree in Security Administration and a Bachelor of Science Degree in Computer Operations Technology from Southwestern College.

Dr. Peter Holowka is passionate about digital transformation and technology leadership, particularly in education. His doctoral research was in cloud computing adoption and organizational leadership. His professional work and academic research centre on the digital transformation journey, particularly the journey from legacy systems towards the cloud. He has received multiple awards for leadership and academic excellence. He was recognized as Member of the Year by the CIO Association of Canada, and currently serves as the Past President of the Vancouver Chapter. Beginning his career as a network and web design specialist, Dr. Holowka also advises a number of businesses, educational institutions, and not-for-profit organizations.

An Information Security leader with experience establishing resilient security strategies and procedures enhancing the corporate security posture, through evaluation of risk, promoting security awareness and privacy training, management of incident response, managing relationships with customers and business partners, and ensuring continued compliance through internal, customer and certification security audits.

A proven leader, skilled in managing network and application operations, knowledgeable in many collaboration and web environments and successfully managed services and large scale projects. Experienced in several security frameworks, including ISO 27001, PCI DSS, HITRUST, NIST 800-53, HIPAA, GDPR and SOC.

Marie Olson is an internationally recognized leader for her expertise in global regulatory compliance, privacy engineering, cybersecurity, digital governance, and risk management. Marie is a Fellow in Information Privacy (FIP). She also holds four other privacy certifications (CIPP/US, CIPP/E, CIPM, CDPSE), and two information security certifications (CISSP and CIPM). She has a Master of Science degree in computer science from Pacific Lutheran University and a Bachelor of Arts degree in mathematics from the University of Washington.
Marie recently retired in December 2023 from The Boeing Company after more than 36 years. In her last role, she served as Deputy Chief Privacy Officer for the Boeing Company.

Marie was selected by executive leadership to build the privacy team for Boeing in 2007, including hiring and training the team, defining the strategy and risk and control framework, and overseeing program implementation for Boeing’s global group of companies. Prior to establishing the privacy program, Marie was a Sr. Manager in Information Security. She managed a variety of functions including Information Governance and Compliance, Risk Management, Vulnerability Assessments, Business Continuity, Security Quality Assurance, and Government Programs Security Support.

Marie continues to be an active member of the Privacy and Security communities as a mentor, sought after speaker, thought leader, volunteer, cyber-safety instructor, and advisory board/committee member.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Mike Sheward is Head of Security at Xeal, an EV Charging hardware startup. Mike has around 18 years experience building security programs. Originally from the UK where he worked mostly in penetration testing and digital forensics, Mike moved to the US in 2011, where he has been focused on running security teams for SaaS companies ever since. Mike has written a mixture of fiction and non-fiction books, including the InfoSec Diaries series, which features stories based on real life digital forensics cases, pen tests and security incidents, as well as the non-fiction titles, "Security Operations in Practice" and "Hands-on Incident Response and Digital Forensics".

Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.

Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.

Jake Bernstein is a practicing attorney and CISSP who counsels clients trying to understand their cybersecurity risks and the legal duties that arise from those risks. In his decade-plus of practice, Jake has acted as both regulator as an Assistant Attorney General with the Washington State Attorney General's Office and as private defense counsel representing companies subject to data security and privacy regulations enforced by federal, state, and international authorities.

Maggie Amato is a dynamic cybersecurity leader with deep expertise in cloud security, AI security, and risk management across technology, healthcare, and federal sectors. As the Business Information Security Officer (BISO) for AI Cloud + CRM Apps at Salesforce, she plays an integral role in advising two Chief Technology Officers on holistic risk management strategies that align with the evolving demands of cutting-edge technologies. Throughout her career, Maggie has been at the forefront of innovation, leading the development of AI-specific security programs, advancing cloud security initiatives at Aetna, and forging impactful public-private partnerships in healthcare. Her leadership and strategic vision have consistently driven transformative security solutions that strengthen organizational resilience.

Gowri is a mission-driven, people-centric senior cybersecurity leader with 15 years of experience in Threat Intelligence, Security Operations, Risk Management, and Compliance. As a former FBI agent, Gowri proudly served her country and has also worked in Corporate Security. She holds a Master's Degree in Information Science from the University at Buffalo. Currently, Gowri serves as a Business Information Security Officer (BISO) at Salesforce, advising the President of the Customer Success Group on information security matters. In this role, she represents the Chief Trust Officer when partnering with executive leadership to promote cybersecurity across the Enterprise units.

Brian is an IT Executive with 29 years of experience from Security Operations and Support, Compliance, Risk Management, Technology Innovation, IT Operations and Supportand. Currently, Brian is a Business Information Security Officer (BISO) supporting multiple business units at Salesforce, delivering security and compliance across our people, process, technology, and data. In addition to this, he has worked in Security and GRC at Starbucks, Microsoft, and Bank of America as well as served as a Cybersecurity Advisor for CREATE.ORG, sat on the Board of Technical Advisors for NODUS technologies, served as an alternate to the PCI-DSS Customer Advisory Council, held CISSP and CISM certifications, and has published 2 books and 3 industry papers on security.

Eric is the Director of Strategy & Operations for Salesforce's AI Cloud, where he works on the company’s Trust commitments and leads strategic cross-functional initiatives. He is privileged to work with an exceptional team dedicated to delivering the most trusted AI CRM software on the market.

Before joining Salesforce, Eric built and led teams in the payments and Fintech industries, focusing on product innovation, business operations, and program management. His career includes roles at Visa, Citi Ventures, PayPal, Gap, and more.

A Silicon Valley native, Eric has lived and worked across Europe, earning his MBA from the Grenoble Graduate School of Business in France. He now resides in Silicon Valley with his family.

Bethan Daniels is a West Zone Regional Manager, managing Seattle and Salt Lake Offices, based in Seattle, WA. Bethan’s current responsibilities include managing team members, driving the national strategy and advising clients on placing primary and excess Cyber, Technology, Media and Errors and Omissions insurance.

Previously she spent four years working in London as a Wholesale Broker within the Cyber, Technology E&O and Media Practice. Through her experience in the London market she has a good understanding of market appetite and the availability of coverage.

Ian Riley is a seasoned cybersecurity professional with over a decade of experience in the IT world, including more than six years specifically focused on cyber security. His career highlights include roles as a Senior Security Operations Analyst at Blumira and Cloud Ops at Amazon Web Services (AWS). Ian's expertise lies in security incident response and system hardening, approaching cybersecurity from a defensive standpoint. With a strong background in both cloud operations and security analysis, Ian brings a wealth of knowledge and practical experience to the field of information security.

Bryan Turriff is a seasoned technology and marketing professional with over 25 years of experience in data, security, and AI. He is currently the Founding Director of Product Marketing and Growth at Observo.ai, where he focuses on expanding the company's reach and impact in security and AI-driven data pipelines. His career spans product and marketing leadership roles at notable companies like Cribl, IBM, and Pinecone, where he has contributed to shaping solutions that address complex data challenges. Previously, he also served as Senior Director of Product Marketing at EDB, where he helped drive the adoption of Postgres solutions. He was also Director of Product Marketing at Cribl where he helped define the broader market for telemetry data pipelines for security teams.

As Field CTO at Varonis, Brian supports a wide range of security and technology initiatives by helping Varonis’ customers and partner get the most out of the company’s products. In his 20-year technical career, Brian served as a developer, tech architect, engineer and product manager for companies in financial services, legal, and cybersecurity. Brian joined Varonis in 2010 in technical marketing, led education and development, and now serves as the company’s Field CTO. He holds a CISSP certification and frequently speaks on topics related to security and technology. He has been quoted in news sources ranging from The Financial Times to Dark Reading and has made multiple appearances on CNBC. Brian holds a Bachelor’s Degree from The New School in New York City and graduated from The Lakeside School in Seattle, Washington.

Frank Simorjay (CISSP, ISSA Distinguished Fellow) is a cloud security and compliance subject matter expert. Frank works for Microsoft Azure global ecosystem organization as the Lead PM of the Azure automation Blueprint program, that includes the PCI automation blueprint. Frank has written an extensive library of papers, and blogs (http://cloudntech.blogspot.com/)

Vice Admiral (Ret.) Mike LeFever, USN, currently serves as Chief Executive Officer for Concentric. Concentric is a risk management consultancy that specializes in delivering strategic security and intelligence services. In addition, he is a member of the network of national security experts for “The Cipher Brief,” a digital based conversation platform to connect the private sector with leading security experts.

Previously, Mike was the Chief Operating Officer for IOMAXIS, a US technology company specializing in cyber, communications, and computing solutions, and services. He also worked as a senior advisor, mentor, and speaker at the McChrystal Group, a leadership and management firm, engaging with senior executives across multinational companies on leadership, strategy, and change management.

Reflecting his deep experience with and commitment to developing high performance leaders and teams, Mike also served as a Performance Ambassador and Speaker for Liminal Collective and Arena Labs and as a senior advisor and mentor for leaders in private industry; the USG’s National Defense University senior level national strategy, leadership, and warfighting courses; and USG Joint Forces. He is also a member of the board of advisors at the National Security Institute at George Mason University, Antonin Scalia Law School and a participant on the Atlantic Council Counterterrorism Study Group.

Mike retired from the United States Navy after over 38 years of service, finishing his military career as the Director of Strategic Operational Planning at the National Counterterrorism Center, within the Office of the Director of National Intelligence. He also served as both the Commander of the Office of Defense Representative in Pakistan and the Commander of the Joint Task Force in Pakistan, leading all US Armed Forces in Pakistan between 2008-2011.

Throughout his career, Mike served in Navy and Joint leadership and command positions at every level. He led disaster relief and humanitarian efforts, the full spectrum of warfare operations, and counterterrorism and
counterinsurgency operations. Renowned for his effectiveness in navigating cross-cultural, complex, and international environments and building high performance teams, his leadership was directly responsible for
numerous significant achievements that protected and enhanced the national security of the United States. The hallmark of LeFever’s leadership was his commitment to build and promote lasting partnerships between
the US and its key allies and coalition partners.

Craig Spiezle is the Founder and President of AgeLight Advisory & Research Group, a professional services firm focused on online and digital services. Craig is a recognized authority on trust and the convergence of privacy and security promoting ethical privacy practices, end-to-end security and the importance on moving from a compliance mindset to stewardship. Craig is the Charmain emeritus of the Online Trust Alliance, an initiative of the Internet Society. He frequently briefs international policy makers driving awareness of best practices by both the public and private sectors and importance of internet governance. Craig has championed security best practices to help protect consumers while promoting innovation and the role of meaningful self-regulation. Prior to OTA, Craig spent over a decade at Microsoft focused on security and privacy enhancing technologies and standards. Craig chairs the Online Trust & Integrity Council and is on the board of the Identity Theft Council, editorial board of SC Magazine and a member of InfraGard, the IAPP and the APWG.

Marc Menninger is a seasoned corporate information security and risk management professional with more than twenty years of experience. He has held the Certified Information Security Systems Professional (CISSP) certification since 2000 and the Certified in Risk and Information System Controls (CRISC) certification since 2016. Marc’s career started with his service as a Computer and Communications Officer in the U.S. Air Force from 1992 to 1997. During his tenure, he led a team of 19 UNIX administrators, managing mobile Top Secret fiber optic networks. He was stationed at Langley Air Force Base in Virginia and Barksdale Air Force Base in Shreveport, LA, and served a short tour in the Persian Gulf during Operation Desert Shield.

Transitioning to civilian roles, Marc has navigated through several technical and leadership positions, building his expertise across the United States—from Dallas to San Francisco and, ultimately, Seattle. His roles have included Vice President of Corporate Information Security at Washington Mutual Bank, Security Manager at PEMCO Corporation, Senior Security Manager at Lighthouse eDiscovery, and Director of Cybersecurity at A Place for Mom. Presently, he serves as the Information Security Officer at AstrumU.

Marc's specialty areas encompass Enterprise Risk Assessment, Information Security Program Management, Governance, Risk and Compliance, and more. He lives near Seattle, WA, with his family.

Scott Benson is the Director of Cybersecurity and Infrastructure at Mud Bay, with over 25 years of experience in the field. He holds certifications such as CISSP, CEH, and PCIP. Scott leads a team responsible for cybersecurity, infrastructure, and help desk services, ensuring successful business outcomes and compliance with industry standards. He has a strong background in risk management, cloud security, and cybersecurity strategies.

Matt Hoffmann is a technology executive with 20+ years in the industry working across development, privacy. security, IT, infrastructure and devops. Throughout his career he has primarily worked with private-equity backed SaaS companies and has been the point person on multiple mergers and acquisitions on both the buy and sell side. In his current role as CIO of KORE Software, he manages engineering, devops, IT and security for a market leading product suite that serves professional sports and entertainment organizations. Working with some of the largest sports and entertainment teams and venues in the world has given him the opportunity to be hands-on with real-world data privacy challenges, large scale infrastructure projects and high-consequence security deployments.

Kathryn Patterson supports the Global Cybersecurity & Fraud Management organization at TIAA. In prior roles, she managed 3rd Pty Assessment, Regulatory Exam Mgmt and Audit support, and RCSA. Her career spans three industries: healthcare, telecommunications, and financial services, with additional background in program management, business resiliency and internal investigations. She prioritizes collaboration with business partners on best practices, communications, training, and development. Kathryn holds a BA in Organizational Leadership from the University of Oklahoma with a concentration in Criminal Investigations and Intelligence Analysis.

Wade Ellery, Field Chief Technology Officer and Senior Technical Evangelist with Radiant Logic. Wade has extensive experience in enterprise IT direct and channel software, and services, sales and management. He has in-depth knowledge and experience in enterprise IAM, IGA, PAM, ZTA, risk and compliance and IT security challenges. Wade has consulted on some of the largest identity management solutions deployed across Federal and Commercial clients.

With over fifteen years of experience, I am passionate about providing technology governed solutions to growing businesses of all sizes. I have worked with MSP and channel partners to offer managed security as a service (MSSP) and to ensure security and auditing compliance for various regulations and standards, such as HIPAA, CMMC, NIST, PCI, CCPA, and GDPR across a wide range of industry's.

Gregory (Greg) Pepper is a Senior Architect and a Check Point Evangelist. Greg has been an IT professional for 20+ years with expertise in Security, Networking & Cloud Computing. At Check Point, Greg’s main focus is to work with customers, partners and Check Point employees to help plan, design and implement security solutions across their networks, clouds, endpoints & mobile devices. Greg has been involved with a significant number of our of major cloud migrations and transformation across some of the largest Enterprise, Commercial and Public Sector Customers. Prior to Check Point, Greg has worked at well-known companies like Sony, Cisco and Price Waterhouse Coopers and Organic. Greg holds a Bachelor of Business Administration from Emory University – Class of 1998.

Owen Pickford is a Senior Solutions Engineer at Snyk based in Seattle. Owen has 15 years of experience helping enterprise customers identify and implement software solutions that help them solve their most complex challenges.

Kevin has more than 25 years of experience in threat intelligence and information security. He was the VP of cybersecurity operations and governance at IOActive.com, a retired NSA intelligence officer, the former director of Windows security architecture at Microsoft, and shipped Windows 10 (not by myself). He holds the CISM, CISSP, CGEIT security certifications.

Hong-Lok Li is the Chief Technology Officer at the Alma Mater Society of UBC Vancouver (representing 60,000+ UBC students). He has a strong technical background and 20+ years of experience in large organizations in a multi-platform, integrated computing environment. Hong is a Chartered Engineer (CEng) who earned his Master of Science (MSc.) in AI and Networking at the University of Essex in the United Kingdom. He is also a BCS (British Computer Society) assessor for the Chartered Engineer (CEng) Assessment. Hong believes in fostering a culture of innovation and collaboration and is always passionate about deploying technology to ensure resource optimization and operational excellence.

Andrew Johnson is a Solutions Architect based in Olympia, WA. Andrew serves as the Principal Architect overseeing the state’s adoption of zero trust, Secure Access Service Edge, SD-WAN, and Secure Service Edge. Andrew is responsible to interconnect state government with cloud-based resources and external business partners. Andrew spearheads the state's adoption of new technologies enabling state government to leverage cutting-edge technology in serving the residents of Washington State. Additionally, Andrew modernized the state's DNS system, transitioning it to a hybrid DNS solution that handles both on-premise and cloud-based queries. Andrew is a retired Army Signal Warrant Officer.

Cynthia Damian is the Chief Information Security Officer at Valon Technologies, an up and coming fintech company innovating the financial and homeowner industry through technology. Cynthia has over 20 years of experience in cybersecurity and risk management holding security leadership and practitioner roles across small to large scale, global organizations including top Fortune companies. She is a mission-driven, people-centric security leader focused on making an impact through building, maturing and innovating cybersecurity and risk organizations with a track record of effectively managing risk and driving high-value outcomes for the business – protecting companies, employees and customers.

Cynthia has worked across diverse industries including companies such as Twitter/X, Salesforce, T-Mobile, and Starbucks. She also serves as a Board member, advisor, and mentor for various professional organizations in the security and tech community and is passionate about enabling diversity, equity and inclusion in the field one step at a time.

Jaki Ferenz is a client risk advisor in the risk and insurance industry with over two decades of experience. She helps clients navigate operational and organizational risks to empower strategic business initiatives. Jaki has extensive experience and knowledge regarding privacy and security (cyber), errors & omissions, directors & officers, property & casualty, and workers' compensation risks, as well as insurance coverage needs. She ensures that her clients are well-prepared to navigate the ever-evolving landscape of cyber threats and protect their valuable assets.

Jane E. Petoskey is an associate at the firm's Seattle office. She is a member of the Technology Transactions practice group, and primarily services clients under the Data Protection, Privacy, and Security focus area. Jane is also a Certified Information Privacy Professional in the United States (CIPP/US) and Certified Information Privacy Manager (CIPM), and is a Fellow of Information Privacy (FIP).

Prior to joining the firm, Jane served as a technology transactions and data privacy associate attorney at the Seattle office of an AmLaw 100 firm. Through this role, Jane regularly advised clients of all sizes and industries through privacy and data security matters, including counseling on compliance with domestic and international privacy and data security laws and regulations, including the CCPA, COPPA, GLBA, HIPAA and HITECH, and GDPR.

Jennifer Womack has worked for Puget Sound Energy since 2008. She has held various roles within Infrastructure Security, Compliance and Security & Risk. She currently is the Manager of Cyber Security Operations.

Zabrina McIntyre is a Director with KPMG focusing on large scale cybersecurity transformations for clients with a focus on compliance. She holds the CISSP and PMP certifications and is working on her PCI QSA. She is a dedicated supporter of Women in Cybersecurity (WiCyS) and is currently on the leadership board for the Business Information Security Officer (BISO) Affiliate.

Patrick Massey serves as the Regional Director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Region 10 office in Seattle. CISA is committed to improving the security and resiliency of our nation’s infrastructure through collaboration with critical infrastructure owner/operators, governments, industry, and other stakeholders.

Kip Boyle is the Virtual Chief Information Security Officer of Cyber Risk Opportunities, whose mission is to help executives become more proficient cyber risk managers. He has over 24 years of cybersecurity experience serving as Chief Information Security Officer (CISO) and in other IT risk management roles for organizations in the financial services, technology, telecom, military, civil engineering, and logistics industries.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.