St. Louis, MO 2016

Dr. Larry Ponemon is the Chairman and Founder of the Ponemon Institute, a research "think tank" dedicated to advancing privacy and data protection practices. Dr. Ponemon is considered a pioneer in privacy auditing and the Responsible Information Management (RIM) framework.

Ponemon Institute conducts independent research, educates leaders from the private and public sectors, and verifies the privacy and data protection practices of organizations in various industries. In addition to Institute activities, Dr. Ponemon is an adjunct professor for ethics and privacy at Carnegie Mellon University’s CIO Institute. He is a Fellow of the Center for Government Innovation of the Unisys Corporation.

Dr. Ponemon consults with leading multinational organizations on global privacy management programs. He has extensive knowledge of regulatory frameworks for managing privacy and data security, including financial services, healthcare, pharmaceutical, telecom, and internet. Dr. Ponemon was appointed to the Advisory Committee for Online Access & Security for the United States Federal Trade Commission. He was appointed by the White House to the Data Privacy and Integrity Advisory Committee for the Department of Homeland Security. He was also an appointed to two California State task forces on privacy and data security laws.

Dr. Ponemon earned his Ph.D. at Union College in Schenectady, New York. He has a Master’s degree from Harvard University, and attended the doctoral program in system sciences at Carnegie Mellon University. He earned his Bachelor's with Highest Distinction from the University of Arizona. He is a Certified Public Accountant and a Certified Information Privacy Professional.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award.

Patrick Crowley is founder and CTO of Observable Networks. He is also professor of Computer Science & Engineering at Washington University in St. Louis.

Brian Allen started in IT as a unix/security admin in 2000, and has been working in security at Washington University for 13 years. Before WashU, he was a Unix Admin at the University of Maryland for four years and then a Security Administrator at UMSL for two years.

Jon Stitzel is the Lead Analyst for Cybersecurity Risk Management at Ameren. He is responsible for driving cybersecurity and risk management strategy for business and industrial control system environments, in addition to leading IT and Cybersecurity controls compliance. Jon has over 30 years of experience in the IT industry, including more than 20 years in cybersecurity. He has served as a system administrator, manager, analyst, and consultant in many diverse industries during his cybersecurity career, including energy, manufacturing, financial services, telecommunications, and DOD.

Peter Roman is a federal cybercrimes prosecutor and a former Oracle DBA and UNIX system administrator. After 14 years working in IT, and following the events of September 11, 2001, Mr. Roman went back to school and became a lawyer so that he could become a prosecutor. Now, he melds his cyber and legal experience working for the Department of Justice prosecuting hackers, carders, fraudsters, and others who use computers and the internet to commit crime.

John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award.

Ben Desjardins drives the development of vertical and use-case specific solutions for Radware’s Security Product Portfolio. In this role, Ben focuses extensively on the competitive landscape for anti-DDoS, Web Application Firewalls and Intrusion Prevention Systems.

Ben has extensive experience across a wide array of security technologies and disciplines, including DDoS, DNS, SSL, Threat/Vulnerability Management, IAM and PCI-DSS and he brings nearly two decades of marketing management experience to his work at Radware, including over 12 years focused on the information security and cyber threat arenas. Additionally, Ben has led global go-to-market efforts across many industries including retail, Ecommerce, financial services, public sector and healthcare/life sciences.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award.

Founder and Principal Security Consultant of Night Lion Security, Vinny Troia brings 20+ years of IT security and development experience. He is also a featured speaker on ABC, CNBC, and Fox News.

"One afternoon, I drafted an email to the CEO and CISO of a major airline company. The title read – URGENT – Data breach in your network. During our phone conversation later that evening, I proceeded to tell the security admin that I received word from a dark web contact that sensitive data from their network was about to go on sale later that week. Working in tandem with my dark web contacts and the company’s security team, we were able to identify the hacker’s position within their network, turned off their access, and closed the vulnerabilities that allowed them to gain access. This is the kind of thing I do day in and day out, and I love my job." - Vinny Troia

Maurice Dawson is a faculty member in the School of Applied Technology to serve as Director of Illinois Institute of Technology's Center for Cyber Security and Forensics Education, which is accredited by the National Security Agency. Maurice has earned a Doctor of Computer Science from Colorado Technical University in 2009 and a Ph.D. in Cybersecurity from London Metropolitan University in 2017. Prior to joining Illinois Tech, Maurice served as an Assistant Professor at the University of Missouri - St. Louis. Dawson has received multiple Fulbright Scholar Specialist Grants to Russia and Saudi Arabia for cybersecurity and data analytics. Recognized by the DoDD 8140 as an IA System Architect and Engineer, Manager, and Cybersecurity Service Provider.

John Newcomer is currently Senior Vice President of Information Security at CitiBank, a top-10 national mortgage lender. He has eight years of experience in the information security field, with 17 years prior in IT.

Larry Wilson was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc., Worcester Polytechnic Institute, and the University of Massachusetts (UMass) President's Office. In the CISO role, Larry was responsible for developing, implementing, and overseeing compliance with the SMPA / WPI / UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the respective cybersecurity programs, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, Designing and Building a Ransomware Program, and Designing and Building a Third-Party Risk Program. Larry has also worked with multiple companies in multiple industries to help design, build, and maintain their Cybersecurity Programs, Ransomware Program, and Third-Party Risk Programs.

John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John is the recipient of the 2004 COSAC award, the 2006 EuroSec Prix de Fidelite, and the 2011 ISC2 Lifetime Achievement Award.

David Barton is the Chief Information Security Officer for Forcepoint, responsible for securing the company and sharing key learnings with customers. Barton brings to his role more than 20 years of experience in security leadership across a variety of sectors, including telecommunications, healthcare, software development, finance and government. Prior to joining the company in 2015, he spent three years as the Head of Information Security at Hireright, where he was responsible for securing the company’s information and physical assets on a global scale. Barton holds an MBA from the University of Missouri – Kansas City and a bachelor’s degree in Management Information Systems from Simpson College. He is also a Certified Information Systems Security Professional (CISSP).

Bhavesh Chauhan is a Principal Client Partner - Security Evangelist within Verizon CTO organization. Previously a Principal in Financial Services and lead the Security Engineering and Professional services for the North East Region of Americas, which includes Enterprise, Government Accreditor, Security Principal, Consultant, Engineer and Architect on security engagements; and has delivered various information security engagements to assist customers mitigate risks and improve security maturity across the enterprise. Bhaves routinely represents Verizon at information security forums and has delivered various public speaking engagements. He is board member of the ISACA local chapter.

Along with his experience, Bhavesh holds a Master's of Science Degree in Physics and a number of professional security certifications such as CISSP, CISA, and CISM. Furthermore, he has been a CESG certified Information Assurance advisor to UK public sector and Defense from 2001 to 2010.

The Regional Computer Crime Education and Enforcement Group (RCCEEG) is a non-profit, multi-jurisdictional computer crime task force serving the Eastern District of Missouri. The inception of RCCEEG began in 1999 and was fully implemented as a non-profit organization in January, 2003. It exists to meet the growing demand for forensic and investigative support with regard to the use of technology in criminal activity. The members of RCCEEG are local law enforcement officers who have received training in the forensic analysis of digital media. They are detached from their host agencies to provide full time support to the region. The RCCEEG staff is funded, in part, through a state grant. Our operational expenses are partially funded through a subscription service plan supported by area municipal Police Departments. Our work product has been used in the prosecution of numerous high profile cases at both State and Federal levels, resulting in its use as a template for similar entities. We participate in new recruit training within the St Louis County and Municipal Police Academy as well as in-service training for Police Officers and area Prosecuting Attorneys.

Paul Kurtz is an internationally recognized expert on cybersecurity and the Chief Cybersecurity Advisor/Field CTO at Splunk. Paul began working cybersecurity issues on the National Security Council at the White House in the late 1990s. He served in senior positions on the White House's National Security and Homeland Security Councils under Presidents Clinton and Bush and advised President Obama on cybersecurity during his transition into office. During his service, Paul was Special Assistant to the President and Senior Director for Critical Infrastructure Protection on the White House’s Homeland Security Council (HSC). He joined the HSC from the National Security Council (NSC) where he was both Senior Director for National Security in the Office of Cyberspace Security and a member of the President’s Critical Infrastructure Protection Board. He served on the NSC as a Director of Counterterrorism from 1999-2001, and helped manage the response to the September 11 terrorist attacks.

Since leaving government, Paul has held numerous private sector cybersecurity positions and co-founded TruSTAR Technology, which was acquired by Splunk. Paul is a regularly sought-after speaker and expert for the media, and served as an on-air consultant for CBS News.

Paul’s work in counterterrorism has long-influenced his approach to cybersecurity. Specifically, it highlighted the need to improve information sharing and collaboration among those involved in detecting and responding to cyber threats. His remarks will be grounded in the past year’s most critical challenges and what we learned from our response to them, including the cyber attacks on the Ukraine power grid and the onslaught of cyber attacks targeting critical health care facilities.

Bob presents to executive clients on their security posture and recommended economical approaches for improvement. He consults on all organizational aspects of information security: project initiations, security assessments, vendor reviews, contract negotiations, audit and regulatory engagements. +15 years of experience in the Information Systems Controls profession including: Network Administration, IT Auditing as well as Systems Quality Assurance (Full Life Cycle Development).

I'll appropriate T Nassim's quote describing the Stoic philosophy:
“A security professional is someone who transforms fear into prudence, pain into transformation, mistakes into initiation, and desire into undertaking.”

Randy Raw is Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. He is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization. Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.

Ben Desjardins drives the development of vertical and use-case specific solutions for Radware’s Security Product Portfolio. In this role, Ben focuses extensively on the competitive landscape for anti-DDoS, Web Application Firewalls and Intrusion Prevention Systems.

Ben has extensive experience across a wide array of security technologies and disciplines, including DDoS, DNS, SSL, Threat/Vulnerability Management, IAM and PCI-DSS and he brings nearly two decades of marketing management experience to his work at Radware, including over 12 years focused on the information security and cyber threat arenas. Additionally, Ben has led global go-to-market efforts across many industries including retail, Ecommerce, financial services, public sector and healthcare/life sciences.

Arabella is responsible for the go-to-market positioning and activation of the company’s Advanced Threat solutions at Arbor. Previously she was VP of Corporate Strategy where she led strategic planning and corporate development activities.

Arabella has over 20 years of experience in IT security and strategy. Prior to joining Arbor, Arabella was VP of Corporate Strategy at Sophos, a global IT security vendor headquartered in Boston and Oxford, UK where she led M&A strategy, market and customer insight, and global corporate communications.

Prior to Sophos, Arabella was Research VP at Gartner, the IT research and advisory services firm. At Gartner, Arabella led coverage of the endpoint, eMail and web security markets and counseled many of the world’s largest corporations, governments and technology providers on technology and market trends and their strategic implications.

Arabella received her BA from University College London, UK and MA from the Fletcher School of Law and Diplomacy, Tufts University, USA.

David has been a cybersecurity leader for 12+ years at various global Fortune 100 companies with responsibilities ranging from strategic and tactical planning, architecture, engineering, operational support, process improvements, automation to consulting. He enjoys decomposing complex problems into implementable and sustainable solutions.