James L. Antonakos is an Incident Response Consultant for Trustwave. Prior to joining Trustwave, James was the State University of New York (SUNY) Distinguished Teaching Professor of Computer Science at Broome Community College, in Binghamton, NY. When James is not helping Trustwave clients prepare for or recover from a cyber security breach, he is an online instructor in electronics, computer science, and information security. Additionally, James has extensive industrial work experience in electronic manufacturing for both commercial and military products, particularly in flight control computer technology for Navy aircraft.
Quanterion Solutions Inc.
Sean Bird is a Software Engineer with Quanterion Solutions Inc. in Utica, NY. His work includes system design, systems analysis, software development, and cloud security/infrastructure. Most of his work is currently for the Air Force Research Laboratory (AFRL) in Rome, NY and the Cyber Security Information Analysis Center (CSIAC) under the Department of Defense. He has earned his undergraduate degree in cybersecurity from SUNY Polytechnic Institute (formerly SUNYIT) and is currently pursuing his graduate degree in computer engineering at Syracuse University.
Todd is a Principal Consultant with NYSTEC's Information Security practice, where he manages complex security projects and helps clients to understand their security profile and to plan secure systems. Todd has over 15 years of experience in software development. He is an ISC-2 Systems Security Certified Practitioner and is pursuing an MBA in IT Management and a CGS in Information Security from SUNY Albany.
New York State Office of General Services
In August 2016, Sean Carroll was appointed as the Chief Procurement Officer for New York's Office of General Services. Mr. Carroll manages more than 1500 contracts with annual spend exceeding $22Billion and oversees New York Procurement Services Unit. Mr. Carroll is responsible for statewide contracts for commodities, services and Information Technology for state agencies, state campuses and other authorized users.
His prior public sector experience includes the Director of Onondaga County Division of Purchase since December 2010, after serving as the Assistant Director and architect of their S.M.A.R.T. (Strategic, Modernized, Accessible, Responsive and Technology Driven) purchasing methodology; staff member to the New York State Parks and Recreation Department Office of Law; and as Director of Investigations for the New York State Consumer Protection Board, where he redesigned portions of the Arts and Entertainment Law and oversaw coordinated efforts with the Secret Service and Royal Mounted Canadian Police on consumer issues such as identity theft.
Mr. Corby has been a security pioneer for over 35 years. He was the organizer and a founder of (ISC)2 Inc. the CISSP sponsoring organization. He has been chief executive and CIO for several global enterprises, Vice President and Sr. Director for MetaGroup and Gartner, and has consulted for hundreds of the world's most advanced organizations. He is a frequent speaker for the NYS Cyber Security Conference and other popular events.
Quanterion Solutions Inc.
Michael Corley is a Senior Software Engineer for Quanterion Solutions in Utica, NY. His passion is writing code and architecting designs for large systems. He has spent many years developing code for network and cyber security applications. Recently his interests have expanded to include cloud computing architectures, virtualization technologies and micro service architectures. Michael earned a master degree in computer engineering from Syracuse University in 2011. His favorite past time is spending time with his wife and his family.
Arshan is an accomplished security researcher with 12 years of experience advising large organizations on application security. He is the co-founder and Chief Scientist at Contrast Security, where he has been pioneering security instrumentation technologies in order to make self-protecting software a reality.
As an Economic Development Manager at NYSTEC, Evan's role is to build and sustain a strong technical business environment in the Mohawk Valley and across New York State. This includes leveraging technology and expertise from the Air Force Research Laboratory (AFRL) Information Directorate (RI) to benefit businesses and the economy in the Mohawk Valley and beyond. Evan also serves as a board member for the Central New York Defense Alliance, which proactively engages the community to enhance technology initiatives leading to high-tech jobs in the region. Previously, Evan held various engineering positions at Lockheed Martin, including serving as lead engineer and project manager for numerous technology initiatives. He has more than 12 years of combined experience in economic development, systems engineering and R&D for the US Presidential Helicopter Programs, IT lab management, research engineering for multiple defense R&D projects, and network engineering.
Syracuse University - Burton Blatt Institute
Melissa Delia, M.S., CAS, is a Project Manager and Lead Researcher for the Burton Blatt Institute at Syracuse University. She has over 10 years of IT and Security experience, working in both public and private sector, specializing in governance, risk, audit and compliance, and working on Department of Homeland Security (DHS) sponsored projects for local government. Melissa has presented topics at the New York State Cyber Security Conference both in 2014 and 2015. Melissa received her master's degree in information management and Certificates of Advanced study in information security and information and telecommunications management from Syracuse University.
Multi-State Information Sharing and Analysis Center
Andrew is the Director of Stakeholder Engagement for the Multi-State Information Sharing and Analysis Center, a division of the Center for Internet Security. The MS-ISAC has been designated by the U.S. Department of Homeland Security as the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, territorial and tribal (SLTT) governments. Under Andrew, the MS-ISAC has greatly expanded its membership since 2012, including representatives from all 50 states, D.C., all 50 state capitals, and over one thousand local and tribal governments. He is responsible for managing all aspects of member relations, working with government associations, and conducting outreach on behalf of the MS-ISAC. Andrew fosters relationships with all of MS-ISAC's stakeholders in an effort to enhance collaboration and information sharing for the collective benefit of all members.
Mohsan Farid, CISSP, CEH, FITSP-A, CSSLP has 15+ years of experience in IT. Mohsan has ran the gamut in the security space: from penetration testing for Rapid7 as a consultant, performing vulnerability assessments for numerous federal agencies and Fortune 500 companies, pentesting mobile applications, and contributing exploits to the Metasploit framework. Mohsan is highly regarding by both his peers and client, and is considered to be a subject matter expert in advanced penetration techniques and mobile application security.
Deloitte & Touche
John Gelinne is a Director with Deloitte & Touche Cyber Risk Services and a retired Captain from the United States Navy. During his Naval career he held command of the USS HURRICANE, USS KAUFFMAN and Destroyer Squadron TWENTY TWO. Most recently, John served as Chief of Staff for Admiral Mike Rogers, the current Director of the National Security Agency. As Chief of Staff he was third in command of the Navy's Cyber Fleet (10th Fleet) where he led full spectrum cyber operations, shaped the Navy's cyber workforce and drove the integration of cyber capabilities into Naval operations. He also played a pivotal role in defending the Navy's unclassified network against an advanced persistent threat, driving cyber incident response activities Navy-wide.
Paul Giura is a security researcher with the Chief Security Office at AT&T since 2010. His research interest is in the areas of network and device security, big data for security analytics, network forensics, security systems and databases. Additionally, he is an adjunct professor at NYU Tandon School of Engineering, teaching graduate level database classes. Paul Giura received his Ph.D. and Master's degrees from the Department of Computer Science and Engineering at NYU School of Engineering, and Bachelors from University of Bucharest, Romania. Before joining AT&T he worked as a Research Assistant at NYU School of Engineering cyber security lab, to design and develop new payload attribution and storage methods, to support network forensics, monitoring and fast querying of large amounts of network historical data. During his PhD years, he was also a summer research intern at Ricoh Innovations in Menlo Park, CA and at AT&T Security in Middletown, NJ, working on security related projects.
Brainlink International, Inc.
Author, entrepreneur, IT expert and public speaker, Raj Goel is globally known as the go-to man in cyber security and privacy law. He is committed to educating individuals and organizations about online safety and how to protect their most important assets - people and data. His expert advice helps individuals, companies and conglomerates navigate their way through the world's ever-changing technology and increasingly complex IT compliance laws. He often appears in the media and at conferences world-wide to educate the public on cyber-security and digital privacy, a subject he is passionate about.
U.S. Department of Homeland Security
Eric Goldstein Branch Chief, Industry and Government Engagement, Office of Cybersecurity and Communications at Department of Homeland Security.
Scott Greaux has over 18 years of diverse information technology experience spending more than a decade developing solutions to address complex information security problems. Most recently, Scott served as General Electric's Deputy Chief Information Security Officer where he led key global initiatives such as advanced threat initiative coordination, spear phishing mitigation, policy, policy frameworks, and information security metric reporting. During his tenure at GE he was uniquely positioned to see the threat of advanced phishing techniques and developed a multi-faceted program to address the phishing risk in a large enterprise. Scott brings his extensive experience to PhishMe where he works with customers and industry thought leaders to align PhishMe's solutions with the ever changing threat landscape.
Albany Law School
Antony Haynes joined Albany Law School in December 2015. He has extensive litigation experience in the intellectual property, securities, and criminal defense areas. He served as an associate at the law firm Quinn Emanuel Urquhart & Sullivan, LLP, in Washington, D.C., and before that at Williams & Connolly LLP, in Washington, D.C. Prior to practicing law, Antony was an Assistant Professor of Computer Science at the U.S. Air Force Academy, where he taught courses in programming, developed the Academy's Information Assurance curriculum, and created the intercollegiate Cyber Defense Exercise. He has extensive experience with a host of software and hardware technologies, including Cisco routers, Motorola microprocessors, TCP/IP networking protocols, SQL databases, and web-based programming. He developed an on-line survey-system for the Department of Epidemiology at a major university. After the Air Force Academy he was an associate at Chatham Financial Corporation, Capital Markets, Kennett Square, Pa., where he led a company-wide software effort, wrote financial software and coordinated technical developers. He is a distinguished graduate of the U.S. Air Force Academy, where he was recognized as the top computer science graduate. He received his M.S. in Computer Science from the University of Illinois at Urbana/Champaign, where his thesis focused on machine learning and expert systems. He is an entrepreneur who leverages his background in computer science, technology, business and the law to advise startup companies. In addition to advising startups, he has spent time acquiring and growing companies.
New York State Office of General Services
Marc Hiller is the Supervising Attorney for Procurement in Legal Services at the Office of General Services, and is responsible for the team of attorneys that provide legal counsel to OGS Procurement Services for technology, commodities, and services procurements, including centralized procurements which are used by state agencies, local governments (counties, cities, towns, villages), public and private schools and universities, charitable not-for-profit organizations, public authorities and public benefit corporations, and others. Prior to joining OGS Marc was an Associate Attorney at the Office of Information Technology Services focusing on telecommunications and technology procurements and Broadband; and also served as an Assistant Counsel in the NYS Legislative Bill Drafting Commission. Marc received his JD from the Washington College of Law, American University, and his BA from the University of Massachusetts at Amherst.
Andrew Hurd is the Faculty Program Director for Cybersecurity at Excelsior College. Dr. Hurd is responsible for curriculum development and degree requirements for the Bachelors and Master degrees in Cybersecurity. Prior to joining Excelsior, he worked at Hudson Valley CC and SUNY Albany. Dr. Hurd holds dual Bachelors of Arts in Computer Science and Mathematics, a Masters in the Science of teaching Mathematics, and a PhD in Information Sciences specialized in Information Assurance and Online Learning. He won the SUNY Chancellors award for Excellence in Teaching in 2012 while working at HVCC.
Ken Kaminski is the Network Security Technical Solutions Architect for the Northeastern United States and Global Financials specializing in BYOD implementation, Security in the Data Center, Identity Management Systems, Network Segmentation, Cisco Security, and Wireless and Network Switching and Routing Products and Technologies for large enterprise and global accounts. He has been a member of the Security Field Advisory Board at Cisco that drives security training and programs for Cisco's Security Systems Engineers and provides customer feature requirements to Cisco Engineering. He teaches and speaks often on security related topics including Cisco Networkers and other industry forums. Prior positions include Security Architect for the Northeast US and Consulting Systems Engineer for Voice, Video, and WAN technologies at Cisco Systems. He was one of the first Consulting Systems Engineers hired at Cisco. Prior to that, he was the Senior Systems Engineer for a startup company in the carrier ATM switching market. He was also a Telecommunications Officer in the US Army leaving the service as a Forward Signals unit Company Commander. Ken has his CISSP, GCFA, GPEN, GAWN, GMOB, GPYC, and GCIA along with a BA and MA from Boston University.
John Kelbley is a Senior Cloud Specialist with Microsoft's State & Local Government team. He joined Microsoft in 2002 after working at numerous large enterprises as a Management Consultant, IT Manager, and Infrastructure Architect, and has over 20 years of computing industry experience. John works with large agencies and enterprises to optimize data center processes, helping them understand and deploy private and public cloud solutions including security, storage, virtualization, desktop as a service / VDI, and hybrid integrated management. He has done extensive work with cloud integrated storage, as well as disaster avoidance / continuity of operations planning with governmental and private sector organizations. A key component of John's current role with Microsoft is collecting and sharing customer and industry insights and direction.
John is co-author of several books on private cloud technologies, a periodic contributor to TechNet Magazine, and a presenter at Microsoft's TechEd conference on topics including VDI, virtualizing Linux / UNIX, integrating heterogeneous infrastructures, Hyper-V automation, PowerShell for virtualization management. He has extensive expertise with "mixed" environments (including working with UNIX / Linux), and has the distinction of being the only Microsoft employee to present at the Red Hat Summit. John's blog can be found at http://blogs.technet.com/enterprise_admin/default.aspx.
Rose Ketchum is a Certified HIPAA Security Professional with over 30 years' experience in IT and compliance. She has worked with many businesses, governments, BOCES, and school districts throughout New York.
Mr. Russell Kiernan, Director of Management Consulting, oversees the delivery of management consulting and security services at QED National. With extensive experience as an IT Executive, Russ understands the business needs of QED National's client base and transposes them into capabilities. His areas of expertise in management and technology disciplines include, information security, enterprise architecture, program and project management, systems engineering and development, GRC (governance, risk and compliance), and quality management. Throughout his career, Russ has developed, implemented and managed enterprise-level solutions and organizational capabilities for some of the largest financial institutions and public sector agencies.
New York State Office of General Services
Marc Kleinhenz currently serves as Assistant Director for IT procurement in the Office of General Services Procurement Department. Marc joined the OGS team in 2012 with the HBITS contract and has since helped create Procurement's suite of IT contracts including the PBITS contract, Manufacturers Umbrella contract and the Distributors Umbrella contract.
Marc began his career in state government in 1999, working in Department of Health working in Budget and Finance. In 2005, he transferred to Department of Corrections and Community Supervision to handle budgeting and purchasing for the Management Information Systems. In 2009, he continued his focus on procurement by accepting a position with the Office of Mental Health.
Marc earned a Master's Degree in Public Administration at SUNY Brockport and before that, a Bachelor's of Arts degree in psychology from St. John Fisher College. In his spare time, Marc volunteers in several roles with the Boy Scouts of America including as Unit Commissioner, and Committee member.
Anner Kushnir has over 20 years of experience in various research, development and executive management positions. Mr. Kushnir joined AlgoSec in 2006 as head of R&D, leading the research, design, architecture and software development of the AlgoSec product suite. After 10 years of building the AlgoSec R&D department and its products, Mr. Kushnir moved into the new role of VP of Technology, where he now works with AlgoSec's strategic customers and technology partners. Prior to joining AlgoSec, Mr. Kushnir held several R&D positions at high-tech start-up companies. He served as a software development manager, lead algorithm researcher, and as a hardware and logic design engineer. Mr. Kushnir has a B.Sc. and a M.Sc. (both Cum Laude) in Electrical Engineering, and a B.Sc. in Humanities and Social Sciences (also Cum Laude).
Department of Homeland Security
Noel Kyle is a Program Manager within the Department of Homeland Security's (DHS) Cybersecurity Education and Awareness Branch. She manages nationally-focused programs such as the Federal Virtual Training Environment (FedVTE) and its in-person component FedVTE Live!. Ms. Kyle is a subject matter expert in cybersecurity workforce development, with a focus on the human capital lifecycle - from identifying and hiring talent to retaining and engaging workers. She has been closely involved with efforts to define cybersecurity work, such as with a refresh of the National Cybersecurity Workforce Framework, and with work to develop cybersecurity recruitment and retention policies and programs. With more than six years' experience studying and supporting the cybersecurity workforce at DHS and more than a decade of experience managing financial, marketing, and supply chain projects with Fortune 100 companies and small businesses, she has a unique and strategic perspective on overcoming challenges and identifying opportunities. Ms. Kyle has a MBA from the University of Miami in Florida and an undergraduate degree from Old Dominion University in Virginia. She also holds Project Management Professional (PMP) and Six Sigma Green Belt certifications.
New York State Office of Information Technology Services
Joel Lombardi is an Associate Attorney in the Bureau of House Counsel at the Office of Information Technology Services. In this capacity, Joel handles the agency's legal review of contracts and related transactional issues associated with New York State enterprise IT systems, as well as the IT systems of the more than 50 ITS customer agencies. Prior to joining ITS, Joel served as a Senior Attorney for the Department of Health and Legislative and Administrative Counsel for the New York State Catholic Conference. Joel received his J.D. from Albany Law School and his B.A. from the University of Florida.
Dealy Mahler Strategies, LLC
Loren Dealy Mahler is the President and Founder of Dealy Mahler Strategies, LLC, a strategic planning and communications firm that helps companies, non-profits and organizations increase the impact of their work while effectively managing risk.
A seasoned strategic leader with high-level government and private sector experience, Loren has advised top government officials in her roles with the National Security Council, the Department of Defense, and on Capitol Hill; and advised senior executives from Fortune 500 companies and national nonprofits on growth and impact strategies.
With her expertise in both enterprise risk management and strategic communications, Loren has helped clients leverage privacy and data protection policies to further business objectives, while mitigating brand impact through effective planning and response. She has partnered with companies across multiple industries to directly advise their clients on cyber risk management and incident response.
Loren is a graduate of Princeton University and holds a Masters in Public Policy from the McCourt School at Georgetown University. She currently serves on the Board of Advisors for the Cyber Security Summit in Minneapolis, MN.
Robert Mayer is Vice-President of Industry and State Affairs with the United States Telecom Association (USTelecom) with responsibility for leading cyber and national security policy, state relations and coordinating various regulatory initiatives for the wireline broadband industry. He is the current chairman of the Communications Sector Coordinating Council (CSCC) which represents the broadcast, cable, satellite, wireless and wireline industries in connection with the DHS public-private partnership. Mayer currently co-leads the Multi-Association Framework Development Initiative that represents over 30 major U.S trade associations on cybersecurity risk management policy issues and regularly engages with top government leaders on cyber policy. In June 2015, Mayer was appointed to the FCC Communications Security Reliability and Interoperability Council (CSRIC V) after having led a 100 person team of cybersecurity professionals that produced a landmark report to adapt the NIST Cybersecurity Framework to five industry segments within the sector. Mayer serves as a "senior" industry official on the U.S Government's Unified Cyber Coordination Group (UCG) which coordinates national incident responses for major cyber events.
Prior to USTelecom, Mayer served as the top telecommunications official for New York State as Telecom Director of the New York Public Service Commission. In that capacity, he led several major initiatives including regulatory reform efforts and he created a new agency department that focused exclusively on network reliability and public safety matters. Prior to this appointment, Mayer was the lead regulatory practitioner in the Telecommunications and Cable Group at KPMG Consulting and was a consultant with Deloitte Consulting. Before that Mayer worked as a financial analyst in the international telecommunications divisions of Chase Manhattan Bank and JP Morgan. Upon completing law school, he led a team at the New York City Corporation Counsel that rewrote municipal rules for all City agencies following a major U.S. Supreme Court decision. Mayer served in the US Air Force supervising intelligence and communications operations at NATO Headquarters, Southern Europe in Italy. He received his B.A from Albany State University, his MA in Information Management from Central Michigan University, his MBA from Boston University, and his J.D from New York Law School.
John McCaffrey joined Westchester County, New York in 2011 as deputy CIO. In 2012, he was appointed as CIO by County Executive Rob Astorino. He also serves as the county's Records Management Officer and ex-officio board member of the Westchester County Historical Society. As CIO, he is the lead administrator on business process revolution as well as enterprise digital transformation. Focus areas include governance, budgeting/cost control, tech development and security among, others. Some of the major projects being tackled in Westchester are security controls, compliance, consolidation, shared services, 9-1-1 public safety agency coordination and public safety radio systems.
From 2005--2012, McCaffrey was CIO for Orange County, New York. He was recognized for revitalization of IT, improved service, and cost reductions through staff training and technology programs. McCaffrey was also responsible for the creation of Orange County's security policies and business continuity infrastructure and plan. He was on Team Orange employee management training committee and Orange County's business retention committee and served as advisor to the Orange County Business Accelerator.
From 1999--2005, McCaffrey was the first director of MIS for the village of Skokie, Illinois, hired to create and manage the new MIS department. Prior to that, McCaffrey served seven years as Deputy Commissioner of Finance in North Hempstead, New York, culminating an 18-year career there in prior positions of system development and technical management.
Dimitri McKay has held a list of positions in the security space through his twenty plus years of working with Fortune 500 companies in and around security best practices, architecture and design. He is an avid blogger for trade magazines and a public speaker for industry shows covering topics such as security best practices, compliance, SIEM and big data. Currently he's a Staff Security Architect for Splunk. Prior to that he did penetration testing and vulnerability assessment consulting work. You can follow Dimitri on Twitter @dimitrimckay
New York State Office of Information Technology Services
Carey Merrill is the Special Counsel to the Chief Information Officer for Ethics, Risk and Compliance in the Office of Information Technology Services. Carey is part of a team of 20 Special Counsel appointed by the Governor across various state agencies to develop processes for identifying and mitigating risk, and to prioritize risk-reduction measures across agencies. Within ITS, Carey addresses compliance issues and mitigation of risk in many areas, including but not limited to cyber security, operations, regulatory compliance, internal controls, audit, procurement, and agency policies. Prior to her appointment as a Special Counsel, Carey served as Counsel to Professional Risk, Cyber and Surety underwriters at ACE North America, and as a Senior Claims Specialist. She also served as a Trial Attorney at the Military Personnel Litigation Division and Employment Litigation Division, and in various other roles within the United States Air Force. Carey holds a J.D. from George Washington University and a B.A. from Ithaca College.
Gary Miliefsky is the CEO of SnoopWall, Inc. and a co-inventor of the company's innovative breach prevention technologies. He is a cyber-security expert and a frequent invited guest on national and international media commenting on mobile privacy, cyber security, cyber crime and cyber terrorism, also covered in both Forbes and Fortune Magazines. He has been extremely active in the INFOSEC arena, most recently as the Editor of Cyber Defense Magazine. Miliefsky is a Founding Member of the US Department of Homeland Security (http://www.DHS.gov), the National Information Security Group (http://www.NAISG.org) and the OVAL advisory board of MITRE responsible for the CVE Program (http://CVE.mitre.org). He also assisted the National Infrastructure Advisory Council (NIAC), which operates within the U.S. Department of Homeland Security, in their development of The National Strategy to Secure Cyberspace as well as the Center for the Study of Counter-Terrorism and Cyber Crime at Norwich University. Previously, Gary has been founder and/or inventor for technologies and corporations sold and licensed to Hexis Cyber, Intel/McAfee, IBM, Computer Associates and BlackBox Corporation. Gary is a member of ISC2.org and is a CISSP(r). Email him at [email protected].
Twinstate Technologies, Inc.
Devi Momot holds the CISSP, GSLC and GISP certifications and is the President/CEO of a progressive technology company. Momot has a unique ability to communicate and articulate the complex issues surrounding privacy and security threats of today. For the previous decade, much of the communication and education available in security and privacy has been technically focused. Momot's efforts are to increase the knowledge level for non-technical leaders, whose decisions and future, require a better understanding of threats, security and privacy. Momot is a credential holding Information Security Professional and advises customers on the importance of privacy and security awareness and practice. Momot speaks nationally on the topic of security and privacy. She also has attended "Leading Professional Service Firms" at the Harvard Business School. She has a BS from the State University of New York, a certification in Telecommunications Management from Golden Gate University, and an AAS in Electrical Engineering from Mohawk Valley Community College. She is a present member of a number of advisory boards and Board of Directors, such as the Sophos Partner Advisory Council, Mitel Advisory Counsel, Channel Intelligence Consortium, and many others. Born and raised in northern New York, Momot enjoys family activities, ongoing learning, the outdoors and welcomes the opportunity to raise awareness and action when it comes to improving security and privacy.
Manny Morales is the former Director of the Information Security Office and IT Business Alignment at the New York State Office of the State Comptroller. He has been in the field of Information Security and Auditing for over twenty five years and in the field of Information Technology for over thirty five years, both in the private and government sector. He has worked for IBM, MetLife, in the areas of IT security, auditing, and security management. He has had his own consulting business, as well as being a principal security consultant working for Netigty and NYSTEC with the focus on state government. He has written articles on information security and has been a frequent speaker at various security conferences throughout his career. He is a certified security and auditing management professional and carries the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Software Manager (CSM).
Infinite Group, Inc.
Edward Nadareski is Chief Information Security Officer for IGI and is responsible for identifying, developing, implementing, and maintaining security-related processes for the company. Mr. Nadareski has more than 35 years of experience in the Information Technology field, including executive management roles in security, enterprise risk and compliancy, and business resiliency.
Christopher Novak is an internationally recognized expert in the field of Investigative Response and Computer Forensics. He has been involved with information security for over 17 years. He has assisted corporations, government agencies, and attorneys with all matters involving IT security compliance, litigation support, computer forensics, fraud investigations, and computer security incident response matters. Christopher is a co-founder of the Verizon Business Investigative Response Unit and an active senior investigator. He has led dozens of tactical response cases over the past 18 months and continues to respond to high-profile cases on a global basis. He works closely with local, state and federal law enforcement agencies as well as joint investigative operations coordinated with foreign law enforcement. As both a manager and a technical forensic investigator, Christopher provides regular advice and guidance to medium and large size organizations on a global basis. He specializes in resolving complex computer security incidents in a discreet manner. He maintains extensive experience on the latest and greatest commercial forensic hardware and software as well as working internally to develop proprietary and situation-specific applications. Christopher is an active public speaker and can be commonly heard at IAFCI, RSA, Gartner, SANS and other popular IT security events around the world discussing various topics ranging from high-level best practices to in-depth and technical training. He has also written numerous articles for various IT Security journals and trade magazines. Most recently he co-authored the 2008-2013 Data Breach Investigations Reports and is an active IT Security blogger. Christopher holds a Bachelor of Science Degree in Computer Engineering from Rensselaer Polytechnic Institute.
The NYS Forum Information Security Workgroup works with government agencies to develop education, training opportunities and tools focused on the essential issue of security. This session will be be presented by:
William Cross is the Chief Information Officer for the NYS Board of Elections. Bill has over 30 years experience in various IT positions, primarily in NYS government. Prior to joining BOE in August 2016, Bill served as the Director of Business Solutions for the NYS Department of State and the Office of IT Services (ITS). In previous positions, Bill was responsible for all aspects of network management and security, and served as the Department of State's first Information Security Officer (ISO).
Sanjay Goel is a Professor and Chair of the Information Technology Management Department in the School of Business, Director of the Center for Forensics Analytics Complexity Energy Transportation and Security, and the Director of Research at the NYS Center for Information Forensics and Assurance at UAlbany. He is also the Director of the Digital Forensics Program at the University. Dr. Goel received his Ph.D. in Mechanical Engineering from RPI. His research interests include information security, cyber warfare, music piracy, complex systems, security behavior, and cyber physical systems. His research on self-organizing systems includes traffic light coordination, smart grid and social networks. He won the promising Inventor's Award in 2005 from the SUNY Research Foundation. In 2006, he was awarded the SUNY Chancellor's Award for Excellence in Teaching, the UAlbany Excellence in Teaching Award, and the Graduate Student Organization Award for Faculty Mentoring. In 2010 he was awarded the UAlbany Excellence in Research Award. In 2015, he was also awarded the SUNY Chancellors' Excellence in Academic Service, UAlbany Presidents' Excellence in University Service, and School of Business Excellence in Research Award. He was named one of the three AT&T Industrial Ecology Faculty Fellows for 2009-2010. He has received grant funding from multiple sources including: National Institute of Justice, U.S. Department of Education, U.S. Department of Commerce, National Science Foundation, Intelligence Advanced Research Project Activity, Region II University Transportation Research Center, New York State Energy Research and Development Agency (NYSERDA), Blackstone Foundation, AT&T Foundation and James S. McDonnell Foundation. He recently received a $800,000 grant to establish a Blackstone Launchpad to foster entrepreneurship and innovation among students at UAlbany and a 1.6 M dollar award to develop strategies for detection of inside threat actors.
Mr. Christopher Wright is the Chief of the NCCIC Intelligence Support Branch, providing direct support to operational cybersecurity elements of DHS. In this position, he supervises and guides a staff of intelligence professionals in all-source intelligence analysis of cyber threats to Federal, State and local, and private sector networks and systems. The Branch conducts and produces unclassified and classified threat intelligence assessments, shaped by its integration with the NCCIC and in support of homeland and critical infrastructure defense, mitigation, and response efforts. Further, Mr. Wright serves as a principal intelligence briefer to the DHS Secretary and the leadership of DHS Components, including US Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), Secret Service, and the Transportation Security Administration (TSA).
Mr. Wright previously served as the acting Staff Director and Chief of the Operations and Communications Branch at the Defense Intelligence Agency (DIA) Office for Cyberthreat Analysis. He began his career at DIA conducting analysis of space and counterspace issues, including cyber threats to space systems, and also deployed in support of special operations forces during Operation Iraqi Freedom. He earned a Bachelor of Science in Electrical Engineering from the University of Florida and previously worked at Samsung Austin Semiconductor, as well as the Department of State's Bureau of Intelligence and Research.
Rob Zeglen is the Security Practice Leader at NYSTEC and has more than 15 years of experience in Cyber-Security. He has a broad range of experience in IT and associated technologies, including identity and access management, systems programming, performance computing, systems administration, information security architectures, web security, risk analysis, and security compliance and training. He has extensive experience in the private sector, having worked at Netscape, Sun Microsystems, GE Global Research, and Knolls Atomic Power Lab. Rob holds an undergraduate and M.S. degree in Computer Science and is a Certified Information Security Systems Professional (CISSP).
NCC Group Security Services, Inc.
Justin currently serves as Board of Advisor for Gwinnett Tech Cybersecurity Program and Board of Directors for TAG Young Professionals Society. For the past several years Justin has worked with Fortune 500 companies to help design, implement, and validate IT security systems.
Air Force Research Laboratory
Val Red is a Cyber Integration Program Manager and Computer Systems Engineer at the Air Force Research Laboratory Information Directorate, overseeing research and development (R&D) under the Disruptive Information Technologies effort. This work entails a 3 year, $3.15M investment towards novel cyber operations capabilities involving emerging technologies, such as assuring embedded systems within a Network Enterprise and applying blockchain for traceable, immutable sharing and auditing of data in cloud environments. His leadership of blockchain R&D has led to accepted academic conference papers across SPIE and IEEE. Additionally, he oversees and participates in R&D of reverse engineering and injecting customized, hardened embedded system firmware in an effort to secure Internet-of-Things' devices, industrial control systems, and even office automation networking hardware. He earned his undergraduate Bachelor of Science degree in Electrical & Computer Engineering at Rutgers University, the State University of New Jersey at New Brunswick, NJ in 2014. He earned his Master's Degree in Cybersecurity with a concentration of Cyber Operations at Utica College in May 2016. Most recently, he earned the title of Associate of (ISC)2 as of 2016. Prior to government service, he also served as a webmaster and junior system administrator for the Rutgers' Mathematical Finance graduate program and Rutgers Engineering Computing Services, respectively. In 2015, he ranked number 10 out of 483 infosec practitioners in the 2015 SANS Industrial Control Systems Cyber Security Challenge.
Deloitte & Touche
Pete Renneker is a Senior Manager with Deloitte & Touche Cyber Risk Services. He has built and supported resilience programs throughout North America, Asia, and Europe for clients in all industries and directed major program and IT service transformation efforts. Currently he focuses on supporting clients involved in significant cyber incidents by leading incident response, business resumption, and ongoing cyber resilience efforts. Pete serves as a Board Director for the Disaster Recovery International Foundation.
Keith Robertson (CISM, CIPP/G, NSA IAM, GSEC/GCIH, GSSGB, HITRUST) is a Security Strategist at GreyCastle Security. As a senior level technology, information security and risk management professional, Keith has over 15 years' experience in developing, implementing, and managing security solutions for financial, healthcare, retail, manufacturing, telecommunication, energy, travel, information technology, and other industries. Keith has extensive knowledge of HIPAA, PCI, HITRUST, HITECH, ISO, SOX, COBIT, NIST, FISMA, CMS, GLBA and ITIL standards/regulations ranging from risk management, incident response, and regulatory compliance that can be applied to network, application, and physical security.
Sage Data Security
John H. Rogers, CISSP, is the Manager of Professional Services at Sage Data Security of Portland, ME, and an information security professional since 2002. John has worked with organizations of all sizes in financial, healthcare, retail, and state government sectors to create, manage, and oversee comprehensive and effective cybersecurity programs. John endeavors to educate people at all organizational levels about their role in protecting sensitive information and helping to build Continuity Culture in their organizations.
Renault Ross is the United States Cybersecurity Business Strategist for Symantec, North America. In this role, Ross leads information security and privacy thought-leadership discussions and strategies, increasing Symantec's presence in public and private sector. He joined Symantec in 2007 and was appointed as the fourth US Distinguished Systems Engineer in 2015.
Ross represents Symantec as a conference keynote speaker, an expert witness providing senate testimonies (state) and CxO briefings around the country on security best practices. His expertise lies in enterprise security management, virtualization, mobility and cloud.
Prior to Symantec, Ross worked as a global security architect at a private company located in Atlanta, GA. His duties included establishing the organization's first global security program with compliance, vulnerability management and incident response.
Ross holds many certifications including, the Certified Information Systems Security Professional (CISSP), Certified HIPAA Security Specialist (CHSS), Microsoft Certified Systems Engineer (MCSE), Symantec Certified Specialist (SCS), Certificate of Cloud Security Knowledge (CCSK), and VMware Certified Professional (VCP5).
Jeff Roth is a global information assurance specialist providing organizations with expert security consulting services. Jeff has over 30 years' highly technical experience within information system security engineering and cybersecurity assessments and audits services worldwide. Specifically, Jeff leads high profile Federal, State, Municipal and private sector critical infrastructure system security engineering and compliance assessments. In addition, Jeff performs cybersecurity research in the following areas: contributor and subject matter expert for the 4th and 5th editions of COBIT(c) and COBIT(c) 5 for Security; coauthor of the ISACA 26th Edition of the 2016 CISA Review Manual; member of the National Institute of Standards and Technology (NIST) cybersecurity working group that developed the National Initiative for Cybersecurity Education (NICE) foundation training course framework, materials and exams; currently on the working group revising the NIST/ISACA CSX body of knowledge and supporting publications.
Mike Semel is a recognized thought leader in the healthcare and technology industries. His new book, How to Avoid HIPAA Headaches, has already reached Amazon Bestseller status. In 2016, Mike was invited to speak to the NASA medical team at the Kennedy Space Center. Mike has owned or managed technology companies for over 30 years; served as Chief Information Officer (CIO) for a hospital and a K-12 school district; and managed operations at an online backup company. He has chaired CompTIA's IT Security Community, is an active member of the FBI's Infragard program, and has authored HIPAA certification courses. Mike has created business continuity plans for small businesses, healthcare organizations, and financial institutions, which have helped them survive the Joplin tornado, Hurricane Irene, SuperStorm Sandy, and many smaller disruptions. Mike has been an Emergency Medical Technician; fire department rescue captain; has taught hazardous materials incident management at the New York State Fire Academy; and spent 14 years managing Red Cross Disaster Services at the state and local level. He was Safety Director at the Watkins Glen International auto race track, and traveled with the IndyCar Safety Team for 19 years.
Christie Struckman covers the complex challenges of organizational change and business transformation with a focus on the people perspective. Her areas of focus include IT management, the role of the CIO, organizational change, cultural change and bimodal practices. Ms. Struckman is a member of Gartner's Office of the CIO team. Prior to joining the Research team, Ms. Struckman worked as an Executive Partner in Gartner's Executive Program providing guidance and advice to CIOs in multiple industries on most technology and strategy initiatives. Before joining Gartner, she had 10 years of experience in organizational and leadership development in the high-tech industry and public sector. She worked for nine years in customer service, backroom IT services, IT change management and strategic programs in the IT department at Intel. She worked for 10 years consulting on program metric design, survey validation and analysis. She also was a professor focused on the business school topics of organizational behavior, change and leadership. Education: Ph.D., Organizational Behavior, Binghamton University, Binghamton, New York; M.S., System Management, Golden Gate University, San Francisco, California; B.S., Decision Science, George Mason University, Fairfax, Virginia
A 20-year veteran of the technology industry, Steve Struthers serves as DynTek's Vice President - Security Solutions and Chief Technology Officer. Struthers directs sales, operations, customer support and partner relations for the company's security solutions and services. Struthers joined DynTek during the October 2006 acquisition of TekConnect Corporation. While at TekConnect, as Vice President and later CEO, he helped grow that company from a small 10-person organization to a venture-funded operation that peaked in 2002 with close to $20M in annual sales. Over the last 20 years, Struthers has founded five different companies in the technology, publishing, telecommunications and transportation industries, two of which were eventually sold to publicly traded companies. Struthers has served in numerous capacities over the years, including President/CEO, CTO, VP of Sales and VP of Engineering Services.
Syracuse University - Burton Blatt Institute
Dr. Joseph Treglia is Project Director and Researcher for the Burton Blatt Institute (BBI) at Syracuse University (SU), and adjunct faculty in the School of Information Studies and Martin J. Whitman School of Management also at SU. He is Principal investigator (PI) on sponsored research projects from the New York State Division of Homeland Security and Emergency Services (NYS DHSES) examining Emergency Communications Governance and (SOP's). His PhD is in Information Science & Technology and MS is in Information Management, both from SU. He was a National Science Foundation (NSF) Scholar in the Federal Cyber Service Program (SFS), a Research Associate on the Public Safety Networks Study, sponsored by the National Science Foundation (NSF), and Assistant Director of the Wireless Grids Innovation Testbed (WiGiT) Lab of the School of Information Studies. He taught Organizational Information Security and Management Principles, among other courses. His work has been published and presented locally and internationally including: ACM SIGKDD Workshop on Cyber Security and Intelligence Informatics (CSI-KDD) in Paris, France; International Institute for Computer Sciences, Social Informatics and Telecommunications Engineering (ICST) Conference in Athens, Greece, and the Hawaiian International Conference on System Sciences (HICSS), Hawaii; and the NYS Cyber Security Conference, Albany, NY. His research interests include trusted information sharing, information assurance, security, cyber security issues, intelligence and information sharing within and across organizations and inclusion. Dr. Treglia founded United Information Services, an internet services and information systems consulting group. He was a Director for ARISE, Inc., a large nonprofit serving those with disabilities in Central New York. He is on the APCO P43 Cybersecurity Working Group. He serves as Special Assistant to the Sheriff for the Madison County Office of the Sheriff and has 25 years' experience in law enforcement, investigations and working with technology to support operations.
Absolute Software Corporation
Since November, 2010, Stephen Treglia has been Legal Counsel for the Investigations Section at Absolute Software Corporation (the leading maker and distributor of mobile tracking software for stolen devices), and HIPAA Compliance Officer for that group since January, 2013. In March of 2015, he received his HealthCare Information Security and Privacy Practitioner (HCISPP) Certification from (ISC)2. Prior to joining Absolute, he concluded a 30-year career as a prosecutor in New York, having created and supervised one of the world's first computer crime units from 1997-2010. For 10 years prior, he supervised numerous organized crime investigations in the New York City metropolitan area. Treglia's areas of legal expertise related to technology include: healthcare data security and privacy, search and seizure of digital evidence, computer forensics performed in a legally admissible manner and the general admissibility of computer-generated evidence. Since 2004, he has routinely assisted in training computer forensic examiners with the FBI's Computer Analysis Response Team.
Altaz Valani is a Research Director at Security Compass responsible for managing the overall research vision and team. Prior to joining Security Compass, Altaz was a Senior Research Director in the Application Development Practice at Info-Tech Research Group providing IT managers, directors, and senior managers with guidance and analysis around application development - including Agile, Cloud, Mobile, and the overall SDLC. His other past positions include Senior Manager at KPMG, and various entrepreneurial and intrapreneurial positions where he worked side by side with senior-level stakeholders at blue chip clients to drive business value through software development.
Altaz enjoys coding, teaching, and the challenge of learning. He received his BEng in Computer Engineering from McMaster University, and his MBA from the University of Western Ontario.
Annese & Associates, Inc.
Joe Vigorito is the Director of Mobility & Security at Annese. For more than thirty years, Joe has led Information Security and Enterprise Infrastructure organizations including financial services, retail, oil and gas, specialty chemicals, healthcare, and many more. Joe's credentials include being both a Fellow and Diplomate for the American Board for Certification in Homeland Security. He is also certified in Disaster Preparedness and as a National Threat Analyst. Joe is also a member of Building Industry Consulting Services International, the Information Systems Security Association and the Information Systems Audit and Control Organization. Joe is a former Fortune 250 HIPAA Security Officer, as well as CISO and Chief Privacy Officer. Though Joe is also a Homeland Security Emergency Manager, he spends most of his free time cooking a variety of Italian dishes for his family or entertaining his two cats, Hunter and Cairo, volunteering any remaining time to Wounded Warriors and Fisher House.
Mark Villinski brings more than 20 years of technology sales, marketing experience and channel leadership to Kaspersky Lab. As Director of Field Marketing, Mark is responsible for field marketing efforts in the United States and for increasing awareness of Kaspersky Lab as a thought leader in the online security industry. Prior to joining Kaspersky Lab, Mark served as Director Worldwide Channel Operations at Enterasys Networks. Mark has presented at several industry conferences across North America addressing audiences on the challenges facing IT departments today and discussing ways organizations can protect themselves from the current threat landscape.
Michele is a Senior Consultant with NYSTEC's Information Security practice. She currently assists the NYS DOH Bureau of Information Security and Privacy with defining data sharing agreements. She is an attorney with more than five years of hands-on experience in document management, quality assurance, and other areas of information technology. She holds a JD from Albany Law School.