Bob Adams is the Lead Cybersecurity Engineer for iSECURE, LLC, a woman-owned cybersecurity company based in Rochester, N.Y. servicing clients nationally throughout the United States. iSECURE delivers enterprise class security services and solutions to various market segments, including Medical, Legal, Finance, Higher Education, Industrial, and Fortune 500 companies. With more than 35 years of experience and a self-professed geek, Bob has spent most of his career architecting, installing, securing, and auditing networks for corporate and enterprise clients. Adams has spent the past 18 years advocating compliance frameworks and solutions that enable his clients to operate safely and securely, regardless of their industry. His passion to make cybersecurity accessible, useful, and interesting has led Bob to develop compliance resources and seminars focusing on markets that need more visibility and education. Prior to discovering computers, he worked as a nightclub DJ traveling the east coast working in some of the largest nightclubs in the U.S. When Bob isn’t in front of a computer, he spends his time as a motorsport announcer and photographer for events throughout North America, including Watkins Glen, where he volunteers and has been part of the Watkins Glen Vintage Gran Prix for more than 25 years.
Daniel J. Altieri
Harter Secrest & Emery, LLP
Dan Altieri is a Partner with Harter Secrest & Emery, LLP who takes a business-oriented approach to his legal practice. He begins each engagement by taking a moment to understand the client: who they are, what is important to them, and what their goals are. This enables him to provide practical solutions customized to fit the client’s needs. He prides himself on his responsiveness, hands-on work style, and his ability to jump into the conversation to quickly understand all the pieces of the puzzle and how they fit together. As an integral part of the firm’s established privacy and data security team, Dan quickly identifies potential legal issues pertaining to security and works closely with clients to address them in an efficient manner. In education, healthcare, retail, manufacturing and other industries, Dan provides guidance on best practices to avoid a data breach, regulatory compliance and risk assessments, post-incident response, due diligence in acquisitions, potential litigation, or regulatory action, and more.
An effective leader, speaker, and educator with advanced skills in cybersecurity, Jeffrey has extensive experience building strong collaborative working relationships while delivering secure solutions solving real-world problems. He delivers efficiency and value from a people, process, and technology perspective. He excels in business process improvement, IT operations, compliance, and audit across multiple industries in the U.S. He has expertise in stakeholder analysis, relationship building, risk management, and information security.
SVAM International Inc.
As the Global Managing Director at SVAM International, Kiran oversees SVAM’s Security Advisory Group, which encompasses various areas, such as cybersecurity consulting, proactive risk management, digital identity, cyber defense, response and remediation services, and managed security services, catering to all industries. With more than 25 years of experience, he is a senior technology risk executive who has helped numerous organizations manage their technology risks and transformation programs. His extensive knowledge spans information security, ERP application security, identity, access management, and IT and business transformation. Additionally, he has successfully implemented compliance programs in adherence to enforcement actions and industry-recognized standards such as SOX, COBIT, HIPAA, FFIEC, NIST, and ISO 27001 He holds various certifications, such as CISA, CRISC, CDPSE, and CMMC RP, and he actively participates in the cybersecurity community. He is a lecturer at Columbia University for the IT Risk Management and Data Privacy and Strategic Communication course for the Enterprise Risk Management graduate program, a member of the Cybersecurity Advisory Board for Harvard Business Review, and an executive member of the Forbes Technology Council. He serves on the Board of Directors for Green Guerilla, a non-profit organization.
Anita is a researcher and cybersecurity student at Utica University, specializing in digital forensics and incident response. Her work with Austen D. Givens (Utica University) and Max Gorbachevsky (Utica University) on the cyber dimensions of the war in Ukraine was recently presented at the Homeland Security Symposium and Expo at Christopher Newport University in Virginia.
John is a veteran technologist, CTO and CISO, with nearly 30 years of experience building and running enterprise IT and shepherding information security programs towards maturity. Using industry standards like CIS Controls and NIST CSF, he helps companies improve and develop their cybersecurity programs. John is well versed in the area of regulatory compliance and has helped companies advance their compliance programs for PCI-DSS, HIPAA, FERPA, A133 and GDPR. John has his CISSP and several GIAC certifications (GSEC, GCIH and GCWN) and has been active in the local information security community, through groups like Infragard and ISSA. John is a regular presenter at conferences and has a LinkedIn video series called "Inside the CISO's Office" that airs new episodes every month.
Elijah is a Regional Engagement Manager for the Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the Center for Internet Security, Inc. He is a member of the Stakeholder Engagement team, which works with our nation’s State, Local, Territorial, and Tribal (SLTT) governments and public education institutions to provide free cybersecurity resources and services. Elijah manages the MS-ISAC members in the East Cost/North East regions, supporting their overall cybersecurity posture.
Rich is the founder and Managing Principal for CxO Expertise, LLC specializing in helping C-level executives and companies solve complex business and IT problems using innovative strategies and solutions. He has more than 35 years of IT consulting, development and support experience with a specialty in IT risk, such as cybersecurity, business resilience and business continuity.
Richard is a SME for ZTNA, SASE, SSE and related security technologies for network security including 5G, WIFI, SD-WAN, SatComm, enterprise, cloud and distributed devices. He is skilled in SASE, SaaS, C++, Software Engineering and Development, Linux, Ethernet, TCP/IP, Management, Scalability, Agile and Waterfall methodologies, and Zero Trust Network Architecture. He has also worked as a CTO for Dispersive Networks, Inc., holds a Bachelor of Science in Computer Science from Florida Atlantic University and studied at the Stanford University Graduate School of Business.
Kroll Cyber Risk
Courtney Dayter is an Associate Managing Director in the Cyber Risk practice of Kroll, based in New York. Courtney has an extensive background in cyber investigations, specializing in forensics and incident response. Courtney has been involved in engagements that focuses on data breach incident response for both global and smaller boutique clients, large-scale information security reviews, and privacy and information technology related matters. In the course of these investigations and reviews, Courtney has managed numerous incident response engagements and has performed countless digital evidence examinations for clients across diverse industries. Her cases have involved issues such as ransomware, business email compromise, insider theft and credit card breaches and advanced persistent threats. Courtney is particularly skilled in managing cyber incident response engagements and supporting clients through the incident response life cycle.
Deidre is the founder and CEO of CyberSN, the largest cybersecurity talent acquisition technology and services firm in the U.S., transforming job searching and hiring for the cybersecurity industry. Standardizing all cybersecurity job functions into a common taxonomy of 45 roles, the CyberSN platform allows professionals to make anonymous, public profiles that match with employer-posted job descriptions using the same taxonomy. This innovation is disruptive and solves a serious national security issue. Deidre’s leadership style combines 25 years of experience in technology and staffing, her love of the cybersecurity community, and a genuine enthusiasm for people. She has led large-scale sales and operations and built high-performance teams at Rapid7 and Motion Recruitment prior to founding her own organizations. She believes a company culture established on ‘anything is possible’ attitudes, open communication frameworks, positive energy, career advancement, and kindness enables her teams to have fun at work and reach beyond peak performance. She also encourages using EQ (Emotional Intelligence) skills: self-awareness, self-regulation, motivation, social skills, and empathy. Deidre has also founded SecureDiversity.org, a non-profit organization working to raise awareness for and increase the hiring of women and underrepresented humans in the cybersecurity workforce. She has also spoken at some of the biggest tech summits, conferences, and podcasts in the world, including ISC2 Congress, RSA, ISSA International, and Hacker Halted.
Eric is a Managing Director and AI Fellow in Deloitte’s Government and Public Services practice. He leads research, development, prototyping and delivery for U.S. government clients in areas including AI/ML, analytics, large-scale data science, computer network analysis, applied graph analysis, and behavior-based anomaly detection. He also leads analytics-based product development for Deloitte. He has more than 20 years of experience using software and data analysis principles and techniques to research, develop, and demonstrate solutions to mission-driven problems. He holds a Bachelor of Arts in Computer Science from Carleton College and a Master of Science in Computer Science from Johns Hopkins University.
Ryan Ettl is a 20-year veteran within the government technology community. Over the course of his career, Ryan has held multiple security certifications including GSEC, GCIA, CISSP and has been invited to speak on the subject of cyber security at various conferences and associations such as ISSA (the Information Systems Security Association) and CISO Executive events. Starting his career in Network Security Operations and progressing to Security Architect, Ryan has extensive experience defending against cyber threats from both engineering and operational perspectives. Currently a Product Security Specialist with Infoblox Public Sector, Ryan for the past several years has helped State, Local, and Education (SLED) agencies’ improve their security posture to gain operational efficiencies and business productivity.
Ames is a Principal Sales Engineer at ForgeRock with a decade of experience in IAM for public sector and higher education, focusing on both workforce and consumer use cases. Ames is passionate about maintaining the highest possible security for the digital access experience for citizens, students, parents, contractors, workforce, and partners. He has held development, architecture, and leadership roles in public and private sector.
LexisNexis Risk Solutions
George is a subject matter expert for customers in the government space. George provides use cases and workflow designs to mitigate identity cyber fraud resulting from increasing use of stolen identities, fake identities, and malicious BOTs. Workflow solutions include data-driven digital identity risk assessment with physical identity verification and step-up authentication via LexisNexis Risk Solutions physical identity products. George works with various LexisNexis Risk Solutions business development teams to scope identity solutions from rapid shifts in various Internet threat landscapes. Use cases include solving state agency public benefits web portal fraud, integrating with leading Identity and Access Management (IAM) vendors, and work-from-home remote access fraud.
Sailesh (Sai) is a Partner in KPMG’s Cyber practice with over two decades of cybersecurity, risk, and IT advisory experience. His current and past clients include some of the leading organizations in healthcare, insurance, banking, and investment management. He is on the cybersecurity advisory board of a Fortune 200 company. He has served as a guest speaker on the topic of cloud security at several colleges as well as national and international conferences.
Ruskin Moscou Faltischek, P.C.
Andrew Garbarino is Counsel at Ruskin Moscou Faltischek, P.C. and is the co-chair of the White Collar Crime and Investigations practice and a member of RMF’s Health Law Department as well as the Not-For-Profit, Securities Regulation, Cybersecurity and Data Privacy, and Blockchain Technology and Digital Asset practice groups. He has managed dozens of internal investigations for clients including municipalities, hospitals, medical practices, law firms and other businesses. He often liaises with forensic experts, private investigators and members of law enforcement. Andrew has also addressed cybersecurity breaches and data privacy incidents involving insider theft, ransomware and other intrusions.
Articles by Mr. Garbarino have been published in the New York Law Journal, the Nassau Lawyer and Long Island Business News. He is a member of the New York State Bar Association’s Dispute Resolution Section, where he chairs the Health Care Committee, and Criminal Justice Section, and serves on the White Collar and Ethics Committees.
Mr. Garbarino is a fellow of the State Bar Foundation. In addition to his work as an attorney, Andrew is the Vice President of the board of directors for the Association for Mental Health and Wellness.
Erik oversees all Global Executive Engagement in the Global Sales organization at Tanium. A CIO/CTO, he has spent most of his career as a C-level executive leading enterprise technology organizations in the space of modernization, full stack observability and digital/cloud transformation across a host of industries including Financial Services, Global Trade/Supply Chain, and e-Commerce. Erik joined Tanium in November of 2021 initially as the CIO for Financial Services, a position he still holds, and was soon after asked to lead the Global Executive Engagement Team. Erik partners with global customers and prospect organizations to drive platform visibility, enterprise maturity and security solutions at scale. He is a passionate learner, coach and business partner for Tanium customers. Erik is bilingual in German and English and a member of the NJ Society for Information Management (NJSIM). He is also on the Advisory Board at New Jersey Institute of Technology and is a guest lecturer at the University.
F. Paul Greene
Harter Secrest & Emery LLP
F. Paul, PhD, CIPP/US, CIPP/E, CIPM, FIP is Chair of the Privacy and Data Security Practice Group at Harter Secrest & Emery, LLP. He speaks and publishes regularly on the intersection of data protection, technology, and people, and represents a wide variety of organizations on data protection issues. He is a Distinguished Fellow of the Ponemon Institute and has been recognized by Chambers USA and other organizations in the fields of data protection and litigation.
Christie Hall is a Principal Consultant at NYSTEC specializing in cybersecurity and building compliance programs that support client’s regulatory and contractual requirements. Christie has over 25 years of experience in Information Technology and Cybersecurity. Over the past 8 years, she has focused on the security and privacy of health information technology and data exchange supporting efforts such as statewide health information exchange of clinical and health insurance claims data. Christie previously worked in the Aerospace industry building, growing and leading IT operations. She has been an internal ISO auditor and Lean Manufacturing Facilitator. Christie brings her deep care for people and passion for programs into her work supporting clients.
Jeff Janies is a Specialist Leader in Deloitte’s Government and Public Services practice. He manages projects in the development of analytic capabilities supporting network security operations. His current work includes standing up new SOC for State-wide use. He has over 18+ years of experience in software development and network traffic analysis for security operations. He holds a B.S. in Computer Science from LSU and a Master’s in Computer Science from the University of South Carolina.
Chris is the Public Sector Business Development Executive at Tenable, where he develops strategic cybersecurity initiatives and supports programs in federal, state, and local markets. Prior to joining Tenable in 2017, Chris served in a broad range of leadership roles in Public Sector IT contracting, including business operations, contract and program management, and business development. Chris began his professional career as an officer in the U.S. Navy. After leaving active service, he continued to serve in the U.S. Navy Reserve, retiring at the rank of Captain. A graduate of the U.S. Naval Academy, Chris also holds a J.D. from The George Washington University Law School.
Liam is a Director of Technical Account Management at Tanium where he helps customers achieve their most challenging IT operations and security outcomes. Prior to Tanium, he spent more than a decade in the public and private sectors working with enterprise IT deployments for critical control systems and public safety. An Iowa State University engineering alumni, he currently resides in sunny Minneapolis, Minn. with his wife, Karrin, and their dog Capone.
Susie helps organizations retain and develop their people through employee engagement, strategic internal communications, leadership development, culture programs, and coaching. She works with leaders to identify high-potential employees and conduct succession planning to align their skills to organizational needs, for now and the future. She has launched employee programs focused on training and development; mentoring; and diversity, equity and inclusion in the public and private sectors, including for a major city’s cyber agency. Throughout her career, Susie has also led projects for international organizations, such as the United Nations and the World Economic Forum. She is a certified executive coach.
Verizon Cyber Security Consulting
Neal is a Principal Consultant with Verizon’s Cyber Security Consulting Services. In this role, Neal is chiefly responsible for managing the conduct of computer forensic investigations, analysis, data recovery, case-load intelligence and IT investigative work related to delivery of the team’s book of business, including all matter related to PCI/PFI investigations, liaising with the payment card brands and providing advisory consulting services to client senior management and the C-suite. Neal is an active public speaker, discussing various topics ranging from high-level best practices to C-suite executive briefings. He has been a contributing author to the Verizon Data Breach Investigations Report and routinely presents the report and its findings to audiences and at conferences on a global basis. Neal holds an MBA from the Hagan School of Business at Iona University and a Bachelor’s degree in Economics from Fordham University.
Global Risk Management Network, LLC
Dr. Yogesh Malhotra (‘Yogi’) is the Chairman & CEO of the Silicon Valley-Wall Street-Pentagon-Global Digital CEO Practices Pioneer New York Venture Capital & Private Equity Firm Global Risk Management Network LLC. The firm covers MIT-Princeton Artificial Intelligence (AI), Machine Learning (ML), Deep Learning (DL), Natural Language Processing (NLP), cyber, crypto, Quantum and Risk Computing Faculty-SME with AI-Quant-FinTech Postdoctoral research and development impact ranked among Nobel Laureates, such as Herbert Simon and Black-Scholes. The firm leads AI-ML-Cyber-Crypto-Quantum-FinTech-Risk-Cloud-Computing practices as an Amazon AWS Cloud Computing Network Partner. Our USAF-AFRL Digital AI-ML-Quant-Cyber-Crypto-Quantum-Risk-Computing CEO Networks guiding Pentagon Joint Chiefs-USAF & USSF Chiefs advance upon our world’s first, foremost and largest global Digital Transformation Networks, with millions of worldwide organizations such as Accenture, Goldman Sachs, Google, IBM, Microsoft, and PwC as early adopters.
Our direct client roster includes Silicon Valley venture capitalists and CEOs; trillion-dollar Wall Street hedge funds; “Big-4” IT partners, such as Accenture; Silicon Valley strategy and consulting Partners, such as McKinsey; global telecom, semiconductor, and health technology firms, such as British Telecom (UK), Intel Corporation, and Philips (Netherlands); big-tech firms such as Google, IBM and Microsoft; Wall Street investment banks, such as JP Morgan; digital marketing firms, such as Ogilvy; world-leading management and leadership institutions and programs, such as Harvard MBA, Harvard University, MIT, Princeton University, and United Nations HQ; U.S. and world governments, parliaments, cabinets and nations, such as Switzerland, Netherlands, South Korea, and, Mexico.
Our digital transformation practices are adopted and recommended by global business, IT, defense and space industry leaders, such as Microsoft founder Bill Gates; the PwC Vice-Chairman & CKO; the DoD Undersecretary; and CIOs of the U.S. Air Force, Army, and Navy, as well as top commanders and leaders of Allied Forces among other world leaders.
Our interviews and worldwide reviews of our tech ventures as global industry benchmarks, including the World’s Top-ranked Digital Site, Search Engine, and Social Network, appear in most premiere business and technology press, including Business Week; Fortune; Fast Company, Inc.; The Wall Street Journal; The New York Times; Chief Executive; Computerworld; Information Week; and CIO Magazine.
‘Yogi’ is profiled in Marquis Who's Who in America, Who's Who in the World, Who's Who in Finance & Industry, Who's Who in Science & Engineering since 1999.
Dean is the Business Intelligence Manager for GreyCastle Security, a leading cybersecurity company that has placed on Inc. 5000’s Fastest Growing Companies in America for the past four years. At GreyCastle Security, Dean is responsible for analyzing internal corporate data and external industry data to drive the strategic focus and direction of the organization. His insights have assisted in experiencing 32 percent year-over-year sales growth. Dean’s philosophy is that a successful growth strategy must include the effective use of impactful data-generated insights. Prior to joining GreyCastle Security, Dean attended Siena College, where he earned a Bachelor of Science Degree in Marketing with a concentration in market research and digital marketing. Dean is currently pursuing a Master's in Business Administration, with a concentration in Corporate Finance. In 2020, Dean earned a graduate-level data analytics certificate from Siena College. Dean also holds various industry certifications, such as Google’s AdWords, Analytics and Mobile Site certification, all of Hubspot’s marketing certifications, and SEMrush’s SEO certifications.
Joseph (Joe) is a long-tenured Account Manager and Business Development Manager at Spruce. Joe has both extensive project delivery and business development experience directly with large, complex municipal governments like the City and State of New York. Joe’s experience with Spruce as an Account Manager includes direct project oversight of engagements ranging from cybersecurity consulting to ERP system implementations, infrastructure upgrades, and system assessments. He has working knowledge—sometimes hands-on—of many of the leading platforms and technologies currently in use and emerging in government agencies, such as business automation, ERP, cloud, cybersecurity awareness, and robotic process automation tools. He works with internal teams, client stakeholders, and subcontractors to ensure timelines are met and the client experience is consistently satisfactory. He excels at keeping lines of communication open to anticipate and prevent developing issues. Joe’s business development experience at Spruce includes managing many Spruce accounts in both the public and private sectors, including municipal clients in the City of New York and City of San Jose, as well as State clients such as the Pennsylvania Turnpike Commission, the University of Illinois, and Orange County IT, among many others. He also actively manages subcontractor, supplier, and consultant relationships to ensure Spruce has a steady source of diverse partners with expertise in any service area. Other past experience in the public sector includes working for Morris County Superior Court as an Assistant Court Clerk. As Spruce’s City Account Manager, Joe will draw upon prior experience in diverse project, program, relationship, and team leader roles to facilitate communication with OIT and other client agencies, manage service levels, coordinate with the extended Spruce account team, and ensure the success of each City project and the contract as a whole.
Carl is the Co-Founder and President of eMazzanti Technologies, CISSP, and a four-time Microsoft’s Partner of the Year, leading one of the premier IT consulting services for businesses throughout the New York metropolitan area and internationally. The firm manages the cybersecurity coverage for more than 400 active organizations ranging from professional services firms to high-end global retailers. eMazzanti is all about delivering powerful, efficient, cybersecurity tools and outsourced IT services, such as computer network management and troubleshooting, threat hunting, PCI DSS compliance, security awareness implementations, mobile workforce technology, malware remediation, cloud computing, and business continuity and disaster recovery.
Shawn is a Solution Architect for Rubrik where he helps customers assess their security posture and understand where systems may be at risk. Prior to Rubrik, Shawn worked in various IT roles focused on data security for nearly 25 years. Shawn holds an MS in Computer Information Systems from Boston University and a BS in Business Administration from SUNY Buffalo. Shawn resides in the greater Albany area with his wife and two of his three children and has been presenting to audiences across the US concerning data security for over 10 years.
Custom Computer Specialists
Dennis is the Director of Security Solutions at Custom Computer Specialists. He has more than 30 years of experience in the field of technology with a concentration on developing data security solutions. He dedicates his time to designing and developing security solutions to meet the specific needs of organizations throughout the Northeast.
Dennis is frequently featured as a guest speaker and panelist at regional conferences, seminars and webinars on topics such as cybersecurity, disaster recovery and cloud migration. In addition, he has authored numerous articles on cybersecurity best practices.
Mara leads a human centered-design approach to service delivery, workforce and customer experience, as well as organization transformations for state, local and international donor agencies. She specializes in leading large-scale agency-wide transformations in health and human services by creating organizational strategies and working with clients on how to prioritize changes and implement them in a way that puts stakeholders and beneficiaries at the center of the journey to create more sustainable outcomes, resilient operations to navigate ongoing shifts, and deliver better service for customers. As a workforce experience leader for Government and Public Service practice, Mara brings differentiated workforce experience solutions that can be scaled across sectors and results in increased workforce productivity, better talent retention, and improved mission outcomes for government organizations.
Neil Pathare is a Senior Security Consultant at Synopsys with a background in Software Engineering, proficient in secure coding and building security in DevOps.
Jim’s role as Fortinet’s Field CISO for the Public Sector and Vice President of Information Security leverages his nearly 40 years leading and driving innovation in cybersecurity, threat intelligence, and cyber strategy. Prior to joining Fortinet, he served as the National Intelligence Manager for Cyber, the senior Federal Executive focused on cyber intelligence within the $80B+/100,000 employee US Intelligence Community (IC). He led creation and implementation of cyber strategy for the 17 departments and agencies of the IC, set integrated priorities on cyber threat, and served as the senior advisor to the Director of National Intelligence (DNI) on cyber issues. He brings a broad enterprise-level approach to cybersecurity honed as a member of the Executive team that created and oversaw implementation of the multi-billion dollar whole-of-government Comprehensive National Cybersecurity Initiative (CNCI), which generated new government cyber capability and enhanced cybersecurity in the private sector and critical infrastructure. Mr. Richberg’s broad operational experience – including his 20 years at CIA – gives him practical insight into difficult cyber problems ranging from advanced threat capabilities to insider threat and supply chain integrity. He helped build the field of cyber threat intelligence analysis and has been an innovator in measuring cyber performance, risk, and return on investment (ROI). He has extensive experience engaging with audiences ranging from Heads of State and CEO’s to analysts and IT staff. He brings a strong focus on strategic problem solving (identify and solve the key problem vs. the most visible one) to executive-level conversations, and he has a track record of successfully framing complex problems in readily understandable terms that facilitate analysis and formulation of solutions. Mr. Richberg is a member of the World Economic Forum’s Cybersecurity Leadership Community, the CNBC Technology Executive Council, and the Forbes Technology Council. He currently focuses on helping organizations manage cyber risk and improve IT efficiency and security. In his non-cyber moments, he builds and uses large telescopes and has run astronomy outreach programs for the Smithsonian Institute and the National Park Service.
Jeremiah Salzberg is a security leader with over 25 years of security leadership experience in the financial, telecommunications, and manufacturing sectors. He has held security positions responsible for engineering and architecture, pen testing and incident response, as well as numerous CISO-level positions. In his role as chief security technologist for CDW, Jeremiah is charged with evaluating current and emerging security technologies to ensure that clients are able to effectively address their cybersecurity challenges, and take a forward-leaning approach to prevention, detection and response. He also engages with CDW clients to discuss their security strategies and speaks at conferences.
- Taught hacking exposed courses at Blackhat and to the NSA
- Hunted hackers worldwide for a large financial
- Led network pentesting line of service for the top pentesting firm of its day
- Reduced agent based computer fraud by 99% for a large money transfer company
- Helped obtain PCI certification for large food manufacturing and shipping company
- Transformed security as a CSO at a bank taking them from weekly compromises and OCC MRAs to no compromises in 4 years and moved to be a reference bank by the OCC
Aaron Sanderson has 27 years of IT networking and 17 years of cyber security technical experience as a highly effective penetration tester, cyber forensics consultant, and subject matter expert to military agencies, U.S. defense organizations, and commercial enterprises. He mentors security personnel on new techniques designed to improve security posture and he is a researcher of various threat actors to bring knowledge of new attack methods to clients. Mr. Sanderson has an active Top Secret/SCI with current SSBI clearance, is a Certified Information Systems Security Professional (CISSP) and a Certified Ethical Hacker (CEH).
Laura K. Schwalbe
Harter Secrest & Emery, LLP
Laura is a Senior Associate with Harter Secrest & Emery, LLP who vigorously defends clients facing government investigations, coordinates internal and independent investigations, represents clients in complex litigation, and consults on privacy and data security challenges. Clients trust her trial experience, knowledge of data protection best practices, and her understanding of government agencies to guide them through their legal challenges. Laura’s practice resides in both HSE’s privacy and data security and government and internal investigations teams. Laura identifies potential legal issues relating to privacy and data security and works closely with clients to ensure compliance. She helps clients take proactive steps to comply with the ever-shifting privacy landscape and regularly consults on topics related to state, federal, and international privacy regimes. On the security side, Laura counsels clients concerning all aspects of pre-breach preparation and risk management. In the event of a cyber incident, she provides breach coach and response services, including breach response and remediation, crisis management and communication, internal and governmental investigations, breach notification, and potential litigation or regulatory action.
SVAM International Inc.
Shahryar is the Founder and Managing Partner with CyTech Partners helping clients with their cybersecurity, data privacy, and technology strategy programs. As the Chief Technology Officer (CTO) at Quantum Xchange, he oversaw development and execution of Quantum Xchange’s solutions and enhancing the company’s broader post-quantum crypto-agile infrastructure strategy by developing new delivery models. He’s been a lecturer at Columbia University for more than four years, focusing on IT risk management and data privacy for the Enterprise Risk Management (ERM) graduate program. By leveraging his extensive technology, risk management, and cybersecurity leadership experience garnered from his tenure with major consulting and financial services companies and his solid track record with complex and global implementations, Shahryar has successfully helped chief technology, risk, compliance, audit, legal, finance, operations, security, and privacy officers achieve their goals and optimize their critical and strategic programs. Shahryar’s key accomplishments include leading one of the largest and most complex global information security programs in the world at a large financial institution. He was instrumental and one of the authors in developing a cybersecurity attestation service (SOC for Cybersecurity) for AICPA that helps auditors identify cyber risks. Shahryar was recognized among the PrivSec200 (East Coast), an inaugural list of 200 influential professionals who have made significant contributions to the privacy and security sectors, and has earned various cybersecurity awards.
Kroll Cyber Risk
Jamie Vendel is a Vice President in the Cyber Risk practice of Kroll, based in New York. Jamie conducts investigative digital forensics and intrusion response-related work, as well as oversight of digital evidence collection, triage and preservation. Jamie has been involved in engagements that include large-scale information security reviews, data breach incident response, investigations of computer security events, Internet fraud, identity theft and intellectual property misappropriation, as well as privacy and information technology-related matters. Jamie is particularly skilled in managing business email compromise engagements and supporting clients through the incident response life cycle.
Steve Walker, Principal Partner Solutions Engineer at Semperis, has helped build global platforms for some of the world’s largest organizations. He was a member of Product Engineering at Microsoft, where he worked on perhaps the best-known software-as-a-service (SaaS) solution platform: Office365. Steve was also the primary technical resource behind Fortune #1's move to the Microsoft cloud. Through this expertise, Steve formed a keen awareness of the systemic risks inherent in today’s hybrid identity environments. Organizations of all sizes depend on Microsoft Active Directory (AD), which underpins the vast majority of today’s technology stacks. In his role at Semperis, Steve now helps global organizations protect their AD environments from ransomware and other cyberattacks.
Michele Warner is a consultant with IT experience focused on privacy, eDiscovery, and quality assurance. Earlier in her career, she worked for Rational Retention, where she held positions as a quality assurance analyst testing eDiscovery and document-management software, as well as a client manager for the eDiscovery platform. Previously, Michele was a staff attorney with Boies, Schiller & Flexner, LLP. Since passing the bar, she has taken several HIPAA, healthcare, and privacy related continuing legal education classes. She is a member of the New York State Bar Association and has multiple certifications through the International Association of Privacy Professionals.
“Randy Wheeler is a Principal Consultant at NYSTEC who leads the governance, risk, and compliance (GRC) domain. Previously Randy has functioned in such roles as Director of Professional Service, Chief Technical Architect (CTA), CTO, and CISO. He has over 25 years’ experience working in Information Technology and enterprise architecture for both the public and private sectors. Randy passionately helps clients navigate the complexities of a constantly evolving threat landscape, organizational shifts from on-prem to cloud, and security and privacy governance. For the past 5 years Randy has focused efforts on development of Security and Privacy control baselines based on data classification, how to measure compliance consistently and adjust for cloud-based infrastructures”.
Jeff Wilson is a principal consultant who assists clients with information security and privacy strategy and program management. Prior to joining NYSTEC, Jeff served for seven years at Albany Medical Center. His roles included information systems security officer and director of information services, where he oversaw comprehensive growth and redesign of the cybersecurity program. Prior to Albany Medical Center, Jeff spent many years with the Hearst Corporation and the Albany Times Union. He also served for four years as an adjunct professor at Mildred Elley College.
Leet Cyber Security
Tyler Wrightson, CISSP is the author of two books published by McGraw Hill, “Advanced Persistent Threat Hacking, The Art and Science of Hacking Any Organization (2014)” and “Wireless Network Security: A Beginner's Guide (2012).” Tyler is the founder of Leet Cyber Security, which helps organizations solve their technical cybersecurity challenges. Leet focuses on offensive security services, such as Penetration Testing and Red Teaming to secure organizations against real world attackers. Tyler has more than 20 years of experience in the IT security field across many industries, including healthcare and financial services, with extensive experience in many areas of technical security, including networking, systems architecture, offensive security and penetration testing. Tyler holds industry certifications such CISSP, CCSP, CCNA, CCDA, and MCSE. Tyler has also taught classes for CCNA certification, hacking and penetration testing, wireless security, and network security. Tyler is the founder of ANYCon, Albany New York's Annual Hacker conference. He has been a frequent speaker at industry conferences, including NY Bankers Association (NYBA), NYS Cybersecurity Conference, Derbycon, BSides, Rochester Security Summit, ISACA, ISSA, and others.
Chris is Chief Technology Officer at Veracode. He oversees technology strategy and information security. Prior to cofounding Veracode in 2006, Chris served as vice president of research and development at the security consultancy @stake, which was acquired by Symantec. In the 1990s, Chris was one of the original vulnerability researchers at The L0pht, an ethical hacker think tank, where he was one of the first to publicize the risks of insecure software. He has testified to the U.S. Congress on the subject of government security and how vulnerabilities are discovered and remediated in software. Chris received a Bachelor of Science in Computer and Systems Engineering from Rensselaer Polytechnic Institute. He is the author of The Art of Software Security Testing.
Ryan is a seasoned technology expert with extensive experience in networking, security, and datacenter architecture. Currently, he serves as the Chief Technology Officer for Vandis Inc., where he is responsible for overseeing the company's technology vision, strategy, and development. Ryan started his career at Vandis as a Wireless, Networking, and Security Engineer in 2012. During his career, he has worked with customers of all sizes, from small and medium businesses to Fortune 50 Enterprises, and he helped them deploy and manage networking, security, and datacenter solutions. His deep understanding of data center and network infrastructure has made him an invaluable asset to the company and its clients. As a Chief Technology Officer, he has a unique ability to align business objectives with technology solutions that drive growth and success. He is passionate about using technology to drive business outcomes and is always looking for innovative ways to help customers solve their most pressing IT challenges. Ryan is an active member of the technology community and has participated in various conferences and events. He is committed to continuing his education and staying up to date with the latest trends and advancements in technology.
Marcin Zimny has over 20 years of experience within multiple security domains in both government and non-government organizations. He holds CISSP, CISM, and CEH certifications. His areas of expertise include offensive security operations, security governance and management, and identity and access management (IAM). He has designed authentication and authorization solutions for enterprises ranging from small businesses, car manufacturers, pharmaceutical research companies, and telecom giants to global providers of financial market data and infrastructure. In his role as a principal engineer and solutions architect at ForgeRock he helps organizations combat fraud and deploy modern identity and access management.