2016 Presenters

James Antonakos


James L. Antonakos is an Incident Response Consultant for Trustwave and a former SUNY Distinguished Teaching Professor of Computer Science at Broome Community College, in Binghamton, NY. James is an online instructor in electronics, computer science, and information technology and has extensive industrial work experience as well in electronic manufacturing for both commercial and military products, particularly in flight control computer technology for Navy aircraft. James is the author or co-author of over 40 books on computers, networking, electronics, and technology, as well as numerous magazine articles, and has presented multiple webinars for the National Cybersecurity Institute. He is also A+, Network+, and Security+ certified by CompTIA and has been ACE certified in computer forensics by AccessData. James is a frequent presenter at the annual New York State Cybersecurity Conference. 

Rob Aragao

Hewlett Packard Enterprise

Rob Aragao is a Security Strategist for the Americas within the Enterprise Security business unit at Hewlet Packard Enterprise. In this role, Mr. Aragao is responsible for driving strategic initiatives for the ESP Security Strategy group and providing thought leadership and insight regarding the ever changing global threat landscape.

Prior to joining Hewlett Packard Enterprise in 2014, Mr. Aragao served as the Vice President of Security Services at EiQ Networks with responsibilities for driving strategy and execution of the portfolio of security service offerings across organizations ranging from Fortune 500 to the Federal Government. Previously, he was with Altiris (acquired by Symantec), where he led the Worldwide Security Management Division. He has also held leadership roles with Level 3, Genuity and Stream International.

Mr. Aragao brings over 15 years of information security experience with an emphasis in security best practices, threat intelligence, security monitoring and regulatory compliance initiatives.

Mr. Aragao's experience has provided him with key insights into the challenges and approaches to combat today's cyber threats. He is a frequent speaker and panel member and has presented at security conferences such as SC Congress, the Annual Cloud Expo, Harvard IT Summit and other national and regional security events.

He earned a bachelor's degree in Computer Information Systems and Business Management from Bryant University and is a Certified Information Systems Security Professional (CISSP).

Bruce Barnett


Bruce Barnett is a NYSTEC Information Security consultant who assists clients with vulnerability testing and analysis.  Bruce joined NYSTEC after a 27-year career with GE Global Research, where he was a Senior Scientist responsible for devising new solutions to difficult issues and problems.  Bruce is knowledgeable in multiple technology areas, including security technologies, programming languages, operating systems, networking and wireless systems and solutions, and system-administration platforms.  He holds 14 patents and has written for 27 publications.  Bruce earned a BS in the Mathematics of Computation from Rensselaer Polytechnic Institute.

Aiesha Battle

NYS Division of Consumer Protection

Aiesha Battle is the Director of the New York State Department of State's Division of Consumer Protection (DCP).  DCP's mission is to protect consumers from unlawful, unfair, and deceptive business practices through education, direct assistance and mediation of marketplace complaints, enforcement of the State's Do Not Call law, and advocacy of consumer interests before state and federal regulators. 

As Director, Ms. Battle leads DCP's Outreach and Education Unit, which informs and educates the public on a variety of consumer issues through live outreach presentations, educational brochures, consumer alerts, and other resources.  She also oversees the operation of DCP's Consumer Assistance Unit, which provides voluntary mediation services for consumers; the Utility Intervention Unit, which represents consumers before State and federal utility regulators; and the Do Not Call Unit, which investigates violations of the State's Do Not Call Law.  Ms. Battle also leads DCP's Consumer Product Testing Program.

Before joining DCP, Aiesha served as Assistant Counsel for the New York City Mayor's Office of Special Enforcement. She is a graduate of University of Pennsylvania Law School in Philadelphia, PA.

John Bay

Cyber Research Institute

Dr. John S. Bay is the Executive Director of the Cyber Research Institute (CRI), in Rome NY.  The CRI is a not-for-profit corporation chartered by the State of New York to transfer federally-funded cybersecurity research products to the public, for the protection and benefit of State entities. Prior to this position, Dr. Bay was the Chief Scientist of AIS Inc., the Chief Scientist of the Air Force Research Laboratory Information Directorate, a program manager at the Defense Advanced Research Projects Agency (DARPA), an Engineering Fellow at Raytheon, and a Professor of Electrical and Computer Engineering at Virginia Tech. He is the author or co-author of 74 publications in engineering topics ranging from biomechanics to cybersecurity, and is a Fellow of the IEEE for his contributions to model-based embedded systems design.

Kirsten Bay

Cyber adAPT

Kirsten Bay is redefining what it means to be a fearless leader in the technology industry, let alone an

accomplished, bilingual, female executive, transforming the cyber security space. As President & CEO of Cyber adAPT, she leverages more than 25 years of experience, leading her team with risk intelligence, information management, and policy expertise across a variety of sectors.

Throughout her career, Bay has been appointed to a congressional committee developing cyber policies,

initiatives and recommendations for the intelligence community, developed recommendations in partnership with the Center for North American Studies (CNAS) and Center for Strategic and International Studies (CSIS) for The White House energy policy, collaborated on information studies for MIT-Harvard and several federal agencies, gone before a parliamentary subcommittee on recreating trust in the global economy, presented national security and critical infrastructure concepts at conferences such as Black Hat, Secured Americas, Enterprise Architecture Institute, SC World Congress, & The Eurim Information Management Committee, and has spoken on applied economics and its relationship to both cyber and national security around the world.

Bay is a self-proclaimed 'serial student'. Her current membership in the Alliance of Chief Executives feeds that perpetual drive to learn and share insight with peers, an inspirational trait she models for her Cyber adAPT team.

In previous Executive roles for ISC8, Attensity Group, and iSIGHT Partners, Bay led the companies through corporate restructuring, risk & corporate intelligence product launches, and company turnarounds, respectively.

With a BA in English and German from the University of Oregon, let's just say she will correct your grammar in multiple languages.

Visit cyberadapt.com for more information or contact kbay [@] cyberadapt [.] com

Sean Bird

Quanterion Solutions Inc.

Sean Bird is a Software Engineer with Quanterion Solutions Inc. in Utica, NY. His work includes system design, systems analysis, software development, and cloud security/infrastructure. Most of his work is currently for the Air Force Research Laboratory (AFRL) in Rome, NY and the Cyber Security Information Analysis Center (CSIAC) under the Department of Defense. He has earned his undergraduate degree in Cybersecurity from SUNY Polytechnic Institute (formerly SUNYIT) and is currently pursuing his graduate degree in Computer Engineering at Syracuse University.

Todd Brasel


Todd is a Principal Consultant with NYSTEC's Information Security practice, where he manages complex security projects and helps clients to understand their security profile and to plan secure systems. Todd's professional background includes technical communication, training, and the development and testing of commercial enterprise software. He is pursuing an MBA in IT Management and a CGS in Information Security from SUNY Albany.

Jason Clark

Carnegie Mellon University - Software Engineer Institute

Dr. Jason W. Clark is a researcher at Carnegie Mellon University's Software Engineering Institute (SEI). His main area of interests are cyber-security with a focus on insider threats, specifically prediction, detection, and mitigation. He completed his Ph.D in Information Technology from George Mason University, where he specialized in cyber-crime and anonymous searching of the Internet. Prior to joining the SEI in 2012, Jason worked at the Institute for Defense Analyses (IDA) as a lead information security analyst and from 2003-2007 at the United States Census Bureau writing and reviewing security documentation and policy. He also teaches part-time undergraduate courses at Northern Virginia Community College (NVCC) and Southern New Hampshire University (SNHU).  Jason grew up in Schenectady, NY and enjoys spending time with his wife, two kids, and dog. Jason also enjoys playing basketball, golf, and just about any time of board/card game.

Anthony Concolino


Anthony Concolino - Managing Director  Anthony (Tony) leads the company's Solution-based Consulting Practices and is responsible for all QED National consulting practice areas such as Cyber Security, Data Center/Cloud, IT Operations, Systems Development, Big Data/Analytics, and GRC (Governance, Risk and Compliance). As a senior Information Technology professional with over 30 years of experience, Tony's innovative style helped advance the use of enterprise technology in the banking and brokerage industry.     Prior to joining QED National, Tony managed large organizations at Citigroup, where, as COO for Capital Markets and Corporate Infrastructure Services, he led efforts to deliver innovative products for the business while driving down technology costs and meeting strict government regulatory requirements as part of a multiyear, multi-billion dollar transformation program. His areas of responsibilities spanned from IT Operations, Information Security, Project/Program Management, Quality Assurance, Business Resiliency, Governance, Risk & Compliance to Financial Management, Audit and Communications. Earlier in his career, Tony delivered world-class brokerage and trading products at Reuters (formerly Quotron Systems) serving over 120,000 professional users from the major local and global financial firms such as Bank of America Merrill Lynch, UBS PaineWebber, Morgan Stanley Dean Witter, Salomon Smith Barney, Goldman Sachs, Charles Schwab and Raymond James Financial. During his career, Tony was instrumental in the launch of several successful innovations including the first online banking system and has advised several startup companies focused on building Cyber Security, Cloud, Virtualization, Big Data, DevOps, and Digital Marketing technologies.    Tony's recent experience includes public speaking engagements, presenting SCADA and Cyber Security best practices to esteemed organizations including Information Systems Audit and Control Association (ISACA), Waters Technology, Armed Forces Communications and Electronics Association (AFCEA).

Michael Corby

CGI, Inc.

Mr. Corby has directed and managed a successful IT security consulting practice for more than 30 years and has over 40 years of experience in IT strategy, operations, development and security.  He has successfully managed large projects, developed flexible IT infrastructures and sound security organizations for hundreds of the world's most successful organizations.  He is the founder of (ISC)2, Inc. the organization that established the CISSP security professional credential. In 1992, Mike was named the first recipient of the Computer Security Institute's "Lifetime Achievement Award".  A frequent global speaker and author, prior to joining CGI in 2012, he held executive positions with several global consulting organizations including Netigy Corporation, QinetiQ, Gartner Group and Marsh & McLennan, prior to his current responsibilities.  He was formerly CIO for Worcester's Riley Stoker division of Ashland Oil and for Bain & Company.  A community supporter through the Worcester Chamber and many professional groups, Mike has established a reputation for creativity and excellence in technology and its application to business needs.  He holds a BS EE degree from Worcester Polytechnic Institute; holds the PMP distinction from Project Management Institute; is a Certified Computer Professional (CCP), Certified Information Systems Security Professional (CISSP) and a Certified Business Continuity Professional (CBCP).

Michael Corley

Quanterion Solutions Inc.

Mike Corley is a Research and Develop associate of Quanterion Solutions, Inc.   He supports a variety of contracts with Defense Technical Information Center (DTIC) - the Cyber Security Information Analysis (CSIAC), and the Air Force Research Laboratory (AFRL) in Rome NY.  Mr. Corley has more than 15 years of professional experience in software architecture design, software development, and systems engineering focusing on applications of computer network and cyber security.  Mike received a master degree in Computer Engineering from Syracuse University in 2011. He has a recent interest in next generation Cloud enabled services.

Gary Davis

Intel Security

Gary Davis  Chief Consumer Security Evangelist  Intel Security    Gary Davis is Chief Consumer Security Evangelist. Through a consumer lens, he works closely with internal teams to drive strategic alignment of products with the needs of the security space. Gary also oversees Intel Security's online safety education to educate businesses and consumers by distilling complex security topics into easily understandable and actionable advice. During his 5+ years at the company, he has held leadership roles in the consumer and enterprise divisions where he has helped shape various product portfolios and strategic direction along with advocating for cybersecurity education. Gary has appeared on several business, security and consumer lifestyle media outlets, including CNBC, NBC, FOX, and CBS Bay Area stations; and quoted in the New York Times, Wall Street Journal, CNN, Forbes, TIME Magazine, MSNBC, PC Magazine, CNET, CSO Magazine, and PC World. Prior to joining Intel (then McAfee), he held senior management positions for more than 15 years in technology companies. Gary serves on the board of directors of the National Cyber Security Alliance (NCSA).     Gary recently spoke at The Enterprise Wearable Technology Summit, Momentum's Business of Privacy, and The Web Summit.    Social Media: Twitter:

Anthony DiVirgilio

New York Medicaid Management Information System

Tony DiVirgilio is a 30-year government employee who has a diverse IT background on projects that span technologies from small- to large-system integrations on a wide variety of software platforms and hardware environments. Tony has worked in many roles, managing ERP and web application development, infrastructure, business analysis, and projects. Currently, he is the New York Medicaid Management Information System (NYMMIS) Technical Director, with oversight of security--including infrastructure, data conversion, interface, and validation--as well as other project areas.


PDF iconDownload andrew_dolan_photo.pdf (39.27 KB)

Andrew Dolan

Multi-State Information Sharing and Analysis Center

Andrew is the Director of Stakeholder Engagement for the Multi-State Information Sharing and Analysis Center, a division of the Center for Internet Security.  The MS-ISAC has been designated by the U.S. Department of Homeland Security as the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, territorial and tribal (SLTT) governments.  Under Andrew, the MS-ISAC has greatly expanded its membership over 150% since 2012, including representatives from all 50 States, D.C., all 50 state capitals, and hundreds of local and tribal governments.  He is responsible for managing all aspects of member relations, working with government associations, and conducting outreach on behalf of the Center for Internet Security.  Andrew fosters relationships with all of MS-ISAC's stakeholders in an effort to enhance collaboration and information sharing for the collective benefit of all members.

Bobby Dominguez

Lynx Technology Partners, Inc

Bobby Dominguez is an accomplished Internet pioneer and an acknowledged security, risk, and privacy expert.  Mr. Dominguez has successfully integrated information security into top-level business initiatives at Home Shopping Network, PSCU Financial Services, and PNC Bank, where he implemented a new technology risk management framework.  Under his leadership, the Sykes Global Security and Risk Management team was nominated and selected as one of the 5 best by 2008 SC Magazine "Best Security Team in the US."  Mr. Dominguez was also selected as one of the top 5 Chief Security Officers for the 2009, 2010, and 2013 SC Magazine "CSO of Year."  In 2012 he was a finalist for (ISC)2 Americas Information Security Leadership Awards.

A 2014 graduate of the FBI Citizen's Academy, Mr. Dominguez is the President of the Board of Directors for the FBI Infragard, Vice-President of ISSA Tampa Bay, and an active member of the US Secret Service Electronic Crimes Task Force.  He is a recognized professional in the security field, having contributed to the publication of several ANSI security standards and holding certifications, including ASIS CPP, SANS GSLC, (ISC)2 CISSP, ISACA CRISC, ITIL, EC-Council C|CISO, PMI PMP, and Program & Portfolio Management (PPMC).

Mr. Dominguez enjoys sailing, SCUBA diving, reading, traveling, and attending the occasional hacker convention.

Robert Dora

Assured Information Security, Inc.

Mr. Robert Dora, CISSP received a B.S. in Software Engineering from Clarkson University in May 2009 and a M.S. in Social Psychology from Walden University in December 2013. Mr. Dora became a Certified Information Systems Security Professional (CISSP) in 2012. He has worked as a software engineer and researcher at Assured Information Security, Inc. for over seven years, serving as the principal investigator for a variety of DoD programs. His expertise includes keystroke dynamics, battle damage assessment, and remote cognitive assessment. Mr. Dora's work focuses on the intersection of cyber security and psychology. In particular, he has identified novel methods for identifying cognitive states and demographic information from digital data, such as keystroke dynamics. Mr. Dora's research also extends into the realm of social network analysis, extracting personality features and other relevant information from social media.

Emma Fletcher

Council of Better Business Bureaus

Emma Fletcher is Privacy Manager for the Council of Better Business Bureaus (CBBB), the national umbrella organization for the BBB system. She has more than two decades of of experience in dispute resolution and consumer protection, particularly in the areas of marketplace scams, identity theft, and privacy. 

In her current role, through the auspices of the BBB Institute for Marketplace Trust, the CBBB's educational foundation, Ms. Fletcher serves as the lead on BBB Scam Tracker, a new interactive online tool for collecting and disseminating information on scams. In this capacity, she is responsible for continued enhancements to the application, associated educational efforts and research, and outreach with government agencies and corporations interested in data sharing and collaboration with BBB on this new effort. 

Ms. Fletcher is a Certified Information Privacy Professional.  She holds a Bachelor of Science degree from James Madison University, and received her Master of Public Administration Degree from George Mason University. 

Ken Garmson


Ken leads the IT & Communications practice in the Americas for Arup including rail systems engineering. He is a Fellow of the Intuition of Engineering and Technology and holds a bachelor's in engineering from Royal Military College of Science, Shrivenham in Wilts, UK.  With more than 35 years of experience, starting his career at the Ministries of Defense and Transport where he became experienced in systems engineering with specialization in Cryptographic techniques.   Ken has furthered his expertise in the design and implementation of Intelligent Transport Systems (ITS) and railway telecommunication systems in Asia, Australia, Europe and Americas. Specializing in the design of integrated control, monitoring and information systems. Typically this includes the migration of railway communication systems to IP based infrastructure including the mitigation of the associated security issues.     With his worldwide experience he was invited to chair and speak at the SmartRail conference in NC following on directly after the US Secretary of Transport on the Future of Railways in US and the Information Systems Audit and Control Association (ISACA).

John Gelinne

Deloitte & Touche

John Gelinne is a Director in Cyber Risk Services for Deloitte & Touche Advisory and is a part of the Resilient practice that helps clients prepare, respond and recover from cyber incidents.  John joined Deloitte after retiring from the U.S. Navy after 30 years of service.  John is responsible for Cyber Incident Response, Cyber War Gaming and building technical resilience services that allow organizations to rapidly adapt and respond to dynamic changes, disruptions, or threats. In 2015 John led the design, execution, and delivery of HITRUST CyberRX: Health Plans Cyber Simulation Exercise.

Raj Goel


Business Owner, Author, TV Personality, entrepreneur, IT expert and public speaker, Raj Goel is globally known as the go-to man in cyber security and privacy law.

By day, Raj runs a successful IT Company in New York City named Brainlink.  Learn more at www.Brainlink.com

By night, he is committed to educating individuals and organizations about online safety and how to protect their most important assets - people and data. His expert advice helps individuals, companies and conglomerates navigate their way through the world's ever-changing technology and increasingly complex IT compliance laws. He often appears in the media and at conferences world-wide to educate the public on cyber-security and digital privacy, a subject he is passionate about.

He is the creator of SOPCULTURE - a well-defined methodology and process that elevates businesses from OK to phenomenally profitable.

So, whether you're looking for a seasoned IT veteran who's lived in the trenches, a successful business owner on a mission to increase client happiness and profitability or a caped crusader devoted to cyber-civil rights, you'll want to contact Raj at 917-6857731 or [email protected]

Raj appears frequently on TV discussing cybersecurity and privacy issues.  He has appeared on CNBC, Fox Business, PIX11, PBS, NYTimes, Bloomberg, CIO, InfoSecurity professional, etc.

 Cynthia Gonnella

Utica College

Cynthia Gonnella has been employed with NW3C since 2007. Prior to NW3C, Cynthia worked as a Computer Investigative Specialist with the Missouri State Technical Assistance Team where she was the 2007 "Investigator of the Year." From the Missouri Children's Trust Fund, Cynthia has served over 20 years in law enforcement, with 17 years in computer forensics. Cynthia earned her Certified Forensic Computer Examiner through IACIS. In 2010, Cynthia earned her Bachelor of Science Degree in Computer Forensics. In 2012, Cynthia earned her Master of Science Degree in Cybersecurity from Utica College, a Center of Academic Excellence (C.A.E), where she is currently an adjunct Professor in the Cybersecurity Program. Cynthia is currently earning her doctorate in Cybersecurity from University of Fairfax. In 2014, Cynthia was assigned team lead and developer of NW3C's first Cybersecurity course for law enforcement. Cynthia and her team developed a 4 day face to face class - Basic Network Intrusion Investigations (BNII) course which is being delivered to state, local, tribal, and territorial (SLTT) law enforcement, prosecution, and support staff across the country, with development underway for an intermediate level intrusion investigations course targeting mid-sized businesses over the next year.

Dan Gortze

Dell SecureWorks

Daniel Gortze, Delivery Manager - Security and Risk Consulting,Incident Response and  Digital Forensics Consulting, Dell SecureWorks    Daniel Gortze has more than eight years of experience in digital forensics, incident management and computer security.   Gortze is responsible for daily operations of the team, oversight of all consulting engagements,, and incident management during large scale client breaches. His team is responsible for providing incident response and digital forensics analysis, log analysis, incident response plan development, training, pre-incident compromise assessments, as well as other incident response focused services.   Gortze leads Advanced Persistent Threat (APT) Containment and Eradication for enterprise clients.  He planning for enterprise clients. interfacing with technical staff, management, and senior management to drive plans to completion.   Prior to joining Dell SecureWorks, Gortze worked for a large government defense contractor and a mid-sized university. With experience in public sector, small, medium and enterprise business environments. , hehas had exposure to and gained proficiency in a wide variety of technologies, leveraging them to both prepare for, and respond to breaches.   Gortze  he maintains relationships with many New England colleges and universities in an advisory capacity for incident response courses.   Gortze is a member of the RICDT, a state-funded organization that provides security training and reactive response to public organizations, higher education and critical infrastructure in the state of Rhode Island. Gortze is also a member of Infraguard and held adjunct professor positions at Roger Williams University and University of Rhode Island.

Eric Green

Mobile Active Defense

Eric is the Security Strategist for the Mobile Active Defense Solution.

In that role he's been consulting as a subject matter expert (SME) with primarily the FORTUNE 500 and Federal Agencies on the subject of mobile security and management. This includes serving as an SME for both the NSA's National Information Assurance Partnership (NIAP) in developing the requirements for the mobile device management protection profile used to create a Common Criteria for mobile device management as well as for CompTIA in the creation of a mobile security management certification.

Outside of that role, he has been involved in the security industry for over a decade. Past experience also includes running a technology book division publishing 12 books with a wide variety of industry luminaries, primarily in security.

For the last 8 years, Eric has and continues to also serve as program director for SC Magazines SC Congress events.

Melanie Grossman

NYS Division of Consumer Protection

Mrs. Melanie Grossman received her B.S. in Business from The University of Rhode Island in 2002 and received her Juris Doctorate from The University at Buffalo School of Law in 2005.

Melanie began working with consumer issues in 2007, when she joined the New York State Consumer Protection Board (CPB) as the Intergovernmental Relations and Outreach Coordinator.  In 2011 when the CPB merged with the Department of State, Melanie was named Upstate Outreach Coordinator, the position she currently holds.

Melanie is an active member of her community who participates in volunteer supported projects.  She is currently on the Board of the Capital Region chapter of the National Center for Missing and Exploited Children and has served on the Board for the Capital Region Gilda's Club - American Cancer Society.  Melanie resides with her family in Delmar, New York.

Christopher Hallenbeck

Tanium Inc

Chris Hallenbeck is currently a Director with Tanium's Endpoint Detection and Response (EDR) Team after almost 7 years of government service at the U.S. Computer Emergency Readiness Team (US-CERT). At US-CERT, he was responsible for having designed and built their incident response capabilities while restructuring their current focus on strategic mitigation guidance. Over countless IR engagements both with government and private sector critical infrastructure victims, he has seen a common theme: a lack of emphasis on IT operations and IT security fundamentals. Prior to joining US-CERT, Mr. Hallenbeck worked for RSA Security and EMC as a security engineer and with AOL/Time Warner on their global incident response team.  He started his career as a Unix sysadmin at Binghamton University. When not chasing electrons, Mr. Hallenbeck much prefers to be someplace tropical 50-100 feet under the water.

Paul Harker

Deloitte Consulting

Paul Harker is a Senior Manager at Deloitte Consulting with more than 17 years of extensive cyber security experience that includes designing and delivering compliance and information security-related programs for large global businesses and government institutions across multi-platform environments. Most recently, Paul's public sector experience includes leading a security team on a state Health Benefit Exchange implementation and a compliance-related migration of a state's Department of Human Services applications. These efforts included working with federal agencies (CMS, IRS, SSA and Office of Child Support Enforcement) to comply with NIST 800-53, IRS Publication 1075, and OCSE security requirements, as well as state-mandated policies and procedures. He was also responsible for the delivery of identity and access management solutions, threat and vulnerability management, network security, privacy, and data loss prevention. Paul is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and Project Management Professional (PMP).

Reg Harnish

GreyCastle Security

Reg Harnish is an entrepreneur, speaker, author and the CEO for GreyCastle Security, a leading cybersecurity consulting firm headquartered in Troy, NY.    Reg has been practicing security for nearly two decades. Reg brings a thought-provoking perspective to the industry and strives to promote awareness, security "thinking" and practical application of security fundamentals.    Reg attended RPI in Troy, NY, and is a certified CISSP, CISM, CISA and ITIL. Reg is a fellow of the National Cybersecurity Institute, serves on numerous security association boards and is currently an advisor to several educational institutions focusing on cybersecurity. Reg is a nationally-recognized speaker and has presented at countless industry and security events, including BSides, ISSA, ISC2, ISACA and InfraGard. Reg is a contributor to numerous security publications and has co-authored several books on cybersecurity awareness.

Jill Heath

National Cyber Security Alliance

Jill Heath is Director of Special Projects for the National Cyber Security Alliance, where she directs the NCSA's national education efforts for two-step and multifactor authentication, part of the White House's Cybersecurity National Action Plan. Previously, Jill was the Manager for Corporate Security at Target Corp., and responsible for international and domestic public safety and engagement efforts. Among other things, Jill led a team that developed public-private partnerships focused on mitigating corporate risk through initiatives with law enforcement, emergency management and public health entities. Prior to her career at Target, Jill held multiple positions within the environmental, public advocacy, performing arts, and non-profit sectors, including as a whale trainer for Sea World in Texas. 

Leonard Jacobs

Netsecuris Inc.

Leonard Jacobs is the President/CEO of Netsecuris Inc., a leading Managed Security Services Provider specializing in providing information security protections to the utilities, financial services, government, and healthcare sectors. Netsecuris' headquarters is based in Minneapolis, Minnesota. Leonard has over 30 years of hands-on technology management experience including 14 years in Information Security. He has spoken on many cyber security topics. His roots are in industrial control systems with his first employment being with a major minicomputer manufacturer in the 1980s; which was a major supplier of industrial control systems to power plants and steel mills. Additionally, Leonard was employed as field engineer for several biomedical systems manufacturers, an IT Manager in healthcare, and as the CISO at a major financial institution. Leonard holds a MBA degree from University of Phoenix, BA degree from University of Florida, CISSP certification from ISC2, and Certified SCADA Security Architect certification from IACRB. In addition to serving on the OISF board, Leonard serves as co-chair on a government-funded cybersecurity working group tackling major cyber security issues. Leonard also serves on a specific industry-based cybersecurity working group.

John Johnson

John Johnson is a Senior Manager in Cyber Risk Services within Deloitte Advisory.  John has more than 20 years of experience in the Information Security field and has served various U.S. government agencies, telecommunications, and health care industries. Prior to joining Deloitte, John was a cyber officer in the U.S. Navy, where he was responsible for the management of global network operations for the Navy's Cyber Command. He also directed incident response for various Department of Defense agencies and the Department of Homeland Security's National Cybersecurity and Communication Integration Center.

Ken Kaminski

Cisco Systems

Ken Kaminski is the  Network Security Technical Solutions Architect for the Northeastern United States specializing in BYOD implementation, Security in the Data Center, Identity Management Systems, and Cisco Security, Wireless, and Network Switching and Routing Products and Technologies for large enterprise and global accounts. He has been a member of the Security Field Advisory Board at Cisco that drives security training and programs for Cisco's Security Systems Engineers and provides customer feature requirements to Cisco Engineering. He teaches and speaks often on security related topics including Cisco Networkers and other industry forums.    Prior positions include Security Architect for the Northeast US and Consulting Systems Engineer for Voice, Video, and WAN technologies at Cisco Systems.  He was one of the first Consulting Systems Engineers hired at Cisco. Prior to that, he was the Senior Systems Engineer for a startup company in the carrier ATM switching market.  He was also a Telecommunications Officer in the US Army leaving the service as a Forward Signals unit Company Commander. Ken has his CISSP, GCFA, GPEN, GAWN, GMOB, and GCIA along with a BA and MA from Boston University.

Rose Ketchum

Semel Consulting LLC

Rose Ketchum is a Certified HIPAA Security Professional with over 30 years' experience in IT and compliance. She has worked with many businesses, governments, BOCES, and school districts throughout New York.

Russell Kiernan

Russell directs all IT Management Consulting and Information Security Services at QED National. With extensive experience as an IT Executive, Russ is skilled in a number of management and technology disciplines including, Information Security, Program and Project Management, Enterprise Architecture, Quality Management, and GRC (Governance, Risk and Compliance).

During his tenure as a senior manager for Citigroup, Russell authored various Technology and Security policies and standards and managed IT Risk and Information Security. As a Chief Controls Officer, Russell was responsible for the overall control environment of various organizations and conducted numerous large scale Risk and Control Assessments (including Security Risk and Compliance Assessments) for global Architecture, Engineering, and Technology Infrastructure Support organizations. Russell was responsible for managing IT risk and successfully passed all Internal Audit, External Audit, and Federal Regulatory audits and inspections.

Russell currently serves a Co-Chair of the NY State Forum's Project Management Steering Committee supporting government entities throughout NY State as they adopt standards and practices and mature the overall Project Management capability. Russell's recent speaking experience includes presenting best practices and case studies for implementation of Secure SDLC and Information Systems Audit and Control Association (ISACA) presenting Cyber Risk Management for ICS/SCADA Environments.

Yogesh Malhotra

Global Risk Management Network, LLC

Top-10 PhD IT & Statistics Double Doctorate Computer Scientist with 30 SSRN Top-10 Research Ranking Awards for 2015-2016 World Leading Cybersecurity-CyberFinance Computational Risk Analytics Research. 2015 Princeton Quantitative Trading Conference Invited Presentation on Cybersecurity, CyberFinance, and, Computational Statistics Algorithms. Recently pioneered Quantitative Finance and Cybersecurity Risk Insurance Modeling research and practices that pre-empted and prevented the Global Insurance Crisis owing to mismeasurement and misestimation of Cyber Risk Insurance Modeling Losses given reliance of worldwide firms upon inappropriate Quantitative Risk Models based upon VaR. The specific venture advanced Quantitative Finance research in Model Risk Management with oversight of distinguished Cybersecurity experts and Computer Scientists affiliated with the U.S. Air Force Research Lab, New York State Cyber Research Institute, and, SUNY. That venture advanced upon top management project leaderships in Quantitative Finance Risk Modeling practices guiding top leadership Global Head of Risk & Analytics and US Head of Portfolio Management and associated Managing Directors for top Wall Street investment banks with $1 Trillion AUM such as JP Morgan Private Bank. Before that advanced worldwide global practices in Enterprise Risk Management and Model Risk Management by developing Anticipatory Risk Analytics frameworks of Model Risk Management a decade ahead of articulated need by Wall Street CFOs and CROs for such frameworks in the aftermath of the Global Financial Crisis. Prior to that founded award-winning influential financial, risk, and analytics ventures with CxO clients and patrons such as Goldman Sachs, Google, Harvard, IBM, Intel, Microsoft, MIT, and, Ogilvy. Founded ventures applied and recommended by world's leading visionary IT-CxOs such as Microsoft founder Bill Gates, Big-4 CxOs, and, top Commanders and CxOs of US Army / US Navy / US Air Force / US Air Force Research Lab. Research Impact ranked among Finance & IT Nobel Laureates in AACSB & Global Scientific & Industry Studies.

Slawomir Marcinkowski

Principal Consultant, NYSTEC

Slawomir J. Marcinkowski, CISSP, GSNA, GAWN, is a principal information security consultant at NYSTEC, where he supports New York State agencies in the area of information security/assurance. He has performed and managed security reviews, developed information-security policies and procedures, performed gap analyses against regulatory compliance with state, federal (e.g., HIPAA) and international security standards, data classification, and security remediation. Currently, he is supporting the implementation of the security and privacy requirements of NIST 800-53, CM, and NYS policies and standards for the new NYS Medicaid Management Information System.

Fernando Maymi

The Army Cyber Institute at West Point

Dr. Fernando Maymi is the Deputy Director of the Army Cyber Institute at West Point. In that capacity, he is part of a multidisciplinary team charged with developing intellectual capital and impactful partnerships that enable the nation to outmaneuver adversaries in cyberspace. He is also an Assistant Professor of Computer Science in the Department of Electrical Engineering and Computer Science at the U.S. Military Academy, where he has taught senior level courses for 10 years. Dr. Maymi has over 25 years of experience as a leader in information systems security, including six years as Senior Research Scientist at the Military Academy's Cyber Research Center. He is the co-author of the 7th Edition of the CISSP All in One Study Guide. He has also authored and taught dozens of courses and workshops in cyber security for academic, government, and professional audiences in the United States and abroad. Dr. Maymi is co-author of three patents. His awards include the Department of the Army Research and Development Achievement Award and he was recognized as a HENAAC Luminary. He holds a Bachelor's degree in Computer Science from the U.S. Military Academy, a Master's degree in Computer Science from the Naval Postgraduate School, and a Ph.D. in Computer and Information Sciences and Engineering from the University of Puerto Rico.

David Menken

Smith Buss & Jacobs LLP

David Menken is a member of the Business Law, Fire/EMS Law and Intellectual Property/IT Law groups at Smith Buss & Jacobs LLP, a law firm based in Yonkers, New York.  David also serves as Bedford, New York, Town Justice.  David counsels clients in a variety of corporate law, intellectual property and information technology matters.  He negotiates business transactions, including corporate control agreements, mergers and acquisitions, and business development agreements. He also provides legal assistance regarding, among other things, information technology licensing and protection, trade secret protection, software development and data security issues. David has achieved certification as an Information Privacy Professional, with a specialty in US privacy laws and policies, through the International Association of Privacy Professionals, and advises clients on data breach/security and privacy laws and policies.  David also counsels not-for-profit corporations, including in particular fire and EMS departments, on a full range of New York and Federal legal issues to help them operate effectively and satisfy their corporate and operational legal requirements.    David has represented government entities in matters such as inter-municipal negotiations and on issues such as open meetings and record retention laws.  As a former Village Attorney for Mount Kisco, Chair of the Bedford Zoning Board of Appeals, member of the Westchester County Planning Board, and Vice Chair of the Westchester Charter Revision Commission, David uses his government, municipal and land use experience to effectively represent both government entities and those whose business involves zoning, land use and municipal law.    David has a BA from Johns Hopkins University and law degree from New York University School of Law.

Manny Morales

Independent Consultant

Manny Morales is the former Information Security Officer for the New York State Office of the State Comptroller. He has been in the field of Information Security and Auditing for over twenty five years and in the field of Information Technology for over thirty five years, both in the private and government sector. He has worked for IBM, MetLife, in the areas of IT security, auditing, and security management. He has had his own consulting business as well as being a principal security consultant working for Netigty and NYSTEC with the focus on state government. He has written articles on information security and has been a frequent speaker at various security conferences throughout his career. He is a certified security and auditing management professional and carries the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Software Manager (CSM).

Karl Muenzinger

JANUS Associates

Karl Muenzinger, Director of Consulting at JANUS has broad technical experience in internal control issues (IV&V, QA),  access control, information security, and business recovery  With over ten years experience in Information Security and over fifteen years experience in Information Systems, Mr. Muenzinger's consulting emphasizes information risk management, project control and success, access controls and identity management, business continuity, and disaster recovery planning.  He has conducted large-scale assessments for a wide variety of organizations including federal and state government agencies, large commercial customers, higher education institutions, and not-for-profits.  He leads complex engagements for JANUS and holds CISSP, CISA, and CISM certifications, and has been inducted as a statutory Member of the Business Continuity Institute (MBCI)

Christopher Novak

Verizon Enterprise Solutions

Christopher Novak is an internationally recognized expert in the field of Investigative Response and Computer Forensics. He has been involved with information security for over 17 years. He has assisted corporations, government agencies, and attorneys with all matters involving IT security compliance, litigation support, computer forensics, fraud investigations, and computer security incident response matters.     Christopher is a co-founder of the Verizon Business Investigative Response Unit and an active senior investigator. He has led dozens of tactical response cases over the past 18 months and continues to respond to high-profile cases on a global basis. He works closely with local, state and federal law enforcement agencies as well as joint investigative operations coordinated with foreign law enforcement.  As both a manager and a technical forensic investigator, Christopher provides regular advice and guidance to medium and large size organizations on a global basis. He specializes in resolving complex computer security incidents in a discreet manner. He maintains extensive experience on the latest and greatest commercial forensic hardware and software as well as working internally to develop proprietary and situation-specific applications.  Christopher is an active public speaker and can be commonly heard at IAFCI, RSA, Gartner, SANS and other popular IT security events around the world discussing various topics ranging from high-level best practices to in-depth and technical training. He has also written numerous articles for various IT Security journals and trade magazines. Most recently he co-authored the 2008-2013 Data Breach Investigations Reports and is an active IT Security blogger.   Christopher holds a Bachelor of Science Degree in Computer Engineering from Rensselaer Polytechnic Institute.

The NYS Forum Information Security Workgroup

The NYS Forum Information Security Workgroup works with government agencies to develop education, training opportunities and tools focused on the essential issue of security.


Leonard Popyack

Utica College

Dr.  Leonard Popyack was one of the first Government research scientists to study offensive information warfare. An accomplished researcher himself, he set up a group of highly talented personnel in 1999 to develop next generation cyber tools. In 2001 he and a partner formed a company (Assured Information Security, Inc) to concentrate on delivering quality technology to the warfighter. He left that company in 2009 and now concentrates on teaching and his own research interests. Popyack holds a PhD in Electrical Engineering from Binghamton University and has held various positions with the US Government, large and small businesses and universities.  He is currently an Associate Professor at Utica College.  Popyack has taught courses on Internet Security Principles, Mobile Code Security, Systems Assurance Seminar, Steganography & Data Hiding, Malicious Code Analysis, Cryptography as well as the military's Advanced Course in Engineering on Cyber Security, Steganography and Data Hiding Section.  Popyack also is president of Anjolen Inc, a small NY company which focuses on cyber related R&D. 

Douglas Powers

Deloitte & Touche LLP

Doug Powers is a Director for Vigilant by Deloitte, a division of Deloitte & Touche LLP's Cyber Risk Services Practice, specializing in cyber risk consulting for Fortune 500 companies. Doug has extensive expertise in the areas of cyber threat intelligence, defensive and offensive cyber operations, cyber fusion centers, special intelligence operations, security operations centers, cyber incident response, forensics, hunt, and protection teams, vulnerability management, and cyber risk analytics. He has over 25 years of technical, operational, and leadership experience directing some of the most complex global cybersecurity and intelligence operations.

Peter Renneker

Deloitte & Touche

Pete Renneker is a Senior Manager with Deloitte & Touche Advisory Practice. In this role he assists clients in designing, deploying, and sustaining cyber resilience. He has built and supported resilience programs throughout North America, Asia, and Europe for clients in all industries and has directed major technology transformation efforts. Pete serves as a Board Director for the Disaster Recovery International Foundation.  Pete has over 15 years experience managing information and technology risk. In 2015 he helped design, execute, and produce the After Action Report for the HITRUST CyberRX: Health Plans Cyber Simulation Exercise.

Kathaleene Riolo

Kathaleene Riolo received her MBA in Technology Management with a concentration in Health Services from SUNY Polytechnic Institute in December 2014 as a Fellowship Scholarship recipient.  She also holds a Bachelor's Degree in Business Pubic Management and a Paralegal Degree.  From 1999 to 2009, she was a Program Director at the Oneida County Office for the Aging where she worked on the creation and development of State-wide best practice programs in Legal Assistance, Elder Abuse, and Caregiver Assistance.  One such project, the Alzheimer's Disease Demonstration Grant that Riolo supervised and managed was funded by the federal Administration on Aging and the New York State Department of Health (DOH) for the purpose to develop and test strategies that would delay institutional placement of individuals diagnosed with dementia.  The outcome was a well-documented and research based set of interdisciplinary protocols that were established for state wide replication within the single point of entry centers for each area agency on aging.   Additionally, the findings were presented in Washington to share the system based changes and outcomes.  For New York State, the project facilitated the change in community based service dollars under the EISEP program to be more flexible and respond to the changing needs that caregivers and care receivers require to remain in the community.

From 2009 to 2014, Riolo followed her insatiable interest and passion for the use of technology in the health care field by becoming an entrepreneur and business owner. Creation and formation of Home Sweet Home Geriatric Care Management supported the invention of a health care management system while maintaining active involvement in the field for expert knowledge and research opportunities.  Her invention went on to win the regional New York State Business Plan Competition. 

In 2015, she became the Business Manager at the Cyber Research Institute where she has worked alongside Dr. John Bay in the development of a novel, cross-sector cyber threat consortium.

Keith Robertson

GreyCastle Security

Keith Robertson (CISM, CIPP/G, NSA IAM, GSEC/GCIH, GSSGB, HITRUST) is a Security Strategist at GreyCastle Security. As a senior level technology, information security and risk management professional, Keith has over 15 years' experience in developing, implementing, and managing security solutions for financial, healthcare, retail, manufacturing, telecommunication, energy, travel, information technology, and other industries.     Keith has extensive knowledge of HIPAA, PCI, HITRUST, HITECH, ISO, SOX, COBIT, NIST, FISMA, CMS, GLBA and ITIL standards/regulations ranging from risk management, incident response, and regulatory compliance that can be applied to network, application, and physical security.

Peter Romness


Peter Romness is the Cybersecurity Program Lead for the U.S. Public Sector at Cisco Systems Inc. He has been helping Government customers achieve their missions for almost 30 years at companies such as Cisco, Hewlett-Packard, AT&T and Panasonic. He is now focused on helping protect Government networks from cybersecurity threats. His responsibilities include promoting Cisco's thought leadership within the Cybersecurity and IT communities. He is also responsible for bringing cybersecurity solutions to market and developing new cybersecurity solutions for US governments. Though Peter has an engineering degree, his main goal is to make cybersecurity easier to understand and take action upon for non-technical business leaders.    In his spare time, Peter enjoys his family and friend, outdoor sports, travel, and sports cars.

Joan Ross

Verizon Enterprise Solutions

Joan Ross is Managing Principal, Cybersecurity for Verizon's CTO of Gloval  Security Services, and a respected industry thought leader.  Joan develops advanced security strategies, publishes and speaks on implementing threat intelligence, and contributes to Verizon's annual  Data Breach Investigation Report (DBIR) and Data Breach Digest (DBD).  Joan is a former chief security officer for two technology companies, coming up the security ranks as an encryption engineer and cloud security architect. As an early CISSP holder from back in the 1990's, she maintains a number security and privacy certifications and earned her Masters of Science degree in design and engineering focusing on  incident response with the U.S. Coast Guard.

Renault Ross


Renault Ross is the United States Cybersecurity Business Strategist for Symantec, North America. In this role, Ross leads information security and privacy thought-leadership discussions and strategies, increasing Symantec's presence in public and private sector. He joined Symantec in 2007 and was appointed as the fourth US Distinguished Systems Engineer in 2015.

Ross represents Symantec as a conference keynote speaker, an expert witness providing senate testimonies (state) and CxO briefings around the country on security best practices. His expertise lies in enterprise security management, virtualization, mobility and cloud.

Prior to Symantec, Ross worked as a global security architect at a private company located in Atlanta, GA. His duties included establishing the organization's first global security program with compliance, vulnerability management and incident response.

Ross holds many certifications including, the Certified Information Systems Security Professional (CISSP), Certified HIPAA Security Specialist (CHSS), Microsoft Certified Systems Engineer (MCSE), Symantec Certified Specialist (SCS), Certificate of Cloud Security Knowledge (CCSK), and VMware Certified Professional (VCP5).

Joel Ryba

XchangeWorx, Inc.

Joel Ryba is the CEO of XchangeWorx, Inc., a healthcare software company based in Albany, New York.  XchangeWorx develops healthcare cloud based services which are enabling greater levels of collaboration in healthcare. XchangeWorx provides operational support and leadership for Hixny, a regional health information organization (RHIO), which is part of the Statewide Health Information Network for New York (SHIN-NY). It is in that leadership capacity for Hixny in which Joel Ryba, CEO of XchangeWorx, will speak about cybersecurity in terms of healthcare information exchange (HIE).

Prior to XchangeWorx, Joel was COO of Hixny, a regional health information organization (RHIO), which is part of the SHIN-NY. As COO of Hixny, Joel developed the operational team and led efforts to implement a robust healthcare information exchange in New York's Capital District, Northern New York, and the Mohawk Valley.

The need to start XchangeWorx came from organizations and companies, outside of the Hixny region, who began requesting services from Hixny.  As a non-profit, Hixny's mission is to serve participants within its region.  Thus, the startup company XchangeWorx was born and Joel was selected as its CEO.

Previously, Joel was Director of BI and Data Sharing for the New York State Division of Criminal Justice Services, where he led his department on projects that increased information sharing between local, state, and federal agencies and in the application of analytics for various purposes. Joel's IT management career spans several industries, including manufacturing, healthcare analytics, and financial services, in multiple senior management and consultative positions. Joel is also an MBA graduate of the University at Albany.

Scott Sattler

Scott Sattler has been working in Cyber Defense for over 20 years.  Currently working as a Cyber Forensic Manager for a Fortune 15 company, his past experiences in DOD, State government and other large enterprises has helped him design and deploy solutions to manage the ever changing Cyber Threats.

Mike Semel

Semel Consulting LLC

Mike Semel is the President and Chief Security Officer of Semel Consulting, focused on HIPAA (and other regulatory) compliance and Business Continuity planning. Mike is a Certified Security Compliance Specialist, Certified Business Continuity Professional, Certified HIPAA Professional, Certified HIPAA Security Professional, and Certified Health IT Specialist. He has owned or managed technology companies for over 30 years; served as Chief Information Officer (CIO) for a hospital and a K-12 school district; and managed operations at an online backup company.

Mike helped CompTIA develop the Security Trustmark Plus certification for businesses; chaired CompTIA's IT Security Community from 2010 - 2012; and is an active member of the FBI's Infragard program, Mike has authored HIPAA training courses and has had numerous articles published in magazines and on websites. He is a nationally-recognized speaker.

Michael Singer


In his current role, Michael is responsible for security technology architecture and development.  He has been granted several U.S. patents and has a strong background in data analysis, network security and technology development.    Michael joined AT&T in 1990, supporting application development.  He served in a variety of roles in the network services organization including technical support, switch engineering, volume forecasting and technology planning.  During his tenure, Michael has managed a variety of work centers responsible for provisioning, web hosting, security operations and technology development.  Since 2002, Michael has been focused on delivering security capabilities.  He led the development of AT&T's security operations, threat management platform and various managed security services.  Michael earned an MBA from the Goizueta Business School at Emory University and a Bachelor's degree in Business Administration with an emphasis in Information Systems from the Bloch School at the University of Missouri - Kansas City.  Michael has given numerous security talks at industry conferences including InfoSec, Mobile World Congress, the Gartner Risk Summit and the AT&T Cyber Security Conference.  He has supported not-for-profit, Renew International, as a member of the Board of Trustees since 2012.  Michael's U.S. patents include:  * Method and Apparatus for Suppressing Duplicate Alarms (, , )  * Method and Apparatus for Generating a Reconnaissance Index ()  * Method and Apparatus for Detecting Anomalous Network Activities ()  * Method and Apparatus for Integrated Network Security Alert Information Retrieval ()  * Method and Apparatus for Distributing Network Security Advisory Information ()

Ben Smith

RSA, The Security Division of EMC

Ben Smith is Field Chief Technology Officer (Field CTO - East) with RSA, The Security Division of EMC. He is based in the greater Washington DC metro area and supports key enterprises securing sensitive assets. He is a twenty-five-year veteran of the networking, information security and telecommunications fields. His prior employers include UUNET, Intuit, CSC, and the US Government, along with a string of technology-oriented startups. He holds a number of professional technical certifications, including the Certified Information Systems Security Professional (CISSP) certificate, and has presented on RSA's behalf, both domestically and internationally, at cybersecurity events sponsored by Gartner, FS-ISAC, ISSA, ICI, (ISC)2, ISACA, InfraGard, HTCIA and other organizations.

Bruce Snell

Intel Security

Bruce Snell is the Cybersecurity and Privacy Director at Intel Security. Bruce has been with McAfee/Intel Security for almost 15 years, and was the Technical Director for Intel Security Japan for 3 years before attaining his current position.

Prior to McAfee, Bruce worked in the trenches doing system and network security for various dot-com startups and Fortune 500 companies. Bruce's involvement in computer security dates back to dial up bulletin board systems and a time before the internet had pictures. At then McAfee, Bruce has worked with many organizations from national governments and large enterprises to small family owned businesses to help them understand the nature of the cyber security threat and how they can be better prepared for future attacks. Keeping up to date on current and future threats is Bruce's passion, which has led him to appearances on local and national news around the globe as well as speaking engagements at industry conferences. Bruce's recent speaking engagements include the Conference Board's Customer Experience Conference and IoT Evolution East.

Deborah Snyder

New York State Office of Information Technology Services

Deborah A. Snyder serves as Deputy Chief Information Security Officer (CISO) for the New York State Office of Information Technology Services (ITS). In her role as Deputy CISO, she directs the Enterprise Information Security Office's comprehensive governance, risk management and compliance program. She provides business-aligned strategic leadership and vision, promoting industry standards and risk-based investments to maximize business opportunity and minimize risk.

From November 2001 to November 2012, she served as the Chief Information Security Officer for the New York State Office of Temporary and Disability Assistance (OTDA), where she established and lead the agency's Information Security Office and comprehensive Information Security Assurance Program. She informed and advised executive management on security governance, risk and compliance, and managed a portfolio of initiatives designed to increase awareness, mitigate risk, optimize protection of information assets and prevent, detect and recover from incidents.

Ms. Snyder has extensive experience in state and local government program administration, information technology and information security services. Prior to serving as the agency's CISO, Ms. Snyder served as the Director of Human Services Modernization, leading program reform, redesign and system modernization initiatives encompassing multiple agencies and systems, managing state program, IT, and vendor resources to deliver innovative program and technology solutions.

Ms. Snyder is an active participant and contributor to the IT and Information Security community. She has championed efforts to strengthen the State's information security posture and advance the profession at large. She has served as Co-Chair of the NYS Forum Information Security Work Group, VP of Education for the local ISACA Chapter, and is a member of the Project Management Institute, InfraGard, Information Systems Security Association (ISSA), Information Systems Audit and Control Association (ISACA), and the Institute of Internal Auditors (IIA). She co-authored the book entitled "SECURE - Insights From The People Who Keep Information Safe," which offers industry leaderships insights and perspective, and has received recognition for excellence in government information services, and outstanding contributions to the field of information security and cyber security. She is a highly regarded speaker and instructor on topics critical to executive-level business and IT professionals.

Ms. Snyder graduated from the State University of New York at Albany, and holds several industry certifications including Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), SANS Global Information Assurance Certification in Security Leadership (GIAC GSLC) and Project Management Professional (PMP).

Dr. Peter Stephenson

Dr. Peter Stephenson is the Technology Editor and author of the "Threat Hunter" blog in SC Magazine, a leading industry publication for which he has written for over twenty years. He is a cyber criminologist, digital investigator and digital forensic research scientist as well as being a writer, researcher and lecturer on cyber threat analysis, cyber criminology, cyber jurisprudence and cyber forensic investigation (cyber criminalistics) on large-scale computer networks.

He has lectured extensively on digital investigation and security, and has written, edited or contributed to 20 books and several hundred articles and peer-reviewed papers in major national and international trade, technical and scientific publications. He is the series editor of the new Peter Stephenson Series on Cyber Crime Investigation (Auerbach). He spends his time in retirement as a writer and researcher specializing in cyber threat analysis, cyber criminology, and cyber jurisprudence.

Dr. Stephenson was an Associate Professor and the Chief Information Security Officer for Norwich University and, prior to his retirement in July of 2015, was Director of the Norwich University Global Cyber Threat Observatory and Center for Advanced Computing and Digital Forensics, both of which he founded. He received the Distinguished Faculty Award in the Norwich College of Graduate and Continuing Studies. He retired from the university in July, 2015 and was awarded the permanent academic rank of Professor Emeritus by his colleagues and the University Board of Trustees. He currently is conducting a research project at the State University of New York at Albany where he supervises a PhD candidate as his research assistant.

Dr. Stephenson has lectured or delivered consulting engagements for the past 42 years in eleven countries plus the United States and has been a technologist for fifty-two years. He operated a successful consulting practice for over 30 years and has worked for such companies as Siemens, Tektronix and QinetiQ (UK). Dr. Stephenson began his information assurance career in 1964 as a crypto tech in the US Navy.

Dr. Stephenson obtained his PhD by research in computing at Oxford Brookes University, Oxford, England where his research was in the structured investigation of digital incidents in complex computing environments. He holds a Master of Arts degree (cum laude) in diplomacy with a concentration in terrorism from Norwich University.

He has been on the editorial advisory boards for several publications was an information assurance advisor for four years for Combined Endeavor (the world's largest international joint interoperability exercise including over 40 countries) and is a cyber forensics advisor for the state of Vermont.

Dr. Stephenson has retired as a Fellow of the American Academy of Forensic Sciences, and the Vidocq Society of which he was a full member. He is a member of the Albany chapter of InfraGard. He held - but has retired from - the CCFP, CISSP, CISM, FICAF and FAAFS designations and currently is a licensed professional investigator (Michigan).

David Stern

Department of Homeland Security's Office of Cybersecuty and Communications

David Stern is the Deputy Director of the State, Local, Tribal, and Territorial (SLTT) Cybersecurity Program within the Department of Homeland Security's (DHS) Office of Cybersecurity and Communications (CS&C). In his role, David builds strong partnerships with associations such as the National Governors Association and National Association of Counties to raise the profile of cybersecurity programs in SLTT Government. He also works with state chief information officers and chief information security officers, as well as governor's homeland security advisors to help State and local governments strengthen their cybersecurity postures. David develops, promotes, and implements policies and initiatives that fully integrate government agencies, at all levels, into Federal cybersecurity plans, procedures, and exercises. The SLTT Cybersecurity Program provides state, local, tribal and territorial organizations with resources to assess and mitigate risk to critical cyber infrastructure.

John Stoner

Splunk Inc.

John Stoner joined Splunk in 2015 as a Federal Security Strategist.  In his current capacity, he leverages his years of knowledge around Log Management, Compliance, SIEM, SOC operations and threat intelligence to provide better situational awareness and analytics in support of federal and state agencies.  Previous to joining Splunk, he supported the Intelligence Community and other Federal Government customers as a Systems Engineer at ArcSight and led the Public Sector systems engineering team following the acquisition of ArcSight by HP.  Before HP, he was at Symantec in a series of expanding technical positions including Lead Principal of their Cyber Threat Analysis Program. John has presented at various industry symposia, including SANS CDI, DHS GFIRST and DoD Cybercrimes Conference and has briefed members of the US Congress and other senior government leaders on the cyberthreat landscape.  John holds a B.S. in Quantitive Business Analysis from Penn State University.

Abel Sussman


Abel Sussman is the Director for Coalfire Public Sector practice.  For more than 18 years, Abel has been helping organizations implement new systems and transform stagnant programs. He is a nationally recognized industry expert and has presented on information security and cloud computing for the Federal Bureau of Investigation, Department of Homeland Security, Department of Defense and various information security organizations. He has published educational materials and conducted training events focusing on topics such as FedRAMP, Cloud Security and Compliance, and Identity Management. He is a regular speaker at the international Global Identity Summit and Biometrics Consortium Conference. He is a graduate of the State University of New York holding an MBA and bachelors in Computer Science.

Logan Tierney

New York State Department of Health

Logan Tierney is a key member of the NYSDOH team working on Delivery System Reform Incentive Payment (DSRIP), a federally funded program initiated to lower cost and improve quality within the NYS healthcare system. Logan, who has assisted with various policy developments since DSRIP launched in 2014, currently manages the DSRIP program's state-to-provider data sharing arrangements. Logan assists 25 Performing Provider System networks with one of the key components to the execution of DSRIP implementation: managing the exchange of NYS-derived protected health information, including the release and review of security plans. With a master's degree in Biological Anthropology and prior work at the Center for the Elimination of Minority Health Disparities, Logan also has background in population health with a focus on how social determinants affect minority health.

Steve Treglia

Absolute Software Corporation

Since November, 2010, Stephen Treglia has been Legal Counsel for the Investigations Section at Absolute Software Corporation (the leading maker and distributor of mobile tracking software for stolen devices), and HIPAA Compliance Officer for that group since January, 2013. In March of 2015, he received his HealthCare Information Security and Privacy Practitioner (HCISPP) Certification from (ISC)2. Prior to joining Absolute, he concluded a 30-year career as a prosecutor in New York, having created and supervised one of the world's first computer crime units from 1997-2010. For 10 years prior, he supervised numerous organized crime investigations in the New York City metropolitan area. Treglia's areas of legal expertise related to technology include: healthcare data security and privacy, search and seizure of digital evidence, computer forensics performed in a legally admissible manner and the general admissibility of computer-generated evidence. Since 2004, he has routinely assisted in training computer forensic examiners with the FBI's Computer Analysis Response Team.

Anton Venter

New York State Department of Health

Anton Venter is an accomplished healthcare executive with significant experience leading digital health and healthcare reform programs. As Chief Information Officer, Anton leads and directs the technology resources for NYS Medicaid and manages a portfolio of mission-critical, enterprise-level transactional systems and technology operations, as well as assisting in joint business-and-IT modernization initiatives. This includes technology procurements that have an overall goal of implementing a service-oriented architecture capable of meeting the multiple needs of the NYS Medicaid program.

Tyler Wrightson


Tyler Wrightson, Alphabet Soup, is the author of Advanced Persistent Threat Hacking and Wireless Network Security: A Beginner's Guide. Tyler is the founder and president of Leet Systems, which helps organizations solve the hacker problem, by focusing on technical challenges.   LeetSystems focuses on offensive security services such as Penetration Testing and Red Teaming to secure organizations against real world attackers. Tyler has over Fifteen years experience in the IT security field across many industries including healthcare and financial services with extensive experience in many areas of technical security including networking, systems architecture, offensive security and penetration testing. Tyler holds industry certifications such CISSP, CCSP, CCNA, CCDA, and MCSE. Tyler has also taught classes for CCNA certification, wireless security, network security, and penetration testing. He has been a frequent speaker at industry conferences including NYS CyberSecurity Conference, Derbycon, BSides, Rochester Security Summit, ISACA, ISSA, and others. Follow his security blog at http://blog.leetsys.com.

Robert Zeglen


Rob is the Security Practice Leader at NYSTEC and has more than 22 years of experience in Information Technology (IT). He has a broad range of experience in IT and associated technologies, including identity and access management, systems programming, performance computing, systems administration, information security architectures, web security, risk analysis, and security compliance and training. He has extensive experience in the private sector, having worked at Netscape, Sun Microsystems, GE Global Research, and Knolls Atomic Power Lab. Rob holds an undergraduate and M.S. degree in Computer Science and is a Certified Information Security Systems Professional (CISSP).

Corey M. Zeigler

Corey M. Zeigler serves as the Regional CIO & North Country Health Information Partnership (N-CHIP) Director for the Fort Drum Regional Health Planning Organization (FDRHPO) bringing over 25 years of IT experience and strategic leadership as well as over 10 years of healthcare administration.

Corey was born in Denver Colorado, but grew up in Thunder Bay, Ontario, Canada.  Upon finishing school, he joined the U.S. Army, serving in Desert Shield/Storm, Haiti, Somalia, and Bosnia as a helicopter pilot and officer for 13 years.  After being honorably discharged from the military, Corey managed the Battle Simulation Center on FT Drum, where he was responsible for strategic and logistical training programs designed for executive leadership utilizing computer simulation to provide real-time feedback.  Corey entered the healthcare field as the Chief Information Officer (CIO) for Canton-Potsdam Hospital (CPH) in Potsdam, NY.  He brought technology and leadership best practices from other industries to transform the organization, culminating in CPH's recognition by Hospitals & Health Networks' as "The Most Wired" in the small and rural category. 

As the Regional CIO & N-CHIP Director for a community consortium of 7 hospitals, and 60 practices surrounding Fort Drum, Corey lead a Health IT initiative that has invested over $13.4 million dollars into the community in order to connect the hospitals, practices and over 200 providers to better coordinate care.  Fort Drum, the home of the 10th Mountain Division, the most deployed unit in the Army, has nearly 40,000 soldiers, family members and civilians.  Fort Drum is unique as it is the only military installation, of its size, in the US with a fully integrated/shared health system with the surrounding community, saving the military the cost and complexity of operating a hospital on post and strengthening the community's health system through shared resources.   Recently, the FDRHPO is leading the regional efforts to implement the Medicaid Redesign Team (MRT) Waiver for the North Country Initiative (NCI), one of the Performing Provider Systems (PPS) in northern NY.  Titled the Delivery System Reform Incentive Payment (DSRIP) Program, this 9-Billion-dollar statewide program is heavily reliant on technology to succeed and will fundamentally change the healthcare system in our community and across NY State.

Corey received his BS in Professional Aeronautics from Embry-Riddle Aeronautical University and his MBA in IT Management from Capella University.  He currently lives in Harrisville, NY with his son and Bernise Mountain Dog, named Guinness.  During the summer, he guides for a whitewater rafting company and in the winter guides ice climbing in the Adirondacks.