2018 New York Security Summit

Joseph Feiman

Chief Strategy Officer, WhiteHat Security

Joseph Feiman, PhD, is the Chief Strategy Officer at WhiteHat Security, a leading application security provider. Feiman is responsible for WhiteHat's overarching business strategy and vision, to further its success in empowering secure development and operations. Previously, Feiman worked for Gartner as Research Vice President and Fellow. During his tenure at Gartner, he served as a trusted resource for security executives and professionals across the globe, co-founding the application security market category. Prior to joining WhiteHat Security, Feiman was chief innovation officer at application security vendor Veracode, helping the company to reach its peak.

View all sessions by Joseph Feiman

Randy Trzeciak

Director, CERT Insider Threat Center, CMU

Trzeciak heads a team focusing on insider threat research, threat analysis and modeling, assessments and training. He has more than 20 years of experience in software engineering, focusing on database design, development and maintenance. In addition to his role with CERT, he is an adjunct professor at Carnegie Mellon's Heinz College, Graduate School of Information Systems and Management.

View all sessions by Randy Trzeciak

Kenneth (KC) Carnes

CISO, New York Power Authority

As the Vice President and Chief Information Security Officer at New York Power Authority, Kenneth Carnes is charged with to ensuring the secure future of integrated power systems, to meet the needs of the largest state-owned utility. He has experience supporting all verticals of electric operations from the perspectives of security, information & operational technology. Carnes is passionate about information sharing, and building partnerships to enable understanding of emerging threats in this fast changing industry and is also involved in various security organizations and industry groups. Carnes currently serves as the National Sector Chief of Energy with InfraGard.

View all sessions by Kenneth (KC) Carnes

John Checco

Resident CISO, Proofpoint former SVP, Global Information Security Innovation Group, Bank of America

Checco is an information security professional providing subject matter expertise across various industries. He currently resides as leader for the CISO Advisory Board on Financial Services for Proofpoint, and President Emeritus of the New York Metro InfraGard Members Alliance (an FBI public/private partnership program).

He has been an active contributor to the Strategic Advisory & Content Committee of the WSTA (Wall Street Technology Association) since 1997, active in InfraGard's NY Metro Chapter since 2003, member in several other security organizations (ASIS, ISSA, IASCP, ISC2, and OWASP), and co-founder and co-chair for the NY Metro Joint Cyber Security Conference & Workshop series since 2014.

Prior to his current role, John was SVP for Bank of America's Global Information Security Innovation Group. In this role, he was integral in the establishment of the Zero Trust Architecture strategy, an author for official guidance for Responsible Automation, a key contributor in the multi-firm Financial Systemic Analysis & Resiliency Center (FSARC), and the inaugural participant in the DHS Loaned Executive Program. John also served as Senior Information Security and Risk Advisor for Bloomberg L.P. where he introduced the BISO role to their various lines of business.

View all sessions by John Checco

Dora Gomez

President NYCFE, InfraGard Board Member, FinCrime Consultant.

Gomez has over 25 years of experience in insurance and financial services and is currently with Ernst & Young's IT Advisory - Financial crimes, Fraud and Compliance team. She spent 17 years with the AXA Group in various leadership roles in Audit, Fraud Risk Management, AML, GRC, ERM, and IT Security, including significant international experience and perspectives. Following her return to the U.S. from an expat assignment in Paris France, she was Audit Director and Global Fraud Officer for AXA Technology Services where she created the company's Anti-Fraud Policy, including investigations/whistleblower incidents, and managed a fraud mitigation program. She held positions as Audit Chief of Staff and Risk Officer as well - establishing the audit department's global departmental practices and governance. Dora is an active Board Director of InfraGard's New York Metro Chapter (affiliated with the FBI) and was the recipient of the InfraGard Northeast Region IMA Leadership Award in 2019. She is a Board Officer of the Association of Certified Fraud Examiners New York Chapter and is the current Audit Committee Chair for the High Technology Crime Investigation Association. She is a steering committee member for the annual New York Metro Joint Cyber Security Conference.

View all sessions by Dora Gomez

Tonguc Yaman

CIO, SOMOS

Tonguç Yaman is a leader in health informatics and cultural change management. He is passionate about adapting IT to the needs of healthcare providers and their patients. Through his diverse career, Yaman has led global initiatives in finance, IT, and healthcare. He currently serves as the first Chief Information Officer of SOMOS, a network of New York City physicians, specialists, community-based organizations and other providers who deliver high-quality, patient-centered care in a comprehensive, coordinated, and accessible manner to individuals and families participating in the Medicaid program. Prior to joining SOMOS, he served as the Deputy CIO of Bellevue Hospital, the largest public hospital in New York City.

View all sessions by Tonguc Yaman

Gregory Wilshusen

Director, Information Security Issues, U.S. Government Accountability Office

Wilshusen joined the GAO, the investigative arm of Congress, in 1997, and oversees its IT security investigations and audits of federal government agencies and programs. He is a frequent witness before Congressional panels, testifying on government IT security. A certified public accountant, certified internal auditor and certified information systems auditor, Wilshusen previous served as the controller for the North Carolina Department of Environment, Health and Natural Resources, and held senior auditing positions at Irving Burton Associates, a professional and technical services firm, and with the U.S. Army Audit Agency.

View all sessions by Gregory Wilshusen

Stephen R. Katz

Former CISO, Merrill Lynch and Citi

Steve Katz is the founder and President of Security Risk Solutions, LLC. He continues to serve on many advisory boards, having been named as the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC). Katz joined Citicorp/Citigroup following a Russian hacking incident in 1995. At Citi, he was named as the industry's first Chief Information Security Officer. Katz then joined Merrill Lynch as CISO/CPO, where he organized and instituted the company-wide privacy and security program. In addition to testifying before Congress on numerous information security issues and mentoring many Fortune 50 CISOs, he was appointed as the first Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury.

View all sessions by Stephen R. Katz

Diana Kelley

Cybersecurity Field CTO, Microsoft

Diana Kelley is the Cybersecurity Field CTO for Microsoft and a cybersecurity architect, practitioner, executive advisor and author. At Microsoft, she leverages her 25+ years of cyber risk and security experience to provide advice and guidance to CSOs, CIOs and CISOs at some of the world's largest companies and is a contributor the Microsoft Security Intelligence Report (SIR). She was the Global Executive Security Advisor at IBM Security where she built and managed the IBM Security Research Community Newsroom process and was a regular contributor to IBM X-Force research. Kelley is a faculty member with IANS Research, an Industry Mentor at the CyberSecurity Factory and a guest lecturer at Boston College's Master of Science in Cybersecurity program. She serves on the Board of Directors at the non-profit Sightline Security, was an IEEE "Rock Star of Risk" in 2016, speaks frequently at major conferences and co-authored the book Cryptographic Libraries for Developers.

View all sessions by Diana Kelley

Keith Carlson

General Manager, Payments and Fraud Prevention, Amazon Web Services

Keith Carlson currently serves as general manager for payments and fraud prevention at Amazon. As global leader of Amazon Web Services, he is responsible for fraud prevention in the "order-to-cash" process and the AWS commerce platform. Prior to joining Amazon in 2011, he was responsible for application development and embedded engineering of the slot data systems for Bally Technologies.

View all sessions by Keith Carlson

Ryan Schmiedl

General Manager, Fraud and Financial Crimes Prevention, Amazon Web Services

As lead for the Fraud Prevention team at Amazon Web Services, Ryan Schmiedl is responsible for protecting Amazon and its customers from fraud - users attempting to use services without payment or authorization. He oversees AWS fraud prevention vision and direction as well as day-to-day operations. His organization of research scientists, software developers, investigators and product & program managers work closely with the product teams to ensure fraud prevention best practices, minimizing customer friction where possible. Prior to joining AWS, Schmiedl held leadership roles at SAS, Innovative Systems, CGI and Software Engineering Institute, overseeing professional services, marketing and R&D organizations. His expertise includes software development, data management, machine learning, real-time analytic systems, and fraud & financial crimes prevention. He has built solutions for fraud prevention and anti-money laundering detection that are used by fortune 500 organizations and top government agencies.

View all sessions by Ryan Schmiedl

Brett Johnson

Former Most Wanted and "The Original Internet Godfather"

Former United States Most Wanted, Brett Johnson, referred to by the United States Secret Service as "The Original Internet Godfather" has been a central figure in the cybercrime world for over 20 years. He built and was leader of ShadowCrew, the precursor to today's darknet markets. He was instrumental in developing many areas of online fraud while helping design, implement, and refine modern Identity Theft, Account Take Over Fraud, Card Not Present Fraud, IRS Tax Fraud, and countless other social engineering attacks, breaches, and hacking operations. Upon his capture, the United States Secret Service hired Johnson to work as a consultant and informant. Johnson worked with the Secret Service for several months before going on a cross country crime spree, being placed on the US Most Wanted List, being captured again, sent to prison, escaping prison, being captured yet again, and finally accepting responsibility for his actions. Today, Johnson works as a security consultant and public speaker. He is one of the world's foremost authorities on cybercrime and identity theft. During 2017, He has been featured in the book, "Kingpin" by Kevin Poulsen and on numerous media outlets, including the New York Times, NBC, CNN Money, Wired Magazine, Vice, RT TV, ArsTechnica, The Independent, and more.

View all sessions by Brett Johnson

Avivah Litan

VP and Distinguished Analyst, Gartner Research

Litan is a vice president and distinguished analyst at Gartner Research. Her areas of expertise include endpoint security, security analytics for cybersecurity and fraud, user and entity behavioral analytics, insider threats, fraud detection, and prevention and identity proofing.

View all sessions by Avivah Litan

Shira Rubinoff

President, SecureMySocial

Shira Rubinoff is a cybersecurity executive, advisor, speaker, and influencer, who has built two cybersecurity product companies, and led multiple women-in-technology efforts. She currently serves as President of social-media-security firm, SecureMySocial, and President of the New York-based technology incubator, Prime Tech Partners; she sits on the boards of the Executive Women's Forum for Information Security and Leading Women in Technology, and on the Advisory Boards of blockchain company, Mainframe, and of AI - powered, TrueConnect. Rubinoff is considered an expert in the Human Factors of information technology and cybersecurity and has been calculated by analysts to be the top female cybersecurity influencer on social media worldwide.

View all sessions by Shira Rubinoff

Jim Routh

Chief Information Security Officer, Aetna

Jim Routh is the Chief Security Officer and leads the Global Security function for Aetna. He is the Chairman of the NH-ISAC Board. He serves on the Board of the National Cyber Security Alliance and is a member of the Advisory Board of the ClearSky Security Fund. He was formerly the Global Head of Application & Mobile Security for JP Morgan Chase. Prior to that he was the CISO for KPMG, DTCC and American Express. Jim is the winner of the 2016 Security Alliance Award for Innovation, 2016 ISE Luminary Leadership Award, the Northeast and the 2014 North American Information Security Executive of the Year for Healthcare, the 2009 BITS Leadership Award sponsored by the financial industry in collaboration with NIST and the Department of Treasury.

View all sessions by Jim Routh

Jennifer Bayuk

CEO, Decision Framework Systems

Jennifer Bayuk is an independent consultant on topics of information confidentiality, integrity, and availability. She is engaged in a wide variety of industries with projects ranging from oversight policy and metrics to technical architecture and requirements. Jennifer has a wide variety of experience in virtually every aspect of the Information Security. She was a Chief Information Security Officer, a Security Architect, a Manager of Information Systems Internal Audit, a Big 4 Security Principal Consultant and Auditor, and a Security Software Engineer. Jennifer frequently publishes on information security and audit topics. Jennifer has lectured for organizations that include ISACA, NIST, and CSI. She is certified in Information Systems Audit (CISA), Information Security Management (CISM), Information Systems Security (CISSP), and IT Governance (CGEIT). She has Masters Degrees in Computer Science and Philosophy.

View all sessions by Jennifer Bayuk

Gerald Beuchelt

CISO, LogMeIn

Gerald Beuchelt is the Chief Information Security Officer at LogMeIn. He is responsible for the company's overall security, compliance, and technical privacy program. With more than 20 years of experience working in information security, he is a member of the Board of Directors and the IT Sector Chief for the Boston Chapter of Infragard. In his prior role, Gerald was the Chief Security Officer for Demandware, a Salesforce Company. He holds a Master of Science degree in theoretical physics.

View all sessions by Gerald Beuchelt

Mark Bower

General Manager and CRO, Egress Technologies

Bower, who has two decades of experience at security companies in the U.S., Australia and the U.K., has expertise in data protection and information risk reduction. Before joining Egress, he headed product and business strategy for Voltage Security.

View all sessions by Mark Bower

General Gregory Touhill, Retired

First US CISO & President, Appgate Federal

Greg Touhill is one of the nation's premier cybersecurity and information technology senior executives. A highly experienced leader of large, complex, diverse and global cybersecurity and information technology operations, Touhill was selected by President Obama as the US government's first Chief Information Security Officer (CISO). His other civilian government service includes duties as the Deputy Assistant Secretary for Cybersecurity and Communications in the US Department of Homeland Security and as Director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. Touhill is a retired Air Force general officer, a highly-decorated combat leader, an accomplished author, a former American diplomat, and a senior executive with documented high levels of success on the battlefield and in the boardroom.

View all sessions by General Gregory Touhill, Retired

Matt Konwiser

Technical Sales Manager - Financial Markets North America, IBM

Matt Konwiser has been involved with information technology for almost 25 years, the past 8 focused largely on security topics. He has been working with financial services clients for over ten years, speaking with executives and key business decision makers about risk management, best practices, and cybersecurity innovations specific to financial services technologies. Matt has worked on architectures and applications for cognitive systems, integrating lines of business with fraud and security teams, and most recently has begun to focus more heavily on neural networks and Blockchain. Konwiser is a frequent speaker at industry events and has presented to audiences around the world on topics including IT innovation and business-technology alignment.

View all sessions by Matt Konwiser