
2019 NY Security Summit

Neal Conlon
Senior Vice President of Business Development, AppGuard
Neal Conlon currently serves as Senior Vice President of Business Development for AppGuard. He is dedicated to ensuring clients and partners are successful in protecting their business, mitigating risk, and doing it in a meaningful way. Before Appguard, Conlon was Sales Director at Plurilock, a behavioral monitoring startup with a focus on insider threat. In addition, he has worked for companies that include Morgan Stanley, Guggenheim Partners, and Cushman Wakefield.

Ryan Davis
CISO, Veracode
Ryan Davis currently serves as the Chief Information Security Officer for Vearcode. He is responsible for ensuring the security and compliance of thousands of assets in a highly scalable SasS environment. Davis has more than 15 years of experience in information technology and security in various industries. Prior to joining Veracode, Davis supported a number of different Department of Defense customers at MIT Lincoln Laboratory in various Information Assurance roles.

Devon Bryan
Executive Vice President & CISO, Federal Reserve System
Devon Bryan currently serves as Executive Vice President and Chief Information Security Officer for the National IT Organization of the Federal Reserve System. As the System-level CISO since 2016, he is responsible for ensuring the Fed's information security policies, architecture, programs and incident response team remain effective and efficient. Bryan joined the Federal Reserve from Fortune 500 outsourced payroll and human resources provider ADP, where he served as Global Chief Information Security Officer (CISO). He led ADP's information security strategy, collaborating across the company's geographically dispersed business operations to ensure coordination, consensus, and effective cybersecurity protections across global operations. Prior to joining ADP in 2011, Bryan served as the Deputy Chief Information Security Officer (CISO) for the Internal Revenue Service (IRS) after directing the IRS's FISMA-compliant information security program and leading the IRS's incident response team. His information security career began in the U.S. Air Force, where he served as a Captain and lead network security engineer working on systems and programs to protect the critical network and communications networks of the Air Force's Air Combat Command. Bryan is Co-founder of ICMCP (International Consortium of Minority Cybersecurity Professionals), a 501c3 non-profit which he launched in 2014 and geared toward improving the underrepresentation of women (11%) and minorities (13%) in the field of cybersecurity through academic scholarships, certifications, mentoring and networking opportunities.

Brian Harrell
Assistant Director for Infrastructure Security, U.S. Cybersecurity and Infrastructure Security Agency
Brian Harrell was appointed by the President of the United States in December 2018 to serve as the Department of Homeland Security's Assistant Secretary for Infrastructure Protection. He now serves as the first Assistant Director for Infrastructure Security within the newly renamed Cybersecurity and Infrastructure Security Agency (CISA). Harrell is the former Managing Director of Enterprise Security at the Duke Energy Corporation. He is also the former Director of the Electricity Information Sharing and Analysis Center (E-ISAC) and Director of Critical Infrastructure Protection Programs at the North American Electric Reliability Corporation (NERC), where he was charged with helping protect North America's electric grid from physical and cyber attacks. Harrell has spent time during his career in the US Marine Corps and various private sector agencies with the goal of protecting the United States from security threats.

Everett Stern
CEO & Intelligence Director, Tactical Rabbit
Everett Stern currently serves as CEO and Intelligence Director of Tactical Rabbit, a private intelligence agency that provides clients with actionable business intelligence. He made international headlines as a government whistle-blower who helped uncover one of the largest banking scandals of all time. When Stern joined HSBC Bank in 2012, he discovered that the bank was facilitating the transfer of hundreds of millions of dollars by terrorist organizations and major drug dealers, in clear violation of U.S. law. Stern quit HSBC and filed a whistle-blower claim with the SEC. In late 2012, in part as a result of Stern's efforts, HSBC agreed to pay a record $1.9 billion in fines to U.S. authorities. Stern later founded Rabbit Capital Management, a hedge fund, dedicated to uncovering fraud and money laundering activity that feeds the financial needs of terrorist organizations and drug cartels. He has been featured in dozens of news articles and broadcasts, and appeared in a Netflix documentary, "Dirty Money," on Wall Street and corporate greed.

Craig Harber
CTO, Fidelis Cybersecurity
Craig Harber currently serves as Chief Technology Officer at Fidelis Cybersecurity. He is responsible for directing the product strategy for the organization, ensuring that the technology developments align and compliment the frameworks at the forefront of the industry. Prior to joining Fidelis, Harber held senior technical roles at USCYBERCOM, driving major initiatives in cybersecurity and information assurance, having far reaching strategic impact across the Department of Defense (DOD) and Intelligence Community (IC). His distinguished career began at the National Security Agency (NSA), where he invented the threat-based cybersecurity strategy known as NIPRNet SIPRNet Cyber Security Architecture Review (NSCSAR) that provided DOD policymakers a framework to objectively measure the expected value of cybersecurity investments. Harber transformed Active Cyber Defense concepts into capability pilots, commercial product improvements, industry standards, and operational solutions. He also directed the Integrated Global Information Grid (GIG) IA Architecture; raising the importance of IA to all warfighting platforms resulting in multi-billion dollar increase in DOD IA investments.

Mike Krygier
Deputy Chief Information Security Officer, NYC
Mike Krygier currently serves as the Deputy Chief Information Security Officer responsible for Urban Technology at New York City Cyber Command. He oversees the cybersecurity programs for Smart City initiatives and IoT, Elections and Critical Infrastructure, Mobility, Cloud Computing, Connected Vehicles, and Next Generation 9-1-1, amongst others. With more than 19 years of information technology and security expertise, Krygier came to the City of New York from a position as a Principal Consultant at Mandiant where he advised Government, Financial, Energy, Mining, Software and other industry clients on Cybersecurity strategy. He has previously held security leadership roles at a Fortune 500 global human resources company, a leading national law firm in Canada, and Accenture.

Randy Sabett
Special Counsel, Cyber/Data/Privacy Practice Group, Cooley LLP
A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.

Eugene Liderman
Director of Mobile Security Strategy, Google
Eugene Liderman recently joined Google as a Director of Mobile Security Strategy. In this role, he leads efforts around android security evangelism, certifications, and other special programs. Liderman has over 18 years of experience in the Information Technology field specifically around mobile security, directory services, and enterprise email. Prior to Google, he was a Director of Product Management at VMware. Previously, he worked on mobile security product offerings at Good Technology.

Michael La Marca
Associate, Hunton Andrews Kurth
Mike La Marca advises multinational clients on compliance with all federal, state and international privacy and data security laws, and managing privacy and cybersecurity risks and policy issues. He also regularly assists companies with developing and implementing their information security programs and addressing related governance issues. La Marca has managed several large-scale cybersecurity incidents, including advising on data breach response and notification obligations. He also regularly assist clients with negotiating and drafting privacy and data security terms in commercial contracts and M&A transactions. Mike is a certified information privacy professional (CIPP/US) by the International Association of Privacy Professionals (IAPP).

Kristen Mathews
Partner, Morrison & Foerster LLP
Kristen Mathews currently serves as a partner in Morrison & Foerster's Global Privacy + Data Security Group. For more than 20 years, her practice has focused on advising clients on the full spectrum of the most complex privacy and cybersecurity issues, including regulatory and compliance matters. An early leader in the privacy sphere, Mathews has developed comprehensive knowledge and long-term perspective, cultivated a client base across a broad range of industries, and established herself as one of the top lawyers in her field.

Andy Roth
Chief Privacy Officer, Intuit
Andy Roth is a long-time privacy rights advocate, the Founder of venture-backed payments startup Privacy.com and former Chief Privacy Officer of American Express (voted "Most Trusted Company for Privacy" five years in a row under his leadership). He served as a panelist on the SEC Cybersecurity Roundtable and is a trusted advisor to senior management and boards of directors adhering to the highest standards of ethics and integrity. Roth advises clients on a wide range of technology-driven issues including global privacy and security laws, data strategy, crisis management, fintech, blockchain and diligence in M&A, IPSs, private equity and venture deals.

Randy Sabett
Special Counsel, Cyber/Data/Privacy Practice Group, Cooley LLP
A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.

Chris Hallenbeck
CISO, Americas, Tanium
Chris Hallenbeck is CISO for the Americas at Tanium. He provides security leadership and operational insight gained from over 20 years in both public and private sector. Hallenbeck came to Tanium after almost 7 years of government service at the U.S. Computer Emergency Readiness Team (US-CERT). At US-CERT he designed and built their incident response capabilities, and restructured the team's focus toward strategic remediation with a goal of building more resilient organizations. Over countless IR engagements both with government and private sector victims a common theme emerged: a lack of emphasis on IT security hygiene. Prior to joining US-CERT, Chris worked for RSA Security/EMC as a security engineer and with AOL/Time Warner on their global incident response team. He started his career as a Unix sys-admin at Binghamton University.

James Bernard
Vice President/Investments, Stifel
James Bernard currently serves as a Vice President/Investments with Stifel and an active Secure Member of InfraGard's New York Metro Chapter, (affiliated with the FBI), as well as an active member in ISACA and OWASP. He is a mentor for iQ4's centralized applied learning platform as a subject matter expert on The Insider Threat, helping students in the Cyber Security programs at Brooklyn College, SUNY Albany and CUNY. Bernard has 25 years of experience in financial services as a New York City-based financial advisor to high net-worth individuals, retirement plans, and corporations, analyzing market trends and managing all aspects of goals-based wealth planning and asset management through a comprehensive full service platform. Governance, Risk and Compliance training includes risk, fraud and ethics issues, anti-money laundering, OFAC & Economic Sanctions, as well as cyber security best practices and risk mitigation approaches, among others.

Paul Ferrillo
Partner and Shareholder, Greenberg Traurig, LLP
Paul Ferrillo currently serves as a partner and shareholder at Greenberg Traurig, LLP. He focuses his practice on cybersecurity corporate governance issues, complex securities and business litigation, and internal investigations. Ferrillo assists clients with governance, disclosure, and regulatory matters relating to their cybersecurity postures and the regulatory requirements which govern them. He represents public companies and their directors and officers in shareholder class and derivative actions, as well as in internal investigations. In particular, Ferrillo has coordinated numerous internal investigations on behalf of audit committees and special committees, and handled the defense of securities class actions alleging accounting irregularities and/or financial fraud.

Dora Gomez
President NYCFE, InfraGard Board Member, FinCrime Consultant.
Gomez has over 25 years of experience in insurance and financial services and is currently with Ernst & Young's IT Advisory - Financial crimes, Fraud and Compliance team. She spent 17 years with the AXA Group in various leadership roles in Audit, Fraud Risk Management, AML, GRC, ERM, and IT Security, including significant international experience and perspectives. Following her return to the U.S. from an expat assignment in Paris France, she was Audit Director and Global Fraud Officer for AXA Technology Services where she created the company's Anti-Fraud Policy, including investigations/whistleblower incidents, and managed a fraud mitigation program. She held positions as Audit Chief of Staff and Risk Officer as well - establishing the audit department's global departmental practices and governance. Dora is an active Board Director of InfraGard's New York Metro Chapter (affiliated with the FBI) and was the recipient of the InfraGard Northeast Region IMA Leadership Award in 2019. She is a Board Officer of the Association of Certified Fraud Examiners New York Chapter and is the current Audit Committee Chair for the High Technology Crime Investigation Association. She is a steering committee member for the annual New York Metro Joint Cyber Security Conference.

Amit Patel
Special Agent, FBI
SSA Kachhia-Patel has over 14 years of experience as an FBI Special Agent. During his first seven years, SSA Kachhia-Patel handled foreign counterinlliegence and insider threat matters. SSA Kachhia-Patel, intimately worked Operation Ghost Stories and was responsible for the arrest of the Russian Illegal Anna Chapman. Over the last seven years, SSA Kachhia-Patel has focused his efforts on nation state hacking efforts through field work and program management from FBI Headquarters. Notably, SSA Kachhia-Patel helped to manage large intrusions including the Sony Pictures destructive malware attack and healthcare PII intrusions to name a few. Currently, SSA Kachhia-Patel manages a team investigating nation state sponsored computer network exploitation and attacks.

Mark Sangster
Vice President and Industry Security Strategist, eSentire
Mark Sangster currently serves as eSentire's Vice President and Industry Security Strategist. As a member of the LegalSec Council with the International Legal Technology Association (ILTA), he is a cybersecurity evangelist who has spent significant time researching and speaking to peripheral factors influencing the way that legal firms integrate cybersecurity into their day-to-day operations. In addition to his passion for cybersecurity, Sangster's 20-year sales and marketing career was established with industry giants like Intel Corporation, BlackBerry, and Cisco Systems. His experience unites a strong technical aptitude and an intuitive understanding of regulatory agencies. During his time at BlackBerry, Sangster worked on the first secure devices for government agencies. Since then, he has continued to build mutually beneficial relationships with regulatory agencies in key sectors.

Tim Horton
VP, Global Merchant Security and Compliance Solutions, First Data
Tim Horton currently serves as Vice President of Global Security and Fraud Product Management at First Data. This organization represents the integrated technologies that provide merchants globally a multi-level defense to manage cyber security threats. In this leadership role, Horton is responsible for managing First Data's Cyber Security and Compliance development initiatives for SMB and National Merchants to equip them with the right tools to protect their sensitive data and maintain PCI DSS Compliance. In addition, Horton represents First Data on the PCI DSS Board of Advisors. Horton joined First Data in 1995, and has since held a variety of leadership roles. Prior to his current position, he served in Corporate Strategy working on large company initiatives with third-parties.

Shaked Vax
Trusteer Products Strategist, IBM Security
Vax is the identity and anti-fraud solutions strategist at IBM Security. He is a financial industry subject matter expert specializing in online application security and performance, with a focus on digital banking fraud, digital identity theft prevention, consumer information protection and mobile banking security. With more than 17 years of experience in the security technology industry, Vax has previously held leadership positions for security product lines at Radware, Checkpoint Technologies and Compulite Industries.

John Bennett
SVP & General Manager, Identity & Access Management at LogMeIn
John Bennett serves as General Manager of LastPass by LogMeIn's Identity and Access Management business unit. In this role, he is responsible for the general management and business development of all LogMeIn IAM products including, market-leading password manager and identity solution, LastPass, and remote access and management solutions, LogMeIn Pro, GoToMyPc and LogMeIn Central. With more than 25 years of experience driving growth and leading change for communications and SaaS companies, he joined the company in 2017. Prior to joining LogMeIn, Bennett held several product leadership roles at GetGo, a once wholly-owned subsidiary of Citrix that merged with LogMeIn in early 2017.

Stephen R. Katz
Former CISO, Merrill Lynch and Citi
Steve Katz is the founder and President of Security Risk Solutions, LLC. He continues to serve on many advisory boards, having been named as the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC). Katz joined Citicorp/Citigroup following a Russian hacking incident in 1995. At Citi, he was named as the industry's first Chief Information Security Officer. Katz then joined Merrill Lynch as CISO/CPO, where he organized and instituted the company-wide privacy and security program. In addition to testifying before Congress on numerous information security issues and mentoring many Fortune 50 CISOs, he was appointed as the first Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury.

William Hugh Murray
Management Consultant and Information Assurance Trainer
Murray is a management consultant and trainer in information assurance, specializing in policy, governance and applications. He is a Certified Information Security Professional (CISSP) and chairman of the Governance and Professional Practices committees of (ISC)², the certifying body. He has more than 50 years of experience in information technology and more than 40 years in security. During more than 25 years with IBM, his management responsibilities included development of access control programs, advising IBM customers on security and the articulation of the IBM security product plan. He is the author of the IBM publication "Information System Security Controls and Procedures." He has been recognized as a founder of the systems audit field and by Information Security Magazine as a Pioneer in Computer Security. In 1999, he was elected a Distinguished Fellow of the Information System Security Association. In 2007, he received the Harold F. Tipton Award in recognition of his lifetime achievement and contribution.
- «
- 1 (current)
- 2
- 3
- »
- «
- 1 (current)
- 2
- 3
- »
Session Contributors
Assistant Director for Infrastructure Security, U.S. Cybersecurity and Infrastructure Security Agency
Read BioSpecial Advisor of Cyber Risk, National Association of Corporate Directors (NACD) and Former Sr. Cyber Security Advisor to SEC Chairman
Read BioManaging Director, Global Cyber Risk & Incident Response Services Alvarez & Marsal
Read Bio