
Incident & Breach Response
From a security operations perspective, incident response encompasses the processes and procedures applied to any anomaly or indicator of compromise requiring further investigation, follow-up or other attention.
Incident & Breach Response

Myrna Soto
Chief Security Strategist and Trust Officer, Forcepoint
Myrna Soto is a Partner at ForgePoint Capital, serving as a member the group's Capital Investment Team. Her responsibilities include organizing and continuing to develop the ForgePoint Advisory arm of advisors that includes, the CISO, CIO, CTO communities. Prior to joining ForgePoint Capital, Soto served as Corporate SVP & GCISO (Global Chief Information Security Officer) for Comcast Corp. In this capacity, she was responsible for all security & technology risk management for the Enterprise. Her focus was to develop and maintain the highest standards of Cyber Security, network/infrastructure security, product security, data security strategies, operational efficacy of security programs, policies, and technology risk management that protect the interests of Comcast's customers, employees, critical technology assets, company brands and other critical stakeholders. Prior to joining Comcast, Soto served as CISO & Vice President of Information Technology Governance for MGM Resorts International where she was responsible for Information Security, IT Audit & Compliance, Business Analysis, PMO and the development of a Six Sigma practice. She previously held senior leadership positions with American Express, Royal Caribbean Cruise Line, Norwegian Cruise Lines and Kemper Insurance.

Dave Martin
Senior Director, Product Management - Threat Response, Open Systems
Dave Martin brings to Open Systems more than 20 years of experience with IT security and networking technologies in a variety of engineering, product marketing, product management and business development roles. He currently serves as the Senior Director, Product Management - Threat Response responsible for market positioning, product strategy and feature definition for Open Systems' global extended detection and response services.

Mitch Rosen
Principal Solutions Engineer, Keeper Security
Rosen, a Principal Solutions Engineer at Keeper Security, Inc., has over 30 years of information technology experience that spans startups to Fortune 500 companies, to federal government agencies. A veteran of the United States Navy, Mitch has worked in IT support, devOps, technical training, and solutions engineering. He has focused the last six years helping thousands of organisations better understand and reduce the risks associated with privileged accounts and password.

Malcolm (M.K.) Palmore
VP, Field CSO, Palo Alto Networks
MK Palmore serves as VP, Field CSO (Americas) for Palo Alto Networks. His responsibilities include support of the initiatives headed up by the office of the global Chief Security Officer and continuing to provide thought leadership in the cybersecurity arena through both writing and speaking engagements. Prior to joining Palo Alto Networks, MK served as the Head of the Cyber Security Branch for FBI San Francisco capping a career of public service spanning 32-years. His leadership and investigative experiences while in the FBI included: Cybersecurity, Crisis Response/Management, Risk-Management Advisory Services, and Counter-Terrorism Investigations. MK's cyber security certifications include the CISM, CISSP, GCCC and the Carnegie Mellon University CISO Certification. MK began his professional career as a commissioned officer in the U.S. Marine Corps.

F. Ward Holloway III
Senior Director of Global Strategic Alliances, ForeScout
With 20 years of experience in network and information security, F. Ward Holloway III is the Senior Director of Global Strategic Alliances at ForeScout. In his current role, he is responsible for ForeScout's go to market partnerships and product integrations with key security vendors, including Palo Alto Networks. He has previously held executive, director and engineering positions in business development, sales and engineering at several IT security companies and startups including Check Point Software Technologies, Crossbeam Systems, FireMon and Fireglass (acquired by Symantec).

Malcolm (M.K.) Palmore
VP, Field CSO, Palo Alto Networks
MK Palmore serves as VP, Field CSO (Americas) for Palo Alto Networks. His responsibilities include support of the initiatives headed up by the office of the global Chief Security Officer and continuing to provide thought leadership in the cybersecurity arena through both writing and speaking engagements. Prior to joining Palo Alto Networks, MK served as the Head of the Cyber Security Branch for FBI San Francisco capping a career of public service spanning 32-years. His leadership and investigative experiences while in the FBI included: Cybersecurity, Crisis Response/Management, Risk-Management Advisory Services, and Counter-Terrorism Investigations. MK's cyber security certifications include the CISM, CISSP, GCCC and the Carnegie Mellon University CISO Certification. MK began his professional career as a commissioned officer in the U.S. Marine Corps.

Don Gray
Chief Technology Officer, PacketViper
As CTO for PacketViper, Done Gray leads the Security Engineering Team and is directly involved with Deception360 development, researching new threats, and is an overall information security expert. Gray is regularly quoted in the media as a security expert and has been a cybersecurity speaker at industry events including Gartner Security Summit, Forrester Security Forum and RSA. With over 20 years of high-level experience in technology services organizations, the security industry will remember Don Gray as the founder and CTO of the MSSP Vigilantminds out of Pittsburgh, PA. It was purchased by Solutionary in 2007 when Gray transitioned to chief security strategist and continued his successful career in managed security services. Prior to joining PacketViper, Gray was the VP of Product Marketing at NTT Security (formerly Solutionary) where he led a global team to integrate and develop product marketing across multiple NTT organizations.

Tony Cole
Chief Technology Officer, Attivo
Tony Cole currently serves as Attivo's Chief Technology Officer. At Attivo Networks, he works to drive a cohesive strategy across marketing, sales, and the platform to help ensure Attivo's customers are successful in thwarting the impact from cyber-attacks. He's a public voice for the company as well, educating the market on the cyber deception space and cybersecurity in general. With more than 30 years' experience in government and industry across a variety of roles, he has successfully built program-driven business development teams driving millions in revenue, large global consulting teams assisting customers in all aspects of security defense and operations. He's a well-known global strategist and evangelist in cybersecurity working to educate on the evolving threat to our interconnected world. Cole is on the Board of Directors for (ISC)² and Silent Circle; and also serves on the NASA Advisory Council. He's also a former president of ISSA-DC.

Rocco Grillo
Managing Director Global Cyber Risk & Incident Response Services, Alvarez & Marsal
Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has been a trusted partner of multiple government agencies, including the FBI and Secret Service, where his cyber expertise was instrumental in investigating and resolving a variety of cyber based crimes. Grillo's experience and understanding of commercial sector challenges and national security objectives have influenced the development of national policy in cybersecurity, including the NIST Cybersecurity Framework. Prior to joining A&M, he held leadership positions at professional services organizations including Stroz Friedberg/Aon Cyber Solutions, where he served as the Global Leader of the firm's Cybersecurity Services. Prior to Aon Cyber Solutions, Grillo was a founding member of Protiviti Inc's Cybersecurity Practice where he led the development of the firm's Global Incident Response and Forensics Investigations Practice. He also assisted with the development of RedSiren Technologies, one of the first managed security services firm that evolved out of Carnegie Mellon. Earlier in his career, he held positions of increasing responsibility with Lucent Technologies and Bell companies. He is an affiliate board advisor for the Retail & Hospitality ISAC and has assisted with other thought leadership initiatives for the FS-ISAC; and assists in creating its annual Compromise Against Payments Systems (CAPS), the simulated industry cyberattack exercise.. He has served on the CLM Cyber Liability Council, the Board of Directors of the NY Metro ISSA Chapter, the IT Policy Compliance Group, and the (i 4) International Information Integrity Institute Research Steering Committee.

Ajoy Kumar
Executive Director, Depository Trust & Clearing Corporation

Jeff Dant
Managing Director, Fraud Operations & Intelligence - Enterprise Fraud Management, BMO Financial Group
Jeff Dant currently serves as the Managing Director, Fraud Operations and Intelligence - Financial Crimes Unit at BMO Financial Group. Previously, he was the Director of Citi Global Consumer Bank's Fraud Fusion Center. He is responsible for the strategy and operations of the Fusion Center in the support of Fraud and Financial Crime management. Prior to this role, Dant served as the Digital Forensics Program Manager for Citi Security and Investigative Services Cyber Investigations group.
Before joining Citi, Dant served 12 years with the United States Secret Service in a variety of roles. He began his Secret Service career as a Uniformed Officer at the White House, and later carried several other roles including Special Agent in Washington Field Office, Newark Field Office, and Presidential Protection Division - Transportation Section. He specialized in financial crime investigations, specifically electronic crimes leveraged by Organized Eastern European Criminal Groups, leveraging intelligence and digital forensics in successful prosecutions, including the capture and suppression of the most prolific ATM skimming organization in the United States. Dant served as a Liaison officer to Europol's European Cyber Crime Centre (EC3), continuing the targeting of international financial crime rings.

Kristin Judge
CEO, Cybercrime Support Network
Kristin Judge currently serves as CEO of the Cybercrime Support Network (cybercrimesupport.org). To address the needs of cybercrime victims, she founded this nonprofit to work with federal, state and local law enforcement and consumer protection agencies to help consumers and small businesses affected by cybercrime. With their United Way partners, CSN has been awarded over $3M in DOJ federal grants to serve victims and is building the US "Cyber 911" to serve millions of cybercrime and online fraud victims. In 2008. she was elected to serve as a Washtenaw County Commissioner and supported the U.S. Department of Homeland Security in growing cybersecurity outreach to state and local government officials. After elected office, she worked at the Center for Internet Security, focusing on connecting state and local governments to federal services and technology needed to improve cyber security. As Director of Government Affairs at the National Cyber Security Alliance (NCSA), Judge worked with Google, FTC, FBI, SBA, DHS, NIST, congressional leaders and other key stakeholders across the country to educate consumers and businesses how to protect sensitive data.

Jeff Dant
Managing Director, Fraud Operations & Intelligence - Enterprise Fraud Management, BMO Financial Group
Jeff Dant currently serves as the Managing Director, Fraud Operations and Intelligence - Financial Crimes Unit at BMO Financial Group. Previously, he was the Director of Citi Global Consumer Bank's Fraud Fusion Center. He is responsible for the strategy and operations of the Fusion Center in the support of Fraud and Financial Crime management. Prior to this role, Dant served as the Digital Forensics Program Manager for Citi Security and Investigative Services Cyber Investigations group.
Before joining Citi, Dant served 12 years with the United States Secret Service in a variety of roles. He began his Secret Service career as a Uniformed Officer at the White House, and later carried several other roles including Special Agent in Washington Field Office, Newark Field Office, and Presidential Protection Division - Transportation Section. He specialized in financial crime investigations, specifically electronic crimes leveraged by Organized Eastern European Criminal Groups, leveraging intelligence and digital forensics in successful prosecutions, including the capture and suppression of the most prolific ATM skimming organization in the United States. Dant served as a Liaison officer to Europol's European Cyber Crime Centre (EC3), continuing the targeting of international financial crime rings.

Ronald Raether
Partner, Partner at Troutman Pepper
Ron Raether leads the Cybersecurity, Information Governance and Privacy practice and is a partner in the Consumer Financial Services practice group at Troutman Pepper. Ron is known as the interpreter between businesses and information technology, and has assisted companies in navigating federal and state privacy laws for over twenty years. Ron's understanding of technology led him to be involved in legal issues that cross normal law firm boundaries, including experience with data security, data privacy, patent, antitrust, and licensing and contracts. This experience allows Ron to bring a fresh and creative perspective to data compliance issues with the knowledge and historical perspective of an industry veteran.
Ron's involvement in seminal data compliance and data use cases has helped define current standards in several areas of the law. He assisted one of the first companies required to provide notice of a data breach and has since successfully defended companies in hundreds of class actions and regulatory investigations. Ron represents clients in a broad range of technology and data privacy matters including data aggregation and analytics, mobile applications, de-identification/anonymization, including correlating data from multiple connected devices, "connected-things (IoT)," electronic crash- and consumer-reporting systems, and payment technologies. Ron also advises on pre- and post-incident compliance concerns ranging from the development of incident response plans and workflows, guiding clients through immediate forensic investigations, coordinating initial crisis management, which includes navigating clients through the maze of state and federal notification requirements, addressing post-incident aftermath, and responding to regulatory inquiries. Balancing privacy, cyber security and business functionality, Ron's approach to data governance is uniquely designed with the industry in mind as it adapts to the ever-evolving technological and legal landscape.

Kristin Judge
CEO, Cybercrime Support Network
Kristin Judge currently serves as CEO of the Cybercrime Support Network (cybercrimesupport.org). To address the needs of cybercrime victims, she founded this nonprofit to work with federal, state and local law enforcement and consumer protection agencies to help consumers and small businesses affected by cybercrime. With their United Way partners, CSN has been awarded over $3M in DOJ federal grants to serve victims and is building the US "Cyber 911" to serve millions of cybercrime and online fraud victims. In 2008. she was elected to serve as a Washtenaw County Commissioner and supported the U.S. Department of Homeland Security in growing cybersecurity outreach to state and local government officials. After elected office, she worked at the Center for Internet Security, focusing on connecting state and local governments to federal services and technology needed to improve cyber security. As Director of Government Affairs at the National Cyber Security Alliance (NCSA), Judge worked with Google, FTC, FBI, SBA, DHS, NIST, congressional leaders and other key stakeholders across the country to educate consumers and businesses how to protect sensitive data.

Timothy Hunt
Seattle Field Office Electronic Crimes Task Force, United States Secret Service
Timothy Hunt has been a member of the United States Secret Service since 2004. He currently serves as supervisor of the USSS Seattle Field Office Electronic Crimes Task Force (ECTF). This task force is a strategic partnership of local, state, and federal law enforcement entities, as well and partners from private industry and academia. The goal of the ECTF is to identify, prosecute, and suppress technology-based criminal activity. Before his current assignment, Hunt served as part of the USSS Covert Telecommunications Intercept Group. This group conducted Title III wiretaps and court-ordered pen registers, pursuant to relevant legal process, on telephone and computer networks in order to further USSS and partner investigations. Previously, Hunt served as a member of the USSS Seattle Field Office ECTF where he conducted forensic examinations of electronic media for evidence of criminal activity, and worked cases with a nexus to computers and electronic crime.

Kristin Judge
CEO, Cybercrime Support Network
Kristin Judge currently serves as CEO of the Cybercrime Support Network (cybercrimesupport.org). To address the needs of cybercrime victims, she founded this nonprofit to work with federal, state and local law enforcement and consumer protection agencies to help consumers and small businesses affected by cybercrime. With their United Way partners, CSN has been awarded over $3M in DOJ federal grants to serve victims and is building the US "Cyber 911" to serve millions of cybercrime and online fraud victims. In 2008. she was elected to serve as a Washtenaw County Commissioner and supported the U.S. Department of Homeland Security in growing cybersecurity outreach to state and local government officials. After elected office, she worked at the Center for Internet Security, focusing on connecting state and local governments to federal services and technology needed to improve cyber security. As Director of Government Affairs at the National Cyber Security Alliance (NCSA), Judge worked with Google, FTC, FBI, SBA, DHS, NIST, congressional leaders and other key stakeholders across the country to educate consumers and businesses how to protect sensitive data.

Ronald Raether
Partner, Partner at Troutman Pepper
Ron Raether leads the Cybersecurity, Information Governance and Privacy practice and is a partner in the Consumer Financial Services practice group at Troutman Pepper. Ron is known as the interpreter between businesses and information technology, and has assisted companies in navigating federal and state privacy laws for over twenty years. Ron's understanding of technology led him to be involved in legal issues that cross normal law firm boundaries, including experience with data security, data privacy, patent, antitrust, and licensing and contracts. This experience allows Ron to bring a fresh and creative perspective to data compliance issues with the knowledge and historical perspective of an industry veteran.
Ron's involvement in seminal data compliance and data use cases has helped define current standards in several areas of the law. He assisted one of the first companies required to provide notice of a data breach and has since successfully defended companies in hundreds of class actions and regulatory investigations. Ron represents clients in a broad range of technology and data privacy matters including data aggregation and analytics, mobile applications, de-identification/anonymization, including correlating data from multiple connected devices, "connected-things (IoT)," electronic crash- and consumer-reporting systems, and payment technologies. Ron also advises on pre- and post-incident compliance concerns ranging from the development of incident response plans and workflows, guiding clients through immediate forensic investigations, coordinating initial crisis management, which includes navigating clients through the maze of state and federal notification requirements, addressing post-incident aftermath, and responding to regulatory inquiries. Balancing privacy, cyber security and business functionality, Ron's approach to data governance is uniquely designed with the industry in mind as it adapts to the ever-evolving technological and legal landscape.

Tommy McDowell
VP of Intelligence, RH-ISAC
Tommy McDowell currently serves as the vice president of intelligence for the Retail and Hospitality Information Sharing and Analysis Center (RH-ISAC). The RH-ISAC facilitates security intelligence sharing, analysis, and understanding through both human and machine-to-machine data exchange. McDowell has almost two decades of cyber security and risk management experience. Previously, he was the senior director of cyber threat intelligence at FireEye, where he delivered executive consultation services with Mandiant, designed and directed intelligence service delivery capabilities with iSIGHT, and aligned internal global operations for the combined organizations.

Ronald Raether
Partner, Partner at Troutman Pepper
Ron Raether leads the Cybersecurity, Information Governance and Privacy practice and is a partner in the Consumer Financial Services practice group at Troutman Pepper. Ron is known as the interpreter between businesses and information technology, and has assisted companies in navigating federal and state privacy laws for over twenty years. Ron's understanding of technology led him to be involved in legal issues that cross normal law firm boundaries, including experience with data security, data privacy, patent, antitrust, and licensing and contracts. This experience allows Ron to bring a fresh and creative perspective to data compliance issues with the knowledge and historical perspective of an industry veteran.
Ron's involvement in seminal data compliance and data use cases has helped define current standards in several areas of the law. He assisted one of the first companies required to provide notice of a data breach and has since successfully defended companies in hundreds of class actions and regulatory investigations. Ron represents clients in a broad range of technology and data privacy matters including data aggregation and analytics, mobile applications, de-identification/anonymization, including correlating data from multiple connected devices, "connected-things (IoT)," electronic crash- and consumer-reporting systems, and payment technologies. Ron also advises on pre- and post-incident compliance concerns ranging from the development of incident response plans and workflows, guiding clients through immediate forensic investigations, coordinating initial crisis management, which includes navigating clients through the maze of state and federal notification requirements, addressing post-incident aftermath, and responding to regulatory inquiries. Balancing privacy, cyber security and business functionality, Ron's approach to data governance is uniquely designed with the industry in mind as it adapts to the ever-evolving technological and legal landscape.

Dan Larson
Vice President of Product Marketing, CrowdStrike
Dan Larson is Vice President of Product Marketing at CrowdStrike. He's a ten year veteran of the information security industry with expertise in endpoint protection, encryption, hardware-enhanced security, endpoint detection and response, as well as security management and advanced threat protection. Prior to joining CrowdStrike, Dan worked in technical roles at Intel Security (McAfee) and at GE Healthcare. Dan holds a Bachelor of Science degree from the University of Wisconsin - Madison and is now based in Minneapolis, Minnesota.
Session Contributors
former Regulator, U.S. Department of Health and Human Services; Partner, Davis Wright Tremaine LLP
Read BioDetective Chief Inspector, National Fraud Intelligence Bureau, City of London Police
Read BioAssistant United States Attorney - co-National Security Cyber Specialist, Dept. of Justice
Read BioSenior Director, Systems Engineering, APJ & Country Sales Manager - India, FireEye
Read BioAssistant Director for Infrastructure Security, U.S. Cybersecurity and Infrastructure Security Agency
Read BioInspector General of Police-Training, Govt. of Maharashtra
Read Biofmr Sr Group Manager and Retail Technology Program Lead at Target during the 2013 breach
Read BioSenior Director, Product Management, CA Technologies Advanced Authentication Product Line
Read BioVice President, Head of Fraud Prevention & Investigations, Charles Schwab Corporation
Read BioSupervisory Special Agent - Criminal & National Security Cyber Investigations, FBI Chicago Division
Read Bioformer Dir. of Incident Response, Expedia; Principal Consultant, Public Sector Cyber Security Contracting Services
Read BioPartner, Co-Chair - Data Protection, Privacy & Access to Information (US), Norton Rose Fulbright
Read BioDetective Chief Inspector - FALCON Cyber Crime Unit and National Mobile Phone Crime Unit, Metropolitan Police Service London
Read BioFormer Deputy Director of Health Information Privacy, Department of Health and Human Services' Office of Civil Rights
Read BioFormer Head of Airborne Platform Systems Cyber Security, Lockheed Martin Aeronautics
Read BioPresident, CEO and Founder of SpearTip - Cyber Counterintelligence (CISSP, GCFA)
Read BioPartner, Data Privacy and Cyber Security Practice Group, Lewis Brisbois Bisgaard & Smith; former Supervisory Special Agent, FBI - NY Cyber Division
Read BioTechnology and Privacy Group, co-chairs the firm's Privacy & Security Task Force, Alston & Bird
Read BioCloud Portfolio Strategist, Financial Services, CenturyLink Technology Solutions
Read BioDetective Constable - Computer Cyber Crime (C3) Intelligence Services, Toronto Police Service
Read BioCo-Lead, Cybersecurity Preparedness and Response practice, Alston and Bird, and Former DOJ Cybercrime Prosecutor
Read BioExec. Dir., Cyber Security Incident Response & Digital Forensic Service, PwC
Read BioManaging Partner, Chair of Global Privacy and Cybersecurity Practice, Hunton & Williams
Read BioNational Coordinator, Integrated Market Enforcement Teams, Royal Canadian Mounted Police
Read BioHead Deputy, Cyber Crime Division, Los Angeles County District Attorney's Office
Read BioPrincipal, Rasch Technology and Cyber Law; former Chief Security Evangelist, Verizon
Read BioInfoSec, Governance, Compliance & Risk Consultant, Managing Dir., Security Privateers
Read BioChief Counterintelligence Expert, Carnegie Mellon University CERT Insider Threat Center
Read BioCISO, Proactive Cyber Security; formerly Senior Vice President of Cybersecurity, HSBC
Read BioDirector of Product Marketing for Web Application Security Products, Imperva
Read BioCyber Liability and Insurance Attorney, Traub Lieberman Straus & Shrewsberry, LLP
Read BioExecutive Vice President, Q6 Cyber and Founder of the Cyber Threat Intelligence Division of the US Secret Service
Read BioManaging Director Global Cyber Risk & Incident Response Services, Alvarez & Marsal
Read BioPartner, Commercial Litigation, Fraud and Cybersecurity Practice, Bennett Jones LLP, Toronto
Read BioDirector of Innovation Programs within the Office of the Chief Technologist, Red Hat
Read BioSenior Vice President and Head of Information Security Services Group, Wells Fargo
Read BioSeattle Field Office Electronic Crimes Task Force, United States Secret Service
Read BioAssistant Commissioner, Federal Policing Special Services, Royal Canadian Mounted Police (RCMP)
Read BioAssistant US Attorney, Deputy Chief - National Security and Cybercrimes, Department of Justice
Read Bio