Privacy

Ginger Armbruster

Chief Privacy Officer, City of Seattle

As the City of Seattle's Chief Privacy Officer, Ginger Armbruster leads a team of privacy specialists in the execution of the City's Privacy Program, following a principles-based approach to the City's management of the public's personal and sensitive information. Prior to this role, she worked for Microsoft on an international team of privacy specialists to resolve issues associated with multi-million-dollar marketing initiatives. Before moving into privacy, she spent the first 20 years of her career working in sales and marketing for Fortune 500 companies such as IBM, Hewlett-Packard and Johnson & Johnson, as well as several medical technology startup companies.

View all sessions by Ginger Armbruster

Sadia Mirza

Attorney, Cybersecurity, Information Governance and Privacy Practice Group, Troutman Pepper

Sadia Mirza is part of the Cybersecurity, Information Governance and Privacy practice group at Troutman Sanders, and is also part of the Financial Services Litigation practice group. She provides strategic privacy compliance counseling, and defends, counsels and represents companies on matters relating to data privacy, data use, and incident response and investigation, with an eye towards helping clients avoid litigation. Additionally, she has experience with the California Consumer Privacy Act of 2018 (CCPA), the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA), as well as various other laws concerning privacy and cybersecurity. Mirza's in-house background allows her to understand the issues and concerns clients have and guide them toward resolution in a clear and efficient way. She has worked with clients from a variety of industries, including financial institutions, consumer reporting agencies, insurance companies, healthcare providers, and data and analytics providers. Prior to becoming an attorney, Mirza worked for JPMorgan Chase and Washington Mutual Bank. Her ongoing interest in the financial services industry led her to pursue an LL.M. in banking and finance after graduating from law school.

View all sessions by Sadia Mirza

Randy Sabett

Special Counsel, Cyber/Data/Privacy Practice Group, Cooley LLP

A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.

View all sessions by Randy Sabett

Randy Sabett

Special Counsel, Cyber/Data/Privacy Practice Group, Cooley LLP

A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.

View all sessions by Randy Sabett

Ilker Taskaya

Principle Solutions Engineer, Delphix

Ilker Taskaya currently serves as Principle Solutions Engineer for Delphix. Having begun his career 25 years ago as a database analyst in the financial services sector, he has specialized in financial services and healthcare industry data security solutions and holds a number of patents in the data security field. Prior to 2006 Taskaya consulted in data warehousing for clients in financial services, insurance, and health care.

View all sessions by Ilker Taskaya

Ginger Armbruster

Chief Privacy Officer, City of Seattle

As the City of Seattle's Chief Privacy Officer, Ginger Armbruster leads a team of privacy specialists in the execution of the City's Privacy Program, following a principles-based approach to the City's management of the public's personal and sensitive information. Prior to this role, she worked for Microsoft on an international team of privacy specialists to resolve issues associated with multi-million-dollar marketing initiatives. Before moving into privacy, she spent the first 20 years of her career working in sales and marketing for Fortune 500 companies such as IBM, Hewlett-Packard and Johnson & Johnson, as well as several medical technology startup companies.

View all sessions by Ginger Armbruster

Kelsey Finch

Senior Counsel, Future of Privacy Forum

Kelsey Finch, currently serves as Senior Counsel at the Future of Privacy Forum. She leads the FPF Smart Cities Working Group, and serves as an expert and thought leader across the country through speaking engagements, media interviews, and interaction with state and federal regulators and strategic partners. Before joining FPF, Finch was an inaugural Westin Fellow at the International Association of Privacy Professionals, where she produced practical research on a range of privacy topics and edited the FTC Privacy Casebook.

View all sessions by Kelsey Finch

Chris Niggel

Senior Director of Security and Compliance, Okta

Chris Niggel currently serves as the Senior Director of Security and Compliance at Okta, where he is responsible for corporate compliance, application assessment, and responding to customer security inquiries. Prior to Okta, Niggel spent 6 years leading the adoption of Cloud Technologies at LinkedIn, helping them grow from 350 to over 6,800 employees. He started his career designing, developing, and delivering content management, system administration, and messaging solutions for customers such as Nestle, Cisco, AMD, Telus, and the US Department of Defense.

View all sessions by Chris Niggel

Randy Sabett

Special Counsel, Cyber/Data/Privacy Practice Group, Cooley LLP

A former NSA crypto-engineer, Sabett brings to Cooley LLP his extensive experience in data security, privacy, licensing and IP. Sabett has managed numerous data breach responses involving major retailers, financial and healthcare organizations, and on-line service providers. He served on the Commission on Cybersecurity for the 44th Presidency and has been recognized as a leader in privacy and data security in the 2007-2014 editions of Chambers USA. Sabett is a member of the board for the Georgetown Cybersecurity Law Institute and the Northern Virginia chapter of ISSA. He also is a frequent lecturer and author, and has appeared on or been quoted by a variety of national media sources.

View all sessions by Randy Sabett

Aravind Swaminathan

Global Co-Chair Cyber, Privacy & Data Innovation Orrick, Herrington & Sutcliffe LLP

Aravind Swaminathan currently serves as the Global Co-chair of Orrick's internationally recognized Cyber, Privacy & Data Innovation practice which "combines strategic thinking with a proactive approach" to address global data privacy requirements and proactively reduce security risk, while protecting clients when their future is on the line. As a strategic cybersecurity advisor, Aravind collaborates with his clients to proactively plan for a crisis and develop strategies to protect their business and brand. He guides everyone from large public company financial institutions to start-up technology companies to critical infrastructure providers through incidents, and develops business- and brand-centric tactics to mitigate and manage risk. He has directed more than 150 cybersecurity and data breach investigations, including those with national security implications. With extensive trial and litigation experience, he also defends his clients when cyber, privacy, and payments issues lead to regulatory investigations by the SEC, DOJ, FTC, and state Attorneys General and other litigation, including class action litigation and shareholder derivative suits. Aravind's background as an Assistant United States Attorney and Computer Hacking and Intellectual Property Section gives him first-hand understanding of federal agencies that allows him to swiftly navigate the system, partner with investigators and find creative solutions for his clients.

View all sessions by Aravind Swaminathan

James Lloyd

Privacy Investigations & Disputes Lawyer, PwC

James Lloyd is a lawyer in PwC's Contentious Data Privacy team. He help clients faced with disputes over data privacy, whether as the result of a regulatory investigation, a dispute with a third party, or in connection with a cyber breach. He has led the response to investigations by various regulatory bodies and parliamentary select committees and have extensive experience bringing and defending associated civil litigation against private parties and public bodies. Lloyd has particular expertise helping clients who are subject to regulatory action by the UK's Information Commissioner's Office, whether as a result of enforcement, or as the consequence of a notification following a cyber breach.

View all sessions by James Lloyd

Polly Ralph

Barrister and Solicitor, UK Data Protection Strategy, Legal and Compliance Services, PwC

Polly Ralph currently serves as a Director and member of the leadership team in PwC's Data Protection Strategy, Law and Compliance Services practice. She started her career in data protection/privacy in 2004, as an Investigations Lead at the New Zealand Privacy Commission. Since then, she has worked as a Privacy lawyer at the New Zealand Police National Headquarters, Senior Privacy Counsel at the BBC, and Group DPO at Domestic & General (a UK-headquartered insurance company). Since joining PwC UK in January 2016, Ralph has led large-scale GDPR projects and advised on ePrivacy, marketing, outsourcing, technology and international transfer issues. She has deep experience leading GDPR training sessions, including for PwC's international network of firms.

View all sessions by Polly Ralph

Miguel Jacinto

Chief Information Security Officer & Data Protection Officer no EuroBic - Banco BIC Português, SA

View all sessions by Miguel Jacinto

Pedro Machado

Country Senior Director | Data Protection Officer, Grupo Ageas Portugal

View all sessions by Pedro Machado

Jaymin Desai

Offering Manager, OneTrust

Desai serves as the Offering Manager at OneTrust VendorpediaTM - part of the largest and most widely used technology platform to operationalize third-party risk, security, and privacy management. In his role, Desai is responsible for driving the development and delivery OneTrust's third party risk management product as well as driving the refinement of the toolset and offerings. He works with clients to centralize their vendor information across business units, assess risks based on use cases and relevant standards like CSA, CAIQ, SIG, GDPR and CCPA while also monitoring threats to seamlessly mitigate vendor risks throughout the engagement lifecycle. Desai takes a customer-based approach to product development and derives the majority of his backlog from customer feedback and direction.

View all sessions by Jaymin Desai

Michelle Dennedy

Chief Privacy Officer, Cisco

Michelle Finneran Dennedy is Vice President and Chief Privacy Officer at Cisco. Throughout her career, she has led security and privacy initiatives, ranging from regulatory compliance, privacy engineering, advocacy and education efforts, and litigation at companies including Cisco, and previously McAfee/Intel Security, Oracle, and Sun Microsystems. She founded The iDennedy Project, which seeks to change how people think about information and data, and co-authored The Privacy Engineer's Manifesto: Getting from Policy to Code to QA to Value.

View all sessions by Michelle Dennedy

Robert Waitman

Director, Data Valuation, Cisco

Robert Waitman is a Director in Cisco's Privacy Office, where he specializes in quantifying the business benefits of privacy policy and helping organizations better value and manage their information assets. Over his 16-year career at Cisco, he has helped many organizations improve their use of network-based applications and delivered over $100 million in improvement opportunities. He also led Cisco's Wealth Management Practice, helping drive innovative changes at wealth management firms and gaining media attention for his research findings in The Wall Street Journal, Barron's, and American Banker. Previously, Waitman was an Associate Principal at McKinsey & Company, where he focused on strategy, technology, and payment issues facing financial institutions and authored numerous articles in The McKinsey Quarterly.

View all sessions by Robert Waitman

Vinit Goenka

Member Governing Council, CRIS - Center for Railway Information System, Organisation Under Ministry of Railways

Vinit Goenka currently serves as a member of the Governing Council, CRIS - Center for Railway Information System Organisation Under Ministry of Railways. He is an active politician with expertise in the field of Information Technology, Transportation & Infrastructure and Agriculture. He is a Member of the Task force IT in the Ministry of Road, Transport & Highways and Shipping, Government of India where he works on the several nationwide IT initiatives in the context of Minimum Government Maximum Governance. Goenka has served the BJP as its National Co-convener of the BJP central IT Cell where he spearheaded the Digital Strategy of the party in the run up to the general elections of 2014 & various other elections since 2006. His contribution in the land slide victory of the BJP has been widely recognized by various sections of the party, media and the society.

View all sessions by Vinit Goenka

Matthew Maglieri

CISO, Ruby, parent company of Ashley Madison

Matthew Maglieri is the Chief Security Officer at Ruby, the parent company to several leading online dating brands including AshleyMadison.com. He is responsible for leading the architecture, development, and ongoing operation of Ruby's enterprise security program. Prior to joining Ruby, he served in a leading role developing Mandiant's Canadian practice and delivering a diverse range of strategic and technical consulting services including offensive red team operations, security operations center enhancement, and strategic transformation engagements.

View all sessions by Matthew Maglieri

Shivangi Nadkarni

Co-Founder & CEO, Arrka Consulting

Nadkarni has over 20 years of experience in the domains of information risk & privacy, e-commerce & networks. She has handled multiple roles over the years at Sify and Wipro - which include heading the global application security & identity management practice at Wipro, setting up India's first licensed certifying authority for digital signatures in collaboration with Verisign at Sify, launched and managed the first enterprise IP network services in India at Sify, etc. She set up Arrka Consulting - her own venture - a few years ago. Arrka provides consulting, advisory and training services in the information risk & privacy domain, Nadkarni has recently authored the first book on Data Privacy in India for DSCI, as part of their new privacy certification program - DCPP.

View all sessions by Shivangi Nadkarni

Vicky Shah

Advocate, Data Privacy Professional

Vicky D. Shah looks after Cyber Security Initiatives and National Skills Registry (NSR Initiative) at NASSCOM, the premier trade body and the 'Chamber of Commerce' for the IT and ITES-BPO industry in India. Having spent over four years in this role, he is responsible for initiatives focused at creating an enabling environment in India for information security and compliance. The ongoing programmes at NASSCOM towards this objective include creating awareness about the Information Security Issue using the public private partnership platform.

View all sessions by Vicky Shah

Venkatesh Subramaniam

Global CISO & Privacy Head, Olam International, Singapore

Subramaniam is the global CISO of Olam International where he is responsible for all aspects of the security program. He has more than 27 years of experience in information security and management, and has worked in critical sectors including finance and telecom, and in Fortune 50 companies globally. He is also the global head of privacy and is responsible for ICS/OT Security for over 80 factories globally.

View all sessions by Venkatesh Subramaniam

Anuj Tewari

CISO, HCL Technologies

Anuj Tewari currently serves as CISO for HCL Technologies. Prior to joining HCL, he was Head of Managed Cybersecurity Services and Risk Management Services at CSC. Throughout his career, Tewari has focused on cybersecurity strategy and risk management of large-scale, global service operations.

View all sessions by Anuj Tewari

Jennings Aske

CISO, New York-Presbyterian

Aske is the CISO for New York-Presbyterian. Prior to this he was VP Information Security & Chief Security Officer of Nuance Communications as well as Chief Information Security and Privacy Officer of Partners HealthCare. Prior to Partners, Aske was the Chief Information Security Officer for UMass Memorial Hospital. Aske was also the Chief Information Security Officer for the Commonwealth of Massachusetts's Executive Office of Health and Human Services, responsible for coordinating information security across the 16 state agencies. Aske is a licensed attorney in the Commonwealth of Massachusetts.

View all sessions by Jennings Aske

Steve Chabinsky

Global Chair of Data, Privacy and Cybersecurity, White & Case

Steve Chabinsky is an attorney and global chair of data, privacy and cybersecurity, White & Case, commissioner of the President's Commission on Enhancing National Cybersecurity, and former deputy assistant director for cyber at the FBI. He serves as a commissioner on the President's Commission on Enhancing National Cybersecurity, is the cyber columnist for Security magazine, and holds an adjunct faculty position at George Washington University. Chabinsky is a frequent corporate speaker on cyber risk mitigation, and has testified numerous times before the House and Senate on cybersecurity matters. His career includes having served in the Federal Bureau of Investigation as deputy of the Bureau's Cyber Division and Chief of its Cyber Intelligence Section. He can be followed on Twitter @StevenChabinsky.

View all sessions by Steve Chabinsky

Joshua Corman

CISA, Chief Strategist, Healthcare Sector

Joshua Corman is a Founder of I am The Cavalry (dot org), and serves as Chief Strategist for CISA regarding COVID, healthcare, and public safety. He previously served as CSO for PTC, Director of the Cyber Statecraft Initiative for the Atlantic Council, CTO for Sonatype, and other senior roles. He co-founded RuggedSoftware and IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. His unique approach to security in the context of human factors, adversary motivations, and social impact has helped position him as one of the most trusted names in security. He also serves as an Adjunct Faculty for Carnegie Mellon’s Heinz College, and was a member of the Congressional Task Force for Healthcare Industry Cybersecurity.

View all sessions by Joshua Corman

Mark Eggleston

VP, CISO and CPO, Health Partners Plans

Eggleston is vice president, CISO and chief privacy officer at Health Partners Plans, a Philadelphia-based HMO. He leads the maturation of various security technologies and privacy initiatives and manages a business continuity and disaster recovery program. Eggleston started his professional career serving as a program manager and psychotherapist at a hospital serving children and adolescents. Later, he helped develop a HIPAA privacy and security compliance program for a geographically dispersed healthcare provider organization and later at a local health plan, before moving to his current role.

View all sessions by Mark Eggleston

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

View all sessions by Marianne Kolbasuk McGee

Dave Summitt

CISO, H. Lee Moffitt Cancer Center and Research Institute

Summitt is CISO of the H. Lee Moffitt Cancer Center and Research Institute, Tampa, Fla. Summit has more than 25 years of experience in IT across the federal and private sectors with a focus on information systems, network and engineering operations and cybersecurity initiatives. Before entering the healthcare sector, Summitt had a 21-year federal career with the Department of Defense where he held various roles including the Naval Sea Systems Command's Technical Representative for a major missile defense program, security data custodian, Information Systems Security Officer, Data and Configuration manager and Change Control chairman for several military programs.

View all sessions by Dave Summitt

Vikrant Arora

CISO, Hospital for Special Surgery

Vikrant Arora is a credentialed business leader with more than 15 years of experience in developing enterprise security and risk management programs in the healthcare, government and education sectors in North America and Asia. In his former role as the assistant vice president and chief information security and risk officer at NYC Health & Hospitals, an integrated system of 11 hospitals, clinics, nursing homes and home care in New York City, Arora is focused on security strategy, business risks, regulatory compliance and securing clinical systems as well as biomedical devices.

View all sessions by Vikrant Arora

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

View all sessions by Marianne Kolbasuk McGee

Mitch Parker

CISO, Indiana University Health System

Parker is CISO at University of Indiana Health, based in Indianapolis. He formerly served as CISO at the four-hospital Temple University Health System as well as CISO for Temple's clinical faculty practice plan, Temple University Physicians. Previously, he was an information security consultant to the Defense Logistics Agency and others.

View all sessions by Mitch Parker

Iliana Peters

Shareholder, Healthcare Security, Polsinelli

Iliana Peters currently serves as a shareholder at Polsinelli, charged with championing healthcare security on behalf of the firm. She previously served as the Acting Deputy Director of Health Information Privacy at the Department of Health and Human Services' Office for Civil Rights. In this role, she is the national lead for OCR enforcement of the HIPAA Rules, and works closely with OCR's ten regional offices to promote compliance with and enforcement of the HIPAA Rules. Additionally, Peters supports many other OCR policy and outreach initiatives, including rule-makings, compliance initiatives with other federal agencies, and training, including of the State Attorneys General. Prior to joining the team in D.C., she worked as an investigator in Region VI in Dallas, Texas. Prior to joining OCR, Peters worked in private practice in Texas.

View all sessions by Iliana Peters

Anahi Santiago

CISO, Christiana Care Health System

As Christiana Care Health System's Chief Information Security Officer, Anahi Santiago is charged with providing strategic direction and oversight to a comprehensive security program, policy development, standards and controls implementation, training and awareness, regular risk assessment and mitigation, as well as partnerships with internal and external auditors. She also regularly collaborates with state and federal regulatory bodies and actively contributes to proposed state and federal regulations that govern privacy and information security. Before joining Christiana, Santiago provided similar support for the Albert Einstein Healthcare Network at a director level.

View all sessions by Anahi Santiago

Jack Lewin, MD

Founder and Principal, Lewin and Associates LLC; Chairman, National Coalition on Health Care

John C. (Jack) Lewin, MD is Principal and Founder of Lewin and Associates LLC, a consulting organization focused on launching health start-up companies and on developing policy and advocacy positions for health sector companies and government. He also currently serves as Chairman of the National Coalition on Health (NCHC) of Washington DC, a highly respected national advocacy organization representing 90+ national health sector organizations with collectively over 150 million members. His prior roles include serving as President and Chief Executive Officer of the Cardiovascular Research Foundation (CRF). He has advised two Presidents of the United States as part of a rewarding career in health care, public health, and public policy. Lewin has also served as CEO of the American College of Cardiology (ACC), CEO of the California Medical Association (CMA), where he also advised two Governors and the state legislature on health policy. He was also Hawaii's Director of Health, and a Commissioned Officer in the United States Public Health Service.

View all sessions by Jack Lewin, MD

Ron Ross

Fellow, National Institute of Standards and Technology (NIST)

Ross is a Fellow at NIST. His focus areas include cybersecurity, systems security engineering, cyber resiliency, security architecture, privacy, and risk management. Ross leads the FISMA Implementation Project and the Systems Security Engineering Initiative, which includes the development of cybersecurity and privacy standards and guidelines for the federal government, contractors, and the U.S. critical infrastructure.

View all sessions by Ron Ross