Threat Intelligence

Kim Green

Sr. Director IT Security and Compliance, Rodan and Fields

Kim has served in several executive and senior-level IT and InfoSec roles, and as an advisor and investor to several security and healthcare companies. With over 25 years' experience in both private and public healthcare sectors, Kim has consulted federal and state government healthcare agencies and private companies on security and privacy best practices.

Kim routinely speaks internationally on security and privacy topics. In 2013, she spoke to members of the European Commission in Brussels on behalf of the COCIR European Trade Association providing recommendations for GDPR.

Kim studied computer software engineering and computer science at Brandeis University and Cal Lutheran University. She also served in the United States Army and was awarded the Army Achievement Medal for her exemplary service

View all sessions by Kim Green

Kevin Murphy

Senior Manager of Enterprise Security, T-Mobile

Kevin was the VP of Cybersecurity Operations and Governance at IOActive.com, a retired US Air Force intelligence officer, and the former Director of Windows Security Architecture at Microsoft with over 25 years of experience in threat intelligence and information security. Kevin holds the CISM, CISSP, and CGEIT security certifications.

View all sessions by Kevin Murphy

Jim Weaver

CIO, State of North Carolina

Jim Weaver was appointed Director and State CIO for Washington Technology Solutions in December 2018. Jim has over 32 years of experience in the IT industry, having served in varying management and technical positions, most notably as the Commonwealth of PA's Chief Technology Officer, as well as Chief Technology Officer and Deputy Chief Information Officer for the commonwealth's Departments of Human Services, Aging and Insurance.

During his tenure, he had responsibility for planning, directing, and evaluating Commonwealth IT operations and was a key contributor for the IT shared services transformation effort to align technology staff and services into functional matrix-based teams. In his agency roles, Jim was responsible for planning, directing and evaluating the IT operations of the three agencies, which included mainframe and distributed systems platforms, data base design and application/software development, telecommunications, IT security and business intelligence.

Jim has proven expertise with successful large scale modernization efforts with an enterprise approach to technology and information security management - many of these efforts have been nationally recognized by NASCIO (2008, 2013, and 2014) and Computerworld Honors (2010 and 2013). Jim holds numerous ITIL certifications and earned his Certified Government Chief Information Officer qualification from Harrisburg University. Jim is also an active member of the armed forces serving in the Pennsylvania Army National Guard with over 33 years' experience in personnel information management systems.

View all sessions by Jim Weaver

Jeffrey Brown

CISO, State of Connecticut

Brown helps companies and government agencies understand their security risk and implement practical, cost-effective security programs. He partners with C-level executives, business leaders, regulators and auditors to build and sustain best-in-class cybersecurity programs.

View all sessions by Jeffrey Brown

Patrick Ford

CISO, Americas, Schneider Electric

Patrick Ford serves as the Chief Information Security Officer, Americas Region of Schneider Electric. Patrick started at Schneider Electric in November of 2015. Patrick currently resides in the Greater New York City Area.

View all sessions by Patrick Ford

Rocco Grillo

Managing Director Global Cyber Risk & Incident Response Services, Alvarez & Marsal

Rocco Grillo currently serves as a Managing Director with Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice. He focuses on leading multi disciplinary teams who provide cyber risk and incident response services to clients globally. He has been a trusted partner of multiple government agencies, including the FBI and Secret Service, where his cyber expertise was instrumental in investigating and resolving a variety of cyber based crimes. Grillo's experience and understanding of commercial sector challenges and national security objectives have influenced the development of national policy in cybersecurity, including the NIST Cybersecurity Framework. Prior to joining A&M, he held leadership positions at professional services organizations including Stroz Friedberg/Aon Cyber Solutions, where he served as the Global Leader of the firm's Cybersecurity Services. Prior to Aon Cyber Solutions, Grillo was a founding member of Protiviti Inc's Cybersecurity Practice where he led the development of the firm's Global Incident Response and Forensics Investigations Practice. He also assisted with the development of RedSiren Technologies, one of the first managed security services firm that evolved out of Carnegie Mellon. Earlier in his career, he held positions of increasing responsibility with Lucent Technologies and Bell companies. He is an affiliate board advisor for the Retail & Hospitality ISAC and has assisted with other thought leadership initiatives for the FS-ISAC; and assists in creating its annual Compromise Against Payments Systems (CAPS), the simulated industry cyberattack exercise.. He has served on the CLM Cyber Liability Council, the Board of Directors of the NY Metro ISSA Chapter, the IT Policy Compliance Group, and the (i 4) International Information Integrity Institute Research Steering Committee.

View all sessions by Rocco Grillo

Chris Hallenbeck

CISO, Americas, Tanium

Chris Hallenbeck is CISO for the Americas at Tanium. He provides security leadership and operational insight gained from over 20 years in both public and private sector. Hallenbeck came to Tanium after almost 7 years of government service at the U.S. Computer Emergency Readiness Team (US-CERT). At US-CERT he designed and built their incident response capabilities, and restructured the team's focus toward strategic remediation with a goal of building more resilient organizations. Over countless IR engagements both with government and private sector victims a common theme emerged: a lack of emphasis on IT security hygiene. Prior to joining US-CERT, Chris worked for RSA Security/EMC as a security engineer and with AOL/Time Warner on their global incident response team. He started his career as a Unix sys-admin at Binghamton University.

View all sessions by Chris Hallenbeck

Rajesh Thapar

Group CISO, OakNorth

Thapar is group CISO and head IT for OakNorth. He has more than 22 years of experience leading cyber security and information technology in banking and financial sector (IDBI Bank, Citigroup Global Services, Yes Bank) and IBM.

View all sessions by Rajesh Thapar

Kaustubh Medhe

General Manager-Cyber Defense Center and Head-SoC & Data Security, Reliance Industries

View all sessions by Kaustubh Medhe

Andy Norton

Director, Threat Intelligence, Lastline

Norton has been involved in cyber security best practice for more than 20 years, specializing in establishing emerging security technologies at Symantec, Cisco and FireEye. He has presented threat and intelligence briefings for both Bush and Obama administrations, The Cabinet office, the Foreign and Commonwealth office, SWIFT, Swiss National Bank, The Hong Kong Monetary Authority, NASA and others. Returning to Europe from Asia in 2011, he has spent the past five years helping many of the FTSE 250 companies measure, manage and respond to cyber incidents.

View all sessions by Andy Norton

Jeannette Jarvis

Director, Product Marketing, FortiGuard Labs

Jarvis has been a thought leader and respected advisor in cybersecurity for more than 20 years. With experience in business & technical strategy, product management and marketing, and global executive management, she has held numerous positions at well known companies in the IT and cybersecurity space. Jeannette is a distinguished speaker on a wide range of security security protection topics. She spoke at many prominent security conferences including RSA and Gartner Security Summit. Her published papers showcase her knowledge and expertise on various security issues encountered in the global corporate environment.

View all sessions by Jeannette Jarvis

Bryn Norton

Director Solutions Architecture and Security EMEA, CenturyLink

Bryn Norton is Director Solutions Architecture and Security EMEA at CenturyLink, where he is responsible for steering customers and partners towards security best practice across the region. He runs CenturyLink's Security Practice and Solutions Architecture Team (SAT), a group of technology consultants focused on adding value to customer experience and bringing industry expertise to bear. Norton develops and delivers security solutions for a range of customers - from national infrastructure organisations through to global enterprises - driving the quality and assurance required to help meet today's business challenges. He is dedicated to improving communications between locations, users and customers. With over 15 years' experience in the technology and telecommunications industry, Norton joined Level 3 in 2008 from tPoint Solutions, a global IT solutions company specialising in virtualised, multimedia, contact centre and customer experience management technology. There, he held a Sales and Marketing Director role. Prior to this, he worked at Star Technology Services for five years as Business Development Manager. In 2017 Level 3 was acquired by CenturyLink.

View all sessions by Bryn Norton

Brian Hussey

VP of Cyber Threat Detection & Response, Trustwave

Brian Hussey currently serves as VP of Cyber Threat Detection & Response for Trustwave. Prior to his current position, he was responsible for leading the Global Incident Response and Readiness team of Trustwave, managing stakeholder relationships. His vast experience in computer forensics and cybercrime investigation includes leading an FBI advanced analysis unit tasked with computer forensics for major crimes, network intrusions, malware analysis, counter-terror and counter-intelligence cyber investigations. Hussey was the primary designer of the FBI's advanced technical analysis training for network intrusion and malware analysis. He has delivered this training for special agents in FBI field offices across the United States, as well as internationally for cyber units within police forces in Ukraine, Estonia, Lithuania, Latvia, Japan, Germany, Moldova and others.

View all sessions by Brian Hussey

Sridhar Sidhu

Senior Vice President and Head of Information Security Services Group, Wells Fargo

Sidhu leads enterprise information security services organization at Wells Fargo Enterprise Global Services - India. He holds certifications in IT risk management and also achieved certification on IT governance matters.

View all sessions by Sridhar Sidhu

Sunil Varkey

CISO, Wipro Limited

Sunil Varkey is Wipro's Chief Information Security Officer for its global IT business. He has over 22 years of IT and Information Assurance Leadership experience with banking, telecom, ITES and manufacturing businesses in US, Middle East & India. Along with his Bachelor's degree in Electronics engineering with an M.B.A (Investments), he is also CISSP, CIPP/US, GSNA, CGEIT, CRISC, CISA, ABCP, ITIL- V2 (Red Badge), and Six Sigma GB certified. He has published and presented various articles related to information assurance domain globally.

View all sessions by Sunil Varkey

Mark McGovern

VP Product Management, CA

Mark McGovern is a respected security expert and VP, Product Management for CA Technologies. Mark joined CA in April 2016 when they acquired Mobile System 7, a leading user and entity behavior analytics (UEBA) company that Mark led as CEO and founder. Previously Mark was VP of Technology at In-Q-Tel where he led security investments for the U.S. Intelligence Community and was Director of Technology for Cigital Inc. where he led Cigital's Software Security Group supporting a Fortune 100 clientele. Earlier in his career, Mark worked as an engineer for the Central Intelligence Agency building covert and clandestine communication systems. He holds a B.S. in Electrical Engineering from Worcester Polytechnic Institute and an M.S. in Systems Engineering from Virginia Polytechnic Institute.

View all sessions by Mark McGovern

Jon Green

VP and Chief Technologist for Security, Aruba - a Hewlett Packard Enterprise Company

Green is VP and Chief Technologist for Security at Aruba, a Hewlett Packard Enterprise Company. He is responsible for providing technology guidance and leadership for all security solutions including authentication and network access control, UEBA, encryption, firewall, and VPN. He also manages Aruba's Product Security Incident Response Team (PSIRT) and Aruba Threat Labs, an internal security research group. Jon joined Aruba in 2003 and helped it grow from a small startup to today's position as a leading provider of network mobility solutions. Prior to Aruba, Green held product management, marketing, and sales positions with Foundry Networks, Atrica, Nortel Networks and Bay Networks.

View all sessions by Jon Green

Craig Ingram

Product Security Lead, Heroku

Ingram leads Product Security for Heroku (a Salesforce.com company) and has been active in professional information security for 12 years. Craig is active in many public and private bug bounty programs, and is focused on web, mobile, and IoT programs. Ingram maintains the OSCP, GXPN, and CISSP certifications.

View all sessions by Craig Ingram

Elie Nasrallah

Director, Cybersecurity Strategy, HITRUST in cooperation with Trend Micro

Elie Nasrallah, Director of Cybersecurity Strategy at HITRUST is responsible for solving complex cyber security problems for US Healthcare. With over 20 years in the IT security field, his in-depth knowledge and experience in cyber defense solutions assist organizations in making the right decisions to align with their business requirements. Before joining HITRUST, Nasrallah worked for security companies such as Trend Micro, FireEye and RSA. His experience spans many areas in security with various industries but has recently been focused on helping healthcare strengthen their defenses against cyberattack and has integrated the HITRUST Cyber Threat XChange (CTX) intelligence sharing system with the health community.

View all sessions by Elie Nasrallah

Paul Bowen

Principal Security Technologist, Arbor Networks

Bowen brings to Arbor Networks more than 20 years of experience as a security practitioner. His current focus is on advanced threat detection and mitigation with Arbor's new Spectrum platform. Before joining the team at Arbor, Bowen spent a decade managing global security for Estée Lauder and another decade at ArcSight, before and during the HP acquisition.

View all sessions by Paul Bowen