NEACS

October 15, 2018
Trumbull Marriott Merritt Parkway
180 Hawley Lane, Trumbull CT 06611

A Security Conference for Business & Security Leaders


SPEAKERS

Peter Chang
Chief Audit Executive, Steve Madden
Peter Chang is the Vice President of Internal Audit and Loss Prevention for Steven Madden, Ltd, the parent company of Steve Madden, Betsey Johnson, Dolce Vita, and other fashion brands. In this capacity, Mr. Chang oversees internal audit activities for the company worldwide, as well as retail store loss prevention efforts. Prior to joining Steve Madden, Mr. Chang was with Deloitte, with experience in delivering client service in internal and external audits for multinational companies and organizations, as well as internal firm risk management for Deloitte US and global advisory services.

Mr. Chang has 20 years of experience in auditing and risk management. He is also a prolific program presenter at various local and national seminars on internal audit and cybersecurity topics, including presenting at national Institute of Internal Auditors conferences and previous sessions of NEACS. Mr. Chang is a governor on the board of the Westchester-Fairfield Chapter of the IIA, and he currently serves as the Executive Vice President for the 2018-2019 chapter year.
 Glenn Siriano
Principal, KPMG Cyber Services
Glenn is a principal in the KPMG Cyber practice of KPMG. He has over 30 years of information systems technology experience, with special emphasis on information protection, including security, data privacy, disaster recovery, information systems audit and control, systems architecture, and infrastructure. He has directed and managed numerous technology projects across a wide range of clients.
 Ravi Boppe, PhD
Specialist Managing Director, KPMG
Ravi is a Specialist Managing Director in the Dallas office of KPMG’s Advisory Consulting with 20+ years of client service and business experience. He is a member of the Cyber Security practice with a focus on products and services related to Identity and Access Management.

Ravi comes with broad experience in managing key technology partnerships, products/IP, client relationships, consulting services and project delivery. He has served as a trusted advisor to clients in all aspects of entity and Access Management strategy and delivery.
Khalid Wasti
Partner, Internal Technology Audit Services, PWC
Khalid Wasti is a partner in the PwC Technology Risk Assurance practice based in New York. He has over 18 years of experience supporting organizations across multiple industries with evolving and emerging technology risks (e.g. security, privacy, social, mobile, cloud, infrastructure, and large program implementation). Previously, Khalid led the Digital Enterprise initiative for a Big 4’s internal audit market offering. He also managed fully outsourced and co-sourced internal audit engagements, conducting a full range of information technology, operational, financial, regulatory, and compliance audits. Khalid has served as the interim Head of Internal Audit, reporting directly to the Audit Committee, for two global organizations.

 Kelly O’Brien
CRISC, CISA, CFE, CBE, PCI ISA, CC(GRC)P
Traveler's
Kelly O’Brien, CRISC, CISA, CFE, CBE, PCI ISA, CC(GRC)P – Information and Cyber security leader with over 20 years of experience in IT Security, Risk and Compliance with several certifications across risk and information management, PCI compliance, and forensics.  Additional experience in accounting and finance, business systems analysis, and project management
 Bill Mihajlovic, PhD
Professor, NYIT
Dynamic expert speaker with 20 years spent in the field of Cyber Security and Data Science. Currently working as a visiting professor of Information, Networks and Computer Security (INCS) at NYIT. Prof. Mihajlovic is founder of INCS department at NYIT where he taught for 17 years, the core cyber security courses: Network defense at the perimeter (Network intrusion prevention), Network intrusion detection and hackers exploits, Operating systems security with the systems intrusion prevention, and Secure software engineering of application servers and clients.

Professor Mihajlovic has earned his PhD degree in communications and systems theory, MS degree in applied mathematics (statistics and stochastic processes), and MS degree in computer communications, all at Polytechnic Institute of NYU (now NYU Tandon School of Engineering).

He has served as a cyber risk analyst for several clients in the US and abroad and has actively being promoting awareness of the cyber threats to individuals, business organizations and governments. He is one of the rare academicians to openly supports and rationalize massive surveillance and the need to regulate such a controversial but inevitable business and government practice.
 Becky Reggero,
MBA, CRISC
Traveler's
Becky Reggero, MBA, CRISC – IT Risk and Security professional with over 14 years of technical experience across various domains including security, compliance, identity and access management, change management, compliance, risk mitigation, risk awareness and education, and business continuity and disaster recovery
 Michelle Clark
Traveler's
Michelle Clark – IT leader with a focus on Information security, IT Risk, audit and policy compliance.  Experienced in information security, risk management, policy enforcement, SOX compliance, software development, resource management, release management and strategic organizational improvements
 Bonnie Butlin
Co-Founder and Executive Director
Security Partners’ Forum
Bonnie is Co-Founder and Executive Director of the Security Partners’ Forum (SPF), the first-of-its-kind agile international network of security professionals, bridging all domains and disciplines of security. Since 2013 Bonnie has received numerous international and national-level awards and accolades related to security and resilience including the prestigious “Women of the Decade” Award presented at the Women Economic Forum in 2018. Some of Bonnie’s other awards and accolades include:

• Cover Feature in the June / July Special Edition of Sovereign Magazine titled “Canada’s First Lady of Security”

• Ranked #1 on IFSEC Global’s “Top 50 Influencers in Security & Fire 2017” (Security Management, Education and Thought Leadership); and

• Appointed to the World Economic Forum’s Expert Network in Cybersecurity in 2017.

Bonnie is regularly sought after as an international speaker based on her expertise on topics including leadership, security, resilience and other related fields,. Bonnie was a guest-lecturer at the National Security College in Canberra, Australia. In 2016 Bonnie addressed the Parliament of Canada and the Senate on Cybersecurity in Canada. In 2017 Bonnie was invited to participate in the invitation-only 2017 Halifax International Security Forum. Most recently Bonnie spoke at the Economic Club of Canada on a panel discussion as to the current state of cybersecurity and implications for Canadian business.
 Min-Hwei Liu
Director,Information Security
Aetna Global Security
Min-Hwei has over 23 years of risk management related experience with Aetna.  She joined the Global Security Organization over 2 years ago and currently is responsible for the Global Security Risk Management Function (GSRM) and the Adaptive Enablement (AE) Program.  The AE Program is a host of unconventional controls and techniques to reduce risky employee behaviors (email and web) that traditional controls are challenged with.  

AE’s roadmap includes NexGen DLP/Proxy, where behavior analytics is used to establish priority and applied to improve the probability of detecting risky behaviors.  Prior to this, Min-Hwei was the Sr. Director in IT Audit leading Aetna’s IT audit operations.  Prior roles at Aetna also include head of the Sarbanes Oxley PMO, Manager of Information Security and IT Audit experience in both domestic and International.
 Marc Schein
National Co-Chair, Marsh & McLennan
Cyber Center of Excellence ,  Authority on Cyber Insurance

Tom Eldering
Strategist (Mission Advocate for US Department of Homeland Security – Office of the Chief Information Officer)
Blackstone Technology Group
Tom Eldering is a Strategist for Blackstone Technology Group - a technology consulting firm with offices in San Francisco and Washington, DC. Tom has been providing thought leadership in technology for more than 20 years, including work at The White House, United Nations, US Department of Justice and most recently for the US Department of Homeland Security.

He has testified to state legislatures on Internet Privacy and Cybersecurity and he is currently working on a book entitled “The Ethos of the Web: The Shape of the Net and How it Shapes Us”. After saving the internet his next big project will be to cool the planet.

 Bruce Hafner
President, ClearArmor Corporation
Bruce Hafner, President and Cofounder of ClearArmor, is focused on bringing a pragmatic approach to CyberSecurity and Integrated Risk Management. In his role as President, ClearArmor has brought its flagship product, CSRP (CyberSecurity Resource Planning) to market. CSRP was born after exhaustive research, user sessions, client experiences, and involvement with the CyberSecurity community.

The CSRP brings a complete and structured approach to CyberSecurity. CSRP, the only offering of its kind, is based on internationally recognized standards and advanced technology. CSRP leverages key technologies used by private sector, government, and military organizations worldwide.
 Sam Adhikari
MS, MBA, Ph.D, CISA
Chair of Aerospace Cyber Security Group in AIAA, researcher at Stanford University, and VP, Operations and Research at Sysoft Corporation
Sam Adhikari, CISA, is the chair of Aerospace Cyber Security Group in AIAA, and leads the operations and research at Sysoft Corporation.  At Sysoft Corporation, Sam specializes in Cybersecurity,Intelligent Systems and Informatics Division.  He is the principle architect of Sysoft eRFP Cybersecurity Business Intelligence Suit of Products.  He received advanced graduate degrees in Cyber Security, Engineering, Computer Science, and Data Analytics from Stanford University, City University of NY and Temple University.   

He has 30+ years of experience in Cybersecurity, IT Audit, Business Intelligence and Information Systems at AT&T Bell Labs, and Sematech (a consortium of Intel, IBM, HP, Motorola, AMD, TI, and more). In the past, he served as the chair of the technical committee focused on Cybersecurity, Business Intelligence and Informatics Integrated Development Environment at Sematech.

Jeremiah Sahlberg
Director of Information Security,
 Tevora
Mr. Jeremiah Sahlberg is the Director of Information Security at Tevora and has over 20 years of security experience.  He holds CISSP, CISM, PCI QSA certifications. Mr. Sahlberg is an executive security consultant and advises clients on establishing security programs and compliance management. Previously, Mr. Sahlberg held the Senior Director of Protect Operations at NBCUniversal and was the CISO for Tekmark Global Solutions. 

Mr. Sahlberg has presented at NCUA-ISAO (2018), NCTA (2017), SINET (2016), New York State Cyber Security Conference (2014 & 2012), and Nevada Digital Government Summit (2010).  He guest lectures at NPower and sits on the BoA for Liberty University’s School of Engineering.
 Neeraj Sahni
Senior Vice President, Cyber Security and Privacy Risk
Willis Towers Watson
Neeraj is a national cyber resource for Willis Tower Watson’s efforts on Network Security, Privacy and Technology Error & Omissions risks.

Neeraj focuses on insurance solutions to address the cyber liability and business interruption risk associated within the retail, healthcare, utility and financial industries. Neeraj maintains a strong knowledge of evolving regulatory laws pertaining to data breach notification and how markets position themselves with their Policy forms as well as recent developments in the realm of data privacy.

Prior to joining Willis, Neeraj was the director of insurance channel at Kroll responsible for developing and managing opportunities for breach response services with insurance carriers. Neeraj also served as the director of security and privacy at AIG responsible for risk assessment of potential insureds, cyber underwriting and product enhancement. At CNA, Neeraj was an IT audit manager responsible for worldwide infrastructure audits, forensic investigations and incident response plans.

Named a 2015 Power Broker for Retail by Risk & Insurance magazine, Neeraj is a frequent speaker at a wide range of cyber conferences and also contributes on data privacy/security issues via social media and Willis publications. Neeraj has been quoted in industry publications such as CFO, Treasury & Risk, Business Insurance and Insurance Day regarding challenges while placing cyber insurance.

Neeraj received his Masters in Business Administration from Loyola University Chicago and holds a Bachelor Degree in Civil  Engineering from Bangalore University.
kickboxing.

 Pamela Gupta
President, OutSecure Inc.
OutSecure is helping clients establish a lean, sustainable, legally-defensible security program, with appropriate data governance.  With a powerful resume in Security Program definition and strategy at major global Fortune 500 companies for over 20 years, Pamela founded OutSecure Inc. because many companies have not been protecting themselves with a strategic security program built to address information protection risks unique to their environment.  

OutSecure provides consulting to public and private sector clients in the areas of:
Emerging technology – Artificial Intelligence Security, IoT, Blockchain as well as traditional areas of Privacy, Security, Cybercrime, Breach management, and Cyber Strategy.  OutSecure Inc. is a preferred provider of security consulting services, including assistance to boards and senior management, security risk assessments, global compliance reviews, and defining mature security programs and strategy.  


Ms. Gupta is a thought leader and visionary who publishes and speaks on identifying risks and solutions to current issues. Contact her for treatise on “Equifax Breach – How will we recover as a Nation, as a Business and as an individual”.

Ibrahim (Abe) Baggili PhD
Elder Family Endowed Chair, Assistant Dean, Associate Professor (Tenured),
Co-Director & Founder, Cyber Forensics Research and Education Group (cFREG)
University of New Haven

Dr. Ibrahim (Abe) Baggili is the Elder Family Endowed Chair in Computer Science at the Tagliatela College of Engineering, Department of Computer & Electrical Engineering and Computer Science at the University of New Haven, CT, specializing in Cyber Forensics/Security. He also serves as the Assistant Dean, and is the founder and co-director of the University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG). Abe is also the former editor-in-chief of the Journal of Digital Forensics, Security and Law (JDFSL). Prior to that, he was the director of the Advanced Cyber Forensics Research Laboratory (ACFRL) in the College of Technological Innovation at Zayed University, Abu Dhabi, UAE. He received his BSc in Network Engineering Technology, his MSc in Technology with emphasis in mobile development and finally his PhD all from Purdue University, USA. His PhD area of study was in information security and cyber forensics. Abe has co-authored over 60 publications including books, peer reviewed articles, and conference papers and has received funding for his work from a variety of sources. Most recently, work with his students showed security issues in mobile social messaging applications that affect over 1 Billion people worldwide. Abe’s research with his students has been featured in over 20 languages worldwide. The work with his students has been featured in numerous media outlets, both nationally and internationally.

While at Purdue, Abe was involved in teaching classes, and was a Graduate Lecturer by the end of his graduate studies. In addition to that, he was a researcher at both the Center for Education and Research in Information Assurance and Security (CERIAS), and the Cyber Forensics Laboratory at Purdue University.

Abe’s research interests include cyber forensics from technical, social, and psychological perspectives, and finding ways of improving the scientific validity of the field. He has worked closely with law enforcement and private sector and has published work on real challenges facing cybercriminal investigators, and has presented at a number of conferences worldwide. He has also lead numerous research projects such as: the effect of anonymity and integrity on cyber engagement, authorship attribution of SMS messages, iPhone forensics, volatile memory forensics, e-mail forensics, computer event reconstruction, standardization of digital evidence and the forensics of social networking applications on mobile devices.

Abe’s experience in business has been through various positions that he held during his career alongside his entrepreneurial ventures. Currently he is on the advisory board for a UK based company that develops cyber security and digital forensics products as well as being the co-founder of Tawilati.com (now acquired by ReserveOut.com) – an online cloud-based, real-time restaurant reservation engine for the Middle East. Abe’s work has also been featured in news outlets and on TV worldwide in over 20 languages.
 
To learn more about Abe and his work you can visit http://www.baggili.com and http://www.unhcfreg.com. 

 Stephen Viña
Senior Vice President, Marsh
Stephen Viña is a senior vice president and senior advisory specialist in Marsh’s Cyber Practice in New York City. His current responsibilities include advising organizations on emerging cyber security trends and developing risk management and transfer strategies for large domestic and multinational clients.

Stephen joined Marsh in April 2017. Prior to that, Stephen worked on Capitol Hill for more than fourteen years advising senior Members of Congress on security issues. Most recently, Stephen served as the Chief Counsel for Homeland Security on the U.S. Senate Committee on Homeland Security and Governmental Affairs under former Chairman and Ranking Member, Senator Tom Carper (D-DE). As Chief Counsel, Stephen led the investigation into many high profile cyber incidents and helped pass several major pieces of cybersecurity legislation related to information sharing, data privacy, and critical infrastructure protection. Previously, Stephen held senior leadership positions on the Committee on Homeland Security in the U.S. House of Representatives and was a legislative attorney at the Congressional Research Service in Washington D.C.
 Arthur House
Chief Cybersecurity Risk Officer
State of Connecticut
Chief Cybersecurity Risk Officer for State of Connecticut. Prior experience includes service as chairman of Connecticut's public utilities commission, national security and intelligence, U.S. Senate, crisis management, public affairs and communications and corporate affairs. Doctor of Philosophy (Ph.D.) focused in International Relations from Fletcher School of Law and Diplomacy, Tufts University.
 Jonathan Bourke
CIO, Translation LLC
Over the past 6 – 7 years, Jonathan has been at the leading edge of redefining how brands, agencies and corporations respond to the new challenges of cyber, InfoSec and content risk.  He has been focused on improving how his clients get critical work done within new operational frameworks while ensuring the quality of the creative work; preserving the culture for the critical talent and ensuring that profitability/margin and operational effectiveness is maintained.

Jonathan has worked for some of the best global ad agencies in the world, including The Martin Agency, Weiden and Kennedy and in leadership roles at Interpublic Group (IPG).  He has worked on clients such as Target, Coca Cola, Walmart, Geico, UPS, Microsoft and many more. He has built and run operations with over $20 Billion in annual media global billings.

His extensive background includes senior leadership positions at Computer Sciences Corp, Bank for International Settlements, European Central Bank, European Parliament and other top tier international companies and organizations.  He holds a BSc in Computer Systems from the University of Limerick, Ireland.
 Donna Marie Howe, CFA
Cybersecurity Advisor
Ms. Howe is a banker, risk management and finance professional with more than 25 years industry experience in the global financial services sector. With the rare ability of combining high-level quantitative skills with qualitative management excellence she has held senior risk roles in some of the world’s most established banks including Deutsche Bank, UBS, ABN AMRO, and Santander.

She is an expert is managing emerging risks and those that cross multiple domains, such as operational risks and clearing. As technology is an enabler to both taking and managing risks of all sorts she has focused on cyber risk vulnerability, and the techniques of RPA and Blockchain on risk exposures. As a long-time financial modeler, she understands the impact of techniques including machine learning and AI methods. Well-known within the risk community she served for more than 10 years on the Board of the Global Association of Risk Professionals (GARP). 

She authored one of the first risk management texts: A Guide to Managing Interest-Rate Risk. She was awarded her Chartered Financial Analyst certificate, earned a B.A. in Economics from the University of Michigan and completed coursework for an M.A. in Economics at New York University.
William Feher, CPA
Vice President,  Internal Audit and Chief Risk Officer, ITT Inc.
Bill serves as Vice President Internal Audit and Chief Risk Officer for ITT Inc. since 2011 where he is responsible for overseeing Global Risk Management, including the activities of Internal Audit, Enterprise Risk Management, Insurance, and Business Conduct (Ethics Programs). He has approximately 30 years of experience, having previously worked for EMCOR Group, Inc. and Gartner Inc. in internal audit, enterprise risk and corporate accounting/reporting roles. He started his career at Ernst & Young LLP and PricewaterhouseCoopers LLP in audit positions. Bill is a board member and past president of the Fairfield/Westchester County Chapter of the Institute of Internal Auditors and a board member and treasurer of Make-a-Wish of Connecticut.
Jeffrey Menoher
President and CTO
 Stelling Cyber System
Jeffrey Menoher is President and Chief Technology Officer of Stelling Cyber Systems, a Connecticut-based company that specializes in cyber security risk assessment, risk management, and automation. Stelling personnel have served US government customers in the Intelligence Community, Department of Defense, Department of Homeland Security, and commercial customers in nuclear energy, electrical power, and oil/gas industries. Stelling products and services help clients establish and maintain conformance with applicable and emerging information security regulations.
Mario DiNatale
CIO, Town of Hamden
Born to blue collar, immigrant parents in a suburb of New Haven, CT, legend has it that Mario was born with a screwdriver in his hand and started voiding warranties shortly thereafter. Raised on a steady diet of New Haven “Apizza” and hacker conventions, he decided to pursue a degree in computer science (much to his parent’s apprehension). On the day he left for college, his father told him that he didn’t know if there was any money in “computers”, handed him a shovel and told him that if that whole “computer thing” didn’t pan out, this shovel would still be here waiting for him.

Mario DiNatale then went on to garner a reputation as one of today’s most prolific technology visionaries, while simultaneously distinguishing himself as a charismatic and versatile CIO/CTO, in both the public and private sectors.

Today Mario acts as a Mentor and Adviser to numerous startups. Even while acting in an executive capacity, Mario still remains regularly engaged as a trusted Cybersecurity Adviser to a multitude of Governments, Fortune 50 Corporations, Law Enforcement and Intelligence Agencies, as well as an ad-hoc member to cybersecurity “Red-Teams” when called upon.

Spare time activities include Brazillian building Lego sets with his daughters, Brazilian jiu-jitsu and Astronomy… And he still has that shovel his father handed him all those years ago.

 Michael Money
Senior Director, Protiviti
Mike is a Senior Director in Protiviti's Information Cybersecurity & Privacy solutions practice based in New York City. He has over 25 years experience in information security and privacy that is focused on:
- Preventing Cybersecurity attacks
- Developing cybersecurity and risk management programs and strategies
- Assuring that security service are operating efficiently and effectively
- Assuring compliance with regulatory requirements , and leading security frameworks
- Implementing ,operating and integrating of security products
- Investigating breaches when they occur

 
Mike has certifications in CISSP, CISA, QSA, CIPP  and CTPRP. He as a MBA from University of Houston. He holds several patents and is an author of several publications and a frequent speaker at Industry Conferences.
Dr. Bill Mihajlovic
Professor
 


Ondrej Krehel
CEO, LIFARS
 


David Huang
Assistant U.S. Attorney
U.S. Attorney's Office, District of Connecticut
 


Brian Barnier
Managing Member/Principal - ValueBridge Advisors
Brian Barnier is focused on growth. With a split career between “the business” and IT, he works to bridge two sets of needs to get greater business benefits from IT. He also has a unique vantage point because of his experience in practical projects, best practices committees, research and teaching professional education across industries and countries. As managing member/principal at ValueBridge Advisors, he creates and implements practical knowledgeware to more safety and easily achieve business objectives. The Value-added Diamond, 5+2 Step Cycle, Controls Chain of Fitness are three examples. His insights have been used across countries and industries through three routes.

First, in his direct engagements in financial services, health care, higher education, industrial and other industries. Second, though his contributions to professional and industry organizations. He was named one of the first three distinguished Fellows of OCEG, he served on the OCEG Redbook Review Committee, serves as co-chair of the OCEG Steering Committee, served on the teams that created ISACA’s Risk IT Based on COBIT and COBIT 5, board of the World Conference on Disaster Management, and Shared Assessment Program (for third party vendor management).

David Huang
Assistant U.S. Attorney
U.S. Attorney's Office, District of Connecticut
 


Ron Rasin
VP Product Management
Ron leads Silverfort’s product management and roadmap. He brings over a decade of hands-on product management experience and cyber security expertise. Prior to joining Silverfort, Ron was the Director of Product Management at Claroty, and held product management roles at Wix and NCR. Before that Ron served as a Team Leader at the 8200 elite cyber unit of the Israel Defense Forces. Ron holds a B.A in Economics from Tel Aviv University.
Arun Ghosh
Blockchain Leader, KPMG
Arun is KPMG’s US National Blockchain leader and an industry-recognized management consultant with 20+ years of experience. Arun is passionate about uncovering value for organizations by using innovative approaches to evolve corporate strategy, including leveraging blockchain, analytics, automation and artificial intelligence to achieve enterprise-wide transformation.

Arun’ strategy, analytics and technology consulting services expertise covers the high-tech, industrial manufacturing and life sciences industries. Day-to-day, Arun works with business leaders to help them understand and apply blockchain to solve their specific business challenges related to efficiency, transparency and growth.