2018 Phoenix Security & Audit Conference



Adriana Sanford
Strategic International Consultant
Following an abduction, Adriana has distinguished herself by educating executives, thousands of college students, and the public at large on global threats and the dangers of corporate corruption. She works with a broad range of global organizations to strengthen responsibility and builds foundations of trust and integrity in foreign markets. She focuses on laws at the international level and how the regulation of global threats from jurisdictions outside the US can create corporate exposure and criminal liability for executives including, among others, laws involving the use of information technology and cryptocurrencies across national boundaries. Her two decades of practical knowledge of global threats in real-world settings sets her apart from other academics in her field. Adriana’s high impact experiential learning courses provide real-world encounters that demonstrate the complexities of open-ended situations and severe consequences for non-compliance in foreign jurisdictions. Last year, Adriana served on the advisory committee of the World Economic Forum’s Partnering Against Corruption Initiative (PACI). The former Lead Counsel for Latin America of a Fortune 50 company, she is also a regular international television commentator, who reaches over 24 million viewers.
pierson - smaller file.jpg
Chris Pierson
Founder & CEO
Binary Sun Cyber Risk Advisors
Dr. Chris Pierson is the Founder & CEO of Binary Sun Cyber Risk Advisors - providing strategic & operational advice on the intersection of cybersecurity, business, risk and law for companies and boards. He is a globally recognized cybersecurity expert and entrepreneur who holds several cybersecurity, anti-fraud, and technology patents. Dr. Pierson serves on the Department of Homeland Security’s Data Privacy & Integrity Advisory Committee and Cybersecurity Subcommittee and is a Distinguished Fellow of the Ponemon Institute. Previously, Chris was a founding executive of Viewpost, a FinTech payments company, serving as their CSO and General Counsel and was also the first Chief Privacy Officer, SVP for the Royal Bank of Scotland’s (RBS) U.S. banking operations leading its privacy and data protection program. Chris was also a corporate attorney for Lewis and Roca where he established its Cyber Security Practice representing companies on cybersecurity and data breaches. Chris is a graduate of Boston College (B.A., M.A.) and The University of Iowa (Ph.D., J.D.), is a sought after keynote speaker on cybersecurity and privacy, board advisor for startups, and is frequently quoted by the media on these topics.
Profile Image
Lenin Aboagye
Security Executive
Security Executive, Advisor and Thought leader who has led and successfully defined and executed several security programs in multiple organizations in diverse industry verticals . Lenin has built several firsts in the industry from first Education-As-A Service(EAAS) platform to building security platform for first fully Open cloud product. As an emerging technologies enthusiast , Lenin has helped advise and guide initiatives from Cloud, Mobile , Big Data and AI for multiple companies as well as speaking severally on such topics and its relevance in the current security landscape. Lenin was an earlier contributor to some of first whitepapers released by CSA(Cloud Security Alliance) and is an active participant in several other Information Security related interests. As a security thought leader, Lenin has spoken at several security conferences, contributed to security books, and also quoted in security and tech media. Lenin was formerly the security Head at IO and is currently President at Limit+ where he provides cyber security consulting and security product advisory services to several clients. Lenin is also the security advisor for Kogni, world's first AI powered Big Data Security product by Clairvoyant . Lenin holds a BA, and graduated top of class with a double major in Computer Science and Math.
Ed Adams
President & CEO
Security Innovation
Ed Adams is a software quality and security expert with over 20 years of experience in the field. Ed served as a member of the Security Innovation board of directors since its inception in 2002 and took over as CEO in 2003.Prior to his work at Security Innovation, Adam's held senior management positions at Rational Software, Lionbridge, Ipswitch, and MathSoft. He was also an engineer for the US Army and Foster-Miller earlier in his career. He is Research Fellow at The Ponemon Institute, serves on the board of several IT security organizations, and was named a Privacy by Design Ambassador by the Information and Privacy Commissioner of Canada. Adam's graduated from UMass Lowell with degrees in Mechanical Engineering and English Literature and earned his MBA with honors from Boston College.
Mohammed Almukaynizi
Security Research
Mohammed Almukaynizi is a security researcher at CYR3CON and a Ph.D. student studying computer science at Arizona State University. He is a recipient of the King Saud University scholarship award for his master’s and Ph.D. studies. His research at the Cyber-Socio Intelligent Systems (CySIS) Laboratory focuses on machine learning applications to Cybersecurity. Prior to his Ph.D. studies, Mohammed had over three years of academic teaching and industry working experience including work on database management, software engineering, and ERP systems implementation. He earned his master’s degree from the University of Michigan- Dearborn and his bachelor’s degree from King Saud University (Riyadh, Saudi Arabia). He has been recently working on proactive prediction of software vulnerability that will be exploited in the wild.
Profile Image
William Bell
Executive VP of Products
William is an experienced and proven technology executive and business strategy leader in the Cloud IaaS, Data Center and Managed Services market. With nearly 15 years of Infrastructure as a Service and Data Center experience he has demonstrated his commitment to these markets through the creation of high value, cost effective solutions positioned for the mid-market and enterprise customer. As EVP of Products he is responsible for the creation and go-to-market strategy of all phoenixNAP Infrastructure as a Service (IaaS) and Security Services offerings including Cloud IAAS, Backup and Disaster Recovery, Managed Security Services and Colocation. A leader in the infrastructure as a service industry, Mr. Bell’s work has been featured in Information Security Magazine, CIO Magazine and the Wall Street Journal. He has held several information security and audit industry certifications including Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and the Systems Security Certified Practitioner (SSCP). Prior to joining phoenixNAP William ran the Information Security practice for one of the largest credit card processors in the United States. Mr. Bell holds a BBA in Economics from Sam Houston State University.
Mike Berlin
Senior Manager - Risk & Advisory
Mike Berlin is a Senior Manager in Deloitte’s Risk & Advisory practice with over 12 years of experience in areas including data analytic development and integration, business advisory consulting, auditing, and controllership. Mike has experience supporting and leading global teams on behalf of global Fortune 500 companies within a range of projects including global risk assessments, internal audit analytics, compliance, process design and implementation assessments, supply chain forensic analytics, enterprise fraud management, and Sarbanes Oxley. Mike is also a part of Deloitte’s Internal Audit (IA) innovation committee furthering an innovation mindset into IA and integrating into delivery across industries. Mike is also a CPA and CFE.
James Brodsky
Sr. Manager - Security Specialization
Mike Burg
Director - Advisory Services
Mike Burg is Director of Advisory Services at cybersecurity services firm Alagen. With over 20 years of security experience, he has served as acting CISO across several industries including medical, financial, and transportation. Mike has been responsible for setting / optimizing strategic security goals and strategies, aligning security programs with business objectives, and the development / optimization / execution of security roadmaps. He is also a contributing author to “IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data.” When Mike’s not improving security posture, the avid musician is most likely jamming on a guitar or busting out a wicked drum solo.
Profile Image
Lori Cox
Chief Auditor
City of Tempe
Lori K. M. Cox, CIA, CGAP, CCEP is the Chief Audit Executive (City Auditor) for the City of Tempe, Arizona. In addition to providing executive leadership to the Internal Audit Office she also oversees the City’s Employee View program which encompasses the innovation and ideas program and fraud reporting lines. She has served in audit leadership and Chief Audit Executive roles in a variety of industries including local and tribal government, gaming and hospitality, higher education, retail, and food and beverage. Prior to her position with the City of Tempe, Lori served as the Director of Internal Audit for Pima Community College in Tucson, Arizona. She also served for two years as Technical Director, Standards and Guidance at the Institute of Internal Auditors. She is an Institute of Internal Auditors Distinguished Faculty Member and facilitates seminars for the IIA on audit tools and techniques, report writing, leadership skills, and creative problem solving for auditors.
Mark Dallmeier
Chief Marketing Officer
Terra Verde
Mark is a Senior Executive with over 25 years of diverse management and operational experience. He is an active advisory board member to various companies and has consulted to start-ups and Fortune 50 technology organizations across a dozen industries, including various early stage and hyper-growth cybersecurity and compliance consulting and technology companies. Over the years he has developed libraries of sales-marketing-operations-service delivery best practices, methodologies and processes that are still utilized in mid-size and global corporations. Mark actively publishes research, speaks and facilitates workshops on corporate growth, cybersecurity, risk and transformational topics. Mark has utilized his skills and experiences to help Terra Verde build a national channel partner ecosystem and position itself as a state of the art cybersecurity, risk and compliance services and managed security solutions provider.
Anthony in a Circle.png
Anthony Dezilva
Business Development Manager
Anthony Dezilva is the Business Development Manager for phoenixNAP with responsibility for the company’s Security Services and Data Security portfolio. He is responsible for defining technologies and designing solutions to deliver phoenixNAP’s vision as a full-service, global information technology services provider. A 26 year veteran of the IT industry, Anthony specializes in intellectual property asset protection, organizational survival and sustainability, and prevention of and recovery from catastrophic events. Anthony’s key areas of expertise include virtualization/cloud technologies, application development, cyber security operations, and product leadership.
Anthony earned his BSc in Cyber Security from The University of Phoenix, an MBA from the Thunderbird School of Global Management, and is currently pursuing a PhD in Industrial and Organizational Psychology at Grand Canyon University.
Profile Image
Tonia Dudley
Security Solutions Advisor
A diversified career spanning various finance roles for 14 years at a national automotive retail chain, transitioning into various IT roles over the next 12 years for a global manufacturing enterprise where she then developed an interest in Cybersecurity. While working in the financial services industry, participated in a working group to assist small firms with implementing a cybersecurity program to protect their firms. Spoken at several cybersecurity and industry conferences on building a successful security awareness and phishing programs. Her successful anti-phishing training programs have received three awards. Maintains certifications for Certified Information Systems Security Professional, Certified Information Security Manager and Certified Information Systems Auditor.
Profile Image
Jennifer Edmondson
Program Manager
Fortune 500 Company
Jennifer Edmondson is a 23 year veteran of a Fortune 500 technology company and is currently an Information Security Program Manager for several large initiatives. Jen holds a BA in Anthropology and a minor in Psychology from the University of New Mexico. She has been most recently spotted in a Cyber Security Data Lake and has done work in Dev Ops, Application Security, Cryptography and Identity and Access. She teaches Scaled Agile Framework, and is passionate about security and motivating her teams. Jen studies Penetration Testing for fun and is non apologetic about being from New Jersey. Due to the increased desire to understand the relationship between technology and behavior, she now gets the last laugh about how ‘relevant’ her degree is at her large technology company.
John Freimuth
Security Engineer
In Security since 2010, but professionally since 2012. Currently pentesting with a health company in the valley. You might remember me from such talks as "Return of the Dork or "Spy V Spy".
Rick Gamache
Rick Gamache is a Manager with the accounting firm BerryDunn headquartered in Portland, Maine. Rick is a veteran of the United States Coast Guard, serving as a Telecommunications Officer in varying roles in cyber security and intelligence. After leaving military service, Rick performed FISMA audits for the U.S. Navy’s Destroyer program. His work includes evaluating the security controls of some of the nation’s most sensitive computing systems and platforms. As an entrepreneur, Rick co-founded Wapack Labs, where he served as Partner and Director of Cyber Threat Intelligence. As an accomplished author, Rick has written several publically available geopolitical risk assessments for the nations of Iceland, Sweden, and Brazil. Additional works include Russia’s annexation of Crimea through the use of cyber-attacks, the risks of outsourcing financial supply chains to India, and other topics of geopolitical strategic importance. Rick is a freelance writer for Security Affairs Magazine, and has spoken on cybersecurity related topics in both the United States and Europe.
Lester Godsey
Chief Information Security Officer
City of Mesa
Lester Godsey is the Chief Information Security Officer for the City of Mesa, AZ and is currently spearheading development of an IoT Strategy for Mesa. With over 25 years of higher education and local government IT experience, Lester has spoken at local, state and national conferences on topics ranging from telecommunications to project management to cybersecurity and data. Lester has taught at the collegiate level for over 12 years in the areas of technology, business and project management. The author of numerous trade journal and online magazine articles, he is CISM (Certified Information Security Manager) and PMP (Project Management Professional) certified. He holds a BA in Music and a MS in Technology, both from Arizona State University.
Eric Groen
Managing Director
Eric Groen is a Managing Director with Protiviti and Chapter President of the Phoenix IIA. He has over 18 years of experience in consulting and audit, including both internal and external audit experience. Eric’s experience extends across a number of industries, however, he spends the majority of his time focusing on higher education and more specifically compliance and governance issues. Eric has a B.S. degree in Accounting and Finance from Creighton University, is a Certified Public Accountant (CPA) and a Certified Internal Auditor (CIA).
Daniel Harms
Privacy Consultant
Dan Harms is a Certified Information Privacy Professional (CIPP/E, CIPM) and serves as a Privacy Consultant at OneTrust - a global leader in enterprise privacy management and marketing compliance software. In his role, Dan advises many of the world’s leading technology companies across their global privacy compliance initiatives, focused on formulating efficient and effective responses to data protection requirements as well as building and scaling privacy programs. Dan maintains relationships with many of the world’s leading privacy minds and assists in providing deep insight into regulatory issues and practical approaches to compliance.
Ben Horton
Senior Manager - Risk & Advisory
Ben Horton is a Data Analytics professional with over 13 years of experience helping his clients develop and mature analytics capabilities for Internal Audit. He currently serves as the national Financial Services lead for IA Analytics. Ben spent the early part of his career as an internal auditor focusing on analytics at a top US bank and has been consulting in this area for the past 8 years. Ben is also a CPA, CFE, and CISA.
Profile Image
Michael Keiffer
Independent Data Analyst/Instructor
Michael P. Keiffer CPA P.C.
Michael is an independent data analysis consultant with extensive experience with using ACL (Audit Command Language), IDEA and Arbutus Analyzer, both as a data analysis consultant and as an instructor. Michael has over 19 years of extensive experience with using ACL as a data-mining tool, data analysis consulting and training experience, and with a focus on using ACL as fraud detection and compliance tool for various financial institutions.
hoyt - 944KB.jpg
Hoyt Kesterson
Senior Security Architect
Terra Verde
Hoyt L. Kesterson II is a Senior Security Architect with Terra Verde. He has more than 40 years of experience in information security. He is certified as a CISSP, a CISA, and a PCI QSA. For 21 years he chaired the international standards group that created the X.509 public-key certificate, a fundamental component in digital signature and securing web transactions. He is a co-chair and founding member of the ABA’s Information Security Committee. He is a testifying expert. He is a PCI QSA who helps clients meet compliance requirements for authentication and encryption. He programmed his first user id and account authentication process for a communications front-end in the early 70s. He presented Everything We’re Doing with Passwords Is Wrong at the 2013 RSA Conference. The video can be found on the RSA Conference site and on YouTube.
Profile Image
Rich Larkins
Network Architect and Board of Directors Member
Arizona Cyber Warfare Range
Rich Larkins is a Senior Network Systems Engineer with way too many expired Cisco certifications. He has deployed networks in over 10 countries on 4 continents, and is currently working on integrating the ground components of his third global satellite constellation ground control system.

In addition to Network Engineering, Richard has been involved in Cyber Security since 1995 and served on the board of directors for the ISSA Phoenix Chapter for over 6 years. Rich lives in Scottsdale, AZ with his very understanding wife of 25 years, Patricia, and their two Cocker Spaniel rescue dogs (Luna and Orion) who have seven legs between them.
Jacques Lucas
Sr. Security Manager - Compliance & Audit
Terra Verde
Jacques has over 15 years of experience in IT Operations and Information Security. He has broad-based experience in information technology (IT) and regulatory compliance, including PCI DSS compliance, ISO 27000 series, NIST, Sarbanes-Oxley ITGC audits, logical and physical controls of the IT function, GLBA and FACTA compliance, HIPAA compliance, Risk assessments, Business Continuity Planning (BCP), penetration testing concepts/methodology, computer forensics, and social engineering techniques. His education portfolio includes a BBA and MS, he also has the following professional certifications: CISSP, CISA, PCIP, QSA. In addition, Jacques has experience in network/hardware/operating system troubleshooting, PC assembly, and technical support. His experience provides him with a strong background in all areas of Information Security and Information Technology. Jacques enjoys playing soccer, traveling, trying new foods, and spending valuable time with his family.
Steve McNew
Managing Director - Forensic Advisory Services
Grant Thornton
Steve McNew is an expert in digital forensics, data security, and complex discovery. For nearly 30 years, he has applied this expertise by leading thousands of engagements for corporate and law firm clients globally, across numerous industries, including financial services, healthcare, oil and gas, utilities, telecommunications, governmental agencies, defense, and entertainment and hospitality. In addition to reactive work with regard to incident response, litigation, and investigations, Steve serves as a strategic advisor related to the management of complex data, including information security, all phases of the EDRM, predictive coding/Technology Assisted Review (TAR), complex data analysis/interrogation, information lifecycle management, and Robotic Process Automation (RPA).
Erik Min
Manager - Forensic, Investigative, & Dispute Services
Grant Thornton
Erik Min is a Manager in Grant Thornton LLP’s Forensic Advisory Services group located in Houston, TX. Erik provides consultation and management services with an expertise in matters regarding computer forensics, e-discovery, cyber security, compliance and risk.
Prior to joining Grant Thornton, Erik spent over 10 years working for large and small consulting firms using his background and expertise to support complex data management, e-discovery matters, computer forensics and incident response investigations for some of the world's leading corporations and law firms. Investigations he has managed include theft of trade secrets and intellectual property, fraud, embezzlement and incident response. He has managed and consulted on large scale electronic discovery requests; some of which have included hundreds of custodians to interview, identifying terabytes of data for collection. Erik also has experience consulting with clients regarding information security and compliance readiness while assessing client risk.
Nichole Minice
Managing Director
Nichole Minice is a Managing Director in the Phoenix office and part of the Internal Audit and Financial Advisory solution. She has 18 years of internal audit experience in a variety of industries, however, has spent a significant amount of time in the consumer products and services industry. Nichole has specialized in helping organizations and process owners understand and develop ways to effectively manage risks and maximize efficiencies. Nichole has a B.S. degree in Accounting from Northern Arizona University and is a Certified Internal Auditor (CIA), holds a Certification in Risk Management Assurance (CRMA) and is accredited by the IIA as a Quality Assessment Validator.
Tom O'Reilly
Audit Practice Leader
Tom O’Reilly is the Internal Audit Practice Leader at AuditBoard, a SaaS-based solutions provider revolutionizing the way enterprises collaborate, manage, analyze and report on critical internal controls data. Prior to AuditBoard, Tom was the Vice President and General Manager of Internal Audit at MISTI, where he was responsible for the strategic direction and oversight of all internal and IT audit-related training programs. In addition, Tom was the Director of Internal Audit and Chief Audit Executive at Analog Devices and an Internal Audit Manager in EY’s Risk Advisory practice.
Ali Pabrai.PNG
Ali Pabrai

Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security+, a cyber security and compliance expert, is the chairman and chief executive of ecfirst. A highly sought after professional, he has successfully delivered solution to U.S. government agencies, IT firms, healthcare systems, legl, and other organizations worldwide.

Mr. Pabrai served as an Interim CISO for a health system with 40+ locations in USA. Mr. Pabrai has led numerous engagement worldwide for ISO 27001, PCI DSS, NIST, and HIPAA/HITECH security assessments. ecfirst is an approved HITRUST CSF assessor and a PCI qualified security assessor.

Mr. Pabrai has presented passionate briefs to tens of thousands globally, including the USA, United Kingdom, France, Taiwan, Singapore, and others. Conferences Mr. Pabrai has been featured at include HCCA, ISACA CSX, HIMSS, Infragard, ISSA, HIPAA Summit, Google Privacy & Security Summit, Microsoft Tech Summit, and dozens of others. He is the author of several published books.

Patrick Potter
GRC Strategist
RSA Archer
Patrick has spent over 25 years leading internal audit, business resiliency, strategic planning, process improvement and related activities at Fortune 500 companies in both practitioner and consulting roles. He is currently a GRC Strategist and subject matter expert for RSA, where he oversees the direction of the Archer Audit and Business Continuity Management solutions.

Patrick has developed a broad perspective working with analysts, partners and customers spanning such industries as financial services, higher education, manufacturing, high-tech, healthcare, and media and hospitality.
Jeremy Ralston
Security Operations Center Manager
After graduating from ASU with a BS in Computer Science with concentration in Information
Assurance Jeremy has gone on to become the Security Operations Manager at Axon. He has
continued his professional education by attending various SANS courses, trainings at BlackHat and
attending conferences. Jeremy is a co-organizer of his local active hacker group DC480.io
Avinash Ramineni
Chief Technology Officer
Avinash Ramineni is Co-Founder and Chief Technology Officer at Kogni and is currently leading all the product and engineering initiatives. Avinash is a software industry veteran with in-depth entrepreneurial and leadership experience spanning the technology industry. Avinash is a passionate technologist with a drive to understand the bigger picture and convert that into pragmatic, implementable solutions. He specializes in providing solutions in the areas of big data, cloud, NoSQL, SOA, and event-driven architectures. Avinash Ramineni is a Co-Founder and principal at Clairvoyant and leads the engineering efforts in the big data space. Prior to Clairvoyant, Avinash was a principal engineer at Apollo Group, where he was responsible for innovation and technical guidance for all the product development efforts.
Mannie Romero
Executive Director, Office of the CISO
Mannie Romero brings more than 20 years of technical and information security leadership experience to his current role. As director, Office of the CISO, Romero provides C-suite advisory services to define cyber strategy, roadmaps and solutions to meet clients’ security objectives.

A subject matter expert in offensive security, Romero’s broad cyber security background spans multiple disciplines including incident response, forensics, vulnerability management, application security, network security and risk assessment. Mannie has been fortunate to apply his experience in various business verticals including defense, education, space, telecommunication, insurance, services and the semi-conductor sectors.

Prior to joining FishNet Security, Romero was the global head of incident response and risk assessment for Marsh and McLennan Companies, a $12 billion global services and insurance company, which operates in over 140 countries. In this position, Romero was responsible for penetration testing, incident response, forensics, investigations, vulnerability management, application security, merger and acquisition risk assessment, and third-party risk assessment. Romero was also director of security operations for Apollo Group, where he built their first penetration test team and was responsible for the security operation center (SOC).
Franchesca Sanabria
Focal Point Data Risk
Franchesca is a Principal at Focal Point in the National Data Privacy Practice. She has over 12 years of experience in governance, risk and compliance. She has lead and executed privacy and security risk assessments for multiple clients ranging from tech startups to multinational fortune 50 organizations. Several of the security and privacy program activities focused on compliance assessments related to the GDPR, HIPAA Security and Privacy Rule, and GLBA, development of privacy frameworks including the creation of privacy policies, privacy principles, data protection practices, and enhancing and developing breach response programs. She also has extensive experience performing privacy and security risk assessments, Information Technology audits, Sarbanes-Oxley (SOX) 404 and SOC1/SOC2 readiness assessments. She is the KnowledgeNet chairperson for the International Association of Privacy Professionals (IAPP) in the South Florida region and has presented at numerous privacy and security conferences around the country. She is a Certified Information Systems Auditor (CISA) and Certified Information Privacy Professional (CIPP/US). Franchesca is fully bilingual in Spanish.
Sharlene Santos
Sr. Manager, IT Audit & Advisory Services
Focal Point Data Risk
Sharlene Santos is a Senior Manager with Focal Point Data Risk(Formerly Sunera). She has over twelve years of experience and has led multiple global projects in IT audit, security, and advisory in areas such as compliance, cybersecurity, privacy, and implementations. Prior to Focal Point, Sharlene was at Marriot (Formerly Starwood Hotels & Resorts), and had focused on managing infrastructure and security related audits. In addition, Sharlene was part of Global Audit with Walmart, where she supported the largest implementation of SAP. Sharlene began her career as an Advisory Associate at KPMG. She recently obtained her Executive MBA with a concentration in MIS from the University of Arizona, and holds a CIS and Accounting degree from Arizona State University.
Paulo Shakarian
Paulo Shakarian, Ph.D. is the CEO of CYR3CON™, which creates software that uses machine learning to find actionable intelligence for cyber-security. Paulo is also a Fulton Entrepreneurial Professor (tenure-track) at Arizona State University. He has written numerous articles in scientific journals and has authored several books, including Elsevier’s Introduction to Cyber-Warfare and Cambridge’s Darkweb Cyber Threat Intelligence Mining. Recently, his work was featured in major news media including CNN, The Economist, and Business Insider. He was named a “KDD Rising Star” by Microsoft Research Asia, was recipient of the Air Force Young Investigator award, FOSINT-SI Best Paper, and MIT Tech. Review “Best of 2013”. He also held fellowships with both DARPA and New America. CYR3CON™, the company Paulo co-founded, was named won a Defense Innovation Technology Challenge award (2017), named a Finalist in PwC’s most promising company award, won a National Science Foundation Innovation Corps award (2017), and was a semi-finalist in the Cisco Innovation Grand Challenge (2016). Previously, Paulo was an officer in the U.S. Army where he served two combat tours in Iraq, earning a Bronze Star and the Army Commendation Medal for Valor. He also previously worked as an Assistant Professor at West Point.
Alex Stockwell
Security Engineer
Security Engineer; 10+ years of software engineering, with a security focus for most of it. "Security is more interesting than browser bugs".
Melinda Tijerino
Sr. Manager
Focal Point Data Risk
Melinda Tijerino is a Certified Information Privacy Professional for the US Private Sector (CIPP/US), and completing a Master’s degree in Cybersecurity with a specialization in Risk Assurance. With over 9 years of progressive experience in governance, audit, risk management, and compliance, Melinda oversees and serves as subject matter expert to multiple large and complex privacy and security engagements and project management efforts related to U.S. state, federal, and international standards, inclusive of: EU GDPR, HIPAA Security Rule, HIPAA Privacy Rule, EU-US Privacy Shield, and TCPA. Melinda’s experience spans across industries, including government agencies, global technology firms, global retail chains, financial services, and healthcare organizations. Melinda leads multiple privacy engagement teams and project management efforts to identify and communicate areas of high-risk to clients across a spectrum of privacy areas, including: regulatory compliance assessments, regulatory readiness assessments, vendor risk management, incident management and breach response, data inventory and mapping, creation of privacy programs inclusive of privacy impact assessment methodology, policy creation, and administration of privacy training to client employees.
Carlos Villalba
Vice President, Security Services
Terra Verde
Carlos Villalba has over 20 years of extensive experience designing, developing, managing and implementing IT security solutions in compliance with IT security standards, and industry best practices. His broad skills and experience spans compliance assessments, HIPAA, PCI, FISMA, FEDRAMP, ISO, pen-testing, risk assessments, vulnerability management, and IT security projects. Carlos has provided services to the US military, federal government, credit unions, universities, retailers, health care, manufacturing companies and small businesses.
0 (1).jpg
Kristy Westphal
CSIRT, Vice President
Union Bank (MUFG)
Kristy Westphal is a versatile information technology professional with specific experience in providing advisory and management services in the area of information security and risk is currently employed as the Vice President, CSIRT at Union Bank. Specializing in leadership and program development, specific expertise in security areas includes: process analysis, risk assessments, security awareness programs, operating system security, network security, incident handling, vulnerability analysis and policy development.
Rebecca Wynn
Head of Information Security (Senior Director)
Matrix Medical Network
Named 2017 Cybersecurity Professional of the Year - Cybersecurity Excellence Awards, Dr. Rebecca Wynn is a "big picture" thinker who brings over 17 years of experience in Information Security, Assurance & Technology. Recently she lead the information security, privacy, and compliance pre-acquisition, acquisition, and post-acquisition of LearnVest, Inc. to Northwestern Mutual Life Insurance Company - a Fortune 100 company. She is well known for being a gifted polymath, having deep understanding of current cyber security challenges and privacy issues. Now with Matrix Medical Network as the Head of Information Security, she works with the talented and passionate team to take the company to the next level of excellence
Sherina Yang
Ernst & Young LLP
Sherina Yang is a Manager in the Advisory practice of the Financial Services Office (FSO) at Ernst & Young. She has over six years of banking and capital markets experience in various roles including financial reporting and internal audit. Her primary focus is around second line risk management reviews including Operational Risk Management, Enterprise Risk Management, and Model Risk management. Sherina has been involved in providing points-of-views to organizations around the use Blockchain and currently helping to build out the internal audit Blockchain strategy at EY.