29 Highly Influential Cisos 29 Security Leaders You Should Follow

29 Highly Influential CISOs 29 Security Leaders you should follow

Compiled by Basheer Ahmed Khan From putting together a complex Risk Management Program to handling an unexpected huge security threat, the job of a CISO (Chief Information Security Officer) is getting more and more complicated with the rapid expansion of the threat landscape. The toughest part a CISO faces is to convince the C-suite executives about the cybersecurity threats an organization faces and to extract the budgets he needs for overall Cyber Security. The role of a CISO is becoming more and more important at the C-suite level. Apart from their technical expertise a CISO must also possess operational and leadership skills. The role of a CISO has become very very critical for any organisation irrespective of the industry and the size. Infact the role of a CISO has become so critical that even smaller organizations who cannot afford to have an in-house CISO are outsourcing it to a Virtual CISO (VCISO).

We have identified and listed 29 awesome Chief Information Security Officers who have all the above mentioned qualities. These experts are the reason behind the impeccable CyberSecurity their organizations have. We have arranged them in an alphabetical order. Abeer Khedr Billy Spears Brian Bobo Dane Warren Dan Bowden Dan Lohrmann Don Cox Dr. Jackson Muhirwe Gary Hayslip George Smirnoff Greg Dakin Jason Lau Jeff Brown John Meakin Jothi Dugar Lakshmi Hanspal Magda Chelly Mark Potter Michael Montoya Mike Britton Myrna Soto Nikk Gilbert Phil Cracknell Phoram Mehta Richard Rushing Rinki Sethi Stephane Nappo Steven Sim Kok Leong Todd L Bell ABEER KHEDR

I N F O R M A T I O N S E C U R I T Y D I R E C T O R , N A T I O N A L B A N K O F E G Y P T

ABOUT SOCIAL MEDIA Abeer Khedr is the Information Security Director at the National Bank of Egypt with more than 20 years of experience in technology and information security fields. Abeer has been serving in her current role for eight years where she has established the information security strategy & program at the bank, developed information security policies and awareness programs, designed and certified an information security management system (ISMS) for the bank’s main data center & call center. She has also developed information security effectiveness measurement program to ensure continuous improvement and maturity in security processes in addition to being a member in both the enterprise change advisory board and the bank’s technology steering committee. In her current role, Abeer also oversees cyber security functions for the bank’s remote subsidiaries and branches.

Prior to joining NBE, Abeer has been leading the security consulting and IT audit service lines at Deloitte Egypt serving different industries. Abeer is a graduate of the American University in Cairo with a computer science major and economics minor. She also has a Master’s of Science degree in Business Information Technology from Middlesex University, England. Abeer has a number of security & governance related certifications: C|CISO, C|DPO, CISM, CISA, CRISC, CGEIT and ISO 27001.

Abeer has been recently awarded among top regional government security leaders in the Middle East by the CISO council in Dubai and was also awarded among leading information security executives in the ME by the council in 2018. She has been recognized as a “Woman Security Leader” in the same conference, 2016. Abeer was also selected as “CISO of the year” during Arab Security Conference, 2018 and during Cairo Security Camp, 2016. Abeer has also been recently selected among the panel of judges for IFSEC 2019 to select global cyber security influencers. ABEER KHEDR

I N F O R M A T I O N S E C U R I T Y D I R E C T O R , N A T I O N A L B A N K O F E G Y P T

SOCIAL MEDIA ADVICE

My advice to organizations, especially in highly regulated industries like banking, is to look upon security regulations compliance not as a burden or cost but rather as opportunities that foster customer trust, as a guard against reputational & financial losses and as a mechanism that will increase their resilience & thrival.

My advice to employees is to realize they are the most important pillar in the security of their organization. Being so, they should never shy out from voicing their observations or inquiries to their colleagues in cyber security teams and reporting any vulnerabilites and suspicious events they encounter in the course of their work.Add a little bit of body text.

My advice to C-Suite members : Please be the champs of cyber security for your organizations: you are the role models to your teams and their commitment to cyber security will follow your lead. BILLY SPEARS

E X E C U T I V E V I C E P R E S I D E N T , C H I E F I N F O R M A T I O N S E C U R I T Y O F F I C E R A T L O A N D E P O T

ABOUT SOCIAL MEDIA Oversees enterprise cybersecurity, privacy, information technology risk, and records management practices at loanDepot. He has more than 20 years as a collaborative business partner and possesses deep expertise across the cyber security, privacy, and risk management fields. Billy has a passion for architecting and implementing strategic solutions that build trust, enable resilience, and incorporate core principles that drive transformation while simplifying business processes. He strongly believes in raising awareness, influencing positive change and disrupting the category norm using forward thinking techniques.

Prior to this role, Spears held similar positions at Hyundai Capital America, General Electric, Dell, the U.S. Department of Homeland Security and the United States Marine Corps. Billy graduated with a bachelor’s degree in information technology from National University and later obtained an M.B.A. from the University of Phoenix.

In 2018, Billy was honored with Gartner's Evanta "Global CISO Breakaway Influence Leader of the Year" Award and continues to serve as an industry related thought leader and speaker for related topics.

ADVICE

Successful practitioners have learned to master their ability to influence levels of the company by aligning their role to business objectives, implementing strategies that shift security priorities, and effectively building a security awareness culture within their organization. Remember to develop a posture of “Yes, if…” rather than always becoming the impediment or roadblock to the businesses success path. BRIAN BOBO

C H I E F I N F O R M A T I O N S E C U R I T Y O F F I C E R , S U N C O U N T R Y A I R L I N E S I N M I N N E A P O L I S , M I N N E S O T A

ABOUT SOCIAL MEDIA Brian Bobo is the Chief Information Security Office for Sun Country Airlines in Minneapolis, Minnesota. He is responsible for all aspects of the security and disaster recovery strategy, implementation, and effectiveness. Sun Country Airlines focuses on vacation destinations taking vacationers to the tropical beaches of Mexico, Costa Rica, and the Caribbean, as well as flying charters to support our troops across the world. Previously, he was the Director of Global Security at Ecolab, a leading provider in water, hygiene, and energy technologies to foodservice, food processing, hospitality, healthcare, industrial, and oil and gas companies in over 170 countries. In this role, Bobo was responsible for the planning and execution of effective processes and technologies for incident response and security operations. He also leads the security awareness and continuous improvement of security.

Prior to Ecolab, Bobo was the CISO for Schneider, a leading provider of transportation, intermodal and logistics services. In this role, Bobo was responsible for the planning and execution of effective processes throughout the enterprise for information security, personal and physical security, as well as disaster recovery, business continuity and emergency preparedness. Prior to that, Bobo was a Technologies Services Manager for Target Corporation, where he managed corporate-wide information protection and IT security teams. Bobo worked for Target for 12 years, holding various positions with increasing responsibility, including warehouse management, IT security and disaster recovery. Bobo has 30 years of military experience serving in the U.S. Army and Army National Guard. He most recently led the Cyber team for the Minnesota Army National Guard prior to being promoted to the head of IT for the Minnesota Army National Guard. BRIAN BOBO

C H I E F I N F O R M A T I O N S E C U R I T Y O F F I C E R , S U N C O U N T R Y A I R L I N E S I N M I N N E A P O L I S , M I N N E S O T A

SOCIAL MEDIA Bobo received his Bachelor of Science degree in History and Systems Engineering from the United States Military Academy at West Point. He holds a Master’s Degree in Business Administration from the University of Florida and a Master's Degree in Strategic Studies from the U.S. Army War College. In addition, Bobo has earned the Certified Information Systems Security Professional and Certified Business Continuity Professional certifications.

ADVICE

You should look to fix your talent shortage problems by hiring bright, talented, teachable people that want to learn and then build them into what you need. DANE WARREN

G L O B A L C I S O , N I S S A N M O T O R C O M P A N Y

ABOUT SOCIAL MEDIA Dane is currently the global CISO for Nissan Motor Company, where he is responsible for leading the global cyber security transforma ion program. Dane previously worked as a Global CISO for Intertek Testing Service, a FTSE 100 company, where he led the build out of a global follow the sun SOC and full cyber security team. Dane also spent several years working for Zurich Insurance Company as a CISO for several APAC and EMEA countries. Dane’s earlier roles include Head of Information Risk and Security at Virgin Mobile Australia, and CSO APAC Financial Services at EDS. Dane has nearly 20 years’ experience in cyber security, and holds a Master in Business (IT Management) from the University of Technology Sydney. Dane was recognized in 2017 as a top 100 global CISO.

ADVICE

Cyber security is a constant journey of relevance; be important to your people, your peers, your customers’ and your business. Customer value and protection must be at the centre of your cyber security journey because that’s the reason we exist as a business. DAN BOWDEN

V I C E P R E S I D E N T A N D C I S O A T S E N T A R A H E A L T H C A R E

ABOUT SOCIAL MEDIA He was previously CISO at University of Utah Healthcare and the University of Utah. Dan has been an executive leader in cybersecurity and technology for healthcare, higher education, banking, retail, and the military (USAF) over the past 25 years.

Along with his CISO role, Dan is actively developing joint venture and business opportunities for Sentara in health cyber security, public cloud, and blockchain technology. Dan’s other professional and academic interests include digital strategies, cloud computing, population health, healthcare analytics, data governance, global and homeland security. Da has a M.S. in Administration of Justice and Security with a concentration on Global and Homeland Security. He works in Virginia Beach, Virginia and has a home in South Jordan, Utah. His personal interests focus on family, fitness and outdoor activities. DAN LOHRMANN

C H I E F S E C U R I T Y O F F I C E R A N D C H I E F S T R A T E G I S T F O R S E C U R I T Y M E N T O R

ABOUT SOCIAL MEDIA Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader. In 2017, Dan was awarded the cybersecurity breakthrough CISO of the year for global security products and services companies. Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 – August 2014, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

Dan currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor, Inc. Lohrmann is leading the development and implementation of Security Mentor’s industry- leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governor’s Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and non-profit institutions.

Dan has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. DAN LOHRMANN

C H I E F S E C U R I T Y O F F I C E R A N D C H I E F S T R A T E G I S T F O R S E C U R I T Y M E N T O R

SOCIAL MEDIA Lohrmann is the author of two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington D.C. to Moscow. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

ADVICE

CISOs need to focus more on relationships. Really get to know your team, your management colleagues, your end users, industry CISO peers and your organization's customers. The quality of those relationships will ultimately determine both your success and long-term career satisfaction. DON COX

CISO at MEDNAX

ABOUT SOCIAL MEDIA Don Cox has over 30 years of experience in technology. Currently residing as the Chief Information Security Officer at MEDNAX, the physician-led healthcare organization headquartered in Sunrise, FL, Cox is responsible for cyber operations and engineering, identity access management, disaster recovery, business continuity planning, and risk and compliance for the company.

Before MEDNAX, Don was the Chief Information Officer at HHS, SAMHSA and held executive leadership positions in several other government agencies. Adding to his experience, he served as the Chief Information Officer in the pharmaceutical and consulting industry, and President of a commercial data center. Don holds and Master of Business Administration, Masters of IT Management, Graduate Certificate in Chief Information Officer Competencies, CISM, PMP, ITIL, and other industry certifications.

ADVICE

CISOs and CIOs should be moving toward outsourced managed security provider (MSP). A reputable MSP will level the playing field, reduce the volume of threats, and allow for faster prevention of new and previously unknown risks.

Cybersecurity is no longer nice to have capability. Like insurance, it's the cost of doing business. A successful attack could damage your brand and cause a financial burden for your business and your customers. JACKSON MUHIRWE

Works at University of California, Davis

SOCIAL MEDIA ABOUT Jackson currently serves as the Deputy CISO at UC Davis. In this role, he leads various campuswide initiatives designed to improve the security posture of UC Davis. Previously, he served the City and County of San Francisco as the Interim City CISO and Director of Cybersecurity Services for the Department of Technology. He led the team that was charged with the responsibility of protecting the critical cyber assets of one of the City. During his two decades in IT, Jackson has held various leadership and academic roles with life experiences on four different continents. Jackson holds a Ph.D. in Computer Science, CISSP and C|CISO.

ADVICE

Message to young professionals: Cybersecurity is a young profession with great potential. Organizations are seeking people who will come and make a difference. Prepare to be the difference-maker.

Message to organizations: Cybersecurity is not just a technology problem but a business risk that needs all key stakeholders to address. GARY R. HAYSLIP

Cybersecurity Strategist, CISO

SOCIAL MEDIA ABOUT

With over 25 years of information technology, security leadership, and risk management experience, Gary Hayslip has an exceptional record of success leading multiple, diverse cross-functional security and risk governance teams in the planning, analyzing and implementation of information security programs to support organizational business objectives. Hayslip’s previous executive roles include multiple CISO, CIO, Deputy Director of IT and Chief Privacy Officer roles for the U.S. Navy (Active Duty), the U.S. Navy (Federal Government employee), the City of San Diego California, and Webroot Software. In all of these roles, Hayslip led diverse teams of 10 – 300 employees and built information technology and security programs from the ground up. He partnered with software development and agile teams, integrating security into innovative workflows and new services. Hayslip collaborated with customers, strategic partners, and executive leadership teams on the deployment of new products, merger & acquisition due diligence services, and the management of his organizations business risks.

Hayslip is a proven cybersecurity professional; he has established a reputation as a highly skilled communicator, author, and keynote speaker. Hayslip recently co-authored the CISO Desk Reference Guide A Practical Guide for CISOs – Volumes 1 & 2, which are considered among the leading books on enabling CISOs to expand their leadership and business expertise. Hayslip is an active member of the professional organizations ISC2, ISSA, ISACA, OWASP, and Infragard. He currently holds several professional certifications, including CISSP, CISA, and CRISC. Hayslip has a BS in information systems management from UMUC and an MBA from San Diego State University. GARY R. HAYSLIP

Cybersecurity Strategist, CISO

SOCIAL MEDIA ADVICE

Cybersecurity is a career field that is rapidly changing with new technologies, threats, and role requirements emerging on a daily basis. To be successful I believe it is important that you will need to continually educate yourself, you will need to collaborate with peers to mature your knowledge and experience, and finally you need to seek mentors provide mentorship when possible. GEORGE SMIRNOFF

SVP / CISO at Synchrony

SOCIAL MEDIA ABOUT

Cybersecurity and information technology leader driven by a mission to both protect and enable the business. Record of success building outstanding programs with strong cultures that thrive on challenge, innovation, and opportunity. On-the-ground experience successfully leading responses to major cyber incidents and avoiding significant enterprise impacts.

Expertise additionally includes privacy, data management, resilience, and technology risk, with formative experience in Application Development. Deep financial services knowledge (commercial, retail, investment banking, wealth management, and payments) complemented by strong retail and technology sector experience. Recognized thought leader in cyber frameworks, regulatory harmonization, and privacy. Strong strategic mindset combining deep technology and security architecture skills with advanced business acumen.

Excellent communicator who makes complex technical concepts understandable and actionable with business leaders, partners, stakeholders, and technical teams. Extensive Board and Regulatory experience. JD, MBA, CISSP. GREG DAKIN

CISO at Interserv Plc

SOCIAL MEDIA ABOUT

Greg Dakin is an award winning CISO with over 20 years of security experience within the Aerospace, Healthcare, Energy, Manufacturing and Civil Engineering markets. He has operated in roles at regional, European and global levels across all aspects of the information security agenda and has been recognised within the Global Top 100 CISO and European PrivSec 200 listings. Greg is a founder member of the Chartered Institute of Information Security and acquired an MSc in Information Security Management in 1994.

ADVICE

Advice for Organisations: Consider your information as ‘currency’ in much the same way as you do for revenue, profit and cash. Ensure that you have identified your most valuable information assets and implemented appropriate security controls to ensure their ongoing protection.

Advice for Employees: Manage your organisation’s information as you would your own, personal data. Take time to consider the implications of your online behaviours and seek to protect the digital interests of your employer. GREG DAKIN

CISO at Interserv Plc

SOCIAL MEDIA

Advice for the C-Suite: Develop a security culture within your organisation and evangelise the importance of effective information security management. Maintain oversight of the security status of your business and support initiatives that will materially improve your position, balancing cost, benefit and risk accordingly.

JASON LAU

CISO at crypto.com

SOCIAL MEDIA ABOUT

Jason Lau is currently the Chief Information Security Officer (CISO) at Crypto.com, a multiple award-winning cybersecurity professional, including the “Cybersecurity Professional Award”, “Financial Technologist of the Year (Data Privacy)”, and a global Top 20 influencer in the cybersecurity and privacy space. Jason is an established leader in the Blockchain and FinTech industry, driving Crypto.com to become the first Cryptocurrency company worldwide to achieve company-wide ISO27001:2013, PCI:DSS and Cryptocurrency Security Standard (CCSS) compliance in record time. Jason was previously a regional Cybersecurity Advisor at Microsoft and has over 18 years in consulting experience for Fortune 500 companies. Jason has completed Executive Programs at both Stanford and Harvard and holds CISSP, CIPP/E, CIPM, CGEIT, CRISC, CISA, CISM, CEH, CDNA, ISO27001 Lead Auditor, as well as being a Fellow of Information Privacy (FIP). Jason is also currently the Regional Lead and Co-Chairman of the International Association of Privacy Professionals (IAPP), an Adjunct Professor (Cybersecurity and Data Privacy), and sits on various industry cybersecurity and data privacy Think Tanks. Jason is also a frequent industry speaker on the topics of cybersecurity and data privacy at conferences such as RSA Conference, Delta Summit, IAPP Privacy Forum, Cloud Forum and more. JASON LAU

CISO at crypto.com

ADVICE SOCIAL MEDIA

My advice to organisations is to make sure they always remember to focus on the Human Element of cybersecurity, as a bulk of the cybersecurity attacks originate from some form of human error (e.g. phishing, weak passwords etc.) An overall cyber-secure culture starts from the top, which means executive buy-in to cybersecurity programmes and initiatives are critical to ensure that organisations have a Defence-in-Depth strategy, starting with their employees; as it's always a combination of People, Process and Technology. Furthermore, industry tested cybersecurity frameworks should be used to guide the development of an organisation’s cybersecurity maturity, and a shift is needed towards an identity driven security model using Zero-Trust to ensure companies consistently verify and validate controls throughout the organisation’s internal and external infrastructure. Data Privacy also needs to be embedded deep into the culture, where Privacy by Design, Privacy by Default needs to guide all business decisions to ensure that the protection of personal data is a core priority.

JEFF BROWN

CISO Life & Retirement at AIG Advisor to the Board at iQ4

SOCIAL MEDIA ABOUT

Jeffrey W. Brown is a recognized information security and IT risk expert with a strong track record spanning two decades implementing cost-effective security programs for global Fortune 500 financial institutions including Citigroup, Goldman Sachs, GE Capital, BNY Mellon and AIG. Jeff helps senior executives understand and manage cybersecurity risk while still keeping a commercial perspective on meeting business objectives.

Active in the information security industry, he is a frequent speaker at various events and conferences and is the author of multiple articles and publications. He is the co-Chair of Evanta’s New York CISO Executive Summit events and works in an advisory capacity with the Cyber Investing Summit and HMG. He is currently advising iQ4 on their Virtual Cybersecurity Apprenticeship Challenge, which aims to prepare 10,000 students for the workforce and help address the security skills shortage.

ADVICE

Cybersecurity is a boardroom issue, not an information technology issue. As an industry, we need to focus on educating our current and future business and IT leaders to make sure that we are addressing this issue head-on.

JOHN MEAKIN

SVP / CISO at Synchrony

SOCIAL MEDIA ABOUT

Dr. John I. Meakin is a specialist in information and systems security with 30 years’ experience. He retired as the Chief Security & Risk Officer at Burberry in mid-2017 and for the past few years has advised various business on cyber risk, including acting as interim Chief Information Security Officer at GlaxoSmithKline throughout 2018. Prior to Burberry he was Chief Security Officer for the luxury goods conglomerate Richemont International SA in Geneva, with oversight of physical, information and cyber security. Previously, he has built and led security functions in a range of Banks, notably the Royal Bank of Scotland, Dresdner Bank and Standard Chartered Bank. He has also been Chief Information Security Officer of BP and Reuters. He has a Ph.D. in experimental solid-state physics from Cambridge University. When not fighting the good fight for better cyber security he plays five-a-side footie and classical music and jazz.

ADVICE

It is not the CISO or cyber security team’s job to secure your business – it is yours – all staff, all management and the Board. Expect the unexpected – if you think that you could not be a target because you have nothing of value/interest to cyber attackers, you are wrong! And you might just be a bystander damaged in the “cross-fire”. Good cyber security is a balance between risk, spend and efficiency – too much security is a bad thing, just like too little. So, it is crucial that you engage in a (continuous) dialogue with the cyber security experts about risk and risk appetite – to achieve the right balance.

JOTHI DUGAR

CISO at NIH Center for Information Technology

SOCIAL MEDIA ABOUT

Jothi Dugar is a multidimensional executive, business owner, and entrepreneur, whose diverse career to-date has included key senior leadership roles in Cybersecurity, IT management, project management, defense, and training, as well as in the performing arts and holistic wellness. A leading expert and pioneer in the field of healthcare cybersecurity, she was the Chief Information Security Officer (CISO) at the National Institute of Health Clinical Center for the past 8 years and is now the CISO of the NIH Center for Information Technology.

In addition to her role at the NIH, Jothi is Director of the BollyNatyam Masala School of Dance, a community-focused fusion dance company and school. The company follows a mission of community service, and regularly performs for charitable and private events, as well as at assisted living homes, religious organizations and community events.

With a lifelong commitment to empowering women in terms of wellness and health, Jothi Is also the owner and principal practitioner of The Power of Healing 360, a holistic healing practice that enables people to heal themselves through natural and alternative medicine therapies, treatments, and cures.

A dynamic and international highly sough after public speaker, she has given numerous keynote addresses and talks, and featured on leading journals, magazines, and radio interviews. Jothi is dedicated to mentoring young professionals, and women at-large to become self-empowered, find their voice, and break the glass ceiling in the STEM fields. JOTHI DUGAR

CISO at NIH Center for Information Technology

SOCIAL MEDIA Outside of her many professional pursuits, Jothi is a dedicated wife and mother of three. She and her family reside in Great Falls, Virginia. Jothi loves the thrill of adventure and traveling. She has traveled to over thirty countries, almost every state in the U.S., and loves adventure sports.

ADVICE

In my personal opinion, organizations must take a holistic and integrative approach to Cybersecurity. Viewing people as our greatest assets, we must train them, keep them informed, engage them, and empower them to make the right decisions even when no one is watching - that is the sign of a well run organization from all aspects, including Cybersecurity.

LAKSHMI HANSPAL

Global Chief Information Security Officer at Box

SOCIAL MEDIA ABOUT

Lakshmi Hanspal is the Global Chief Security Officer of Box, leading the Trust Office for Box across multiple security domains including Corporate, Physical, Cyber, Customer, Product, Platform, Risk & Assurance, Compliance and Data Protection. Lakshmi is a persuasive and recognized executive leader who provides overall transformational leadership for security strategies, with emphasis on cloud security, risk and privacy management. She has strong ability to engage with customers and senior level executives across the organization and influence buy in and consensus on key initiatives. Lakshmi is passionate about securing digital transformation, IoT security and su porting socially conscious connected commerce. She is active in engaging and promoting Women in technical leadership roles and developing early talent for diversity within teams. Lakshmi is considered as a catalyst and harbinger of change within her professional and volunteering circles.

Prior to joining Box, Lakshmi was the Global CISO at SAP Ariba, where she protected the world’s largest dynamic digital marketplace, withmore than $3 trillion in annual business commerce. Lakshmi has also held leadership roles at PayPal and Bank of America. Her career spans across 24+ years in Information Security and risk management, with16+ years in the financial and payment space.

Global Chief Information Security Officer at Box

SOCIAL MEDIA ADVICE

MAGDA CHELLY

Managing Director, CISO on Demand at Responsible Cyber Pte. Ltd.

SOCIAL MEDIA ABOUT

Magda Lilia Chelly is a Managing Director and a Chief Information Security Officer On Demand. Magda performs her cyber security duties during the day and hacks during the night. She reviews technical architectures, cloud migrations, and digital transformations, and provides security recommendations for her clients worldwide. She has a PhD in Telecommunication Engineering and a CISSP. Magda is also the founder of Woman in Cyber and promotes cyberfeminism or encouraging women in joining the cyber security industry.

Magda with her expertise, and technical background provides a 360 degrees cyber security support for companies; from governance to incident management, she coordinates and builds resilient businesses. Magda' latest two projected covered the roles of an ISO Lead Implementer for a Fortune 500 (ISO 27001:2013) and a business information security officer role for a regulated Fortune 500 company covering 13 countries in Asia Pacific.

She has been nominated with the below: TOP 50 International cyber security influencer, internationally 10 cybersecurity experts to follow on Twitter in 2018 58 Women In Cybersecurity To Follow On Twitter Top 17 Cybersecurity Influencers in 2018 You Must Follow

MARK POTTER

CISO at NewWave Technologies Inc.

SOCIAL MEDIA ABOUT

Mr. Mark Potter currently serves as a CISO at NewWave, a Health IT company. He has worked in IT for over 25 years including 15 years in information security, GRC, and data protection/privacy program design and implementation. He has been involved in cloud security, architecture, and risk management since he attended the inaugural Cloud Security Alliance (CSA) meeting at MITRE in 2009 and joined NIST Cloud Computing Security and NIST Cloud Forensic Science Working Groups in 2012.

His passion for the protection of critical infrastructure, including healthcare, began when he joined InfraGard Maryland in 2004 while working at Washington Gas. He served as the Maryland InfraGard Sector Chief for the IT sector in 2013, is a board member the FBI Baltimore Citizens Academy Alumni Association, and graduated from the FBI CISO Academy. He was a member of Capitol Technology University (formerly Capitol College) Information Assurance Advisory Board (2014-2015). He is a member of the SANS/GIAC Advisory Board and is part of the SANS Instructor Development Program. He is an IAPP Fellow of Information Privacy (FIP) and holds over 30 security certifications including: CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP, GCIH, GISP, CAP, CCSP, CSSLP, HCISPP, SSCP, CISM, CRISC, CISA, AWS-SAA, CEH, CCISO, FITSP-M, FITSP-A, CIPP/G, CIPP/US, CIPT, CIPM, CCSK, SABSA-SCF, ITIL-F, CASP+, CySA+, Cloud+, and Security+ MARK POTTER

CISO at NewWave Technologies Inc.

SOCIAL MEDIA ADVICE

Advice to Organizations: Engage with, fund, staff, and train your security function across the organization.

Advice to Employees: Contrary to what some say, you aren't the weakest link. We count on you to tell us when something or someone feels 'off'.

Advice to Internet Users: Be suspicious and alert. Use a cam cover and don't overshare.

MICHAEL MONTOYA

CISO at Equinix

SOCIAL MEDIA ABOUT

As the Chief Information Officer for Equinix, Michael is responsible for leading Equinix's global cybersecurity risk program. His responsibilities include leading the company's information security program, the company's cybersecurity roadmap, enterprise risk management and compliance programs. Michael also works closely with Equinix's product development, Operations, IT, compliance and business continuity teams to help ensure the company has a world- class approach to securing its global assets as well as providing the most secure environment for over 10k customers and partners in over 200 global datacenters and 385K interconnections.

Michael has extensive experience in enterprise IT support and has held several senior management roles with Microsoft, Fireeye and EMC. He has extensive experience overseeing global cybersecurity programs and advising large enterprises, governments and regulators across global markets. His roles include: Microsoft where he held various leadership roles including Asia Chief Cybersecurity Advisor, Asia Regional CIO, and Global Director of Cloud Internet Operations. Fireeye where he served as Vice President of Cloud Services leading all cloud-security operations supporting FireEye’s threat intelligence backbone and cloud services of Threat Analytics Platform, Email Threat Prevention, Mobile Threat Platform and Cloud Endpoint Security. EMC where he serviced as an IT and Services Leader responsible for their EMC Proven platform resulting in a CIO100 industry recognitions. Digital Realty where he served as Senior Vice President and Chief Information Security Officer.

Michael is an industry recognized innovative IT and Security leader and serves as an advisor to several security and IT startups, and venture capital firms. Michael has dual degrees in Economics and Political Science from the University of New Mexico. MIKE BRITTON

VP and CISO at Alliance Data

SOCIAL MEDIA ABOUT

Cyber Security and Privacy Executive with multi-industry experience in guiding organizations, ranging from fast-paced to large-cap global leaders, to solve complex business issues from strategy through execution. A proven record of building strong cross-functional relationships that enable consistent achievement of growth targets, while understanding how to mitigate risks, and comply with regulatory and business requirements. An inspirational mentor who can form and lead dynamic teams of high-performing leaders and technical experts in competitive marketplaces.

He has many achievements to his credit. We are listing a few of them here. Led $5M security program employing seven internal resources and outsourced MSSP. Ensured information security, privacy, and physical security. Governed global security teams of 120+ professionals with $20M operating budget protecting regulated data of 2,000+ clients in a matrixed environment. Designed and implemented a comprehensive technology compliance program encompassing a general computer controls framework and a robust testing schedule. This function consistently delivered reliable test results and saved over $250K in external audit fees. Introduced metrics for security performance and macro-level risks. Instituted regular metrics reports that became a staple feature of board meetings leading to more effective risk reduction strategies across the organization. MYRNA SOTO

COO & Partner Global CISO Emeritus, Digital Hands

SOCIAL MEDIA ABOUT

Myrna Soto Serves on the Boards of CMS Energy/Consumers Energy (NYSE: CMS),Spirit Airlines(NYSE ; SAVE ) and Popular Inc. Operates under the brand names of Banco Popular, and Popular Bank ( NASDAQ:BPOP). She is recognized as a Governance and Board Leadership Fellow by the National Association of Corp Directors.

Myrna Soto is COO of Digital Hands LLC. Digital Hands is an award- winning managed security service provider focused on providing world-class security operations to customers and partners.

Myrna was a Partner at ForgePoint Capital (Formerly known as Trident Capital Cybersecurity) and was a member of the ForgePoint Capital Investment Team. Myrna Remains a Venture Advisor for ForgePoint Capital. ForgePoint Capital is a venture capital fund focused exclusively investing in Cybersecurity companies.

Prior to joining Digital Hands & ForgePoint Capital Myrna served as Corporate SVP & GCISO (Global Chief Information Security Officer) for Comcast Corp. In her role, Myrna was responsible for all security & technology risk management for the Enterprise. She was responsible for aligning security initiatives with enterprise programs and business objectives to ensure information assets and technologies were adequately protected across the entire corporation. Her scope of responsibility included over 54 business lines within the Comcast Portfolio. Myrna Served in her Role as Corp SVP & Global Chief Information Security Officer for 9 years. MYRNA SOTO

COO & Partner Global CISO Emeritus, Digital Hands

SOCIAL MEDIA Myrna has had over 28 years of focused Information Technology/ Security experience and accolades within a variety of industries, including: financial services, hospitality, Insurance/Risk Management and gaming/entertainment. Prior to joining Comcast, Myrna served as CISO & Vice President of Information Technology Governance for MGM Resorts International (formerly known as MGM MIRAGE). She previously held senior leadership positions with American Express, Royal Caribbean Cruise Line, Norwegian Cruise Lines and Kemper Insurance.

Myrna holds a bachelor’s degree from Florida International University, a Master of Science degree in Industrial Psychology, and a Master of Business Administration degree from Nova Southeastern University. Myrna also holds a Masters Certification in Program Management from George Washington University. She is the recipient of the 2015 CSO Compass Award and was named Information Security Executive of the Year in 2013 by ISE. CNET also named her one of the top 20 Most Influential Technology Latinos in 2014. She was recognized by SC Magazine as the Top 10.

Power Players for Women in Security in 2015, Top Women to Watch by Diversity Journal Magazine in 2017 named to the Top 100 CISOs list by Hottopics, in 2017 and named to the Top 50 Women in Internet Security in the same year. She was recognized by Multi Channels News as a member of the 2017 “Wonder Woman” honoree class. In August of 2019 she was named to ALPFA’s List of 50 Most Powerful Latinas in Business for the third year in a row, 2019 ranked as #1. She is a Maestros Awardee, Named to Women’s Inc Most Influential Corporate Directors (2018), and named by Bold Business as one of the Top 25 leaders in CyberSecurity (2018).and was named as one of the World’s Top IT Security Influencers by CISO Platform (Dec 2018). NIKK GILBERT

CISO at Cherokee Nation Businesses

SOCIAL MEDIA ABOUT

Nikk Gilbert is the Chief Information Security Officer for Cherokee Nation Businesses. Cherokee Nation Businesses is the economic engine of Cherokee e Nation, the largest Indian Nation in the United States. Cherokee Nation and its businesses employ 11,000 people. CNB owns companies in the gaming, hospitality, information technology, health care, personnel services, distribution, manufacturing, telecommunications, environmental services and security and defense industries.

With 20 years of executive-level experience in Information technology roles, Nikk is a respected thought leader within the government & private sectors. Experienced in multiple verticals, (financial services, manufacturing, oil & energy, government & military), He’s focused on building success by understanding the needs of the customer, and by enabling the business through a deep understanding of the corporate strategy & its culture.

Nikk’s experience includes working as an information security executive (CISO, CSO) & information technology leader (CIO) for large multinational organizations such as the American Department of Defense, NATO, Alstom, ConocoPhillips and the U.S. Navy.

Nikk is a recipient of the US Navy’s Meritorious Civilian Service Medal, holds the CISSP and CISM security certifications and has been a keynote speaker at technology events throughout the world. PHIL CRACKNELL

Board Advisor IP Performance, EveryCloud UK Founder, The Metrics Project

SOCIAL MEDIA ABOUT

Phil is regarded as one of Europe’s leading information security experts. He has held several CISO (Chief Information Security Officer) roles spanning five different industry sectors and thirty years. His experience has been gained in a variety of high-profile technology and security management roles, enabling him to offer a unique and captivating insight to the world of information security, cyber-threats and risk management. As national publicity on the subject of ‘Wireless security’ peaked in 2002, Phil became somewhat of a cybersecurity celebrity with appearances on Sky TV, BBC News and in national and industry press. Phil remains highly technical with a hands-on security capability not normally present with someone of his seniority in the industry.

He has vast amounts of project success, technical deliverable experience and can operate at any level. Serving as Group Security & Risk Advisory to Arriva Plc.(2015), Advisor to the Board at Camelot UK (2016/17), a board advisor retained by HomeServe plc (2017-18) and more recently the cyber security lead for the government health checks working for the Cabinet Office (2018-2019). He was the founder and chairman of the non-profit ClubCISO group – www.clubciso.org, is also a non-executive director of the Cloud Security firm Everycloud – www.everycloud.co.uk and board advisory for IP Performance www.ip-performance.co.uk.

Phil has many awards in his name. A few of them are Runner-up in the SC Awards 2017 CISO of the year category Voted Cyber Security Awards Personality of the Year – July 2015 BCS Information Security Professional of the Year – December 2014 PHORAM MEHTA

Head of Infosec, APAC at PayPal

SOCIAL MEDIA ABOUT

Mr. Phoram Mehta is the Head of Information security for PayPal's Asia-Pacific region. A seasoned professional and technical leader with two decades in Information Security, Mr. Mehta has been instrumental in building secure technology solutions for multiple companies across a spectrum of sectors including financial services, healthcare, telecommunication, and government in North America and Asia-Pacific regions.

Mr. Mehta also oversees PayPal's Infosec research and outreach initiatives. He currently serves as the President of ISACA Singapore and advises cybersecurity startups in Singapore, India and US. Mr. Mehta is an active participant in SG, ASEAN and APAC level industry forums on Cybersecurity related topics.

ADVICE

Focus on the basics and employ a strong discipline around cyber hygiene. No matter what your risk profile when the organization gets hit, your resilience almost entirely depends on your foundational capabilities.

RICHARD RUSHING

CISO at Motorola Mobility

SOCIAL MEDIA ABOUT

Mr. Richard Rushing is the Chief Information Security Officer for Motorola Mobility LLC.; Richard participates in several corporate, community, private, and government Security Council’s and working groups setting standards, policies, and solutions to current and emerging security issues. As Chief Information Security Officer for Motorola Mobility, he has led the security effort by developing an international team to tackle the emerging threats of mobile devices, targeted attacks, and cyber-crime. He organized developed and deployed practices, tools and techniques to protect the intellectual property across the worldwide enterprise. A much-in-demand international speaker on information security Richard has presented at many leading security conferences and seminars around the world.

ADVICE

Stop genericizing complex subject to simple terms or simple all- encompassing ideas, like Risk, and adding words like maturity. The executives want data and results, not some number for your entire program and all business targets are never set about between 2.5 and 3.5 level of maturity. They are cold hard numbers to meet, or consequences will follow.

Always make your problems smaller by reducing the scope; you will never successfully boil the ocean.

RINKI SETHI

VP & CISO at Rubrik, Inc.

SOCIAL MEDIA ABOUT

Award winning leader and executive in security innovation with experience leading and developing innovative online security infrastructure for Fortune 500 companies like PG&E, Walmart.com, and eBay as well as other large companies like Intuit Inc. and Palo Alto Networks.. Recognized by CSO Magazine & Executive Women’s Forum with the “One to Watch” award, and in 2010, lead a team at eBay to receive the “Information Security Team of the Year” by SC Magazine.

11 years of experience as strategic leader with a developer background. Expertise in Product Security, Security Education, and Security Operations. Instrumental key player on all mergers and acquisitions as it relates to maintaining the integrity and security of Global wide systems. Leader of a technical team of 15 both nationally and internationally, while leading across packaged, cloud and mobile secure software development. Experience leading security projects and project teams with budgets in excess of $35 Million. Extensive experience acting as the key strategic and visionary leader for one product security for Fortune 500 companies like Walmart.com, Intuit Portal, Pacific Gas & Electric, and eBay.com. Built a $10 Million security infrastructure for Walmart.com. Provided a vital role in due diligence, design and implementation and maintenance. Established security strategies for eBay’s 30+ adjacent businesses and conducting global businesses (China, India, Australia, Korea, Germany, England, ect.)

STEPHANE NAPPO

Global CISO at OVHcloud

SOCIAL MEDIA ABOUT

Stephane Nappo is the Global Chief Information Security at OVHcloud who delivers services in 138 countries. His mission targets Cybersecurity, Data protection, Innovation protection, Cloud technologies and Anti-Fraud. He was previously Global Head of Information Security for Société Générale International Banking since 2011. Present in 67 countries, this pole employs over 71, 000 people and has 30 millions clients distributed within 40 autonomous banks. He was formerly senior consultant specializing in IT security as of 1995. His multicultural extensive expertise in security, business administration and law, allows him to have a comprehensive approach towards solving technological and business related issues. Stephane Nappo has been nammed Global CISO of the year in 2018 and recognised several times among the main cybersecurity influencers in 2019 at France and international level.

ADVICE

"One of the main cyber-risks is to think they don’t exist. The other is to try to treat all potential risks." Fix the basics, protect first what matters for your business and be ready to react properly to pertinent threats. Think data, but also business services integrity, awareness, customer experience, compliance, and reputation.

STEPHANE NAPPO

CISO at Motorola Mobility

SOCIAL MEDIA

Know Thyself prior to know your enemy. “Threat is a mirror of security gaps. Cyber-threat is mainly a reflection of our weaknesses. An accurate vision of digital and behavioral gaps is crucial for a consistent cyber-resilience.”

STEVEN SIM KOK LEONG

Global CISO, Vice President of the ISACA Singapore Chapter

SOCIAL MEDIA ABOUT

Steven Sim is the current Vice President of the ISACA Singapore Chapter. ISACA is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance with more than 140,000 members across 221 chapters in 188 countries. With approximately 2,500 members in Singapore, part of its mission is to provide high-quality learning opportunities and organizes an annual GTACS conference (GTACS stands for Governance, Technology, Audit, Compliance, Security).

Steven has worked for more than 22 years in the cybersecurity field with large end-user enterprises and critical infrastructures, undertaken global CISO role, driven security governance and management initiatives and headed incident response, security architecture, technology and operations at local, regional and global levels. He holds a computing masters, is certified in multiple governance and cybersecurity domains and an accredited trainer for ISACA's core certifications of CISA, CISM, CRISC and CGEIT. In the early 2000s, he developed a strategy for inexpensive automated containment of infected/vulnerable systems (NIQCC gold win) and also directed the largest honeynet project setup outside US. He is a SkillsFuture Fellow and a Professional (Leaders) Category Finalist in the inaugural Cybersecurity Awards 2018 held in Singapore. He regularly shares his thoughts on cyber risk and security, lectures on an adjunct basis and frequently speaks at conferences. He strongly believes that cybersecurity is only as strong as the ecosystem and is always keen to connect with you on LinkedIn and listen to your thoughts. STEVEN SIM KOK LEONG

Global CISO, Vice President of the ISACA Singapore Chapter

SOCIAL MEDIA ADVICE

As a business, taking some risk is inevitable. To future-proof the new digital economy of an exposed everything-4.0 against increasingly sophisticated threats, risk alignment and management across the enterprise, IT, OT and supply chain has never been as important to enable the business to achieve its vision and goals. Because the new cybersecurity normal is already an assumed breach, organisations should focus their attention on active defense, by strengthening their detection, containment and recovery capabilities and measures to disrupt the hackers and attacks just as they gain footholds into your business networks and supply chain but before they could disrupt or deal any damage to your business.

TODD L. BELL

Chief Security & Trust Officer at Stealth Mode Fintech Startup

SOCIAL MEDIA ABOUT

Todd Bell has spent his 15-year career devoted to advancing, developing, and driving technology & cybersecurity capabilities through his roles as a visionary technology executive and Chief Information Security Officer (CISO) for some of the world’s largest public companies. Mr. Bell has been a major contributor for developing next generation technologies cloud and cybersecurity capabilities throughout his career and is the recognized leader his methods to secure public companies and leveraging new digital technologies to transform companies by improving efficiencies. Mr. Bell is currently the VP Enterprise Architecture & CISO at Intersec Worldwide and frequent speaker with the top three Management Consulting Companies, Private Equity Banks, and Investment Banks as a leading expert for technology & cybersecurity products and services. In addition, Bell has been an SC Magazine Awards judge for 2016, 2019, 2020 and has written numerous publications across the globe. Mr. Bell is also a Member of the Advisory Board for Forticode in Melbourne, Australia. Other past Advisory Boards include Versive (Seattle, WA) which was sold to Esentire and CloudCentral (Canberra, Australia).

Mr. Bell holds an M.B.A. from Regis University in Denver, CO w/Alpha Sigma Nu honors and bachelor’s degree in Business Information Systems. In addition, Mr. Bell holds a variety of professional certifications consisting of Corporate Governance (SOX) from Tulane University Law School, PMP credential from Project Management Institute, Information Security (CISSP), and a certified Master Project Manager from Regis University. TODD L. BELL

Chief Security & Trust Officer at Stealth Mode Fintech Startup

SOCIAL MEDIA ADVICE

Be the champion of cybersecurity and operate like a diplomat building bridges across the enterprise. These relationships bear fruit in the form of unidentified risk because you are digging deeper into the enterprise for data breach prevention and continuously validate these cyber controls for proper protection.