Alberto Grigoletto
Chief Risk Officer, Generali IT
Alberto is currently the Head of Generali Group Operational Risk and Chief Risk Officer of Generali IT and Procurement Shared Services company. His current responsibilities include the development and implementation of the Group Capital Internal Model for Operational Risk and the management of the Group Operational and IT Risks framework. He has +20 years of experience in financial industry, also working in business process re-engineering as Head of Organization departments and leading the Project Management Office of Solvency 2 Project. Alberto holds a degree in Statistics from Padua University, Italy.
Alberto is currently the Head of Generali Group Operational Risk and Chief Risk Officer of Generali IT and Procurement Shared Services company. His current responsibilities include the development and implementation of the Group Capital Internal Model for Operational Risk and the management of the Group Operational and IT Risks framework. He has +20 years of experience in financial industry, also working in business process re-engineering as Head of Organization departments and leading the Project Management Office of Solvency 2 Project. Alberto holds a degree in Statistics from Padua University, Italy.
Ali Pabrai
CEO, ecfirst
Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.
Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP), Security +, CCSFP, is the CEO of ecfirst. A highly sought after information security and regulatory compliance expert, he has successfully delivered solutions on compliance and information security to organizations worldwide. Mr. Pabrai has presented opening keynote and other sessions at several conferences, including ISACA, ISSA, FBI InfraGard, HIMSS, HCFA, HIPAA Summit, Microsoft Tech Forum, NASEBA Healthcare Congress (Middle East), Kingdom Healthcare (Saudi Arabia), Internet World, DCI Expo, Comdex, Net Secure, Nurse Practitioners Conference, National Council for Prescription Drug Programs (NCPDP), National Council for State Board of Nursing IT Conference, and many others.
Allan Boardman, CISA, CISM, CGEIT, CRISC
Director, CyberAdvisor.London
Allan is an experienced business advisor helping organizations manage their information and technology risks. He trained at Deloitte Cape Town where he qualified as a Chartered Accountant before moving to London in 1986. He has held leadership roles in audit, risk, security and governance at various global organizations including GSK, Morgan Stanley, JPMorgan, Goldman Sachs, PwC and KPMG. He is a Past President of ISACA London Chapter and has served on ISACA International’s Board of Directors, Strategic Advisory Council, Leadership Development Committee and chaired its Credentialing and Career Management Board, CISM Certification Committee and Audit and Risk Committee.
Allan is an experienced business advisor helping organizations manage their information and technology risks. He trained at Deloitte Cape Town where he qualified as a Chartered Accountant before moving to London in 1986. He has held leadership roles in audit, risk, security and governance at various global organizations including GSK, Morgan Stanley, JPMorgan, Goldman Sachs, PwC and KPMG. He is a Past President of ISACA London Chapter and has served on ISACA International’s Board of Directors, Strategic Advisory Council, Leadership Development Committee and chaired its Credentialing and Career Management Board, CISM Certification Committee and Audit and Risk Committee.
Anand Prakash Jangid, CISA
Managing Partner, AJA
A passionate evangelist for tech-based disruption in Audit & Finance domain, Anand is professionally a Chartered Accountant & Certified Information System Auditor. He is Managing partner at AJA, An Organization with focus in the area of Forensic audit, IS audit, Fraud Analytics and Blockchain for Internal Audit function.
Anand was part of the risk management team at Goldman Sachs, covering multiple audits across much geography for different function in the organization. His areas of specialization were Forex audit, DP audits, Anti money laundering, Basel II, BCP and operational risk.
A passionate evangelist for tech-based disruption in Audit & Finance domain, Anand is professionally a Chartered Accountant & Certified Information System Auditor. He is Managing partner at AJA, An Organization with focus in the area of Forensic audit, IS audit, Fraud Analytics and Blockchain for Internal Audit function.
Anand was part of the risk management team at Goldman Sachs, covering multiple audits across much geography for different function in the organization. His areas of specialization were Forex audit, DP audits, Anti money laundering, Basel II, BCP and operational risk.
Anders Kjaergaard, CISA, CISM, CRISC
Director, Grant Thornton Denmark
More than 15 years of experience in IT Security and auditing. Director of IT Audit & Advisory for Grant Thornton, Denmark. Most recent work has been as internal auditor in the financial sector - Central Bank of Denmark and Danske Bank.
More than 15 years of experience in IT Security and auditing. Director of IT Audit & Advisory for Grant Thornton, Denmark. Most recent work has been as internal auditor in the financial sector - Central Bank of Denmark and Danske Bank.
Andrea Pompili, CISM
Cy4gate
Andrea Pompili is an information technology specialist that takes care of security. Andrea was well known in his youth to be one of the most famous Italian programmer of old computer games. Once graduated, he started working on enterprise software development, and then on computer security, following security threats and security solutions on strategic projects firstly for Wind Telecommunication and then for Telecom Italia. Currently Andrea is a strategy advisor in security and aims to discover and integrate innovative solutions for this connected world.
Andrea Pompili is an information technology specialist that takes care of security. Andrea was well known in his youth to be one of the most famous Italian programmer of old computer games. Once graduated, he started working on enterprise software development, and then on computer security, following security threats and security solutions on strategic projects firstly for Wind Telecommunication and then for Telecom Italia. Currently Andrea is a strategy advisor in security and aims to discover and integrate innovative solutions for this connected world.
Andrew Neal, CISM, CRISC
Division President, TransPerfect
Andrew Neal is an executive and practitioner in the information security community. Advising on data privacy, security and litigation projects for internal and external clients around the globe, he serves as a trusted subject matter expert for business leaders and legal professionals. Andrew leverages 30 years of business, technical and risk management experience to build programs, lead teams and execute projects internally at TransPerfect and across a wide range of client organizations. An effective communicator and engaging speaker, Andrew presents at international conferences and seminars, and teaches at major universities. He is active in several professional organizations, focusing his efforts on the development of professional standards and the mentorship of other professionals. Living in Dallas, Texas, Andrew currently leads the Information Security and Compliance Services division at TransPerfect, a global business services company.
Andrew Neal is an executive and practitioner in the information security community. Advising on data privacy, security and litigation projects for internal and external clients around the globe, he serves as a trusted subject matter expert for business leaders and legal professionals. Andrew leverages 30 years of business, technical and risk management experience to build programs, lead teams and execute projects internally at TransPerfect and across a wide range of client organizations. An effective communicator and engaging speaker, Andrew presents at international conferences and seminars, and teaches at major universities. He is active in several professional organizations, focusing his efforts on the development of professional standards and the mentorship of other professionals. Living in Dallas, Texas, Andrew currently leads the Information Security and Compliance Services division at TransPerfect, a global business services company.
Asim Fareeduddin
VP, Regulatory Controls & IT Security Assurance, RELX Group
Asim Fareeduddin is Vice President, IT Security & Regulatory Controls Assurance for RELX. Asim has 19 years of experience in privacy, information security, compliance and audit. Asim’s experience includes building and executing audit programs, managing regulatory and injunctive relief compliance, HIPAA/HITECH, EU Data Privacy laws, SOC report, SOX audits, application and network security reviews, privacy and regulatory compliance with data privacy laws, and online privacy protection. Asim also has extensive experience in co-sourcing with external auditors as a value-added partner. Prior to RELX, Asim worked in “Big Four” IT audit/security. Asim earned his B.S. and master’s Degrees in Accounting with a Concentration in Information Systems from the University of Florida. He also holds the following professional certifications: Certified Information Privacy Professional, Certified Public Accountant, Certified Information Systems Auditor and Certified Information Security Manager. Additionally, Asim serves as a Part-Time Instructor at Georgia State University's Robinson College of Business where he teaches master’s level students on Internal Audit and Information Technology Audit.
Asim Fareeduddin is Vice President, IT Security & Regulatory Controls Assurance for RELX. Asim has 19 years of experience in privacy, information security, compliance and audit. Asim’s experience includes building and executing audit programs, managing regulatory and injunctive relief compliance, HIPAA/HITECH, EU Data Privacy laws, SOC report, SOX audits, application and network security reviews, privacy and regulatory compliance with data privacy laws, and online privacy protection. Asim also has extensive experience in co-sourcing with external auditors as a value-added partner. Prior to RELX, Asim worked in “Big Four” IT audit/security. Asim earned his B.S. and master’s Degrees in Accounting with a Concentration in Information Systems from the University of Florida. He also holds the following professional certifications: Certified Information Privacy Professional, Certified Public Accountant, Certified Information Systems Auditor and Certified Information Security Manager. Additionally, Asim serves as a Part-Time Instructor at Georgia State University's Robinson College of Business where he teaches master’s level students on Internal Audit and Information Technology Audit.
Christian F. Nissen, CISM, CGEIT
Senior Consultant, CFN Consult ApS
Christian Feldbech Nissen has 30 years of experience in the IT domain, especially with IT service management, IT governance, IT operations and Information Security. He is recognised as an international thought leader, author and lecturer, but also as an experienced and down-to-earth practitioner striving to make things happen in real life. He has a long proven track record from around 150 of the largest private and public organisations in Denmark. Last, but not least, he holds more than 50 different certifications in IT Management, and has achieved the ITIL Master level, demonstrating that he has contributed with measurable results within all IT service management disciplines.
Christian Feldbech Nissen has 30 years of experience in the IT domain, especially with IT service management, IT governance, IT operations and Information Security. He is recognised as an international thought leader, author and lecturer, but also as an experienced and down-to-earth practitioner striving to make things happen in real life. He has a long proven track record from around 150 of the largest private and public organisations in Denmark. Last, but not least, he holds more than 50 different certifications in IT Management, and has achieved the ITIL Master level, demonstrating that he has contributed with measurable results within all IT service management disciplines.
Claudio Cilli, CISA, CISM, CGEIT, CRISC
University of Rome
Prof. Claudio Cilli is a recognised world leading authority in the areas of National Security and Intelligence, company protection, information systems security and compliance, with over 25 years of experience. He currently advises governments and int’l companies in the cyber-security and critical infrastructures protection areas. University professor and researcher. Lesson arguments include computer science, software compilers, lexical and semantic analysers, information systems analysis and development. Member of the scientific and advisory boards. Teacher in the post-graduate master’s in computer security and IT Governance. Consultant to the U.S. Government and companies who supply the Department of Defense. Consultant at the United Nations. With many big firms, he is responsible of IS Audit and security projects, which include civil and military sectors, software quality and code security, security of the information systems and installations. Designed and implemented systems based on mainframes and distributed architecture, including Disaster Recovery and both data and physical security, information and site protection.
Prof. Claudio Cilli is a recognised world leading authority in the areas of National Security and Intelligence, company protection, information systems security and compliance, with over 25 years of experience. He currently advises governments and int’l companies in the cyber-security and critical infrastructures protection areas. University professor and researcher. Lesson arguments include computer science, software compilers, lexical and semantic analysers, information systems analysis and development. Member of the scientific and advisory boards. Teacher in the post-graduate master’s in computer security and IT Governance. Consultant to the U.S. Government and companies who supply the Department of Defense. Consultant at the United Nations. With many big firms, he is responsible of IS Audit and security projects, which include civil and military sectors, software quality and code security, security of the information systems and installations. Designed and implemented systems based on mainframes and distributed architecture, including Disaster Recovery and both data and physical security, information and site protection.
Daniel Gnana, CISA
Sr. Audit Manager, M.
Daniel is a senior consultant in information security governance, risks and compliance. He is also an assessor for ISO/IEC 9001 and 27001 certifications and provides training courses in cyber risks and security.
Daniel is a senior consultant in information security governance, risks and compliance. He is also an assessor for ISO/IEC 9001 and 27001 certifications and provides training courses in cyber risks and security.
David Foote
Chief Analyst & CEO, Foote Partners, LLC
David Foote is a tech labor trends benchmark research pioneer and one of the most quoted industry authorities on global tech workforce evolution. He has spent more than two decades introducing innovative data-driven benchmark research and analysis focusing on tech/business cross-skilling and management integration, while also pioneering new industry practices for more accurate compensation benchmarking and tracking/forecasting of tech skills supply and demand. He built his reputation at Gartner, META Group, and at several Silicon Valley companies prior to co-founding Foote Partners in 1997. Foote’s research-backed forecasts and analyses reach global audience of millions of business and technology professionals. At Foote Partners he leads a senior team of former Gartner, McKinsey & Company, and Mercer analysts, consultants and researchers in publishing continuously updated tech labor trends and compensation research supported by close research partnerships with 5,450 employers in Europe and North America.
David Foote is a tech labor trends benchmark research pioneer and one of the most quoted industry authorities on global tech workforce evolution. He has spent more than two decades introducing innovative data-driven benchmark research and analysis focusing on tech/business cross-skilling and management integration, while also pioneering new industry practices for more accurate compensation benchmarking and tracking/forecasting of tech skills supply and demand. He built his reputation at Gartner, META Group, and at several Silicon Valley companies prior to co-founding Foote Partners in 1997. Foote’s research-backed forecasts and analyses reach global audience of millions of business and technology professionals. At Foote Partners he leads a senior team of former Gartner, McKinsey & Company, and Mercer analysts, consultants and researchers in publishing continuously updated tech labor trends and compensation research supported by close research partnerships with 5,450 employers in Europe and North America.
Dina Numan
ScanWave Comprehensive Technical Solutions
12 years of experience in IT Service Management, Quality Assurance, Quality Control, Process Reengineering, IT Governance. Leading COBIT 5 and COBIT 2019 adoption and implementation projects in Jordan.
12 years of experience in IT Service Management, Quality Assurance, Quality Control, Process Reengineering, IT Governance. Leading COBIT 5 and COBIT 2019 adoption and implementation projects in Jordan.
Doug Grindstaff
E. Douglas Grindstaff II is a successful executive with a deep experience in the Bio Tech and High Tech industries. Grindstaff has held several Senior Executive and Board positions, in addition to his current role as Senior Vice President of Cybersecurity Solutions with the CMMI Institute, he previously served as CEO of NuSirt Sciences, CEO-in- Residence for Carnegie Innovations Portfolio and President of the Invisible Fence brand. Prior to that, he served as Chairman and President of Bioganic Biopesticide, where he oversaw rapid expansion into the retail marketplace, as well as the acquisition by a well-known consumer brands company. Grindstaff also served as an executive for a number of private and public consumer brand companies, including Kraft Foods, Inc.
E. Douglas Grindstaff II is a successful executive with a deep experience in the Bio Tech and High Tech industries. Grindstaff has held several Senior Executive and Board positions, in addition to his current role as Senior Vice President of Cybersecurity Solutions with the CMMI Institute, he previously served as CEO of NuSirt Sciences, CEO-in- Residence for Carnegie Innovations Portfolio and President of the Invisible Fence brand. Prior to that, he served as Chairman and President of Bioganic Biopesticide, where he oversaw rapid expansion into the retail marketplace, as well as the acquisition by a well-known consumer brands company. Grindstaff also served as an executive for a number of private and public consumer brand companies, including Kraft Foods, Inc.
Frank Downs
Director and SME, Cybersecurity Practice, ISACA
Downs, an 11-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, Frank proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government. Eventually, he decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies. He is now Director, Cyber Information Security Practices at ISACA, sharing the good news about ISACA’s Cybersecurity Nexus (CSX) platform.
Downs, an 11-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, Frank proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government. Eventually, he decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies. He is now Director, Cyber Information Security Practices at ISACA, sharing the good news about ISACA’s Cybersecurity Nexus (CSX) platform.
Frans Szabo
Sr. Security Specialist, Rabobank
Frans Szabó has almost 30 years of experience in the banking industry. Working in -amongst others- the fields of core IT, Service- and delivery management, Continuity Management and marketing and customer support, Frans has "seen it all". In his previous position Frans protected the bank's customers against fraud through cybercrime. All the bad stuff he learned doing this, is put to use in his current role: Head of Red Teaming. Testing all of the bank's security measures as far as possible.
Frans Szabó has almost 30 years of experience in the banking industry. Working in -amongst others- the fields of core IT, Service- and delivery management, Continuity Management and marketing and customer support, Frans has "seen it all". In his previous position Frans protected the bank's customers against fraud through cybercrime. All the bad stuff he learned doing this, is put to use in his current role: Head of Red Teaming. Testing all of the bank's security measures as far as possible.
Graham McKay, CISM, CRISC
Data Protection Program Manager – EMEA, Deloitte
Passionately creating, collating and communicating knowledge to enable privacy and build secure, resilient communities, Graham is a driven, impactful privacy and security leader, developing people and deploying strategies with a business enabling focus. Combining privacy, technical, legal and regulatory expertise he provides expert, actionable, strategic guidance allowing organisations to align their behaviour and culture to deliver a privacy and security focus benefiting employees, stakeholders, clients and communities. Passionate about awareness, training and education, he has delivered transformational programs for privacy, data protection and security, focused on the individual. An international conference speaker he is dedicated to delivering awareness, training and education to the widest possible audience to influence positive behavioural change and increase societal security and privacy.
Passionately creating, collating and communicating knowledge to enable privacy and build secure, resilient communities, Graham is a driven, impactful privacy and security leader, developing people and deploying strategies with a business enabling focus. Combining privacy, technical, legal and regulatory expertise he provides expert, actionable, strategic guidance allowing organisations to align their behaviour and culture to deliver a privacy and security focus benefiting employees, stakeholders, clients and communities. Passionate about awareness, training and education, he has delivered transformational programs for privacy, data protection and security, focused on the individual. An international conference speaker he is dedicated to delivering awareness, training and education to the widest possible audience to influence positive behavioural change and increase societal security and privacy.
Guy Herbert, CISA
Head of IT Risk and Compliance, Atlassia
Guy has over 25 years working in IT and Technology across the Telecommunications, Finance, Pharmaceutical and Software industries. He has managed risk, compliance, audit and technical delivery teams during this time. Guy has been thinking of better ways for Atlassian to manage IT Risk and Compliance since Sept 2013. Atlassian is an Australian company started 16 years ago that builds software to help teams work better together – products include Jira, Confluence, Bitbucket and Bamboo.
Guy has over 25 years working in IT and Technology across the Telecommunications, Finance, Pharmaceutical and Software industries. He has managed risk, compliance, audit and technical delivery teams during this time. Guy has been thinking of better ways for Atlassian to manage IT Risk and Compliance since Sept 2013. Atlassian is an Australian company started 16 years ago that builds software to help teams work better together – products include Jira, Confluence, Bitbucket and Bamboo.
Herbert McMorris, CGEIT, CRISC, CISM, CISA
Lead Practitioner, KirkpatrickPrice
Herbert McMorris is a Lead Practitioner for KirkpatrickPrice. He has over 38 years of industry experience, including network engineering, governance, risk management, and control. Herbert holds several certifications including CISSP, CISA, CISM, CRISC, and CGEIT. Herbert provides services to clients and stakeholders who are seeking to understand compliance and regulatory requirements by helping them navigate the complex world of data security.
Herbert McMorris is a Lead Practitioner for KirkpatrickPrice. He has over 38 years of industry experience, including network engineering, governance, risk management, and control. Herbert holds several certifications including CISSP, CISA, CISM, CRISC, and CGEIT. Herbert provides services to clients and stakeholders who are seeking to understand compliance and regulatory requirements by helping them navigate the complex world of data security.
Horst Moll, CISA, CISM, CRISC
Security Manager, Vodafone Deutschland GmbH
Horst Moll is Security Program Manager at Vodafone Germany. Before he joined Vodafone, he worked at the Deutsche Telekom, where he led the ISMS Certification for the German local market unit and was the Lead Architect for the Security Risk Management Process for Deutsche Telekom Group. Beforehand he was working as Information Security Consultant in different industries around the globe. He has a master of electrical engineering (RWTH Aachen) and achieved security certifications including CISA, CISM, CRISC, CISSP, MBCI, ISO/IEC 27001 Lead Auditor. Since 2007 he is a certified ISACA trainer.
Horst Moll is Security Program Manager at Vodafone Germany. Before he joined Vodafone, he worked at the Deutsche Telekom, where he led the ISMS Certification for the German local market unit and was the Lead Architect for the Security Risk Management Process for Deutsche Telekom Group. Beforehand he was working as Information Security Consultant in different industries around the globe. He has a master of electrical engineering (RWTH Aachen) and achieved security certifications including CISA, CISM, CRISC, CISSP, MBCI, ISO/IEC 27001 Lead Auditor. Since 2007 he is a certified ISACA trainer.
Ian Musgrave, CISA
Head of IT and Cyber Assurance, Uniac
Ian manages Uniac’s IT and Cyber Assurance service across its client base in the UK Higher Education sector. His team focuses on reviewing all elements of ICT risk including IT Strategy and Governance, Information Security, Data Protection and Cyber Security. Ian is a Certified Information Systems Auditor, CIA and has achieved PCI Professional status.
Ian manages Uniac’s IT and Cyber Assurance service across its client base in the UK Higher Education sector. His team focuses on reviewing all elements of ICT risk including IT Strategy and Governance, Information Security, Data Protection and Cyber Security. Ian is a Certified Information Systems Auditor, CIA and has achieved PCI Professional status.
Ira Winkler
President, Secure Mentem
Ira Winkler, CISSP is President of Secure Mentem and author of Advanced Persistent Security. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.
Ira Winkler, CISSP is President of Secure Mentem and author of Advanced Persistent Security. He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media. He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigating crimes against them, and telling them how to cost effectively protect their information and computer infrastructure. He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs. Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.
Jan Anisimowicz, CISM, CRISC
Director Audit, Risk & Compliance, C&F Sp. Z O.o.
Experienced senior IT manager with over 20 years of experience in GRC (audit, risk and compliance management), Data warehousing, Business Intelligence, Big Data and data analysis. Broad business and technical perspective in telco, banking, pharma and insurance. A staunch supporter of a pragmatic, lean and cost effective approach to regulatory requirements implementation in the organizations. Active in the space of #FinTech, #InsurTech and #RegTech. Public speaker at international conferences (topics related to IT Security, Risk Management, Compliance, GRC and data privacy). Involved in the process of analysis and verification of how artificial intelligence could support auditors in the space of IoT, Big Data and dispersed IT environments. Strong supporter of blockchain technology, which in his opinion should be widely used based on Smart Contracts with respect to data privacy principles (Privacy By Design). Member of the blockchain working group under the supervision of the Polish Ministry of Digital Affairs. Active participant of international organizations: ISACA (CISM & CRISC certificates), PMI (PMP certificate) and IIA (Institute of Internal Auditors).
Experienced senior IT manager with over 20 years of experience in GRC (audit, risk and compliance management), Data warehousing, Business Intelligence, Big Data and data analysis. Broad business and technical perspective in telco, banking, pharma and insurance. A staunch supporter of a pragmatic, lean and cost effective approach to regulatory requirements implementation in the organizations. Active in the space of #FinTech, #InsurTech and #RegTech. Public speaker at international conferences (topics related to IT Security, Risk Management, Compliance, GRC and data privacy). Involved in the process of analysis and verification of how artificial intelligence could support auditors in the space of IoT, Big Data and dispersed IT environments. Strong supporter of blockchain technology, which in his opinion should be widely used based on Smart Contracts with respect to data privacy principles (Privacy By Design). Member of the blockchain working group under the supervision of the Polish Ministry of Digital Affairs. Active participant of international organizations: ISACA (CISM & CRISC certificates), PMI (PMP certificate) and IIA (Institute of Internal Auditors).
Jason Miller
IT Security Assurance Manager, RELX Group
20+ years in networking, security, audit/assessment; CISSP, CIPP/US, MSIA; Masters in Information Assurance – Norwich University (Northfield, VT)
Relevant Experience:
+Worked in “Big Four” with Information Security & Cybersecurity Groups
+Information Security Assessments
+Managing security programs for Banking, Healthcare, & Business Services
20+ years in networking, security, audit/assessment; CISSP, CIPP/US, MSIA; Masters in Information Assurance – Norwich University (Northfield, VT)
Relevant Experience:
+Worked in “Big Four” with Information Security & Cybersecurity Groups
+Information Security Assessments
+Managing security programs for Banking, Healthcare, & Business Services
Joseph Vest
Director of Training, SpecterOps
Driven by his curiosity, perseverance, and passion for technology, Joe Vest's mantra for his work and teaching is: "Often the journey of an experience can be as valuable as the end." Joe has than 17 years of experience in red teaming, penetration testing, and application security. Experience ranges from authoring and instructing a SANS red team course, to owning and operating a security consulting company, to acting as technical lead for a DOD red team. He has also worked in numerous commercial sectors, which has given him extensive knowledge of cyber threats, tools, and tactics, including threat emulation and threat detection. Today, Joe is the training director at SpecterOps where he uses his experience in red team operations, cyber threat analysis, cyber threat emulation and replication, application security, vulnerability assessment and mitigation, and incident mitigation to train and educate.
Joe has a variety of professional certifications. When he's not teaching or evangelizing about cybersecurity, you'll find Joe out skateboarding or paddle boarding with his son.
Driven by his curiosity, perseverance, and passion for technology, Joe Vest's mantra for his work and teaching is: "Often the journey of an experience can be as valuable as the end." Joe has than 17 years of experience in red teaming, penetration testing, and application security. Experience ranges from authoring and instructing a SANS red team course, to owning and operating a security consulting company, to acting as technical lead for a DOD red team. He has also worked in numerous commercial sectors, which has given him extensive knowledge of cyber threats, tools, and tactics, including threat emulation and threat detection. Today, Joe is the training director at SpecterOps where he uses his experience in red team operations, cyber threat analysis, cyber threat emulation and replication, application security, vulnerability assessment and mitigation, and incident mitigation to train and educate.
Joe has a variety of professional certifications. When he's not teaching or evangelizing about cybersecurity, you'll find Joe out skateboarding or paddle boarding with his son.
John Wallhoff, CISA, CISM
Advisor/Management Consultant, Scillani Information AB
John Wallhoff (CISA, CISM, CISSP), president ISACA Sweden Chapter, is a management consultant and advisor in IT & Security and Fraud & Corruption. With practical experience in analytics for over 20 years, he has gained a sense of what data can do to an organization and can still get fascinated when having data at his fingertips.
John Wallhoff (CISA, CISM, CISSP), president ISACA Sweden Chapter, is a management consultant and advisor in IT & Security and Fraud & Corruption. With practical experience in analytics for over 20 years, he has gained a sense of what data can do to an organization and can still get fascinated when having data at his fingertips.
Jorke Kamstra, CISA
IT Risk Manager, Euroclear
Jorke Kamstra is a fireman wearing a suit and a tie. My focus at Euroclear is on IT cyber resilience, assessment methodology and policy building. As a risk manager I identify, challenge and advice on existing cyber practices. Previously I was a banking regulator, project manager and a Unix system engineer. I am passionate about communication and public speaking and I am convinced that creating a platform for communicating our problems, risks and threats enables us all to learn from feedback and better prepare for success.
Jorke Kamstra is a fireman wearing a suit and a tie. My focus at Euroclear is on IT cyber resilience, assessment methodology and policy building. As a risk manager I identify, challenge and advice on existing cyber practices. Previously I was a banking regulator, project manager and a Unix system engineer. I am passionate about communication and public speaking and I am convinced that creating a platform for communicating our problems, risks and threats enables us all to learn from feedback and better prepare for success.
Jose Ramon Coz Fernandez, CGEIT, CRISC, CISM, CISA
Cyber Internal Auditor, European Space Agency
He has over twenty years of experience in the field of ICT covering different positions: auditor, project manager, consultant, architect and analyst. Currently working as GNSS Cyber Internal Auditor at the European Space Agency, and he is a researcher in the Department of Applied Economics at the Complutense University of Madrid. He is professor at several institutions, universities and business schools. He collaborates as a reviewer for several international journals and he is member of several committees and IT associations.
He has over twenty years of experience in the field of ICT covering different positions: auditor, project manager, consultant, architect and analyst. Currently working as GNSS Cyber Internal Auditor at the European Space Agency, and he is a researcher in the Department of Applied Economics at the Complutense University of Madrid. He is professor at several institutions, universities and business schools. He collaborates as a reviewer for several international journals and he is member of several committees and IT associations.
Joseph Mayo, CRISC
Program Manager, J. W. Mayo Consulting LLC
Joseph W. Mayo is an award-winning project manager and Internationally recognized risk management expert. Mr. Mayo is an Information Technology professional with over 28 years of experience. He holds a bachelor’s degree in Information Technology and a master’s degree in Information Systems. Mr. Mayo is a PMI certified Project Management Professional (PMP), Risk Management Professional (RMP), holds Certified in Risk and Information Systems Control (CRISC) credential from the Information Systems Audit and Control Association (ISACA), and is certified by the Risk Management Society (RIMS) as a Certified Risk Management Professional (RIMS-CRMP). Mr. Mayo is the first risk practitioner to be credentialed by the three internationally recognized, risk management credentialing bodies; PMI, ISACA, and RIMS. He is an active industry volunteer who regularly participates in industry working groups and strives to enhance global risk management and project management practices. He is an author, speaker and conference presenter on topics that include risk management, project management, and quality assurance.
Joseph W. Mayo is an award-winning project manager and Internationally recognized risk management expert. Mr. Mayo is an Information Technology professional with over 28 years of experience. He holds a bachelor’s degree in Information Technology and a master’s degree in Information Systems. Mr. Mayo is a PMI certified Project Management Professional (PMP), Risk Management Professional (RMP), holds Certified in Risk and Information Systems Control (CRISC) credential from the Information Systems Audit and Control Association (ISACA), and is certified by the Risk Management Society (RIMS) as a Certified Risk Management Professional (RIMS-CRMP). Mr. Mayo is the first risk practitioner to be credentialed by the three internationally recognized, risk management credentialing bodies; PMI, ISACA, and RIMS. He is an active industry volunteer who regularly participates in industry working groups and strives to enhance global risk management and project management practices. He is an author, speaker and conference presenter on topics that include risk management, project management, and quality assurance.
