SPEAKER BIOGRAPHIES

Mia Boom-Ibes, VP of Security Innovation, Strategy, Analytics, and GRC, Allstate Insurance

Mia Boom-Ibes is Vice President, Security Innovation, Strategy and Analytics, ATSV for Allstate Insurance Company. In this role, she is responsible for Allstate’s cybersecurity strategy and priorities. She manages relationships with key business and technology stakeholders to ensure alignment and oversees architectural standards to enable consistency across the enterprise.

Prior to becoming a vice president at Allstate in July of 2017, Mia was a director in Allstate Information Security with responsibility for setting the strategy and direction for information security governance, risk and compliance efforts across the corporation.

She spearheaded the creation of the company’s first Enterprise Information Security Policy and Information Security Risk Management program aligned with industry best practices and frameworks. In addition, Mia has designed and built security governance programs to obtain or retain PCI compliance status at multiple institutions.
Mia began her Allstate career in 2012 as an information security compliance and consulting manager, quickly progressing to roles of increasing leadership. She previously served in information security roles at John Deere Financial, PwC Consulting and Discover Financial Services.

Mia holds CISSP and CISM certifications and bachelor’s degree from the College of Saint Benedict. As the proud mother of four sons, Mia leads an active lifestyle balancing her work responsibilities, learning new skills in mixed martial arts and enjoying time with her husband and children.

Corbin Del Carlo, Cyber Security and Data Privacy Director and Advocate, Discover

Corbin is an Information and Data Security professional with over 15 years of experience designing, implementing, and evaluating network and security solutions. Corbin is currently a director with Discover Financial Services providing third line oversight of the information security functions. Additionally, Corbin functions as an information security educator/speaker. He has spoken on information security topics such as: Information Technology Risk Assessments, Network Security, Penetration Testing, Personal and Corporate Data Privacy, Social Media Risks, Payment Card Industry Compliance, Mobile Device Security, and Third Party Vendor Security (including Cloud Security). 

Craig George, CISO, Central States Funds

Craig A. George serves as the Chief Information Security Officer (CISO) at Central States Funds (CSF) in Rosemont, IL. CSF is the largest Multiemployer Health Fund ($6.4B) and Pension Fund in the U.S. Mr. George has created and leads the Information Security and Risk Management programs there since 2013. As a direct report to the CIO, he is responsible for all information security solutions, information security governance, IT audit, IT risk management and HIPAA security compliance. Previous to CSF, Mr. George was a security and program management leader for Kantar, a global market research conglomerate of fourteen companies.

Mr. George has more than 13 years’ experience managing all aspects of information technology in transformational environments in Healthcare, Advertising, Market Research and Consulting Services industries. His expertise includes service management, project management, governance, compliance, risk management, infrastructure, and solution implementation with specialties in incident response, vulnerability management and security solution/tool implementation and analysis. He has developed and implemented security programs based on HITRUST, NIST, ISO and CIS Controls frameworks.

Mr. George holds the CRISC, CISM, CISA and CISSP certifications. He has a B.S. in Network Communications from DeVry University and an MBA and Project Management Master’s degree from Keller Graduate School of Management. Mr. George is an active part of the Information Technology and Security Community and participates in several security working groups.

Richard Hahn, Manager, Information Security Consulting, Sungard

With over 20 years in information security and risk management, Richard is a management and technology  consultant with diverse leadership experience in operational, technical, management, and auditor roles. At Sungard AS, Richard is a leader in our Security Consulting practice consisting of security strategy, security audits and assessments, security remediation and integration, and data governance engagements.

Richard has advised entities on information security solutions, focusing on security program development and the health and protection of organizational data. He has extensive experience delivering information security solutions,
including security and privacy program development, security assessments, DevOps frameworks, vulnerability management solutions, information availability programs and data governance solutions.

Prior to joining Sungard, Richard’s positions have included running information availability, ITIL and information security programs as an IT Director, Networking Engineering Manager and an IT Security Manager for B2B online service providers. Over the last two decades Richard has secured networks that perform critical transactions, including but not limited to such as banking, telecommunications, NG911, e-commerce and health care.

Jim Hebler, Director of Americas’ CyberSecurity Solutions, Pulse Secure

Working from his early-career foundation covering business and technology for regional-and-national media (Detroit News, USA Today) – Hebler’s evolution continued via building strategic solutions’ integrations for Managed Security and Technology Services’ firms after years of taking them on as clients while at leading-edge Marketing-Communications’-Advertising Firms.

Working for organizations (in order) from regional integrators (Ideal Technologies, Secure 24, ANX, Security Inspection) on through Great Lakes Channel Director and PS Sales roles for SunGard Availability Services – Jim continues to build on his Security and CISSP based foundation. He also has experience driving solutions and business value on both sides of the Channel equation – partner and provider. Prior to Pulse Secure, Jim was privileged to gain unique insights working with HP Vistorm and Computer Sciences Corporation as a Regional Security lead working within Manufacturing, Government, Supply Chain, Health Care and Financial Services over a near-half-decade run.  

As a national evangelist for Pulse Secure – Hebler’s passionate-dynamic presentation evolves in unison with that week’s headlines as he takes his audience on the daunting realities and challenges of rapid change, aligning demographics, tech-savvy solutions, and overwhelming change at the intersection where fear, human-fragility and the Art-of-the Possible intersect.

Jim lives in MI with Cathy, Mystic, Inky and Alecia – all rescue animals. Feel free to reach Jim at [email protected]

Victor Hsiang, CISO, GATX

Victor Hsiang is an accomplished Information Security, Risk and IT Professional with over 19 years of experience working within the Financial Services and Healthcare sectors. He has an established track record of delivering successful IT and Information Security solutions that manages risk while supporting business requirements. His experience includes implementation of technology, security audits, risk assessments, information records management, privacy concerns, compliance and legal issues related to security, forensics, security practices and policy development. He currently leads the Information Security program at GATX Corporation.

Syed Hussaini, CISO, Director of Cybersecurity, Grant Thornton

Syed Hussaini is the Chief Information Security Officer (CISO) / Director of Cybersecurity, Risk and Compliance at Grant Thornton LLP. He is a transformational leader who has managed cybersecurity and compliance risk as it relates to the business ensuring integration of appropriate security technologies, controls and processes. Syed has a diverse background managing cyber security needs for various types of businesses and environments, particularly, banking/finance, telecommunication, manufacturing and professional services. His experience and skill set enable him to provide thought leadership and a strategic thinking while understanding technical and architectural details.

Syed has managed organizational change and has successfully led the migration of core security services to and from managed services environments as a part of IT transformation efforts. Syed has also built and led cyber security programs and teams driving enhancements and maturity thereby improving enterprise security risk postures.
Prior to his current role, Syed has held other cybersecurity leadership roles at GE, HSBC and Motorola where he has worked with technology and business leadership and teams to build and lead cyber security and risk programs.

Syed holds a bachelor’s degrees in computer science from the University of Illinois at Chicago and a master’s degree in Cybersecurity from the DePaul University. Syed has been through the CISO executive education program at Carnegie Mellon University and is also CISSP and CISM certified.

Jenny Inserro, Senior Director, HealthTech Governance Risk and Compliance, Health Care Service Corporation

Jennifer Inserro has more than 20 years of IT experience. She has held positions in project management, infrastructure and information security. She also had an opportunity to work on the business side in privacy. She is currently a Senior Director in the IT/IS governance, risk and compliance space for a major health insurance payer. She is responsible for third-party security assessments, policy, awareness, IT risk management and audit tracking. Some of her accomplishments including implementation of a role-based security model and stand-up of a GRC solution. Jennifer is a Certified Information Systems Security Professional (CISSP) and Healthcare Information Security and Privacy Practitioner (HCISPP) form (ISC)2, as well as a Certified Information Systems Auditor from ISACA. She helped author the HCISPP prep guide and is a trainer for (ISC)2. She is an editorial content reviewer for the ISACA Journal. Jenny has a bachelor’s degree from Bradley University and a master’s degree in Public Service Management from DePaul University. She lives in the Chicago area with her husband and three active kids, ages 16, 12 and 3.

Siavash Kazemian, Senior Security Engineer, Morphisec

Siavash Kazemian is a Senior Security Engineer at Morphisec, an Endpoint Security company. He has over 20+ years of IT experience, ranging from application performance monitoring to identity and access management and now endpoint security. Most recently his focus was in the Healthcare vertical, architecting solutions for hospitals that leveraged security to drive workflow efficiencies for clinical staff. These days he finds himself talking to other security professionals about security strategy and risk mitigation from an endpoint perspective.

Dave Klein, Senior Director, Engineering & Architecture, GuardiCore

Dave Klein is the Senior Director of Technical Evangelism for GuardiCore. With more than 21 years of real-world cybersecurity experience he works with GuardiCore teams, customers and industry thought leaders to address the challenges of securing modern hybrid cloud environments. Dave encourages CISOs faced with securing their organizations to adopt security solutions and best practices that work easily and seamlessly across heterogeneous hybrid cloud environments. Dave has spoken on a wide variety of cybersecurity topics including micro-segmentation, crytpojacking, hybrid cloud adoption, PCI compliance, educating on the stages of the cyber security kill chain, understanding interactions between the physical and cyber worlds as it relates to the radicalization and arming of domestic terrorists and using cyber forensics in real world criminal cases.

Seth McCallister, Chief Information Security Officer, HUB International Limited

Seth McCallister currently works at HUB International where he serves as the Chief Information Security Officer and is responsible for information security, risk management and compliance. Seth joined HUB International in May of 2016 from Beam Suntory where he served as Head of Global Information Security. Seth McCallister has spent the previous 20 years working in information technology with a focus on information security. Seth has worked and has held leadership roles in a wide range of business environments that span technology, financial services, consumer packaged goods and government. In his role, he is shaping the current and future information security, risk and compliance strategy for Hub International.

Seth is a leading security strategist that is building transformative security programs in support of forward thinking business directions and digital strategies. Seth has deep experience in building cloud first, data driven security programs that are designed around best practices, with a lean and effective method of rapid development and company adoption.

Jesse Miller, CISO, Stratosphere Networks, LLC

Jesse Miller is the CISO at Stratosphere Networks, LLC. He has been with the company for almost 10 years, for a total of over 18 years in the IT services industry. In his career, he has pursued and flourished in multiple domains, including cybersecurity, risk/compliance, IT infrastructure, service delivery, product management/development, and even VoIP telephony. This provides a unique advantage in the realm of information security, because the depth and breadth of knowledge he holds for different disciplines serves to give him a wholistic view of the security risks each system or business process poses, including how it relates to the overall security posture of an organization.

As Stratosphere’s CISO, he focuses on IT security, risk and compliance for our ever-growing customer base. He holds a plethora of certifications with many accredited registrars, and is an active member in the cybersecurity community, including SANS (SysAdmin, Audit, Network, Security), International Information System Security Certification Consortium ((ISC)2), and Information Systems Security Association (ISSA). Additionally, he has been instrumental in driving the development of new products and initiatives that have helped add stability, intelligence and security to countless customer environments – including proactive monitoring/analytics, monitoring as a service (MaaS), next generation security services and products, and too many tactical solutions for custom integrations to list here.

Jesse is largely responsible for ensuring that Stratosphere keeps our “first to market” pledge to our customers, deploying security technologies successfully and giving our clients a consistent and reliable advantage over their competition.

Derek Milroy, Information Security, U.S. Cellular

Derek has been implementing security in corporate environments, as both an internal employee and a consultant, for five years. Although he has implemented firewalls, IDSs, and VPNs for various employers and clients he focuses heavily on securing Microsoft hosts and Domain structures. He has hardened hundreds of hosts in environments ranging from less than a dozen servers to enterprise environments with over 1000 servers and thousands of users. In conjunction with hardening he has also crafted and implemented standards, policies, and procedures to maintain the security of his employer’s / client’s environments.

Steve Shelton, RSM, Avanan

Steve Shelton has over 15 years of IT sales experience helping organizations protect their people, processes and data. Steve brings a variety of knowledge to his customers, which he developed from his tenures at CDW, Verizon, Symantec, RSA and Proofpoint. He believes the best working relationships come out of integrity, trust and care. Steve’s main goal is to make the lives of those around him better in any way he can.

Steve has a variety of interests outside of work, including Tai Chi, yoga, nutrition, parent coaching and staring at goats. 

Nathan Smolenski, Director, Enterprise Strategy, Netskope

Nathan is a Cyber Security & Technology leader with over 18 years of experience across financial services, management consulting, executive search, insurance and software industry verticals. Nathan is highly experienced in digital transformation, leadership enrichment, organizational development and the modernization of enterprise security programs and architectures; enabling businesses through consumable service-based delivery capabilities. Nathan maintains a contemporary view of technology and cyber security and is a strong believer in process and technology innovation to drive transformational change.

Nathan currently serves as director on the enterprise strategy team at NetSkope, the leader in cloud security, focused on digital transformation of cyber security programs, security research initiatives, and the evolution of cloud security architectures; while helping to further drive success for NetSkope and its customers.

Prior joining the NetSkope team, Nathan served as the Head of Technology Security Strategy and Engineering for the NY Life Insurance Company; as well as previous roles as the VP/CISO of Spencer Stuart, a world leader in executive search and management consulting, the CISO of Zurich North America, and the CISO of 21stCentury Insurance. Nathan maintains the CISSP, CISA and CISM designations, was a 2016 nominee for ISSA & InfraGard’s Chicago CISO of the Year, and serves as a member of the Rutgers University cyber security program advisory board.

Altaz Valani, Director of Research, Security Compass

Altaz Valani is the Director of Research at Security Compass responsible for managing the overall research vision and team. Prior to joining Security Compass, Altaz was a Senior Research Director in the Application Development Practice at Info-Tech Research Group providing IT managers, directors, and senior managers with guidance and analysis around application development, application rationalization, agile, cloud, mobile, and the SDLC. His other past positions include Senior Manager at KPMG, and various positions where he worked side by side with senior-level stakeholders to drive business value through software development. Altaz currently sits on several Working Groups related to security and privacy at IEEE, SAFECode, and NMFTA.

Michael Winkler, Director Information Security & Compliance, Matthews International

Michael Winkler is the Director of Information Security & Compliance, responsible for overall data security at Matthews International, a multi-segment global organization. Over the past 15+ years he has specialized in securing and ensuring compliance of highly technical ecosystems for global organizations within multiple industries. Mr. Winkler is a Certified Information Systems Security Professional as well as a holding a master’s degree in information systems management.

Adam Zoller, Chief Information Security Officer, GE Healthcare

Adam Zoller is the Enterprise Chief Information Security Officer for GE Healthcare (GEHC), a leading medical technology and life sciences company with over 50,000 employees globally. In this role, Adam is responsible to GEHC’s executive leadership team for driving information security strategy and execution across GEHC’s information ecosystem.

Prior to his current role, Adam held leadership roles in GE Corporate and GE Capital (prior to spin out): Information Security Operations Leader at Synchrony Financial (formerly GE Capital Retail Finance), and Cyber Intelligence Director at GE Corporate.

Prior to Joining GE, Adam was the Computer Incident Response Team manager for Booz Allen Hamilton, a Fortune 500 management consulting firm. An early participant in the cyber threat intelligence space, Adam led the development of cyber intelligence capabilities at Booz Allen Hamilton, the Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT), the National Coordinating Center for Telecommunications, and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT.) He served in several leadership roles at the Department of Homeland Security, including the Associate Director of Analysis for the National Cybersecurity and Communications Integration Center.

Concurrent to his civilian career, Adam served in the US Army Reserves as a cyber operations officer and network defense officer in charge for the Army Reserves Cyber Operations Group and also deployed with US Army Special Operations Command in support of Operation Iraqi Freedom and Operation Enduring Freedom.

He holds a Bachelor’s Degree in Psychology from the University of North Carolina at Chapel Hill, and a Master’s Degree in Information Technology Management from Webster University. He holds Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH) certifications, and was a co-recipient of the 2012 Government Information Security Leadership Award from ISC2 for cyber workforce development.