SPEAKERS AT THE ENTERPRISE RISK / SECURITY MANAGEMENT CONFERENCE
Greg Bee, Chief Information Security Officer, Pekin Insurance
Chief Information Security Officer (CISO) whose qualifications include a degree in Information Technology and a Master’s of Business Administration (MBA); and certifications such as C|CISO, CISM, CRISC, CGEIT, including detailed knowledge of complex security infrastructure and information security management for leading insurance and financial firm that includes security tools, technologies and information security best practices. Over thirty-four years of information technology experience, and twenty years of Chief Information Security Officer experience in the management, creation and deployment of solutions protecting networks, systems and information assets for Financial and Insurance firms enterprise-wide information security programs.
Amy Buss, Information Security, U.S. Cellular
Amy is an Information Security professional with over 20 years of experience leading, designing, implementing, and supporting technology and security solutions. Amy has spent the last 5 years building and running the Enterprise Security organization at US. Cellular, the fifth largest cellular carrier in the United States. Amy is currently in a specialized role representing security in all US Cellular Contracts.
Chris Cronin, Principal/Partner, HALOCK
Chris Cronin is a partner at HALOCK Security Labs. Chris has practiced information security for more than 20 years in operations, audit, and consulting roles. Chris created Duty of Care Risk Analysis (“DoCRA”) which defines when a cybersecurity controls is reasonable, and is principal author of CIS RAM, the Risk Assessment Method for CIS Controls. Chris serves as Chair of the DoCRA Council and serves as an active member of the Sedona Conference, a law and technology think tank.
Bob Duplessis, Senior Vice President / Information Security Officer, Old Second National Bank
Robert Duplessis is currently the Senior Vice President/Information Security Officer at Old Second National Bank. He is responsible for the overall Cybersecurity and IT Risk Management Programs and its alignment with the enterprise risk program. He has an extensive background in financial sector operational controls and developing programs in Information Security, Strategic Planning, Governance, Risk, Compliance, Business Continuity, Incident Response and Vendor Management. He holds various certifications in the Information Security industry (CRISC, CISM and CBVM) and has over 20 years of experience in managing operations, technology and security.
John Germain, Chief Information Security Officer, Duck Creek Technologies
As Duck Creek’s chief information security officer (CISO), John Germain is accountable for the strategy, direction, and management of the company’s overall security program and capabilities, including those of Duck Creek’s OnDemand services.
John brings more than 15 years of experience as an information security professional to Duck Creek, and more than 25 total in IT. He has a strong background building and managing IT security programs for large, global organizations and is a well-respected leader in the community, having been named both a Top 100 CISO and a Top 25 Breakaway CISO Leader.
Prior to Duck Creek, John was both CISO and vice president of IT infrastructure at a multi-billion-dollar global manufacturing company, where he spent nearly 20 years honing his skills in the defense sector, critical infrastructure, and most recently in commercial products and services.
John is active in the information security community as a member of several professional governing bodies, and is a frequent speaker at events and conferences.
Laszlo S. Gonc, Founder and CEO, Next Era Transformation Group, LLC
First Senior Fellow, DivIHN Cybersecurity Center of Excellence
Laszlo is a recognized senior executive with thirty years of progressive experience in business and information technology. He is responsible for helping organizations – corporate and nonprofit alike – navigate the digital frontier, advising clients on cybersecurity, IT risk mitigation, and building digital technology strategies that drive both performance and business value. He has experience across several industries, consulting for senior executives and boards, developing cybersecurity strategies, evaluating IT risk, and spearheading critical security and transformation projects for senior leadership including, but not limited to, healthcare, manufacturing, mining, legal, insurance, marketing, advertising and banking.
Laszlo is a member of the Forbes Technology Council, PEER150, and sits on a number of nonprofit and professional advisory boards. He served as Chair of the Project Management Institute (PMI) Chicagoland Executive Council for a number of years, served as Executive Vice President for the Chicago chapter of the Association of Information Technology Professionals (AITP), and is a Board Member for the Society for Information Management (SIM) Chicago and ISACA Chicago Chapter (ISACA). He is also a member of Chicago FBI Infragard, and Information Systems Security Association (ISSA).
He is an Advisory Board Member for the national Cybersecurity Collaborative, and the Illinois Institute of Technology’s C2SAFE Program. In early 2016, as a volunteer he helped form the SIM International Cybersecurity SIG for senior technology leaders having served as Director of Strategic Programming and Content, collaborating to launch their first national virtual Cybersecurity Conference in 2017 as co-host.
He is a nationally recognized keynote speaker, invited at professional associations, industry conferences and universities providing thought leadership on the state of cybersecurity, mitigating technology risk, helping companies “Go Digital” and navigate the “The Next Perfect Storm.”
Providing coaching and mentoring in Chicago’s technology incubation and innovation areas, he has experience with business model generation and design thinking workshops. Laszlo holds a Bachelor of Science Commerce degree in Operations Management from DePaul University and is a certified CISSP security professional.
Rozel Audric Kouadio, Information Security, The Kraft Heinz Company
Rozel Audric Kouadio is an executive strategic leader with over a decade of consulting and industry experience in information security risk governance, application security and incident response. He leads the global cyber risk management and application security programs at the Kraft Heinz Company. Prior that experience, Rozel directed Information Security Programs at a specialized security firm where he managed multimillion dollar security research and investigation for the Department of Homeland Security, Department of Defense and various other Law Enforcement agencies. He is a Certified Information Security Manager (CISM) with a degree in Network Computing & Security from Roosevelt University, and an Executive Education in Management & Leadership from MIT Sloan School of Management.
Jason Lipschultz, Managing Director, Third Party Attestation, BDO
Jason is a Managing Director in BDO’s Third Party Attestation practice. He has over 15 years of IT and business assurance and advisory process, risk, and controls experience. Jason specializes in third party risk assurance (SOC reporting) and external financial and IT audit.
Jason’s passion is to help clients achieve their potential by developing practical solutions to business challenges. His biggest strength is in communication, advising clients through the often complex world of risk and controls to simplify what it means to them and help protect and grow their business.
Troy Mattern, Vice President for Product and Services Cybersecurity, Motorola Solutions
Troy Mattern is the Vice President for Product and Services Cybersecurity at Motorola Solutions. Having joined Motorola Solutions in June of 2017 he leads all policy, strategy and prioritization for cybersecurity efforts pertaining to Motorola Solutions Products and Services.
Troy is a retired Marine Corps Officer with 23 years of active duty service. His military career included roles in field artillery, U.S. Embassy security, intelligence and full spectrum cyber operations. He served in units ranging from those supporting tactical operations to the National Security Agency, the Pentagon and USCYBERCOM. His career included multiple deployments including combat tours for Operation Desert Storm and for the Global War on Terrorism.
Upon retiring from the Marine Corps Troy focused on cybersecurity. As the first Technical Director for Cyber Intelligence at Carnegie Mellon University’s Software Engineering Institute his team conducted research on private sector cyber intelligence programs seeking to improve the ability of the private sector to understand and protect itself against cyber threats. Simultaneously he also served with the Intelligence and National Security Alliance (INSA) as the first Chair of the Cyber Intelligence task-force where he was the principal author of Operational Levels of Cyber Intelligence and led the development of the cyber intelligence series of white papers. Troy’s last position, prior to joining Motorola Solutions, was as the Vice President of Cybersecurity for Zurich Insurance Group.
Brad Marr, Senior Director and CISO, Life Fitness
Brad Marr began his career over 20 years ago as a Systems Specialist supporting Caterpillar’s digital strategy for industrial products. From there he moved onto ITT Corporation and Xylem holding various IT and Cyber Security roles supporting a spin-off of two major business segments, a digital transformation, and enterprise scaled security initiatives Brad currently serves as the Senior Director and CISO at Life Fitness, a global fitness equipment manufacturer. His focus is to build and operate a world-class security program, with a focus on managing risk in the connected fitness ecosystem and positioning security as a competitive strength for the business.
Elizabeth Ogunti, Senior Manager, IT Security and Compliance, JBT Corporation
Senior Manager of IT Security and Compliance, molded by 20 plus years of IT/Information security experience I have become a thought leader with the ability to translate technical jargon to a variety of audiences. This is a major benefit in building relationships with clients and stakeholders. Reliance on my experiences, successes as well as lessons learned, to overcome challenges and to bring knowledge, improvement, and success to my career and organizations.
Jon Oppenhuis, Senior Advisor – Risk Management, Optiv
Jon Oppenhuis is a Senior Advisor in Risk Management at Optiv guiding clients and proposing solutions in risk management strategy at a programmatic level. He also brings 20 years of solution architecture experience to his current role. Previously, as an Optiv Solution Architect, he performed technical qualification and solution development across all security domains.
Prior to joining Optiv, Jon spent 15 years at Verizon where he served as a Managing Partner leading an international team of highly-skilled Solution Architects on large global networking projects that included security and risk components.
His background combines business, sales, leadership, technical, security and risk expertise. He has five degrees including advanced degrees in business and technical disciplines. He has served as a U.S. Army Infantry Officer and has held teaching positions at the university level in the U.S. and abroad.
Stephenie Southard, Vice President, Chief Information Security Officer, BCU
Stephenie Southard has over 25 years’ experience in Information Technology and Security. She is a strategic executive with CISO and VP level success in physical and logical governance, risk management, mergers & acquisitions and business continuity. She has presented significant reductions in IT costs, while building strong IT teams in tandem. Stephenie has championed several initiatives around incident response, improving services, system consolidation and secure datacenter site buildouts or relocations. Stephenie has worked in the Government, Educational, Non-for-Profit and Financial sectors. She has overseen 300+ successful external audits with such governing bodies as, PCI, SOC, ISO, Homeland Security, Visa, MasterCard and American Express.
Stephenie possess a Master’s in Business Management from Indiana Wesleyan University, has spoken at several IT and CISO conferences, appeared on guest-invited pod casts and is an advisory board member.
Annur Sumar, CTO, Maetech; Microsoft MVP, Former Vice President of IT D&P
Annur Sumar is a Microsoft Cloud and Datacenter MVP and technology consultant in the areas of Infrastructure Design, Enterprise Content Management, CRM, Microsoft Azure, System Center and Cloud Technologies. Annur is an industry recognized leader and independent speaker around strategic service automation, technology driven process improvements, IT service alignment, engineering best practices and operations management. All of which are targeted in his presentations to helping businesses with complex IT environments lower Total Cost of Ownership and raising Return On Investments.
Prior to joining a Microsoft Partner Consulting firm, Annur served as a Vice President of Technology for Duff & Phelps. One of the world’s leading independent financial advisory firms serving client needs in the areas of valuation, investment banking, transaction advice, and dispute consulting. During his tenure at Duff & Phelps, Annur worked closely with Microsoft product teams and case study managers in providing invaluable feedback around how businesses such as his were able to benefit from cloud technologies that were molded into business solutions. As a Microsoft MVP and industry expert, Annur brings 10 years of experience to work actively with other MVPs and Microsoft Partners to provide industry insight and strategic direction.
Nick Suttle, Director of Information Security and Compliance, Lippert Components, Inc.
Nick Suttle has served as the Director of Information Security and Compliance at LCI since January of 2019. Prior to joining the LCI, Mr. Suttle had served in multiple Chief Information Officer roles in Higher Education and Manufacturing. With over a decade of experience working in IT project management, IT Operations, and IT strategy Nick has balanced the agility needed for timely business decisions and diligent security practices.
Brian Vazzana, Information Systems Assurance Partner, BDO
As a partner in BDO’s Chicago office, Brian brings together more than 17 years of assurance experience with an in-depth understanding of information systems and IT general controls. This specialized background is at the foundation of his dual role as head of BDO’s Central Region Information Systems (IS) Assurance practice and leader of the Chicago office’s Third-Party Attestation practice.
A hobbyist programmer who formed an interest in technology at an early age, Brian draws upon this natural curiosity regarding how things work to ensure the quality of IS audits. He is also recognized as a leader in simplifying complex technology and systems concepts as well as offering opinions and recommendations to help public companies improve their control structures and reporting.
Brian joined BDO in 2002 as an Assurance Services Associate; he was named Partner in 2016. He has served as the IS and/or ICFR lead on client engagements that span Statement on Standards for Attestation Engagements (SSAE) 18 (SOC 1 and SOC 2); SOC for Cybersecurity reporting; International Standard on Assurance Engagements (ISAE) 3402 reporting; Sarbanes-Oxley (SOX) 404 compliance testing; and information technology general control reviews.
Ron Versetto, Executive Director, IT, University of Illinois at Chicago
Ron has nearly 20 years of experience in Information Technology in industries such as retail, hospitality, healthcare, and higher education. He has a background in regulatory processes and extensive experience with network and infrastructure. He is currently the Executive Director of Information Technology for the Liberal Arts and Sciences College at University of Illinois at Chicago.
Steve Williams, Director, Remediant
Following 6+ years of professional exposure to the damage inflicted by credential theft attacks via social engineering and phishing; Steve Williams joined Remediant and leads the Great Lakes Region. Remediant helps organizations protect and defend against stolen credentials being utilized by attackers to escalate privilege and advance attacks via lateral movement.
Steve became an authority on the social engineering and phishing landscape after helping PhishLine grow from a regional startup in 2013 to acquisition by Barracuda Networks in late 2018. Following his efforts with PhishLine, Steve led the launch and growth of MediaPRO’s Global Channel and Partner program; helping countless organizations across North America, EU, & the APAC region launch security and privacy awareness programs to help address the endless barrage of people centric threats and attacks.
Born and raised in Milwaukee, Wisconsin; Steve journeyed to Madison, Wisconsin where he graduated from Edgewood College in 2001 with a BS, Computer Information Systems. Steve is a dedicated father to his family of four, remains professionally obsessed with the fight against information theft, and strives to help others see the value of work and opportunities that reside within the information security and risk management community.