Black Hat CISO Summit

Michael has 15 years of executive search experience proceeded by 12 years in IT. Today Michael co-manages Hitch Partners, a national retained search firm focused exclusively on CISO and executive security leadership positions. The firm provides executive search and advisory services for companies ranging from early to late-stage startups to enterprises. For more information please visit to www.hitchpartners.com.

Lee J Kushner has been exclusively providing recruitment services to the Information Security industry and its profession for the past 25 years. As the founder of LJ Kushner & Associates, Lee and his team of experienced information security professionals have been called upon to successfully solve some of the industries most complex recruitment challenges. Throughout his career, he has provided recruitment services and consultative guidance to over five hundred (500) unique entities as these organizations attempt to protect and enable their businesses. He has supported information security initiatives in both the largest enterprises and some of the most innovative start-ups. Throughout the past two decades, Lee has been an invited speaker at major events on the topics of hiring and retention, organizational design, compensation, and professional development.

In 2019, his firm, LJ Kushner & Associates, was acquired by BGSF (NYSE: BGSF) where he is now the Executive Managing Director responsible for the Cyber Security business unit.

A globally recognized software security expert, Dan Cornell has over 20 years of experience architecting, developing and securing software systems. As Vice President of Product Strategy at Coalfire, Dan works with customers and industry partners to help drive the direction of their product portfolio. Prior to its acquisition by Coalfire, Dan was a founder of and the Chief Technology Officer at Denim Group, where he helped Fortune 500 companies and government organizations integrate security throughout the development process.

Cornell is an active member of the development community and a sought-after speaker on topics of application and software security, speaking at international conferences including RSA Security Conference, OWASP AppSec USA and EU, TEDx, and Black Hat Arsenal. He holds three patents in the area of software security.

CyberArk Labs Research Advisor, CyberArk

Andy is a CyberArk Labs Advisor and Research Evangelist. He and his team focus on offensive security and security innovation. They specialize in spotting security gaps in emerging technologies and developing innovative new security layers and effective mitigations to fill those gaps. Andy has 25 years of experience in web development, systems administration and security, and is a frequent speaker on security breaches, defense tactics and his passion of "travel-hacking".

CISO

Mike Wilkes is a Chief Information Security Officer that has built, transformed and protected companies such as ASCAP, Marvel, AQR Capital, CME Group, Sony, Macy's as well as European banks and airlines. A graduate of Stanford University and author of a book for Cisco Press in 2002, he is a featured speaker at technology conferences and is a professor at NYU teaching cybersecurity courses. An avid jazz fan and musician, he is also on the board of trustees for the National Jazz Museum in Harlem.

CEO and Co-Founder, Gurucul

Saryu Nayyar is an internationally recognized cybersecurity expert, author, speaker and member of the Forbes Technology Council. She has more than 15 years of experience in the information security, identity and access management, IT risk and compliance, and security risk management sectors. She was named EY Entrepreneurial Winning Women in 2017. She has held leadership roles in security products and services strategy at Oracle, Simeio, Sun Microsystems, Vaau (acquired by Sun) and Disney. Saryu also spent several years in senior positions at the technology security and risk management practice of Ernst & Young. She is passionate about building disruptive technologies and has several patents pending for behavior analytics, anomaly detection and dynamic risk scoring inventions.

CISO, Wells Fargo

Kurt Lieber is the Executive Vice President and CISO at Wells Fargo. He has over 20 years of experience in Information Technology and Information Security across multiple industries including health care, retail and financial services.

Kurt was formerly with CVS/Aetna where he was responsible for Risk Management, Identity & Access Management and Program Management Office within the CVS/Aetna Global Security team. Prior to CVS, Kurt was with Kaiser Permanente where he had responsibility for IAM as well as HIPAA remediation. Kurt also worked for Target Corporation, where he was accountable for the company's IT Security program and led the technology team responsible for their Payment Card Industry (PCI) program. Prior to Target, he had roles with Goldman Sachs and Accenture.

Former CISO of MassMutual, CVS, DTTC, American Express and more!

Jim is currently an advisor for Gurucul and Agari, a board member for the University of Cailifornia Berkeley Center for Long Term Security. Jim Routh is the former Board Chair for the Health Information Sharing & Analysis Center (H-ISAC) where he served for five years and former Board member for the Financial Services Information Sharing & Analysis Center (FS-ISAC). He presented to Boards and Board Committees (Technology & Governance, Audit Committees) for many public and private companies as the CISO or CSO providing cyber security updates and education for board members for the past twenty years. Jim Routh is currently on the Board of ZeroNorth and Acceptto, two early stage cyber security software companies. He serves in an advisory capacity and investor for three cyber specific venture funds including: ClearSky, CyberStarts and Rain Capital.

Jim has along history in technology and cyber security as a leader and management consultant. Mr. Routh was formerly a cyber security leader for many large companies including MassMutual CISO, CVS Health/Aetna CSO, JP Morgan Chase- Global Leader for Software & Mobile Security, KPMG CISO, Depository Trust & Clearing Corporation (DTCC) CISO, and American Express CISO. At Aetna, he developed one of the most mature converged security programs in the private sector. Prior to that Mr. Routh served as an IT leader at American Express and a management consultant for over a decade for financial service firms.

Jim is recognized as an industry leader in digital transformations and innovation in cyber security practices using data science as a foundation for unconventional cyber security controls and enterprise resilience. He is a known icon in the cyber security industry, among the awards he has received is the Santa Fe Group/Shared Assessments Lifetime Achievement Award, CSO Hall of Fame, ISE Luminary Award, Evanta Break Away Leadership Award, Information Security Executive of the Year Award (twice), BITS Leadership Award.

Matt Prevost, RPLU, joined Chubb in July 2014 as National Product Line Manager for Chubb's network security, privacy and technology Errors & Omissions (Cyber/Tech E&O) products. Since 2016, he has assumed overall responsibility for cyber product management in North America and in 2019, Matt also took on the role of Chair of Chubb's Global Cyber Product Board.

In his role, Matt is responsible for developing underwriting strategy, negotiating complex accounts, developing and maintaining a broad network of brokerage and vendor relationships, developing and driving distribution, and enhancing cyber services through all channels. Additionally, Matt plays a significant role in Chubb's Global Cyber Practice, which addresses growing risks as legislation and privacy and network security exposures evolve around the world and customer demands for cyber insurance and risk management solutions grow and change. Matt is also a member of Chubb Group's Emerging Risk Committee and an advisor for the Cyber COPE Insurance CertificationSM (CCIC) program provided by Chubb and Carnegie Mellon University.

Matt is a certified Continuing Education instructor and regularly speaks on the topics of cyber and privacy insurance, technology E&O, Directors & Officers (D&O) coverage, and cyber risk.. He is a graduate of Lafayette College with a degree in International Economics and Commerce, and also studied at Ecole Superieure de Commerce de Dijon in France.

CEO, HackerOne

Marten Mickos is the CEO of HackerOne. Previously, Marten served as CEO at Eucalyptus, a cloud software company acquired by HP where he then served as the SVP of the cloud division. Before that, he was CEO of MySQL, an open-source database company acquired by Sun Microsystems for $1 billion in 2008. At Sun he served as SVP of the database division.

Lesley Carhart is a Principal Industrial Incident Responder at the industrial cybersecurity company Dragos, Inc. She has spent more than a decade of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks. She is recognized as a subject matter expert in the field of cybersecurity incident response and digital forensics.

Prior to joining Dragos, she was the incident response team lead at Motorola Solutions. Her focus at Dragos is developing forensics and incident response tools and processes for uncharted areas of industrial systems. She is also a certified instructor and curriculum developer for the Dragos "Assessing, Hunting and Monitoring Industrial Control System Networks" course.

She has received recognition such as DEF CON Hacker of the Year, a "Top Woman in Cybersecurity" from CyberScoop, and "Power Player" from SC Magazine.

In her free time, Lesley co-organizes resume and interview clinics at several cybersecurity conferences, blogs and tweets prolifically about infosec, has served for 20 years in the USAF Reserves, and is a youth martial arts instructor.

President and CEO

As CEO Sumedh leads the company's vision, strategic direction and implementation. He joined Qualys in 2003 in engineering and grew within the company, taking various leadership roles focused on helping Qualys deliver on its platform vision. Since 2014, he has served as Chief Product Officer at Qualys, where he oversaw all things product, including engineering, development, product management, cloud operations, DevOps, and customer support. A product fanatic and engineer at heart, he is a driving force behind expanding the platform from Vulnerability Management into broader areas of security and compliance, helping customers consolidate their security stack. This includes the rollout of the game-changing VMDR (Vulnerability Management, Detection and Response) that continually detects and prevents risk to their systems, Multi-Vector EDR, which focuses on protecting endpoints as well as Container Security, Compliance and Web Application Security solutions. Sumedh was also instrumental in the build-up of multiple Qualys sites resulting in a global 24x7 follow-the-sun product team.

CISO

Ben Carr is the Chief Information Security Officer at Qualys. He is an information security and risk executive with more than 25 years of experience in developing and executing long-term security strategies. Ben has demonstrated global leadership and experience, through executive leadership roles of advanced technology, high risk, and rapid-growth initiatives, at companies such as Aristocrat, Tenable, Visa and Nokia. While at Aristocrat, Ben built a world-class global cybersecurity program from the ground up as part of a digital transformation. As a senior cybersecurity executive at Visa, Ben was responsible for developing and leading Visa's Global Attack Surface Management Team and capability. Prior to Visa, he led all security programs for Nokia corporate IT as the Global Head of IT Security. Ben holds a certificate in Risk & Information Systems Control (CRISC), is a Certified Data Privacy Solutions Engineer (CDPSE).

Bob Lord was the first Chief Security Officer at the Democratic National Committee. In this role he worked to secure the Committee, as well as helping state parties and campaigns. Previous roles include being the CISO at Yahoo, CISO in Residence at Rapid 7, and before that he headed up Twitter's information security program as its first security hire. You can see some of his hobbies at www.ilord.com.

As Chief Cybersecurity Officer, Kurt John is responsible for overseeing strategy and operations of Siemens largest market, over $23B in revenue. Kurt also serves as a member of the Siemens Cybersecurity Board (CSB) to set strategy, drive operations and address global challenges.

Kurt is also a board member of the Virginia Innovation Partnership Authority, focusing on the continued economic and technological development of the Commonwealth of Virginia. He is also on the innovation advisory board of George Mason University and the Cybersecurity Advisory Council of MxD; among other initiatives and appointments.

Director AT&T Cybersecurity Communications

Theresa Lanowitz is a proven global influencer and speaks on trends and emerging technology poised to help today's enterprise organizations flourish. Theresa is currently the head of evangelism at AT&T Business - Cybersecurity.

Prior to joining AT&T, Theresa was an industry analyst with boutique analyst firm voke and Gartner. While at Gartner, Theresa spearheaded the application quality ecosystem, championed application security technology, and created the successful Application Development conference.

As a product manager at Borland International Software, Theresa launched the iconic Java integrated development environment, JBuilder. While at Sun Microsystems, Theresa led strategic marketing for the Jini project – a precursor to IoT (Internet of Things).

Theresa's professional career began with McDonnell Douglas where she was a software developer on the C-17 military transport plane and held a US Department of Defense Top Secret security clearance.

Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.

Director AT&T Cybersecurity

Bindu provides strategic and tactical cybersecurity consulting services to customers and specializes in collaborating with clients on cybersecurity, technology transformation, cyber-risk, compliance, and data governance initiatives. She leads a team of security professionals responsible for providing consultative services specific to Trusted Advisor engagement, Incident Response, Forensics, Threat/Vulnerability Management services, & compliance assessments. Bindu leverages her extensive technical skills as she advises customers through workshops, speaking engagements, and industry forums. She counsels customers on how best to optimize their business benefits and drive organizational improvements by sustaining security protocols, managing compliance, and mitigating risk. In addition to providing subject matter expert support, she is responsible for defining services across Cybersecurity Consulting based on client-specific security challenges.

Corporate Vice President, Security, Compliance & Identity Business Development, Microsoft

Ann Johnson is Corporate Vice President of SCI Business Development at Microsoft. She oversees the investment and strategic partner strategy roadmap for security, compliance, and identity for one of the largest tech companies on our planet to help organizations become operationally resilient on their digital transformation journey and unlock capabilities of Microsoft’s intelligent cloud and next generation AI. She is a member of the board of advisors for FS-ISAC (The Financial Services Information Sharing and Analysis Center), an advisory board member for EWF (Executive Women’s Forum on Information Security, Risk Management & Privacy), and an advisory board member for HYPR Corp. Ann recently joined the board of advisors for Cybersecurity Ventures. For more about Microsoft’s Cybersecurity Solutions, visit the Microsoft Security Site, or follow Microsoft Security on Twitter at Msft Security Twitter or Msft WDSecurity Twitter. You can also hear her talk with some of the biggest influencers in cybersecurity each week on Afternoon Cyber Tea with Ann Johnson.