Category

TECHNOLOGY

The People-Led, Tech-Powered Future of Cybersecurity
TECHNOLOGY, VIDEO

The People-Led, Tech-Powered Future of Cybersecurity

Jason O’Dell is Walmart’s Global Vice President of Security Operations. He is a seasoned executive with 25+ years of security experience in multiple domains. In his current role, Jason is entrusted with safeguarding Fortune 1, its 250+ million weekly customers, and its 2.1 million associates from ever-growing cyber threats.

Prior to leading the teams responsible for protecting Walmart’s network, Jason successfully led a Managed Security Service Provider (MSSP) that provided protection to more than 1,000 financial institutions, collectively holding assets worth over $500 billion. Under his guidance, the MSSP received accolades as a top 50 world-ranked provider for five consecutive years.

Jason holds a BS degree in Cybersecurity from Bellevue. He has been quoted in various national media outlets, holds over a dozen industry certifications, and has held multiple board level positions at various information security chapters. His work and dedication in the field of information security was acknowledged by the SANs Institute, which honored him with the Difference Maker Award. Outside of work, Jason is a neophyte vinyl collector, a BBQ judge, and an avid reader

Continue reading
Fireside Chat: Navigating the Future: Scaling Secure AI Amidst Emerging Policies and Privacy Challenges
TECHNOLOGY, VIDEO

Fireside Chat: Navigating the Future: Scaling Secure AI Amidst Emerging Policies and Privacy Challenges

Xochitl Monteon is Intel’s Chief Privacy Officer (CPO) and VP of Cybersecurity Governance, Risk and Compliance in Information Security. As the CPO, Xochitl plays a pivotal role in leading Intel through the complex landscape of global privacy, AI, and cybersecurity legislation to seamlessly operationalize compliance while enabling continued business innovation. Xochitl’s expertise lies in her ability to integrate rigorous privacy policies with robust cybersecurity frameworks, fostering a secure and compliant digital environment. Her leadership is characterized by a proactive approach to emerging threats and vulnerabilities, ensuring that privacy and security considerations are at the forefront of corporate governance.

Xochitl has worked in the technology industry for 30 years. Prior to joining Intel, she worked for McAfee and PayPal in Senior leadership positions. Her tenure includes pivotal roles in a wide array of sectors such as high-tech manufacturing, SaaS, fintech, e-commerce, finance, biotechnology, pharmaceuticals, education, and the broader technology landscape.

Continue reading
Security in the Open: Let’s Raise the Bar in Open Source Software Security
TECHNOLOGY, VIDEO

Security in the Open: Let’s Raise the Bar in Open Source Software Security

Mark Ryland is the Director, Amazon Security, reporting to the CISO of Amazon and engaging with a variety of external and internal stakeholders on behalf of Amazon and AWS Security leadership. Ryland works with public policy and public sector regulators and customers to help them understand how AWS builds and operates its highly secure cloud offerings, and how they can best leverage the AWS cloud to enhance their own cyber security. In addition, he works as a key channel for incoming feedback from customers and regulators, making sure their requirements in security and compliance are understood and prioritized across AWS service teams as well as Amazon as a whole. Ryland also works closely with industry partners to enhance the security of the broader information technology ecosystem as Amazon’s representative on the governing board of the Open Source Security Foundation as well as in industry groups focusing on the security and reliability of cutting-edge artificial intelligence systems.

Ryland has more than 32 years of experience in the technology industry across a wide range of leadership roles in information security, software engineering, distributed systems, technical standardization, and public policy. Most recently he founded and ran AWS’s Office of the CISO from 2018 to 2023, a team with which he still collaborates closely on a variety of efforts. Prior to that, he was the Director of Solutions Architecture and Professional Services for the AWS Worldwide Public Sector team, founding the team in 2011 and growing it to a large global organization through early 2018. Before joining AWS, Ryland worked for Microsoft for 13 years in two different stints (1991-2000 and 2008-2011) in multiple roles including founder and Director, Standards Strategy Group. In between stints at Microsoft, he was co-founder and CTO of two start-ups, and served as vice president and director of the Washington, DC office of a public policy think tank. Additional information on Mr. Ryland and his background is available at http://linkedin.com/in/markryland.

Continue reading
Managing Your Insider Risk Program
TECHNOLOGY, VIDEO

Managing Your Insider Risk Program

Bret Arsenault is Corporate Vice President and Chief Information Security Officer at Microsoft. He is charged with keeping all Microsoft data secure from the 21st century’s ever- growing cyber-threats, while ensuring compliance with evolving regulations. In addition to his responsibilities as CISO, Bret serves as Chairman of Microsoft’s Information Risk Management Council, and as an outside cyber-risk advisor to executives and boards at numerous Fortune 100 companies. He is also a founding member of Security 50 and RSAC’s Executive Security Action Forum (ESAF). Beyond security Arsenault is also responsible for crisis management and overall business continuity and resilience at Microsoft. As part of this, he and his team have coordinated the Microsoft Covid-19 response program.

Continue reading
Panel: The Business of Global Talent
TECHNOLOGY, VIDEO

Panel: The Business of Global Talent

Placing diversity and inclusivity at the core of everything you do
Breaking new ground and finding new ways of managing the holistic talent life cycle, enabled by advanced technology
Forging partnerships across the business to attract a new generation of talent from outside the core cyber function
Using internal, external and unconventional talent pools to build and develop a sustainable global talent pipeline

Continue reading
New Data Governance and Cyber Resiliency Standards for Healthcare
TECHNOLOGY, VIDEO

New Data Governance and Cyber Resiliency Standards for Healthcare

Arve Kjoelen is Vice President and Chief Information Security Officer (CISO) at McAfee, providing strategic and day-to-day leadership to McAfee’s security teams.

Arve has 25 years’ experience evaluating, building and running security programs in technology and financial services. He joined McAfee in 2018 from a Denver-based technology company where he was Chief Security Officer.

Arve is certified by the National Association of Corporate Directors (NACD.DC); is on the Board of the Information Technology – Information Sharing and Analysis Center (IT-ISAC); and is an Advisory Board Member at Threatology, Inc.

Arve holds Master’s and Bachelor’s Degrees in Electrical Engineering. He writes occasionally on Substack about challenges facing CISOs and other cyber topics.

Continue reading
Building More Secure, Resilient and Safer Critical Infrastructure
TECHNOLOGY, VIDEO

Building More Secure, Resilient and Safer Critical Infrastructure

Taylor Lehmann is a Director in the Office of the CISO at Google Cloud. He leads customer engagements and drives the health security engineering and risk management strategy of the company’s core and cloud infrastructure and applications. Taylor is thrilled to be at Google after spending time as the CISO of some notable health companies. Even better, he works at a place where security is important.

Taylor values vulnerability and courage over personal comfort, and he strives to create a culture of trust, collaboration, and innovation in his organization.

Taylor has an MBA, Strategy and Operations from Boston College and a BS, Finance & IT from University at Buffalo.

Continue reading
Building a Business Aligned, Risk Prioritized Cybersecurity Strategy
TECHNOLOGY, VIDEO

Building a Business Aligned, Risk Prioritized Cybersecurity Strategy

Gary Harbison is the Chief Information Security Officer (CISO) at J&J, a role he has been in since he started at the company in October 2022. Gary is responsible for leading the Information Security and Risk Management (ISRM) organization which protects J&J’s critical data and information. He drives global security strategy and cybersecurity transformation of J&J’s products and services while also managing enterprise technological risks.

Gary has 27 years of overall technology experience, with 25 years in Information Security and Risk Management at multiple Fortune 500 companies. Gary also has public sector experience from the U.S. Department of Defense. His technical background includes security architecture and threat intelligence roles along with various leadership roles focused on building high-performing teams that partner with key stakeholders to enable crucial business objectives.

Prior to J&J, Gary was the CISO for Bayer, a leading global life sciences company. In that role, Gary was responsible for leading all aspects of the Cybersecurity Risk Management function (CSRM) with global ownership of information security strategy, IT risk management & compliance, security education & awareness, cyber defense, as well as governance of IT security controls.

Gary contributes to the greater information security community by serving on advisory boards for multiple cybersecurity companies and he helps engineer industry innovation through mentoring cybersecurity startups and advising venture capital investors and startup accelerators. He is also involved in the education sector and advises multiple universities about their Computer Science & Cybersecurity programs and serves as an Adjunct Professor in the Master of Science in Cybersecurity Engineering program at Washington University in St. Louis. Gary received his Bachelor of Business Administration (BBA) degree from Webster University in St. Louis.

Gary resides in the St. Louis area with his wife and three children. In his spare time, Gary enjoys playing sports, fishing, and spending time outdoors. He is also very active in his community and coaches youth sports teams.

Continue reading
Redefining DevSecOps After SolarWinds: Lessons from a Securities Lawyer Turned Cyber Hacker
TECHNOLOGY, VIDEO

Redefining DevSecOps After SolarWinds: Lessons from a Securities Lawyer Turned Cyber Hacker

Tom Tovar is CEO and co-creator of Appdome, the mobile industry’s first no-code mobile solutions platform. Tom also leads Appdome’s Cyber Security Research team. The cyber research team has access to 100Ms of “sentinel” data points tracking threats and attacks on mobile users and apps globally. Prior to Appdome, Tom served as executive chairman of Badgeville, an enterprise engagement platform acquired by CallidusCloud, and as CEO of Nominum, a DNS security and services provider that was acquired by Akamai. Tovar holds a JD from Stanford Law School and a BBA in finance and accounting from the University of Houston.

Continue reading
Achieving a Dominant Cybersecurity Posture in the Digital Economy
TECHNOLOGY, VIDEO

Achieving a Dominant Cybersecurity Posture in the Digital Economy

Mr. Gurpreet Bhatia serves as the Department of Defense (DoD) Principal Director for Cybersecurity / Deputy Chief Infortion Security Officer (CISO). In this position, he is responsible for the definition and execution of the Department’s cybersecurity program, and oversees the coordination of cybersecurity standards, policies and procedures key stakeholders. Prior to assuming this position, Mr. Bhatia served as the Chief of Partner Engagements in Foreign Engagements at the National Security Agency (NSA), where he was responsible for the day-to-day management of NSA’s foreign cryptologic partnerships including technical guidance, management and implementation of cryptologic foreign partner strategies, and representing NSA positions to foreign partners.

Mr. Bhatia’s 28 years of experience spans the DoD and private industry, including three years at the Navy Public Works Center in Washington and three years in the private sector. Over his 22 years with NSA, he led the incubation of joint secure chip technology with private industry focusing on fostering U.S. manufacturing, built foundational GIG authentication and policy reference architecture, and overseeing development of authentication technologies for DoD key management infrastructure. While detailed to the Pentagon, Mr. Bhatia served as a Senior Information Assurance (IA) Representative to the Joint Staff, J6, and to the Office of the Under Secretary of Defense for Policy, Cyber Policy. In this role, he supported requirements and delivery of warfighter IA capability, was an integral part of the United States Cyber Command standup team, and a co-author of the 2011 DoD Strategy for Operations in Cyberspace. Upon returning, he led the organization responsible for development and delivery of the initial NSA cloud platform, analytics, and data stores.

After returning from an overseas assignment, Mr. Bhatia was selected to be a 2016 Brooking LEGIS Congressional Fellow. He served in a member office in the U.S. Senate, where he raised cybersecurity awareness writ large, advised on cybersecurity and privacy legislation across healthcare, Internet of Things and business IP theft, and supported legislative efforts to update the right of individuals to serve in the U.S. Armed forces, while retaining their articles of faith. He was then detailed as the Deputy Director, Legislative Liaison and principal advisor at United States Cyber Command, where he advised on all legislative matters and secured crucial legislative wins. In 2019, Mr. Bhatia served as a
member of the NSA cybersecurity strategy team, which recommended the standup of the Cybersecurity Directorate (CSD) and then led the CSD implementation team.

Mr. Bhatia is a Certified Information Security Systems Engineer, a two-time recipient of the Joint Meritorious Civilian Service Award, and a recipient of the National Partnership for Reinventing Government, Vice President Gore’s Hammer Award. Mr. Bhatia holds a Bachelor of Science in Electrical Engineering from the University of Alabama at Huntsville, a Master’s in Science in Electrical Engineering from Johns Hopkins University, and a Master’s in Business Administration from Georgetown University.

Continue reading
Batman on a Beach, Einstein, and AI Robots
TECHNOLOGY, VIDEO

Batman on a Beach, Einstein, and AI Robots

Bulletproof offers comprehensive IT, security, & compliance solutions for your business. We work with any industry, any size – to help you mitigate risk, improve your technologies, processes, systems, business infrastructure, and ensure compliance while securing your data.

Bulletproof was named Microsoft’s global Security Partner of the Year in 2021 for delivering excellence and innovative end-to-end security solutions – let us help you deploy and optimize your technology, security, and compliance, empowering you do to more with your teams.

Continue reading
‘Shift Up’ Observability of Your Custom Software Security Risks and Beyond
TECHNOLOGY, VIDEO

‘Shift Up’ Observability of Your Custom Software Security Risks and Beyond

As Vice President of Product for CAST Highlight, Greg leads strategy for the CAST SaaS product helping CIOs, CTOs, and software leaders control open source risks, reduce technical debt, accelerate application modernization / cloud migration, and make greener software. He has held technology leadership roles with Fortune 1000 companies such as Microsoft, IDG, and Arrow Electronics for over 25 years. Greg has a B.S. in Electrical Engineering and an M.S. in Management of Technology and is passionate about applying technology to improve business and our everyday lives.

Continue reading
Governing Generative AI: Safeguarding the Enterprise Without Stifling Exploration
TECHNOLOGY, VIDEO

Governing Generative AI: Safeguarding the Enterprise Without Stifling Exploration

Jeff Northrop was recently promoted from Chief Information Security Officer for Mars Petcare into his current role as Chief Information Officer for Mars Wrigley North America. Mr. Northrop joined Mars, Incorporated in May 2019 as Director, Security CoE where he established an OT security program, operationalized the data protection program, and managed Security Architecture before assuming the CISO role for Mars Petcare.

Prior experiences include positions as Security Officer for Liberty Mutual, CTO for the IAPP, and Head of Technology for Reed Elsevier. Mr. Northrop lives in Maine where, along with his wife, he has raised two boys. He now spends his free time hiking, tending to his gardens, and spoiling his cat and chickens.

Continue reading
Endpoint Strategies to Achieve Cybersecurity Compliance — A Conversation with Romanus Prabhu of ManageEngine
TECHNOLOGY, VIDEO, PODCAST

Endpoint Strategies to Achieve Cybersecurity Compliance — A Conversation with Romanus Prabhu of ManageEngine

In the run-up to the 2024 edition of the North American Information Security Summit we spoke with security evangelist Romanus Prabhu of Manage Engine about how data security and cybersecurity professionals need to rethink and reevaluate their systems to account for new threats. The reality is protection can never get in the way businesses operate, so what is the right balance to strike between proactive methods, employee engagement, and resiliency versus functionality and productivity? What mindset do security leaders need to have? How should they be looking at their tools, tactics, and technologies? For all this and more, give this episode a listen!

Continue reading
Understanding What’s Next for Cybersecurity Professionals — A Conversation with Jerry Carlson and Jack Wilson of Bulletproof
TECHNOLOGY, VIDEO, PODCAST

Understanding What’s Next for Cybersecurity Professionals — A Conversation with Jerry Carlson and Jack Wilson of Bulletproof

Jerry Carlson has over three decades of IT and Security expertise, with 23 of these years spent at Microsoft. He currently leads a team of cyber security experts for Bulletproof across the United States. His team is driven by helping organizations protect themselves from cybercrime because they believe stealing is wrong. Jerry is an expert in the Microsoft security portfolio, including M365 Security (Defender for Endpoint, Defender for Email, Defender for Identity), and Entra Cloud Permissions Management, as well as Microsoft Copilot for M365 and Copilot for Security. He has assisted many small and large businesses in transitioning from an outdated best of breed model to a Microsoft best in class integrated security platform, lowering their security expenses, enhancing their visibility, and ultimately decreasing risk.

Continue reading