Top of Page
 

Advisory Councils

Advisory Council Logo

(ISC)²’s Global Advisory Councils represent a group of senior-level information security professionals in their respective region who advise (ISC)² on industry initiatives, policies, views, standards and concerns. The goals of the advisory councils are to offer deeper insights into the needs of the information security community in each respective region; discuss matters of policy or initiatives that drive professional development; provide feedback on (ISC)² programs, activities and opportunities; and make introductions to influential organizations, bodies, institutions within government and industry with which (ISC)² should engage.

(ISC)² currently enlists the expertise of four advisory councils, including the:


Council Members

  • Asia-Pacific Advisory Council (APAC) Asia-Pacific Advisory Council (APAC)
    dr-lee-jae-woo
    CHAIR: Dr. Jae-Woo Lee, Fellow of (ISC)², CCFP-KR, CISA, CISM (Korea)

    Chair Professor, Graduate School of International Affairs and Information, Dongguk University

    Dr. Jae Woo Lee is Chair Professor at Dongguk University, and president of the Cyber Forensic Professional Association Korea. He is also chairperson of the (ISC)² APAC and Advisory Board of CISO Association in Seoul. Following his retirement from his position as a major general in the Korean Air Force, Dr Lee pursued his career in the information security profession. He was the first president of the Korean Information Security Agency and an organizer of the Korean National Computerization Agency. He holds a Master of Science degree in systems management from the University of Southern California, U.S.A. and a doctorate degree from Konkuk University in Korea.

    prinya-hom-anek
    Prinya Hom-anek, CISSP, CSSLP, SSCP, SANS GIAC GCFW, CGEIT, CRISC, CISA, CISM (Thailand)

    President & Founder, ACIS Professional Center

    Mr. Prinya Hom-anek has over 20 years of experience in IT and information security, network and data communications, Internet and network security, information security, fraud and forensic investigation, penetration testing, ISMS, and generic information security consulting in both the public and private sectors. He is recognized as one of Asia-Pacific's leading information security professionals. Mr. Hom-anek founded and serves as the president for the most successful information security training, consulting, and managed security services provider in Thailand - "ACIS Professional Center" or "ACIS". He is also a senior IT and information security consultant for Thailand's government departments and agencies, including the Revenue Department, Ministry of Finance, Department of Special Investigation, Ministry of Justice, National Intelligence Agency, Bank of Thailand and several major banks in Thailand, Metropolitan Waterworks Authority, the Government Pension Fund, National Electronics and Computer Technology Center (NECTEC), and Software Park Thailand, National Science and Technology Development Agency (NSTDA). He currently serves as a senior committee member on various boards, including the (ISC)² Asian Advisory Board, the ISACA Thailand committee, and as secretary of the Thailand Information Security Association (TISA) committee. He has published over 130 information security articles in magazines and newspapers such as eEnterprise, eLeader, Telecom Journal, Thairath, DailyNews, The Nation, and Bangkok Post. He is frequently invited to appear on TV and radio programs and is a visiting lecturer at a number of universities and colleges within Thailand.

    haruto-kitano
    Haruto Kitano, CISSP, JGISP (Japan)

    Senior Manager, Deliotte Tohmatsu Risk Services Co, Ltd.

    Mr. Haruto Kitano is currently senior manager and consultant for Deloitte Tohmatsu Risk Services Co., Ltd. His consulting is focused on security and risk management governance, database security, identity management, regulatory compliance, and privacy. He is currently a committee member of the Database Security Consortium in Japan and a member of (ISC)² Asia-Pacifc Advisory Council. Mr. Kitano has been a vocal professional within the IT security industry in Japan and previously worked as a Telecom and internet networking engineer for 10 years, and at Oracle for 11 years specializing in Database Security and Identity Management. He earned his Master of Informatics from the Institute of Information Security (IISEC), the first Japanese graduate school specializing in information security, where he is researched security management and information protection against internal threat.

    dr-melvyn-kuan
    Dr. Melvyn Kuan (Singapore)

    Assistant Director (Ecosystem Development), Cyber Security Agency of Singapore

    Dr. Melvyn Kuan is currently Assistant Director (Ecosystem Development) at the Cyber Security Agency of Singapore (CSA) where he is responsible for professional workforce development planning and programmes. Prior to the CSA, he was Head of Strategy and Digital Economy at the National Research Foundation where he was responsible for the priority setting of research areas and capability development and the development of the Services and Digital Economy R&D strategy. Dr Kuan has also served in various capacities in the former Infocomm Development Authority (IDA) such as the Technology and Planning Group and the Smart Cities Programme Office. Before joining the former IDA, he was pursuing his PhD and was a Teaching Assistant at the Department of Information Systems, National University of Singapore. His work has been published in journals such as Information & Management and Behaviour and Information Technology and; leading Information Systems conferences such as International Conference on Information Systems (ICIS), European Conference on Information Systems (ECIS) and Pacific Asia Conference on Information Systems (PACIS).

    jill-slay
    Prof. Jill Slay, PhD, FACS, CP, MIEEE, Fellow of (ISC)², CISSP, CCFP (Australia)

    Optus Chair of Cyber Security, La Trobe University

    Professor Jill Slay is Optus Chair of Cyber Security at La Trobe University and Director of Cyber Resilience Initiatives for the Australian Computer Society. She has established an international research reputation in cyber security (particularly Digital Forensics) and has worked in collaboration with many industrial partners. She was made a Member of the Order of Australia (AM) for service to the information technology industry through contributions in the areas of forensic computer science, security, protection of infrastructure and cyber-terrorism. She is a Fellow of ACS and a Fellow of the International Information Systems Security Certification Consortium, both for her service to the information security industry (and is MACS CP and holds CISSP and CCFP certifications). She has published one book and more than 120 refereed book chapters, journal articles or research papers in information assurance, critical infrastructure protection, security and forensic computing in the last 10 years. She has completed the supervision of 19 PhDs and many Masters and Honours theses and has been awarded over AUD 2 million in Australian Government Category 1 research income, including a Future Fellowship.

    sc-leung
    SC Leung, CISSP, CISA, CBCP (Hong Kong)

    Centre Manager, Hong Kong Computer Emergency Response Team Coordination Centre

    Mr. SC Leung is currently the Senior Consultant of the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), supervising the security incident response team and coordinating with local and overseas parties. He has over 20 years of working experience serving banking, Internet solution provider, telecommunication and the consultancy industries. SC Leung holds several information security designations including CISSP, CISA and CBCP. He is a frequent speaker in promoting information security awareness. He had been invited to speak for Hong Kong Monetary Authority, Hong Kong Police Force, Government departments, enterprises, schools and local non-governmental organizations, while he had also spoken in overseas conferences of the (ISC)², APECTEL, CNCERT/CC of China and National University of Singapore. He was given by (ISC)² the President’s Award in 2013 and the Asia-Pacific Information Security Leadership Achievement honouree in 2007 for his voluntary work and product neutral security awareness education to the public. He was the founding member of the Internet Society, Cloud Security Alliance Hong Kong and Macau Chapter and the Professional Information Security Association and had held key positions in these organizations.

    Wan Suk Yi
    Dr. Wan Suk Yi, CISSP (Korea)

    Director, Infrastructure Protection Division, Korea Internet & Security Agency

    Dr. Wan Suk Yi is Director, Infrastructure Protection Division in Korea Internet and Security Agency (KISA). He received BS degree in Computer Science from Virginia Polytechnic Institute and State University in US. He also received MS degree in information security from Dongguk University and Ph.D. in computer engineering from SungKyunKwan University in Korea. Since 2014, he is an adjunct professor at SungKyunKwan University. He served in a variety of important career building assignments including Director of IT Security Planning Team, IT Security Evaluation Team, IT Service Security Team and CIP Team. Finally, he served as the VP of Internet Incident Prevention Division and International Cooperation Group. Before joining KISA, he worked for Hyundai Information Technology, LTD. During his military service, he was an Aide de Camp for Deputy Commander in Chief, ROK/US Combined Forces Command. He retired from service in 1994 as a Korean Air Force lieutenant. His award includes two ROK/US CFC DCINC Awards (1993, 1994), US Army Achievement medal (1993) and commendation Medal (1993), National Intelligence Service Award (2000), ISC² ISLA (2008), ISC² Presidential Award (2008), Minister of Public Affairs and Security Award (2009), and ROK President Award (2012).

    Dr. Kamlesh Bajaj, Ph D (India)

    Mentor Professor, NIIT University

    Dr. Kamlesh Bajaj holds a Ph.D. (Physics) from McMaster University, Canada; and a Masters degree in Physics from the University of Delhi. He is a Fellow of the National Academy of Sciences (FNASc), and a Fellow of the Institution of Electronics Engineers (FIETE). He is also a Distinguished Fellow, EastWest Institute, New York. Dr. Bajaj was the Founder CEO of Data Security Council of India – an industry initiative - in cyber security and data privacy. At DSCI, Dr. Bajaj guided the development of best practices Frameworks for data security and privacy protection. He has served on various Government Committees on cyber security, privacy and ICT, and contributed to the activities of global bodies like OECD and EWI. He was also the Founder Director of the Indian Computer Emergency Response Team (CERT-In); he directed the cyber security initiatives in the government. He has published and lectured extensively on the IT Act 2000, cyber security and cyber crimes, privacy and data protection, Internet governance, e-commerce, digital signatures, in national and international journals and conferences. He has authored two books, and co-authored two books. Dr Bajaj also helped set up the techno-legal infrastructure for PKI in the country. He also served as Global Head, Information Risk Management Consulting Practice, Tata Consultancy Services.

  • Europe Middle East and Africa Advisory Council (EAC) Europe Middle East and Africa Advisory Council (EAC)
    Yiannis Pavlosoglou, PhD, CISSP, Co-chair of the (ISC)² EMEA Advisory Board

    Dr. Yiannis Pavlosoglou, PhD, CISSP is currently head of CISO for the UK at global financial services firm UBS. He is currently Co-chair of the (ISC)² EMEA Advisory Council. Upon completing his PhD in Secure Communications, Yiannis worked for more than 5 years as a penetration tester in London. He then headed up a number of local and off-shore risk assessment teams with a technology focus. His last position was that of strategic change manager for Operational Resilience. Yiannis has also held the chair of the Global Industry Committee for the Open Web Application Security Project (OWASP) leading a number of projects within that space.

    CO-CHAIR: Yves Le Roux, CISSP, CISM

    After his graduation from Paris University in 1970, Yves Le Roux worked in the Rothschild Group where, among others tasks, he was in charge of the network security and other security related issues. In 1981, he joined the French Ministry of Industry where he was in charge of the Open Systems Standardization programs. In 1986, he took the position of European Information Security Manager at Digital Equipment. Then, he joined the security research and development team. In 1999, he went to Entrust Technologies, PKI software editor. In 2003, Yves joined Computer Associates Int. as a Technology Strategist. He has co-authored three books on security. He is a lecturer at ISEP (Paris Graduate Engineering School) and spoke in many conferences (e.g. SecureCloud 2012, Insights 2013, ISSE 2013, IAPP Europe 2013, EUROCACS/ISRM 2014).

    Geoff Harris, CISSP, CCP SIRA , ITPC, B.Sc. (Hons), Dip(EE), CEng

    Geoff Harris is the CEO of Alderbridge, providing specialist information security consulting and recruitment services. Alderbridge has worked with over 30,000 professionals since its formation in 1997 and has contributed to the 2013 Global Information Security Workforce Study. Geoff Harris is a Director on the International Board of the Information Systems Security Association (ISSA), was one of the founding members of ISSA-UK in 2003 and the ISSA-UK President from 2007 – 2010. Geoff is a member of many leading security executive advisory boards, all helping to develop the cyber security profession globally. Geoff has served on the (ISC)² European Advisory Board since 2011.In 2013, Geoff co-authored a report commissioned by e-skills UK “Career Analysis into Cyber Security: New & Evolving Occupations.” Geoff is an adviser to the ISSA Cybersecurity Career Lifecycle and Information Cybersecurity Consortium Education & Professional Development programmes. With a background in secure military communications systems; Geoff is a UK CLAS (CESG Listed Adviser Scheme) consultant and provides information security professional services to HMG and private sector organisations.

    Bola Rotibi

    Bola Rotibi Research Director at Creative Intellect Consulting, has over 22 years of industry experience spanning engineering, software development and IT analysis. She is a highly experienced analyst focused on software development technologies, applications, processes and market trends. In 2008 and 2009 Bola Rotibi was voted one of the top three analysts covering the software development and delivery market and industry by the influential IIAR (Institute of Industry Analyst Relations) group. Over the years as an analyst, Bola has built an extensive portfolio of authored, in-depth product review/evaluations, technology reviews, strategy reports and competitive analysis reports. Bola’s technology expertise include, Security Software development (technologies, product and processes), in particular, Application lifecycle management strategies for a variety of platforms (Mobile, Server, Desktop, Web etc.); software modelling, testing and performance. Other areas of expertise include Web 2.0 and Rich Interactive/Internet Applications; Mobile applications and device platforms and IT sourcing for software development projects; enterprise architecture, IT Governance and business management and embedded systems development. Bola has authored a number of reports that have particularly focused on User Centric Services and Applications within the connected environment. Bola is regularly sought after to provide input into and drive vendor and product selection decision processes. She has acted as an advisor to many leading IT providers.

    Paco "Brian" Hope, CISSP, CSSLP

    Principal Consultant at Cigital, Paco Hope is a Principal Consultant in Cigital's London office and is a recognised expert in the field of software security. He has worked with many of the world’s leading organisations to help them create secure software. His experience spans mobile operating systems, lottery systems, trading platforms, online retail, and online poker. While at Cigital he has also participated in the Building Security In Maturity Model (BSIMM), helping to firms to measure and better understand security in their software lifecycle. He is the author of two security books, a frequent conference speaker, and a regular online author.

    Peter Drabwell, CISSP, ISSAP, CISA

    Peter Drabwell is Senior Analyst - IT Risk Planning & Assessment at Credit Suisse. Peter is recognized as a qualified security expert with experience working in global organisations, telecommunications networks, and the finance sector. The scope of his work includes e-commerce, global standards, cross border, compliance, audit, risk analysis and business oriented IT security solutions. He played an active role in the infrastructure integration efforts following the purchases of ABN AMRO by the consortium of RBS/Fortis/Santander and the purchase of Prime Fund Solutions from ABN AMRO/Fortis by Credit Suisse. He is also vice-president of the ISACA London Chapter. On the EAB, Peter Drabwell is keen to work on redressing the skills gap in information security, and to work with other professional bodies on areas of mutual benefit.

    Sofiane Chafai, CISSP

    Sofiane Chafai is Managing Director of MFC Advisory, a consultancy based in Algeria led by former CIO’s and CISO’s with more than 20 years of experience working within global companies. Previously, Sofiane was IT Risk Assurance Manager at Ernst & Young Algeria, CISSP, CISA and Prince2 certified, (ISC)² and ISACA active member, charter member of the Algeria Information Security Association. Information Security expert with over 15 years’ experience in managing ICT and Security project, system implementation, security program and business continuity management for a large international companies in Middle East and North Africa in Banking, Telecom, Government services, Oil & gas industries. The scope of his work includes governance, risk management, compliance, audit and business resilience, contributor to numerous magazines and speaker in international conferences.

    Tamer Gamali, CISSP, CISA

    Tamer Gamali currently heads up the Group Technology Risk and Business Continuity Management function for Kuwait Finance House (KFH). Prior to joining KFH, Tamer was the Group CISO at the National Bank of Kuwait responsible for ensuring the security of information systems and services, as well as the integrity and confidentiality of customer and employee information. Tamer also managed the corporate security function for the Group. Previous to this, Tamer was head of security services for KPMG. He joined the Middle East practice from London to help define and establish one of the first security practices in the Middle East. Tamer also sits on the advisory board of several companies operating in the IT Governance and Certification sectors. He is the President and co-founder of the (ISC)² chapter in Kuwait, and an executive member of the US OSAC (Overseas Security Advisory Committee) for the US Embassy in Kuwait. Previously, Tamer was a security specialist for Intel Corporation working in the online services division supporting global blue chip companies. With 19 years of experience in Information Security, Tamar is both a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA). He graduated from Sussex University (UK), and earned an MSc with distinction in advanced systems from Kingston University (UK).

    Rainer Rehm, CISSP, CISM

    Rainer Rehm is Information Security Officer Security Architectat MAN, where he is responsible for the management of the Information Security Office and Information Security Management Systems. Mr. Rehm is one of the founding members of The (ISC)² Chapter Germany, which has local groups active in Düsseldorf, Berlin and Munich and is a member of the Alliance for Cybersecurity, an initiative from BSI and Bitkom. Mr. Rehm is an official (ISC)² instructor and also regularly contributes to the development and maintenance of the (ISC)² CBK, a compendium of cyber, information, software and infrastructure security topics that underpin (ISC)²’s credentials. He previously held a senior post in information security with Nokia Siemens Networks, and worked as a consultant serving international clients with CompuServe and Softlab. In addition, he teaches information security and data protection at German adult education centers in in Munich. He studied information technology at the University of Munich.

  • Latin America Advisory Council (LAAC) Latin America Advisory Council (LAAC)
    CHAIR: Kleber Candido de Melo, CISSP (Brazil)

    Founder and Senior Consultant, KCMelo Consulting

    Kleber Melo has 27 years of experience in IT, Information Security, Business Continuity and Fraud Prevention leading local and regional multidisciplinary teams of employees, contractors and suppliers. He provided strategic support for secure development of new products, providing enterprise solutions for information protection, vulnerability assessment, encryption, server hardening policy, forensic, ethical hacking, security architecture, card encryption solutions and polices. Project management experience, leading national and international teams to select and deploy information security solutions. Knower of infrastructure technologies (firewall, proxy, identity management, DLP, behavior score, adaptive authentication, web filter, HSM encryption, cloud, etc.), security management and systems development controls. Conference speaker and College professor since 1999 CISSP certified since 2003, serving ISC² as Co-Chair for LA Advisory Board since the program started, and as ISLA judge in 2011 and 2013. Career path started at IBM and followed by Sudameris, HSBC and Original Banks in Brasil as CSO. Founder of KCMelo Consulting in 2011 providing security consulting service to brazilian market. English and Spanish fluently Native Portuguese.

    CO-CHAIR: Gerardo Castillo, CISSP (Costa Rica)

    IT Infrastructure Manager for Latin America, National Instruments Costa Rica

    Seasoned Information Security professional with close to 9 years of international experience managing IT, Information Security, and Business Continuity programmes over a broad variety of industries. Proven experience implementing and operating world-class IT processes that focus on end-to-end service delivery, customer satisfaction, vendor management, and risk management. Currently Gerardo is the Latin-American IT Infrastructure Manager for National Instruments from this position he is influencing change to ensure Information Security best practices are adopted. Gerardo holds a Bachelor's Degree in Electronics Engineering from the Instituto Tecnológico de Costa Rica and a Master’s Degree in Information Technology Management from the Universidad Nacional. He has been a Certified Information Systems Security Professional (CISSP) since 2007 and a Certified Business Continuity Professional since 2008.

    Gabriel Bergel, CISSP, CISM (Chile)

    Head of IT Security, ING

    Gabriel Bergel is currently head of IT security for ING in Chile with nine years of experience in the information security field. His experience includes: consulting; project management; security engineering; and information security leadership. He is also founder and organizer of the 8.8 Computer Security Conference, founding member and current President of the ISSA Chile Chapter, member of the Academic Committee of Segurinfo Chile, and member of the board of CSA Chile. He has conducted information security courses, speeches, workshops and forums in different institutions, universities and events in Chile and throughout Latin America.

    Daniel Diniz, CISSP (Brazil)

    Information Security Officer, MAC

    Daniel Diniz has worked in information security, auditing and related disciplines for the Brazilian government and within the Brazilian information technology services sector for more than 15 years. He is currently information security officer at an engineering & construction company. He is part of the pioneering group of Brazilian CISSPs. He is a member of the (ISC)2 Latin American Advisory Board and volunteers as the head of Safe and Secure Online (SSO) Program committee in Brazil. Daniel is working hard to bring the SSO to his country to benefit Brazilian children and teens using the Internet.

    Geraldo Fonseca, CISSP (Brazil)

    Corporate Information Security Officer, ONS

    Geraldo Fonseca has 10+ years of experience as an Information Security Manager, working for such industries as energy, manufacturing, insurance and government. He holds a major degree in Computer Sciences in Catholic University of Rio de Janeiro (PUC-RJ) and has been a CISSP since 2008.

    Walmir Freitas, CISSP (Brazil)

    Managing Director, Accenture

    Walmir Freitas is currently Managing Director at Accenture with over 20 years of experience in Information Technology, including 18 years in Information Security, IT Governance, IT Auditing and Risk Management in Brazil and a global intra-company assignment to North America. Extensive experience in Consulting Services, including over 14 years in Deloitte and close to two years in EY. He was also CISO in Fidelity information Services (FIS) and IT Auditing and Internal Controls for Brazilian Mercantile & Futures Exchange (BM&F). Walmir holds the CISSP credential for over 15 years. Additionally, he holds other relevant certifications in the field of information security.

    Jefferson Gutierrez, CISSP (Colombia)

    Manager, Risk Consulting, KPMG Advisory Services Ltda

    Jefferson Gutierrez is currently in charge of the Information Protection Advisory Services for KPMG’s practice in Colombia, where he is responsible for overseeing information security engagements, including vulnerability assessments, risk analysis, security audits, secure infrastructure design, forensic analysis and corporate policy review & development. He is a professional focused on risk management and information security governance with hands-on experience in risk analysis, security audits, corporate policy review & development, information security architecture review and design, vulnerability assessments, ethical hacking and ISO/IEC 17799:2005 compliance engagements.

    Nelson Novaes, CISSP, CISM, CBCP, ITIL, MBA (Brazil)

    Superintendent, Holding Itaú Unibanco S.A

    Nelson Novaes Neto is an entrepreneur, engineer, holds postgraduate in InfoSec by University of São Paulo, MBA by FGV and Master’s degree in Experimental Psychology by PUC/SP. He has broad experience in internet industry, product development, internet security and research. He also has several international certifications. He is a superintendent at Holding Itaú Unibanco S.A, the largest financial conglomerate in LATAM and present in more than 25 countries. For over a decade, Novaes was CSO of UOL Group, the biggest online service and Internet service provider in LATAM.

    Ramiro Rodrigues, CISSP (Brazil)

    Chief Information Security Officer, Experian Latin America

    Ramiro Rodrigues is the Chief Security Officer for Experian Serasa Latin America. Formerly Chief Information Security Officer at DocuSign Latin America also former Chief Security Officer for BT- British Telecom Latin America. With more than 15 years of experience in risk management, compliance, internal controls, cyber security and corporate security. Experience in information security with managerial and hands-on expertise in security technologies, process, policies and architecture to protect complex business digital assets. Responsible for the overall company security and risk posture – both internally as well as customers facing by creating value and delivering trust to online business

    Ezequiel M. Sallis, CISSP, CEH, MBCI, QCS (Argentina)

    Senior Information Security Specialist, Root-Secure Director

    Ezequiel Sallis is currently a director at Root-Secure, where he is in charge of the research and development, specifically, innovation in education and services orientated on information security. With over 10 years of experience, Mr. Sallis is an instructor for various international certifications in Latin America and has carried out many consultancy projects related to the ISO 27000 family of standards, with the Security Analysis (Vulnerability Assessment, Penetration Test and Ethical Hacking). He is currently Vice President of the ISSA chapter in Buenos Aires Argentina and is co-author of Ethical Hacking - a Methodological Focus for Professionals. He provides free security awareness sessions for school-age children and their families.

  • North America Advisory Council (NAAC) North America Advisory Council (NAAC)
    g_leifheit
    Glenn Leifheit

    Glenn Leifheit is a Senior Security Engineering Program Manager within the Microsoft Customer Security and Trust (CST) organization where he currently leads large cross-company security initiatives. Mr. Leifheit has more than 22 years of experience in technology including software, financial and healthcare industries. His experience covers providing C-level security guidance, acting as a cross-team business security liaison, driving static code analysis across the enterprise, leading application security and PCI programs, as well as architecture and design of large scale applications and associated infrastructure.

    As an advocate for building a strong technology community, Mr. Leiftheit co-founded TechMasters, a Toastmasters club designed to build technical speaker skills within the Toastmasters framework. His passion is connecting technologists with the soft skills they need: public speaking, giving and receiving feedback and asking more informed questions. Glenn is also a past member of the (ISC)² Application Security Advisory Council.

    d_contesti
    Diana-Lynn Contesti

    Diana-Lynn Contesti is currently an independent contractor focusing on Security Architecture and Critical Infrastructure and has over thirty years of computer security experience. Previously, Ms. Contesti was the CISO for a Fortune 500 company. Ms. Contesti is the co-author of the first edition of the SSCP Study Guide and has done security presentations globally. She served on the (ISC)2 Board of Directors and during her tenure, she held various positions including Chairperson of the (ISC)2 Board of Directors, Treasurer, Secretary and lead a number of committees. Ms. Contesti played a key role in the implementation of the Women's Scholarship. In January, 2017, Ms. Contesti was named to the Fifty Top Women in Internet Security. She holds multiple certifications including the CISSP, ISSAP, ISSMP, SSCP and CSSLP.

    James McQuiggan

    James R. McQuiggan, CISSP is a Product & Solutions Security Officer for the Siemens Wind Service Americas organization providing strategy and policies for its SCADA products including Incident Handling, Vulnerability Management, and regulatory best practices. With over 15 years working at Siemens, James has supported the multiple energy divisions groups on NERC CIP regulations and other industry security topics. As part of the Americas Information Security team, he managed the global Information Security Awareness program including an Ambassador program across nine divisions utilizing employees from the business to support Information Security policies and awareness. James became a member of (ISC)² in 2008 and has been a volunteer of the Safe and Secure Online Program for the Center for Cyber Education & Safety since 2010. In 2016, he received the (ISC)² President’s Award and was the finalist for the (ISC)² Community Awareness award in 2015. James is also a father of two teenage daughters and continues to make sure they are safe and secure online while using their smartphones and social media.

    j_archer
    Jessica Archer

    Jessica Archer has 22 years of combined experience working in telecommunications and technology, including 18 years working within the information security industry. She is currently a Senior Competition Development Coordinator for the Center for Infrastructure Assurance and Security at the University of Texas, San Antonio. In this role, Ms. Archer is the acting Director of External Relations for the National Collegiate Cyber Defense Competition, Panoply, and eSentinel. She has helped to develop, oversee, and grow these competitions over the past 13 years.

    Ms. Archer serves on the BSidesLV Board of Directors and stays involved in the information security community as a volunteer at conferences, including BSides, helps spread awareness of information security careers to young adults, and connects mentors with mentees. She is an active volunteer for Apraxia awareness and has served in various leadership roles for the Boys Scouts of America for the past 11 years.

    r_forney
    Renee Forney

    Renee Forney is a seasoned cybersecurity thought leader recognized for her profound understanding of how to leverage government, academia and private industry partnerships to drive cybersecurity policies and solutions.

    Her career accomplishments are branded by a pioneering spirit and commitment to transforming foundational programs into future threat intelligence and risk management strategies. Above all else, Ms. Forney is passionate about building tomorrow’s cybersecurity workforce today. She currently serves as Capital One’s Senior Director of Cyber Assurance and is responsible for Multifactor Authentication, PCI and Third-Party Risk Management.  

    Renee holds a B.S. in Computer Information Systems from DeVry University, M.S. in Engineering Management from George Washington University, and honorary Doctorate Degree of Science and Technology from Champlain College. She is a Certified Information System Security Professional (CISSP), Shared Assessments Certified Third Party Risk Professional (CTPRP), and has held the Project Management Professional (PMP) certification.

    trey_ford_naac
    Trey Ford

    Trey Ford is the Head of Trust at Heroku, a division of Salesforce. Heroku’s Trust organization is responsible for the service reliability engineering and information security of the platform. Over the last 15 years, Ford ran Black Hat events worldwide as General Manager, and provided services ranging from strategy, incident response, product management, PCI QSA and security engineering for a variety for industry leaders including Rapid7, Zynga, McAfee, FishNet Security and WhiteHat Security.

    Erin Jacobs

    Erin Jacobs is the Founding Partner at Urbane Security. A BBS Sysop from the early 90’s turned business major, musician turned DJ, IT geek turned corporate sell-out CIO and that wasn’t challenging enough, so she founded @UrbaneSec in 2009 to conquer Information Security and Compliance with boutique attention to detail, delivery, and talent that organizations desperately need in the technical landscape that we all exist in. Through her work, Erin has established several industry best practices and has presented these at numerous high-profile security conferences, including Black Hat, RSA, HITB and countless smaller events. She is also passionate about fostering collaboration between the C-Suite, practitioners that oversee day-to-day security challenges, and the security research community at large to help them learn from each other and ultimately improve our industry.

    gurdep_kaur_naac
    Gurdeep Kaur

    Gurdeep Kaur is the Chief Security Architect for AIG. She is an accomplished information security professional with over 20 years of experience in IT and 15 years of core experience in Enterprise IT Security Management. She served as the President of the (ISC)² New Jersey Chapter from 2012-2015. She is also the member of Cloud Security Alliance Enterprise Advisory Board. She received her Bachelor’s Degree in Electrical Engineering from Delhi College of Engineering in New Delhi, India. She holds multiple certifications including CISSP-ISSAP, CISA and CCSK. Gurdeep firmly believes that in today's digital world, it takes a village to secure a village. She actively collaborates with other security and like-minded organizations, to help raise awareness about cyber security threats among the business users as well as local communities.

    a_tumar
    Ajoy Kumar

    Ajoy Kumar is an accomplished information security leader, technical architect, and process specialist with proven record of accomplishment in the financial services industry. Mr. Kumar has delivered value by building and transforming enterprise-wide security programs including IT risk management, software security, database security, security education, enterprise security monitoring, and compliance.

    Mr. Kumar has served as board member at Application Security Advisory Board with (ISC)². He also participates in developing professional security certifications with (ISC)². He holds several degrees, including a Master of Science in Security Management, Master of Engineering in Electrical Engineering and a Bachelor of Engineering in Computer Science.

    dave_lewis_naac
    Dave Lewis

    Dave Lewis has more than two decades of industry experience. He has extensive experience in IT security operations and management. Currently, Mr. Lewis is a Global Security Advocate for Akamai Technologies. He is the founder of the security site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast.

    Mr. Lewis serves on the advisory boards for Cortex Insight and Dateva Inc. and writes columns for Forbes, Daily Swig, CSO Online, TV Technology & Dark Reading.

    h_lewis
    Hillary Lewis

    Hillary Lewis is a technology-focused leader who has served in key executive roles including as CEO of a Washington, DC based Health IT Consulting firm, as Chief Privacy and Security Officer for a technology startup out of the University of Texas Medical School and as Senior Official for Privacy at the Office of the Inspector General for the U.S. Department of Health and Human Services.

    Ms. Lewis’ particular expertise is in building collaborations and coalitions to bridge the gap between technology and business and enable innovation.

    c_mcgann
    Chuck McGann

    Charles L. (Chuck) McGann, Jr., is nationally recognized information security professional and currently acts as the COO for McGann Consulting Group. Mr. McGann, Jr. is a contract instructor for both EC-Council teaching the Certified CISO course and Learning Tree International focusing on Vulnerability Management, the CISSP Bootcamp and the CISM certification from ISACA.

    Mr. McGann previously served in many roles at the United States Post Office over a 28 year career – including Manager, Information Systems, Acting Postmaster, Business Systems Analyst, Business Project Leader, Distributed Systems Security Specialist, Manager, Information Security and Incident Response Team Manager and collimating as their Corporate Information Security Officer.

    He is the former Co-Chair of the (ISC)2 Government Advisory Board on Cyber Security, and served as a Government Information Security Leadership Awards Judge for three years and chaired the Federal CISO for CISO’s quarterly meetings.

    m_olson
    Marie Olson

    Marie Olson is the Deputy Chief Privacy Officer for The Boeing Company. Prior to being selected to build the Global Privacy Team for Boeing, Marie was a Sr. Manager in Information Security responsible for Computing & Information Security Policy and Compliance Management. Marie has been with Boeing over 29 years, during which time she has managed a variety of other functions including Government Programs Security Support, Security Quality Assurance, and Vulnerability Assessments. Marie is nationally recognized for her expertise in global regulatory compliance issues, technical and business process safeguarding strategies, and meeting the challenges of balancing enterprise privacy and security issues with business realities. She has presented on a variety of privacy and security topics at industry events and with various organizations and government agencies. Marie holds a Master of Science degree in computer science from Pacific Lutheran University and a Bachelor of Arts degree in mathematics from the University of Washington. She is a Certified Information Privacy Professional (CIPP/US) and a Certified Information Privacy Manager (CIPM). She also holds two internationally-recognized security certifications: Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM). Marie is also currently serving on the International Information Systems Security Certification Consortium (ISC²) Advisory Board of the Americas and is also the Chairperson of the Privacy Special Interest Group for the Information Security Forum (ISF).

    c_veltsos
    Dr. Chris Veltsos

    Dr. Chris Veltsos, CISSP is a professor in the department of Computer Information Science at Minnesota State University, Mankato where he regularly teaches Information Security and Information Warfare classes. Beyond the classroom, Dr. Veltsos – also known as Dr. InfoSec – is very active in the security community, engaging with community groups and advising business leaders on how to best manage information security risks.

    Dr. Veltsos holds a Ph.D. in Computer Science and enjoys working with businesses to improve their organization's cyber risk posture.

    christ_white_naac
    Chris White

    Christopher White is the Information System Security Officer at Granicus. Mr. White was key in building their security culture as he built policies and processes to obtain ISO 27001 certification for the organization. Later, he led the FedRAMP project to become the 21st company and 6th SaaS in the world to obtain FedRAMP Authorization from the Joint Authorization Board.

    Prior to his current role, Chris was responsible for running the operations teams at Granicus, and the UNIX operations team at FICO, where a core requirement was protecting customer data. He holds a Bachelor of Science degree in Computer Science from the University of Minnesota and a Master of Science in Computer Information Systems with a double concentration in both security and database management from Boston University. In addition, Chris is a facilitator in Boston University's Master's program where he teaches students about databases, networking, and programming. He is also a freelance writer for technology site Neowin.net.

    b_williams
    Dr. Branden Williams

    Dr. Branden R. Williams has 20 years of experience in business, technology, and information security as a consultant, leader and an executive. Dr. Williams co-founded two technology services companies early in his career, the second with an incubator investor based in Dallas. His specialty is navigating complex landscapes—be it compliance, security, technology or business—and finding innovative solutions that propel companies forward while reducing risk. He complements his consulting experience with practitioner experiences operating IT and IS tools. He’s held several executive roles in the industry, and served on both the PCICo and EMVCo boards. Dr. Williams is a co-author of four books on PCI Compliance, and his blog and other publications can be found at http://www.brandenwilliams.com.

    caroline_wong_naac
    Caroline Wong

    Caroline Wong is the Vice President of Security Strategy at Cobalt. Ms. Wong’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well-known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), OWASP AppSec, and BSides.

    Ms. Wong was featured as an Influencer in the 2017 Women in IT Security issue of SC Magazine and has been named one of the Top Women in Cloud by CloudNOW. She received a 2010 Women of Influence Award in the One to Watch category and authored the popular textbook Security Metrics: A Beginner’s Guide, published by McGraw-Hill in 2011. Ms. Wong graduated from U.C. Berkeley with a B.S. in Electrical Engineering and Computer Sciences and holds a certificate in Finance and Accounting from Stanford University Graduate School of Business.

OK