Paul Bivian, Director of Information Security, Kirkland & Ellis

Paul Bivian is the Director of Information Security at Kirkland & Ellis. With over twenty two years of IT and Information Security experience, Paul has worked in organizations across the financial, managed security, insurance, transportation, government and legal sector. Over 75% of his career has been focused around information security.


As Director of Information Security, he is responsible for oversight and management of the Governance, Compliance, Threat/Vulnerability Management and Incident Response programs. In his previous role as the CISO for the City of Chicago, he was responsible for measuring, communicating and responding to cyber risks for City of Chicago assets. He led the Information Security Office (ISO) in delivering and enforcing key objectives around strategy, framework, policy and procedures that align to the City’s needs as well as legislative, regulatory and industry best practices.


Consulting experience and expertise in key areas of information technology including:
Information Security ● Security Policies ● Technology Implementation ●Production Support ● Strategic Planning ● Operations Management ● Project Management ● Staff Development ● Customer Satisfaction ● Promoting Change/Improvement ● Vendor Relationships


Certifications include:

  • CISM – Certified Information Security Manager
  • ITIL – Information Technology Infrastructure Library v3
  • ITIL – Information Technology Infrastructure Library Security Management
  • ITIL – Information Technology Infrastructure Library Service Management Essentials
  • CISSP – Certified Information Systems Security Professional 



Dave Gochenaur, Sr. Director, CyberSecurity, Ensono

With over 30 years of experience in Information Security, Dave is currently the leader of Ensono’s IT Risk and Cybersecurity Program organization. In this role Dave is responsible for the overall strategy around IT risk identification and treatment for Ensono. Additionally, Dave is responsible for Ensono’s Cybersecurity policies, governance, compliance, threat management and client relations as it relates to Cybersecurity. Prior to joining Ensono Dave held senior Information Security roles in several organizations across multiple industries including CISO for Aon, Kellogg’s and Checkfree. Dave is also active in the Cloud Security Alliance and was one of the authors of the Consensus Assessments Initiative Questionnaire document, designed to help organizations assess their Cloud vendors. Dave also is an active member of the Information Systems Security Association and Information Systems Audit and Control Association.



Dave Klein, Director, Cyber Evangelist, Cymulate

Dave Klein is a veteran cybersecurity professional with extensive enterprise, US federal and state and local government experience. He has worked on many incident response cases and worked on the Presidential Directive for Critical Infrastructure Security and Resilience.



Fred Kwong, Ph.D., CISO & AVP Security, Identity & Operations, Delta Dental Plans Association 

Dr. Fred Kwong has been in the information technology field for the past 15 years in working in education, financial, and telecommunication sectors. Fred currently works at a Farmers Insurance where he currently is the Global Head of Privileged Access Control. Fred is currently building a new program seeking to govern, control, and profile privileged identities throughout the enterprise.


Fred’s work includes the creation of security and privacy policies, standards, and procedures. He is a subject matter expert in PCI, leading organizations to pass their report on compliance. With an extensive background in IT technologies, Fred continues to challenge the status quo by providing guidance in security and network architecture creating holistic designs that align to todays’ threat vector for organizations.


Fred has a passion of combining IT skills with organization development values. His broad range of IT skills has allowed him to view IT from many different paradigms and present them to the business partners in an easy to understand language. Fred servers as an adjunct professor at Benedictine and Roosevelt University teaching courses in international business, organization behavior, project management, and information systems. He holds a Ph.D. from Benedictine University and earned his master’s degree in business administration from Roosevelt University. Fred is a Certified Project Management Professional (PMP), a Certified Information Systems Manager (CISM), and a PCI Professional (PCIP).



Jonathan Lampe, Information Security Manager, Kohl’s Department Stores


Jonathan has been involved in Information Security and application development since 2001 and currently heads a team covering security architecture and integrations for Kohl’s. Kohl’s is a top-25 American retail enterprise that bridges several IT “hybrids” including on-premise/cloud deployments, store/ecomm sales, and local/remote workforces. As with other retailers, Kohl’s is affected by PCI, privacy, SOX and other regulations. Jonathan currently holds CISSP, CFTP and GSNA certifications, and previously earned GCIA, CCSK and some vendor-specific certifications.



Karl Mattson, CISO, Noname Security

Karl is a cybersecurity leader and innovator who serves as the CISO for Noname Security. He has over 25 years experience leading innovative and diverse teams of technology and security professionals in financial services, retail and federal government. 


Previously, Karl served as the Chief Information Security Officer (CISO) for PennyMac Financial Services and City National Bank. As well, Karl has served as President of the LA Cyber Lab, Financial Services Co-Chair for Los Angeles Infragard, and Adjunct Faculty at the University of Minnesota’s Technological Leadership Institute. He has a track record of providing CEOs, CTO and investors in cybersecurity on strategies for product, market and customer success.



Derek Milroy, Information Security, U.S. Cellular

Derek has been implementing security in corporate environments, as both an internal employee and a consultant, for five years. Although he has implemented firewalls, IDSs, and VPNs for various employers and clients he focuses heavily on securing Microsoft hosts and Domain structures. He has hardened hundreds of hosts in environments ranging from less than a dozen servers to enterprise environments with over 1000 servers and thousands of users. In conjunction with hardening he has also crafted and implemented standards, policies, and procedures to maintain the security of his employer’s / client’s environments.



Brian Palmer, Director IT Security & Infrastructure, Ventas

Adaptive, customer-focused executive skilled at delivering projects and services of superior quality; history of leading large, geographically-disbursed teams to meet service level agreements, timelines, and budget targets with solutions that result in improved IT scalability, availability, security, and cost efficiency.

• Enterprise IT Infrastructure Management
• Data Center & Network Management
• Software Development Life Cycle (SDLC)
• Change & Release Management
• Incident Management & User Support
• Disaster Recovery & Business Continuity
• Project Management Methodology
• Recruiting, Team Building & Training
• Contract Negotiation / Vendor Relations
• Budget Management & Cost Reduction
• Metrics Creation, Analysis & Reporting



Luis Quinones, Director of Cybersecurity, Lumu Technologies

Luis is Director of Cybersecurity at Lumu, where he focuses on partnering with enterprises to find the best defense strategies for their businesses. Luis Quinones is a seasoned cybersecurity sales executive with more than 20 years helping organizations navigate security technologies and deploy defense tools across a variety of industries. Prior to Lumu, Luis spent 15 years at Cisco, where he held various senior sales positions in channel, federal sales, Latin and North America. 


Luis lives in Washington DC, loves traveling, and flying his plane around the eastern seaboard.