SPEAKERS AT THE ENTERPRISE RISK / SECURITY MANAGEMENT CONFERENCE
Mia Boom-Ibes, VP of Security Innovation, Strategy, Analytics, and GRC, Allstate Insurance
Mia Boom-Ibes is Vice President, Security Innovation, Strategy and Analytics, ATSV for Allstate Insurance Company. In this role, she is responsible for Allstate’s cybersecurity strategy and priorities. She manages relationships with key business and technology stakeholders to ensure alignment and oversees architectural standards to enable consistency across the enterprise.
Prior to becoming a vice president at Allstate in July of 2017, Mia was a director in Allstate Information Security with responsibility for setting the strategy and direction for information security governance, risk and compliance efforts across the corporation.
She spearheaded the creation of the company’s first Enterprise Information Security Policy and Information Security Risk Management program aligned with industry best practices and frameworks. In addition, Mia has designed and built security governance programs to obtain or retain PCI compliance status at multiple institutions.
Mia began her Allstate career in 2012 as an information security compliance and consulting manager, quickly progressing to roles of increasing leadership. She previously served in information security roles at John Deere Financial, PwC Consulting and Discover Financial Services.
Mia holds CISSP and CISM certifications and bachelor’s degree from the College of Saint Benedict. As the proud mother of four sons, Mia leads an active lifestyle balancing her work responsibilities, learning new skills in mixed martial arts and enjoying time with her husband and children.
Galen Emery, Lead Compliance & Security Architect, Chef Software
Galen Emery is a CISSP Certified Security Professional focusing on Audit, System Hardening and Security’s role in DevSecOps pipelines and teams. He has extensive background in building hardened systems and implementing efficient & secure development methodologies to ensure delivery of a continuous and evolving security posture.
Stephen Frethem, Director of Enablement, Varonis
Stephen has worked in the IT Industry since 2000 and in the security space since 2012. A recovering virtualization expert, Stephen has helped guide the technology vision for several fortune 500 companies within the US including Target, US Bank, and UHG to name a few. Based out of the Twin Cities, Stephen travels the globe helping evangelize the Varonis platform to both internal employees and outside organizations.
Chris Goettl, Director, Product Management, Ivanti
Chris Goettl is the Director of Product Management for security products at Ivanti. Chris has over 15 years of experience working in IT, where he supports and implements security solutions for Ivanti customers and guides the security strategy and vision for Ivanti security products. He is also a security evangelist speaking at security events globally where he gives guidance around modern cyber threats and how to combat them effectively. Chris hosts a monthly webinar focusing on Patch Tuesday and security vulnerabilities, and frequently blogs about security topics. You can find bylines and commentary from Chris in notable security news sources like SC Magazine, Redmond Magazine, ComputerWorld, ThreatPost, Help Net Security, and more.
Levi Gundert, Senior Vice President of Global Intelligence, Recorded Future
Levi Gundert is the senior vice president of global intelligence at Recorded Future, the leading security intelligence company on the market today. His career spans across the cybersecurity industry. Before Recorded Future, Levi worked in the U.S. Secret Service’s electronic crimes task force helping to track down global cybercriminals. He has also held leading security roles at Team Cymru, Cisco Talos, and Fidelity Investments.
When he’s not traveling around the world helping organizations use security intelligence to reduce enterprise risk, he enjoys the warm weather (but not so much the high cost of living) in southern California.
Eric Hansen, Head, Cyber Defense – Americas, Siemens
Eric Hansen joined Siemens in 1999 and is the Senior Director of the Cyber Defense Center (CDC) for the Americas Region. Eric’s team has global responsibility for providing monitoring, detection, and cyber threat “hunting” for the broader Siemens global IT infrastructure, supporting 365,000 employees based in 190 countries. Eric’s charge is the management of frontline resources for identifying and responding to a range of cyber security incidents, ranging from commodity style to advanced attacks against the Siemens enterprise.
Prior to his assignment to the CDC in 2016, Eric held a series of Divisional and Regional Information Security leadership positions. His experience, both within and external to Siemens, include management of corporate investigations, executive protection, business continuity, privacy/data protection, IT controls, data forensics, and e-discover roles.
Eric is a former United States Air Force officer, serving his country after receiving his undergraduate degree from North Carolina State University. Eric holds the CISSP and CIPP/US certifications.
John Kellerhals, Information Security Manager, CF Industries
John Kellerhals, Information Security Manager at CF Industries, has more than 20 years of experience in information security, incident response, governance and risk management, business continuity, disaster recovery, security operations, and auditing. He currently holds the CISSP, CISA, CISM, and CRISC certifications. John is a governing body member of the CISO Executive Summit and a board member of the Chicago Chapter of Infragard. John also serves as the Finance Commission Chairman for the Village of Mount Prospect.
Kellerhals holds a Bachelor of Science in Nuclear Engineering from Northwestern University.
Ricardo Lafosse, CISO, KraftHeinz
Ricardo Lafosse is the Chief Information Security Officer at KraftHeinz. Previously, he was the CISO for Morningstar Inc. Ricardo was also the CISO for Cook County under the Department of Homeland Security and Emergency Management, providing strategic information security leadership for the second largest County in the United States. In his role, Lafosse is responsible for the implementation and governance of the County’s information security program, including IT-compliance and risk activities.
Lafosse has been the catalyst for establishing a county-wide IT risk management vision and strategy for Cook County, including development of a County-wide comprehensive IT security risk program. He proactively works with business units to implement practices and procedures that meet County information security standards and policies and advises County executives on the most effective use of information security and risk management strategies to improve the cybersecurity posture of the County.
Derek Milroy, Information Security, U.S. Cellular
Derek has been implementing security in corporate environments, as both an internal employee and a consultant, for five years. Although he has implemented firewalls, IDSs, and VPNs for various employers and clients he focuses heavily on securing Microsoft hosts and Domain structures. He has hardened hundreds of hosts in environments ranging from less than a dozen servers to enterprise environments with over 1000 servers and thousands of users. In conjunction with hardening he has also crafted and implemented standards, policies, and procedures to maintain the security of his employer’s / client’s environments.
James Mountain, Director of Information Security, Information Technology, Palmer College of Chiropractic
James Mountain is an experienced leader with over 16 years in IT. His current role is the Director of Information Security for Palmer College of Chiropractic providing strategic leadership and direction for campus academic technology applications and initiatives. His past work experiences include private, public and government industries. He has been a CISSP since 2011 while he worked for the Department of Defense. His main areas of focus are security, risk management, and infrastructure stability.
Annur Sumar, CTO, Maetech
Annur Sumar is a Microsoft Cloud and Datacenter MVP and technology consultant in the areas of Infrastructure Design, Enterprise Content Management, CRM, Microsoft Azure, System Center and Cloud Technologies. Annur is an industry recognized leader and independent speaker around strategic service automation, technology driven process improvements, IT service alignment, engineering best practices and operations management. All of which are targeted in his presentations to helping businesses with complex IT environments lower Total Cost of Ownership and raising Return On Investments.
Prior to joining a Microsoft Partner Consulting firm, Annur served as a Vice President of Technology for Duff & Phelps. One of the world’s leading independent financial advisory firms serving client needs in the areas of valuation, investment banking, transaction advice, and dispute consulting. During his tenure at Duff & Phelps, Annur worked closely with Microsoft product teams and case study managers in providing invaluable feedback around how businesses such as his were able to benefit from cloud technologies that were molded into business solutions. As a Microsoft MVP and industry expert, Annur brings 10 years of experience to work actively with other MVPs and Microsoft Partners to provide industry insight and strategic direction.
Ron Versetto, Executive Director, IT, University of Illinois at Chicago
Ron has nearly 20 years of experience in Information Technology in industries such as retail, hospitality, healthcare, and higher education. He has a background in regulatory processes and extensive experience with network and infrastructure. He is currently the Executive Director of Information Technology for the Liberal Arts and Sciences College at University of Illinois at Chicago.