Riad Amro, CISO, Grant Thornton

An accomplished IT professional with over 20 years of diverse experiences in IT including Security leadership, Systems, project management and application development; I have deep expertise in the field of information security best practices and a mature compliance strong suit rooted in several frameworks including FISMA, NIST, PCI and HIPAA.


I am a business minded leader with a passion for security and building mature and sustainable security programs in alignment with organizational priorities, I look for the balance between meeting business needs and reducing the risk to the business, I focus my passion into advancing the business goals while building security controls and processes that give us an upper hand on the adversaries. I am a creative leader and have built teams and security programs that often exceed expectations. Years of experience working with federal and state agencies in a heavily regulated and contractual environment.


I bring excellent communication and interpersonal skills to build effective and productive relationships across all areas of an organization including bridging the gap between technical and executive level management. I also bring to bear my years of experience negotiating solutions to difficult challenges within the organization as well as with external vendors and customers.

Jim Anthony, VP Cybersecurity, Cyxtera

Leading Cyxtera’s Cybersecurity Solutions Engineering Team since 2015, Jim spent the previous 10 years serving as a Sales Engineer for AT&T’s Hosting and Managed Services Division, as the Director for Data Return’s IT Operations Outsourcing Division and as the Vice President of Sales Engineering for Verizon’s Cloud and Managed Hosting group (formerly Terremark). His focus has been on large, complex security and managed hosting opportunities that leverage consolidation, virtualization and cloud services as major parts of the delivery method. Prior to Data Return, Jim held various positions with Content Delivery Network, ERP and Database Software Companies and owned his own consulting company from 1996 through 2000.


He earned his Bachelors of Science in Accounting and Computer Science from Minnesota State University at Mankato and resides in San Diego with his wife.

Josh Bryant, Director of Technical Account Management, Tanium

Josh Bryant is currently a Director of Technical Account Management at Tanium where he helps customers conduct rapid Threat Hunting data collection on a very large scale. Prior to joining Tanium, he was a Cybersecurity Architect at Microsoft where he focused on delivering Cybersecurity services ranging from Tactical and Strategic Recovery to Advanced Threat Analytics implementations, Risk Assessments, and more, to customers in a variety of industries around the world. Josh is also a Master Sergeant in the Illinois Air National Guard, where he manages a team of Systems Administrators that maintain an Air Operations Center. He has over 19 years in IT specializing in Cybersecurity and Messaging, and spent some of his Active Duty U.S. Air Force time as a Network Security Manager, performing vulnerability assessments and penetration testing. 

Mitch Christian, Sr. IT Security Administrator, American Hotel Register Co.

I have been described as passionate about security. I am constantly learning, applying and adapting to the ever changing Cyber Security world. That’s what I love about it. That’s what I do. Protection, detection, remediation, strategy and making a difference. Applying Confidentiality, Integrity and Availability to everything I do.


EXPERTISE: CISSP; Global Cyber Security Strategy,SSO, Cloud, Policy and Governance, Creating a Cyber Security Culture, Data Center Security and network segregation, Security Architecture, Cyber Security Enterprise Policy and Procedure, Incident response, Risk based analysis and communication to C Level, Raising Security awareness throughout an organization, Ransomware remediation. Disaster recovery and Business continuity, SAP Security Strategy and GRC. Vulnerability identification and management with a large network of resources both in the public and government sectors including threat intelligence through Infragard (FBI).


CYBER SECURITY EXECUTIVE: An entrepreneurial thought leader with a passion for security and a focus on Enterprise Wide Risk Management. A wide range of experience with national and global companies and and global privacy laws. Hands on experience with machine learning technologies as well as overall management of all Cyber Security operations.


Designed security architecture spanning both on site data centers as well as cloud and hybrid applications. A strong background in identifying risks and translating those risks to business terms to make optimal decisions on mitigation strategies.


A true defense in depth strategy leveraging Policy, People and Technology. Enabling business through secure compute practices with an in depth understanding of how to build a security framework around business goals. Third party management of pen testers, security engineers and contractors.

George Harrison, Named Account Manager, Infoblox

George has been working in Information Technology for 20+ years, with expertise in the areas of data center, application, network, and database monitoring and performance. In his current role at Infoblox, he is focused on DNS management and security.

David Hobbs, CyberSecurity Evangelist, Radware

David Hobbs has worked in the Security and Engineering arena for over 20 years. During this time David has helped various government agencies and world governments in various cyber security issues across all sectors.


David has worked on many high profile breaches worldwide. Along with breach investigation and prevention, David has consulted investigative agencies on cyber espionage from both public and private sector issues. David helped train various police and intelligence agencies in methodologies for forensics as well as chain of evidence for prosecution.


From 2002 to 2007 Mr. Hobbs was the Senior Architect for a major financial institution and lender in the US. David helped lead the Advanced Computing Environment team in global traffic management and security. David helped with compliance issues as well as helping to establish direction for PCI and SOX for the bank. David assisted the bank in complex security issues internally as well as working with US Secret Service for external issues.

Ronald Kehoe, Senior Solutions Engineer, Tufin

Ronald Kehoe brings over 30 years of experience in security solutions architecture and consulting across the financial, insurance, government, and defense industries. Ron has managed and worked alongside technically diverse teams to secure critical infrastructure, meet or exceed audit and regulatory demands, and design and manage incident response processes.


Ron currently serves as a technical consultant and advisor to prospective and current Tufin customers seeking solutions and methods for effective network security management incorporating policy-driven automation.

Brad Keller, JD, CTPRP, Sr. Director 3rd Party Strategy, Prevalent

Brad has been developing and leading risk management programs for more than 25 years. He has developed and implemented vendor and business risk management programs at several financial institutions that have substantially improved risk management while also passing federal regulatory scrutiny. He focuses on the delivery of Prevalent’s third party risk management and assessment solutions, and the consulting to support those solutions. Brad graduated with honors from the University of Missouri with a BS in Finance and received his JD with honors from St. Louis University School of Law. He is admitted to practice law in Oklahoma.

Dave Klein, Senior Director, Engineering & Architecture, GuardiCore

Dave Klein is the Senior Director of Technical Evangelism for GuardiCore. With more than 21 years of real-world cybersecurity experience he works with GuardiCore teams, customers and industry thought leaders to address the challenges of securing modern hybrid cloud environments.


Dave encourages CISOs faced with securing their organizations to adopt security solutions and best practices that work easily and seamlessly across heterogeneous hybrid cloud environments.


Prior to GuardiCore, Dave was the Engineering Manager for Forcepoint’s Federal Sector where he drove growth by adapting the company’s behavioral heuristics, Bayesian logic and predictive capabilities to defend US agencies against Insider and Advanced Persistent Threats. Dave also worked with other vendors, government and private sector entities on the NIST response to Presidential Policy Directive 21 on Critical Infrastructure Security and Resilience. Before joining Forcepoint, Dave was a security leader at Cisco Systems. Always a visionary, Dave was responsible for key enhancements in Cisco Network Admission Control, Ironport Web and Mail Gateways and other core Cisco security offerings and led some of the largest sales engagements for US Federal security solutions. In the years preceding his work with Cisco, Dave worked for McAfee. His work there included working with the City of New York post 9/11 for three years, helping shore up cyber defenses and developing a National, State and Local Government engineering and sales team.


Dave has spoken on a wide variety of cybersecurity topics including micro-segmentation, crytpojacking, hybrid cloud adoption, PCI compliance, stages of the cyber security kill chain, interactions between the physical and cyber worlds as it relates to the radicalization and arming of domestic terrorists, and using cyber forensics in real world criminal cases.

Ricardo Lafosse, CISO, Morningstar, Inc.

Ricardo Lafosse is the Chief Information Security Officer at Morningstar, Inc.  Previously, he was the CISO for Cook County under the Department of Homeland Security and Emergency Management, providing strategic information security leadership for the second largest County in the United States. In his role, Lafosse is responsible for the implementation and governance of the County’s information security program, including IT-compliance and risk activities.

Lafosse has been the catalyst for establishing a county-wide IT risk management vision and strategy for Cook County, including development of a County-wide comprehensive IT security risk program. He proactively works with business units to implement practices and procedures that meet County information security standards and policies and advises County executives on the most effective use of information security and risk management strategies to improve the cybersecurity posture of the County.

Derek Milroy, Information Security, U.S. Cellular

Derek has been implementing security in corporate environments, as both an internal employee and a consultant, for five years. Although he has implemented firewalls, IDSs, and VPNs for various employers and clients he focuses heavily on securing Microsoft hosts and Domain structures. He has hardened hundreds of hosts in environments ranging from less than a dozen servers to enterprise environments with over 1000 servers and thousands of users. In conjunction with hardening he has also crafted and implemented standards, policies, and procedures to maintain the security of his employer’s / client’s environments.

Jim Mirochnik, Senior Partner, Halock

Jim Mirochnik is a Senior Partner at HALOCK. He is an innovative business leader with over 25 years of technology and management consulting experience. He has been a Founder and Partner at multiple companies and has been with HALOCK for over nine years. Jim holds a double-concentration MBA in Finance and Marketing from the University of Chicago Booth School of Business. He has architected and been accountable for large-scale technology programs exceeding $100 Million in budget. Jim is a hands-on practitioner and proven business leader.

George Quinlan, Senior Security Consultant, Netrix LLC

George has over twenty years of experience in security and Governance, Risk, and Compliance (GRC), as well as communicating with clients, management, vendors, and business partners to highlight the benefits of emerging security technologies and solutions. He has been an ISACA / ISSA member for many years and has been honored to teach the CISA and CRISC review courses for the local ISACA Chicago Chapter for 10+ years. As Senior Security Consultant, George helps clients develop, implement and operate comprehensive, secure solutions to support businesses while mitigating cyber-risks. As part of this role, he also adeptly plans, directs, and executes major projects and has earned a wide variety of certifications. George is passionate about evangelizing and sharing the newest security knowledge with associates and industry peers. 

Shayla Treadwell, Sr. Manager, Information Security, Corporate Risk Management, Discover Financial Services

Shayla currently leads Discover Financials Business Information Security Office and Information Security Education & Awareness program. Throughout her experiences she has had the opportunity to wear multiple hats, yielding broad skills in training and development, people management, and project management. Shayla is a graduate of Bradley University with a B.S. in Marketing and Management and holds an M.S, in Organizational Leadership from Lewis University. She is currently a Doctoral Candidate pursuing her Ph.D. in Business Psychology – Organizational Leadership from The Chicago School of Professional Psychology researching the lived leadership experiences of Information Security leaders.

Peter Van Loon, Senior Manager of Information Security, Discover Financial Services

Peter Van Loon is a cybersecurity and risk management executive who is responsible for third party information security and information security risk functions at Discover Financial Services. Prior to joining Discover, he led information security at Eddie Bauer and provided advisory, assurance, and implementation consulting services on a wide range of information security topics and needs. Peter is experienced in domestic and international markets and his background is focused in the financial services, technology, and retail industries.

Peter hold an Executive Masters in Cybersecurity from Brown University and a B.S. in Electrical Engineering from the University of Notre Dame. He holds the following certifications: CISSP, CISM, CGEIT, CRISC, CISA, CCSK, and Archer Certified Consultant.

Mike Wood, Vice President Information Technology, Wilton Brands, LLC

Mike Wood is Vice President Information Technology at Wilton Brands LLC, the worlds leading supplier in food crafting goods. Mike is the leader of the team defining Wilton’s business technology framework focusing on delivery of technology solutions that support business goals while maintaining a high level of operational resiliency. Mike brings more than 30 years of technology expertise spanning the industrial manufacturing, consumer products, homebuilding and liquid food packaging industries. 

Mike joined Wilton in 2013 from Whirlpool Corporation where he led the Global End User Services and Global Telecommunications functions. Prior to Whirlpool, Mike held a number of leadership positions with Tetra Pak, Honeywell and The Ryland Group. Mike began his career with Honeywell Information Systems in 1983.
Mike holds an BBA in Information Systems from Georgia State University.

Arlene Yetnikoff, Director, Information Security, DePaul University

Arlene Yetnikoff is the Director of Information Security for DePaul University. DePaul University is one of the ten largest private universities in the United States, offering numerous degrees in Computer Science and other fields, including a Masters in Computer, Information and Network Security and a Bachelor’s in Information Assurance and Security Engineering. Arlene has worked in Information Security for over twenty years both as a consultant, educator and hands-on practitioner. Arlene’s many years of consulting experience in the Technology Risk group of a major accounting firm allowed her to help clients of varied sizes in numerous industries assess and design their information protection architecture, policies and processes. Today, Arlene leads DePaul’s Information Security and Business Continuity initiatives. Arlene also teaches Information Security sessions at DePaul and in the University of Chicago’s Masters of Computer Science program. Arlene is a CISSP and a CISA. She holds a Bachelor’s degree in Mathematics from the University of Chicago and a Masters in Computer Science, Telecommunications from DePaul University.