SPEAKER BIOGRAPHIES
SPEAKERS AT THE DATA BREACHES: DEFENSE/RESPONSE
STRATEGIES CONFERENCE – MARCH 14, 2024
Jessica Boehm, IT Security Manager, Global Cyber Information Security, Gallagher
Jessica Boehm is the Senior IT Security Manager at Gallagher, a global leader in insurance, risk management and consulting services. In her current role, Jessica manages the Internal Third Party Risk Program team which supports Gallagher’s global network, connecting partners across more than 130 countries. In addition, Jessica is the product owner for Gallagher’s third party security monitoring applications and provides direct security support for Gallagher Bassett. Jessica began her professional career at Sears in various local store management roles before eventually moved into corporate leadership where she worked in sales, training, operations and corporate auditing. While with Sears, Jessica served as the communications officer on the Board of Women in Leadership Development, and has continued her mentorship by leading, guiding training a successful female-dominated team including women with backgrounds all unrelated to the field of Cyber Security.
Nic Colõn, CTO, Elsewhen MSP
Nicholas Colõn brings innovation and a youthful perspective to his dual role as CITO/CISO and Head of Research and Development at Elsewhen Technology MSP. With 7 years of cybersecurity expertise, he spearheads security product development, promotes a strong security culture, and oversees the company’s internal technology solutions. His passion for actionable data led him to develop an A-F risk grading system to empower clients to make better informed security decisions. Nic’s redesign of company security culture has increased client engagement in review meetings by roughly 62%. Since taking the helm of CITO, Nic redesigned Elsewhen’s security stack and save the company over $20,000 in annual operating expenses, enabling further investment in security initiatives. He holds the Security+ certification and champions creative solutions to mitigate the complexities of end-user security threats.
Phil Conrad, Sr. Information Security Analyst, Purdue University
Phil joined Purdue cyberTAP in January 2022 as a Senior Information Security Analyst. In this role, Phil is responsible for providing security assessments for small- to medium-sized businesses, local governments, and K-12 schools across the state of Indiana. He has over 25 years of experience in technology. Phil got his start in programming and web development working in the financial services industry. He then worked in web development for a small logistics company before joining Purdue University in 2005.
Phil holds the Cybersecurity Analyst+ (CySA+) certification from CompTIA and is a Certified CMMC Professional (CCP) through Cyber AB.
Brandon Daab, Information Security Analyst at Foundation Finance Company LLC
Brandon Daab is an Information Security Analyst and Foundation Finance Company (FFC), a finance company specializing in helping contractors procure financing for home improvement projects. Brandon has helped champion the helpdesk and Cybersecurity programs at FFC. Brandon holds a M.S. focused in Cybersecurity from Southern New Hampshire University and is currently working on a Doctorate in IT Leadership.
Aaron Demaster, Director, Cyber Security, Gilbraltar Industries
Aaron DeMaster is the Cyber Security Director at Gibraltar Industries, a global multi-platform industrial manufacturer. Aaron has over twenty-five years of experience in information technology and 14 years in cyber security. Aaron’s wide range of experience in all-areas of information technology allows him a comprehensive understanding how to manage and apply cyber security in today’s complicated business landscape.
Aaron began his career in IT operations and advanced through roles in mainframe operations, networking, server engineering, and systems administration. After a move to Texas, he shifted his focus to compliance, audit, and, upon moving back to Wisconsin, moved fully into cyber security.
Aaron has worked in multiple sectors and industries including retail, legal, healthcare, financial, and manufacturing for such companies as Dell Computers, FIS Global, Aurora Healthcare, The American Red Cross, and Rexnord Corporation.
In his role at Gibraltar, Aaron is responsible for overseeing enterprise security, driving security strategy and execution, preparing incident response plans, delivering security awareness training, managing security policy, ensuring compliance with regulatory requirements, and coordinating with audit teams.
Aaron holds the Certified information systems security professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Security Control (CRISC), Certified in Governance of Enterprise IT (CGEIT), BSI ISO 27001 ISMS Auditor, and CompTIA Security+ credentials.
Aaron is a member of Information Systems Audit and Control Association (ISACA). Aaron is also vice-president and former president of the Midwest Cyber Security Alliance and has served on the advisory board since 2015. Aaron is a subject matter expert for CompTIA and serves with security industry peers to write the questions for the CompTIA security exams.
Thomas Freeman, Director, DFIR, & Offensive Cybersecurity, Sikich
Thomas Freeman, CISSP, CISA, CISM, GPEN, GCIH, GCIA, GCWNio and is a Director leading the Sikich offensive services including the penetration testing and forensic incident response teams. He has spent more than 25 years providing IT leadership, and his consulting expertise helps companies understand and build best-practice information security programs. In his engagements, Thomas taps into his education background to provide clients insight that they can use to strengthen their security posture and culture.
Thomas is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Information Security Manager (CISM), and holds Global Information Assurance Certifications (GIAC), including as a GIAC Penetration Tester (GPEN), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) and GIAC Certified Windows System Administrator (GCWN). He is also a member of ISACA and FBI InfraGard.
Bob Hansmann, Security Products Team, Infoblox
Bob Hansmann has spent over three decades helping global enterprises and government agencies to uplift their threat prevention, detection, investigation, and response capabilities. Working in areas ranging from threat research and engineering to product management and marketing across his career, Mr. Hansmann has helped pioneer many of today’s security industry standards. This breadth of experience has given him a unique perspective on finding the optimal balance between an organization’s security needs with its success criteria.
Danny Hetzel, Cybersecurity Engineer and Researcher, Accuray
Danny Hetzel is a dedicated Cybersecurity Researcher, Engineer, and Lecturer with a passion for analysis and reverse engineering threats. As a published researcher and fervent advocate for Cybersecurity, Danny champions the importance of volunteerism in this critical field. He fervently believes in leveraging Cybersecurity to contribute to a better world, collaborating with not-for-profits, charities, and the medical sector.
Gregg Kalman, RSM, Expel
Gregg Kalman has been an IT sales professional in Northern Illinois since 1989. Most of his career has been spent in the fields of Networking, VoIP, Indoor and Outdoor Wireless and for the last 10 years Cybersecurity. He’s sold solutions, services and risk assessments giving him a well rounded understanding of the security industry. His roles have included channel sales, sales operations and enterprise sales where he has held both leadership and individual contributor positions. Most recently, Gregg has been a top performing Senior Account Executive with Expel where he has consulted with customers for 5 years on how Managed Detection and Response (MDR) solutions can lower risk by augmenting their security operations through AI-enhanced decision support.
Randy Lee, Senior Systems Engineer, Veeam Software
Randy Lee is a Senior Systems Engineer for Veeam Software. Randy has led a variety of technology initiatives that have modernized legacy data centers and significantly reduced operating budgets while assuring non-disrupted operations. Randy spent over seven years as a Senior Solutions Architect at Hewlett Packard Enterprise where he was a contributing member of the Worldwide Enterprise Storage Ambassadors program for over four years. Randy has managed technology teams in manufacturing, healthcare, and the financial services industries where he focused on aligning technical strategies with corporate business objectives.
Randy holds a Bachelor of Science in Business Administration / MIS with a minor in Computer Science from the University of Wisconsin- La Crosse. Randy is a Merit Badge Counselor for the Boy Scouts of America, an instructor with the U.S. Naval Sea Cadet Corps, and a Coach for the Air Force Association CyberPatriot Program.
https://www.linkedin.com/in/randyalee/
Mike Neuman AVP, Head of Information Security, Velocity
Mike is well versed in navigating the complexities of regulated environments, improving cybersecurity operations, and continuously driving compliance. His has successfully lead onshore and offshore teams while maintaining high performance standards and focusing on business solutions and client engagement. Prior to joining VelocityEHS, Mike served as the Vice President of Information Security at Backstop Solutions Group, where he spearheaded the development of a process-driven approach towards achieving FedRAMP certification and SOC2 Type II certification. Earlier in his career, Mike drove the efforts at Florists Transworld Delivery (FTD) to achieve PCI compliance as a merchant and service provider. Mike earned his MS in Communications System Management from Northwestern University and a BA in History and Political Science from Purdue University.
Ron Zochalski, CTO & CISO, Lake County Government – Indiana
CTO & CISO for Lake County Government – Superior Courts Juvenile Division on the zero trust journey to protect data, assets and buildings for current and emerging security threats. I have the ability to break down the financial and technical risks and issues to both technical and the non-technical professionals including the boardroom and get buy in. This is not an easy task.
Ron also has spent the last 12 years teaching at Indiana University Northwest teaching students to understand and use various technologies, Personal Finance and Business Administration.
Ron’s 20+ year journey started in Financial Services then to Automotive, Newspaper/Media, ECommerce, Supply Chain, Mobile and currently Government and Courts. It’s always the questions you don’t know to ask are the ones that give you an issue.