Speaker Biographies

ENTERPRISE RISK / SECURITY MANAGEMENT –  SPEAKER BIOGRAPHIES – May 28, 2026

 

Josh Brant, Director – Emerging Technology & Cybersecurity Strategy, LRS

Joshua brings over 20 years of experience to the field, with a focus on developing and implementing comprehensive security programs. His career spans both corporate and consultancy roles, providing a well-rounded perspective on the challenges facing modern organizations.

Previously serving as CISO at a global manufacturing company, he gained firsthand experience managing enterprise-wide security initiatives. This background informs his current work leading a vCISO practice and MSSP services, where he assists clients in strengthening their security postures across various industries.

His expertise covers a broad range of areas including:

– Building security programs from the ground up
– Addressing compliance, operational, strategic, and financial security risks
– Aligning security measures with business objectives
– Developing and leading high-performing security teams

In his current role, he provides strategic guidance to help organizations navigate the complex landscape of network security. His approach emphasizes practical, implementable solutions that balance protection with operational efficiency.

With experience spanning the evolution of cybersecurity over two decades, he offers insights into both the technical and managerial aspects of maintaining strong security in an increasingly connected world.

Joseph Burkard, CISO, Morgan Street Holdings

Joseph (Joe) Burkard is the Chief Information Security Officer at Morgan Street Holdings, where he provides strategic leadership across the organization’s cybersecurity, risk, and resilience programs. He has held multiple CISO roles throughout his career, including at Baxter Healthcare, Sidley Austin LLP, and Alight Solutions, and previously worked as a CISO Advisor with Protiviti Inc.
Joseph is widely regarded for his ability to build high‑performing security organizations and guide executive teams through complex cyber risk decisions. He also serves as an Advisory Council Member for the Information Security Forum (ISF) and on the Executive Advisory Board for Tenable Inc., the cyber exposure company. Joe holds a Master’s degree from Lake Forest Graduate School of Management and a BSEE from Marquette University.

 

Derek Dixon, CISO, Fresenius Kabi

Derek Dixon is a global cybersecurity executive with more than 20 years of experience leading enterprise security, infrastructure, and operational resilience programs across highly regulated healthcare and manufacturing environments. As Global Chief Information Security Officer for Fresenius Kabi, he is responsible for cybersecurity strategy, governance, risk management, and operations across more than 70 countries and approximately 140 sites worldwide, overseeing a global team and multimillion-euro security portfolio.

Derek specializes in aligning cybersecurity with business strategy, operational continuity, and regulatory compliance, with deep expertise spanning OT/ICS security, cyber risk management, incident response, identity and access governance, and enterprise resilience. He has led large-scale cybersecurity transformation initiatives, including the establishment of a global Cybersecurity Management System (gCSMS), deployment of integrated SIEM/SOC, EDR/XDR, NDR, and asset visibility capabilities, and modernization of vulnerability and threat management programs. His leadership following a major ransomware event helped significantly reduce detection, response, and recovery times while strengthening enterprise resilience.

He is recognized for translating complex cyber risk into executive and board-level business context, with extensive experience supporting regulatory and compliance frameworks including NIS2, KRITIS, GDPR, GxP, ISO 27001, and IEC 62443. Derek is passionate about building security cultures that enable innovation, protect patient safety, and support global business growth in increasingly connected digital and operational environments.

 

Dave Geudtner, VP, Enterprise Principle Architect, City National Bank

Dave has a rich background in information technology with an emphasis in enterprise architecture including many years in leadership positions.  He has strong business skills in financial systems including insurance, claims, banking, and captive finance auto loans.   This includes the full customer life cycle of customer engagement and originations, customer support and call centers, financial processing and reporting, portfolio simplification, and regulatory controls.  Through his leadership, he has set up architecture governance programs and processes to ensure that products meet standards and designs deliver business requirements in alignment to strategy and roadmaps. 

 

Jill Gunnufson, Senior Director, IT Risk Management, Northwestern Mutual

Jill is a seasoned IT Governance and Risk Management professional with extensive experience in driving compliance, managing risks, and implementing robust governance frameworks within enterprises. Possessing a keen understanding of the complex regulatory landscapes and evolving cybersecurity threats, Jill has consistently demonstrated the ability to navigate and mitigate external pressures that influence IT governance.

Jill holds a pivotal role in overseeing governance operations, maintaining compliance, and upholding the effectiveness of internal controls. Known for her proactive approach and strategic mindset, she has significantly contributed to sustaining operational efficiency, minimizing disruptions, and protecting organizational assets.

 

Victor Hsiang, CISO, GATX

Victor Hsiang is an accomplished Information Security, Risk and IT Professional with over 19 years of experience working within the Financial Services and Healthcare sectors. He has an established track record of delivering successful IT and Information Security solutions that manages risk while supporting business requirements. His experience includes implementation of technology, security audits, risk assessments, information records management, privacy concerns, compliance and legal issues related to security, forensics, security practices and policy development. He currently leads the Information Security program at GATX Corporation.

 

Eric Hulse, Director of Research, Command Zero

Eric Hulse is the Director of Research for Command Zero and is a veteran speaker of numerous security conferences, including the RSA Conference, Black Hat and various B-Sides events.  A U.S. Air Force and Operation Enduring Freedom Veteran, Eric’s focus is on reverse engineering and threat intelligence.  As part of the acquisition of ThreatGRID by Cisco Systems, Eric led the Reverse Engineering and Research Team for the Cisco AMP Threat Grid product line. Prior to ThreatGRID, Eric worked as a contractor for various US Air Force and DOD Customers where he worked in various capacities as a Reverse Engineer and Penetration Tester. Eric holds a Master’s degree in Information Assurance Engineering from Capitol College, and a Bachelor of Science in Computer Science from Park University.

 

Derek Milroy, Sr. Security Architect, Gallagher

Derek Milroy is a corporate security professional that has been implementing security, as both an internal employee and as a consultant, for the past twenty plus years. His main areas of focus the past decade or so have been: Systems Hardening (focusing mainly on Windows Forest/Domain/GPO Architectures), Vulnerability Management, Patch Management, Log Management/SIM/SEIM, Incident Response, Network Infrastructure Security, Cloud Controls and Hardening, Red Team Program Management, Threat Modeling, and Threat Intel. He is a former QSA, current PCIP, and has also performed ISO 72001/27002, CIS Top18, and NIST CSF assessments.

 

Patrick O’Connell, RSM, Stellar Cyber

Dad, Husband and IT sales professional with proven reputation for exceeding quota and objectives while achieving trusted advisor status with customers and channel partners. Energetic, outgoing and willingly goes the extra mile to ensure goals and expectations are met. Enjoyed 18 consecutive quarters of exceeding quota and recognized by Symantec and Secureworks leadership for exceptional salesmanship by earning three internationally distributed Win-Wire Stories. Specialties: Planning and executing sales strategy, discovery and follow up, generating new sales growth.

 

Robi Papp, Regional Director, CommandZero

With a multifaceted background in sales, entrepreneurship, and cybersecurity, I’m a trailblazing “out-of-the-box” thinker who has earned a reputation as a trusted advisor to CEOs at organizations like Upwind Security, Corelight, Arista Networks, Avantgarde Partners, and Accuvant. I am a Regional Director at Command Zero, were I lead account acquisition and management for the leading agentic SOC solution on the market. Command Zero understands that the humans of the SOC remain the accountable party so the platform is focused on supporting verdicts with specific evidence and customizing investigations with facets and business context. At Corelight, I was the Director of Named accounts where I secured a multimillion-dollar, multi-year contract with Apple, contributing 10% of the company’s annual revenue and playing a key role in achieving Series C funding. By aligning complex technical solutions to Apple’s unique needs and driving high-stakes negotiations, I delivered revenue impact and elevated Corelight’s market position.

 

Riccardo Reati, General Manager, SpearTip

Riccardo currently leads SpearTip a cybersecurity service firm fully owned by Zurich Insurance, where he focuses on innovation on value proposition for clients and superior client delivery.  Prior to that he owned a consulting firm focused on technology and risk management and before that he was an executive at Zurich insurance globally focused mainly on operations and technology. His foundational experience on cyber goes back to when he advised large Italian banks on building cyber culture through awareness and training programs. Riccardo grew up in Italy, worked in Zambia with an NGO and has been in the USA since 2009. He is an avid reader, swimmer, skier and father of two girls.

 

William Russell, Director of Technology, Department of Corrections, State of Indiana

William Russell is a technology leader and public servant with a background rooted in military cyber security, risk management, and counterterrorism. His career has been shaped by a commitment to protecting systems, managing risk, and supporting missions were security and reliability matter most.

He began his career in the military, working in cyber security and anti-terrorism operations. There, he developed a practical, hands-on understanding of threat environments, defensive cyber strategies, and the importance of staying ahead of constantly evolving risks. That experience continues to influence how he approaches leadership, decision-making, and problem-solving today.

William has since built on that foundation in the public sector, where he focuses on connecting technology strategy with real-world impact. He is known for bringing a steady, thoughtful approach to leadership—balancing innovation with accountability, and security with usability.

As Director of the Technology Division for the Department of Corrections, William leads efforts to modernize systems, strengthen cybersecurity, and improve operational efficiency across the agency. His work supports critical public safety functions, ensuring that technology is both secure and dependable for those who rely on it every day.

 

Ron Zochalski, CISO/CTO, Lake County Government, Indiana

CTO & CISO for Lake County Government – Superior Courts Juvenile Division on the zero trust journey to protect data, assets and buildings for current and emerging security threats. I have the ability to break down the financial and technical risks and issues to both technical and the non-technical professionals including the boardroom and get buy in. This is not an easy task.

Ron also has spent the last 12 years teaching at Indiana University Northwest teaching students to understand and use various technologies, Personal Finance and Business Administration.

Ron’s 20+ year journey started in Financial Services then to Automotive, Newspaper/Media, ECommerce, Supply Chain, Mobile and currently Government and Courts. It’s always the questions you don’t know to ask are the ones that give you an issue.