SPEAKER BIOGRAPHIES

SPEAKERS AT THE ENTERPRISE RISK/SECURITY MANAGEMENT CONFERENCE – FEBRUARY 20, 2025

Todd M. Covert, CISSP, CDPSE, CISO, National General (an Allstate Insurance Company)

Todd is a seasoned cybersecurity executive with over two decades of experience driving information security strategies in highly regulated environments. As Chief Information Security Officer at National General, he has spearheaded transformative initiatives and the integration of acquired organizations. With a passion for fostering proactive security cultures and driving innovation responsibly, he is committed to empowering organizations to navigate the complex cybersecurity landscape with confidence.

A trusted advisor to senior leadership, he excels in aligning security initiatives with business objectives, ensuring compliance with regulations such as NY DFS, HIPAA, GDPR, and meeting PCI DSS requirements.

Todd holds an MBA and multiple certifications, including CISSP, CDPSE and Associate C|CISO.

Matt Cox, CISO, Mindsight

Over 20 years of experience in Telecommunications, Information Technology and Security, including technical leadership, engineering, consulting, and installation. Proven experience in challenging environments utilizing critical thinking and communications skills. Able to communicate complex technical ideas to a broad audience. Passionate about information security and using technology to improve business outcomes.

Lori Kevin, Vice President, Enterprise IT & Security, IMO Health

Lori has over 20 years of experience in technology, operations, and specifically in building an innovative and robust security program from the ground up. She is currently VP of Enterprise IT & Security at IMO Health, a software development organization whose product offerings ensure clinical data quality and integrity across the healthcare ecosystem. Lori and her team provide not only technical security expertise and guidance to software engineers, they also collaborate across the entire enterprise to communicate security awareness through training, awareness campaigns, and risk management.

Derek Milroy, Security Architect, Arthur J. Gallagher

Derek Milroy is a corporate security professional that has been implementing security, as both an internal employee and as a consultant, for the past twenty plus years. His main areas of focus the past decade or so have been: Systems Hardening (focusing mainly on Windows Forest/Domain/GPO Architectures), Vulnerability Management, Patch Management, Log Management/SIM/SEIM, Incident Response, Network Infrastructure Security, Cloud Controls and Hardening, Red Team Program Management, Threat Modeling, and Threat Intel. He is a former QSA, current PCIP, and has also performed ISO 72001/27002, CIS Top18, and NIST CSF assessments.

Michael Myint, Vice President Information Security, COTA

A transformational leader with thirty years of experience in information security and technology. I am a business aligned pragmatic builder with over ten years of experience leading the information security program across four companies; a Fortune 100, Fortune 500, and two start-up organizations. I have managed teams as small as five and as large as two hundred with budgets ranging from seven to eight figures. I have revamped existing information security programs to expand capabilities and defend against the latest threats, as well as built programs from the ground up at high-growth organizations.

Brian Palmer, Director of IT Security & Infrastructure, Ventas, Inc.

Adaptive, customer-focused cyber security and infrastructure executive skilled at delivering projects and services of superior quality; history of leading large, geographically-disbursed teams to meet service level agreements, timelines, and budget targets with solutions that result in improved IT scalability, availability, security, and cost efficiency.

Highlights of Expertise: Enterprise IT Infrastructure Management, Global Technology Management, ITIL Methodologies, Disaster Recovery & Business Continuity, Enterprise IT Infrastructure Management, Short / Long-Range Strategic Planning, Recruiting, Team Building & Training, Contract Negotiation / Vendor Relations, Budget Management & Cost Reduction, Metrics Creation, Analysis & Reporting

Dixon Wright, Head of GRC, TrustCloud

Dixon Wright is Head of GRC at TrustCloud, where he oversees all aspects of internal GRC and customer implementations. Prior to TrustCloud, he was VP of Assurance at Coalfire and led teams that delivered SOC 2, ISO, HITRUST, FedRAMP and PCI assessments. His strong background in cybersecurity compliance and passion to make compliance, risk, and customer assurance easier has enabled him to help 100s of organizations achieve their desired compliance outcomes.

Ron Zochalski, CTO & CISO, Lake County Government – Indiana

Ron Zochalski, COO of Lake County and prior CTO/CISO, is leading risk management, building improvements, and infrastructure. He continues to update outdated cyber and physical security, technology, and processes to protect data and facilities with limited resources. This includes working with architects, engineers, and technology and security vendors.

Ron recently created a five-course cybersecurity minor from three different schools at Indiana University Northwest and obtained approval from Indiana University and the Board of Education. Ron is teaching the advanced course of the five-course cybersecurity minor, which includes data analytics for the School of Business and Economics. Ron has spent 14 years teaching here. I recently won the Distinguished MBA Alumni Award and have been published in several publications.

Ron previously worked in executive and managerial technology and operational roles for Xerox Financial Services, Aon Consulting, Howard Publishing Group, Compucom Systems, ProLogis, and T-Mobile, USA.

Ron is also a keynote speaker and panelist on cybersecurity and data privacy for industry and also holds free seminars on cybersecurity and data privacy for senior citizens.