2015 ICI Cybersecurity Forum
NOVEMBER 5, 2015
RONALD REAGAN BUILDING AND INTERNATIONAL TRADE CENTER
WASHINGTON, DC
Speaker Biographies
JOE BERNIK
Joe Bernik advises Promontory clients on managing cybersecurity risks. He has nearly two decades of experience creating
and implementing cyber risk management programs at global banks. Before joining Promontory, Bernik served in senior
positions at several large financial institutions. As chief information security officer at both ABN AMRO and Fifth Third Bank,
he led teams dedicated to protecting customer data, complying with data-related laws and regulations, and helping maintain
the firms’ disaster-recovery and business-continuity plans. Bernik also has broad experience conducting assessments of
operational risk at large banks and helping global firms comply with cross-border regulations. He is fluent in Spanish. Bernik
earned a BA in English and management information systems at the University of Mary Washington.
TIMOTHY C. BLANK
Timothy C. Blank is managing partner of Dechert’s Boston office. He is a litigation partner on the trial team and is also
head of Dechert’s data privacy and cybersecurity practice. He represents technology, financial services, and biotechnology
companies in complex federal and state court litigation, including consumer and securities class actions and patent,
copyright, trade secret, non-compete, and contract cases. He also advises on software licensing, data privacy and protection,
IP transactions, and government investigations. Blank serves as a trial adviser for the Harvard Law School Trial Advocacy
Program, is a member of the Computer Litigation Section of the American Bar Association, and has published a number
of articles addressing the resolution of software licensing disputes and software copyright litigation. He is recognized as a
“Litigation Star” by Benchmark Litigation, a leading legal referral guide.
JASON B. BROWN
Jason B. Brown is the assistant to the special agent in charge in the U.S. Secret Service’s Criminal Investigative Division.
In this position, Brown manages the cyber intelligence section, which targets, identifies, and apprehends the most prolific
and profitable cyber criminals harming the United States. Additionally, he is responsible for overseeing the Secret Service’s
network of 38 domestic and international electronic crimes task forces. From 2008 to 2009, Brown was detailed to the
Executive Office of the President, where he served as the director of cybersecurity policy with both the Homeland Security
Council Staff for President George W. Bush and the National Security Staff for President Barack Obama. During an earlier
assignment, he assisted with the establishment of the cyber intelligence section. He subsequently aided the establishment
of the Secret Service’s critical systems protection program. Brown also was previously assigned to the Presidential
Protective Division, where he conducted numerous physical risk assessment and mitigation operations both domestically
and internationally. He began his career with the Secret Service in July 1999 in the New York field office, where he served
as a criminal investigator and computer forensics agent assigned to the New York Electronic Crimes Task Force. He has an
undergraduate degree in political science from the University of Kentucky.
2015 ICI CYBERSECURITY FORUM | SPEAKER BIOGRAPHIES
1
MIKE CATLIN
Mike Catlin is the chief information security officer of the Capital Group Companies. In his role as CISO, Catlin is responsible
for strategy, delivery, and oversight of the security programs within Capital’s information technology organization. In addition
to leading the security and risk teams, he is a senior business leader of technology services within the information technology
group. In this role, Catlin has responsibility for engineering and delivery of the capital technology infrastructure. He also has
overall responsibility for the quality management function. Catlin is a member of the CG Risk Oversight Committee, the
Information Security Steering Committee, and the Global Business Continuity Steering Committee.
EARL CRANE
Earl Crane is a recognized expert in information security strategy and cybersecurity policy. He was previously the director
for federal cybersecurity policy on the White House National Security Council. From 2011 to 2013, Crane advised President
Barack Obama as the lead for federal cybersecurity policy and oversight, responding to shifting cybersecurity risks and
emerging threats. Before his recruitment to the White House staff, Crane was the director of cybersecurity strategy and the
chief information security architect at the Department of Homeland Security, where he directed his staff in the creation and
implementation of the DHS security risk-management strategy, as well as the development of an enterprise-wide security
architecture. He also formulated policies and procedures to address issues including intrusion detection and response
security operations, threat intelligence, cloud computing security, and data-loss prevention. Most recently, Crane was a
director with Promontory Financial Group. He also has served on the faculty at Carnegie Mellon University as an adjunct
instructor for the past 15 years. Crane earned his PhD from George Washington University, a master’s of information system
management at Carnegie Mellon University, and a BS in mechanical engineering at Carnegie Mellon University.
ALEX CUNNINGHAM
Alex Cunningham is the information security officer for State Street Global Advisors. A business-focused senior information
security and IT risk management thought leader, Cunningham has experience creating and growing pragmatic programs
that align with business goals and objectives. Before joining State Street Global Advisors, Cunningham held similar security
management positions within the asset management, insurance, and market research sectors in the United Kingdom and the
United States. A former British army officer, Cunningham is a certified information systems security professional (CISSP)
and a certified information security manager (CISM); he is also certified in risk and information systems control (CRISC).
ANDREW DOUGLAS
Andrew Douglas is a director in Deloitte’s cyber risk services practice, specializing in cyberthreat management, including
advanced testing and cyberthreat intelligence services. He has 14 years of experience performing consultative information
security and IT services for Deloitte’s clients globally, in technology, life sciences and healthcare, banking, and other industries,
as well as wider cybersecurity strategy, program, and capabilities assessments. Previously, Douglas worked for Deloitte &
Touche in the Cayman Islands, where he was responsible for managing the firm’s wider enterprise risk services group. As part
of this role, he managed the Deloitte Disaster Recovery Centre, providing a range of disaster recovery services to clients. He
also worked for Deloitte & Touche LLP’s Silicon Valley security and privacy practice, focused on performing and managing
technical vulnerability assessments, and for Deloitte Touche Tohmatsu New Zealand’s enterprise risk services practice,
performing vulnerability and penetration assessments for public and private organizations in New Zealand, Australia, and
Thailand. Douglas is a certified information systems security professional (CISSP), certified in risk and information systems
control (CRISC), a certified information security manager (CISM), and a SANS GIAC certified enterprise defender (GCED).
NICOLE EAGAN
Nicole Eagan is CEO of Darktrace. She has over 25 years’ experience in the technology industry, having worked on the
management team of both private and publicly traded companies. Eagan has raised capital for many startup companies
as well as taking one company public and successfully selling several others. Her expertise is in developing and executing
strategies for high growth businesses and has grown two enterprise software businesses to over $1 billion in annual revenue.
Having served as chief marketing officer at Peregrine, Quest, Verity, and Autonomy, she is an expert in product marketing,
field enablement, and business development. Eagan began her career in New York working for Institutional Investor and
designing financial information systems for Wall Street banks and brokerages. She subsequently held several product
marketing and strategy positions at Oracle.
2015 ICI CYBERSECURITY FORUM | SPEAKER BIOGRAPHIES
2
ADAM GOLODNER
Adam Golodner is a partner in Kaye Scholer LLP’s Complex Commercial Litigation Department and the leader of the
global cybersecurity and privacy group. Golodner has deep experience with the issues facing private- and public-sector
clients in critical information infrastructure sectors and focuses on existing and proposed cybersecurity laws and policies
and related national security, consumer protection, and privacy issues. Before returning to private practice, Golodner was
an executive for Cisco Systems Inc., where for nearly a decade he created and drove its global cybersecurity and privacy
program. Before joining Cisco, Golodner was the associate director for policy of the Institute for Security, Technology, and
Society at Dartmouth College, chief of staff of the U.S. Department of Justice’s Antitrust Division, and deputy administrator
of the U.S. Department of Agriculture’s Rural Utilities Service. Golodner began his career at a Denver-based corporate law
firm, where he became partner in 1992, and is currently a fellow at the Center for Digital Strategies, Dartmouth College Tuck
School of Business, and a senior adviser at The Chertoff Group.
BRANDON HINES
Brandon Hines joined Dimensional Fund Advisors in 2007. He leads Dimensional’s information security program and related
initiatives. Hines has more than 25 years of experience in technology across a variety of industries, including financial services,
healthcare, and managed services, where he has established and built technology operations and security programs from the
ground up. Over the past 15 years, Hines has had numerous opportunities to speak on information security at professional
organizations and client sites. He received an MBA from the University of Texas at Austin’s McCombs School of Business.
FRED MAEL
Fred Mael has worked as an organizational consultant for 25 years, doing consulting, facilitation, and research in areas such
as organizational culture, employee and customer loyalty, organizational surveys, best practices studies, and development
of performance management systems. He has also worked as a work/executive coach since 2002, coaching a full range of
professional managers and executive leaders in both the private and public sectors. Mael is the author of more than 80
book chapters, journal articles, and conference presentations on topics such as loyalty, leadership, privacy, and workforce
retention. In 2004, he was named a fellow of the American Psychological Association for “programmatic and influential
work” in the field. Mael has a PhD in psychology from Wayne State University as well as a master’s in counseling psychology
from Loyola College of Maryland, and is a professional certified coach as certified by the International Coach Federation.
MONZY MERZA
Monzy Merza serves as the senior director of cyber research and chief security evangelist at Splunk Inc. He has more than
15 years of tactical and cybersecurity research experience in government and commercial organizations. His experience
includes vulnerability management, security product testing, penetration testing, adversary modeling, cyber tools, and
infrastructure development. Merza has served as content developer and instructor for cyber trainings and red/blue team
exercises. He has also been an invited speaker at government and open conferences. Merza’s current research is focused on
integrated approaches to human-driven and automated responses to targeted cyberattacks.
DOREEN B. NORAKO
Doreen B. Norako is the chief information security officer for Brown Brothers Harriman. Her responsibilities include
cybersecurity, vulnerability management, role compliance and attestation, as well as monitoring and forensics. Over her
career with BBH, she has managed business continuity planning (BCP), systems recovery, systems risk management, IT
service management, U.S. trading operations, and open-end mutual fund trading. Norako has presented at several industry
forums on cybersecurity and BCP and has served on several software advisory boards, including Oracle CISO Advisory,
SunGard Availability Services, Strohl Systems, ICI’s Technology and CISO Advisory Committees, SIFMA’s BCP Steering
Committee, and NEDRIX.
2015 ICI CYBERSECURITY FORUM | SPEAKER BIOGRAPHIES
3
ELLEN RINALDI
Ellen Rinaldi, a 17-year Vanguard principal, has global responsibility for enterprise security, including physical and personnel
security, information security, the security operations center, fraud, business contingency, system access, and data
governance and privacy, as well as the reporting function for performance and benchmarks for Vanguard’s mutual funds and
ETFs. Currently she serves as the chair of the Investment Company Institute’s Chief Information Security Officer Advisory
Committee and participates in numerous webcasts and blogs addressing Vanguard shareholder interests. Before heading
enterprise security for seven years, she led Vanguard’s investment counseling and research group—Vanguard’s retirement
agenda—providing portfolio recommendations, topical commentary, and investment counseling for clients. She also served
as principal of Vanguard’s personal financial planning group, defined benefit services group, and client service group for
large institutional 401(k) plan clients. Rinaldi received a BA from the University of Connecticut, a JD from Suffolk University
Law School, and an LLM in taxation from Boston University Law School.
NICK SHERWOOD
Nick Sherwood is the vice president of cybersecurity for OppenheimerFunds, which, with its subsidiaries, manages more
than $219 billion in assets for more than 13 million shareholder accounts, including subaccounts, as of August 31, 2015.
Sherwood oversees the company’s cybersecurity engineering and administration teams. His responsibilities include the
development and implementation of numerous in-depth defense technologies to enhance network security and manage
risk around cyberattacks. He has held various positions related to cybersecurity and infrastructure since joining the firm in
2000. Before joining OppenheimerFunds, Sherwood was a member of the IT architecture team for Coors Brewing Company.
He graduated from the University of Colorado with a degree in computer science. He has several technical certifications,
including a CISSP and CISM.
BILL SWEENEY
Bill Sweeney is the vice president of the financial services practice of BAE Systems Applied Intelligence and is entrusted
with cultivating innovative technology solutions in cybersecurity, fraud prevention, and regulatory compliance for buy- and
sellside professionals worldwide. For more than 20 years, Sweeney has leveraged emerging and state-of-the-art software
and services to empower and transform investment operations as well as control risks. Before joining BAE Systems
Applied Intelligence, he served as chief information officer of compliance and legal technology for global financial services
conglomerate Citi. From 2008 to 2012, he was director of research technology for Bridgewater Associates, the largest global
hedge fund. In addition to serving in senior roles for several technology boutiques, Sweeney also was CTO of HSBC. He
is a graduate of Manhattan College and earned his master’s degree in computer science from the University of Southern
California.
JOHN P. WATTERS
John P. Watters is the founder, chairman, and CEO of iSIGHT Partners, a Dallas-based cyber intelligence firm founded in
2006. Before that, Watters was chairman and CEO of iDEFENSE (2002), which he sold to VeriSign in 2005. Over the past
decade, he has been an active operator and investor in other innovative cybersecurity companies, including TippingPoint
Technologies, Archer Technologies (where he served on the board), and Netwitness (where he was board chairman). Before
focusing on the cybersecurity industry, he was the founder, chairman, and CEO of EFO Holdings, Inc., the investment arm
of Bill Esping (founder of First Data Resources). In his various investment, operating, and philanthropic capacities, Watters
has served on more than 20 corporate and nonprofit boards, including the Jesuit Foundation (Dallas, Texas); the STAIRS
program, which supports inner-city education (he was founder and chairman); and Andromeda FC, a U.S. Soccer Federation
development academy (also founder and chairman). Watters graduated from Santa Clara University and attended the
London School of Economics.
2015 ICI CYBERSECURITY FORUM | SPEAKER BIOGRAPHIES
4