Speakers at the Enterprise IT Risk / Security Management Conference

Chris Cronin
Chris Cronin is a Principal Consultant at Halock Security Labs in Schaumburg, IL in the Governance and Strategy Practice. Chris joined Halock after 15 years in IT leadership roles in operations, forensics and audit for private and public companies.

Chris’ involvement in regulatory compliance has a unique path, starting from forensic investigation at Enron, to bringing the first U.S. public company into compliance with Sarbanes Oxley, to now guiding companies toward compliance with Massachusetts CMR 17.00, HIPAA, ISO 27001, EU Safe Harbor, Sarbanes Oxley, PCI DSS and many other laws and regulations.

Chris is a certified GCIH and ISO 27001 Auditor, and holds a Master’s degree from Case Western Reserve University. He has served the SANS Institute on advisory boards and by developing course material for Audit and DLP.
 
Tony Czarnik
Anthony Czarnik’s 360 degree understanding of delivering secure technology solutions has evolved from over 25 years of IT experience, including roles as Software Developer, Consultant, Project Leader, System Engineer, Account Executive and Educator. Currently he manages the Information Security Practice at Savid Technologies. He graduated with honors in Computer Science from DePaul University and then he went on to complete a master’s degree in Management Information Systems. Mr. Czarnik has delivered Application Security solutions including PCI compliance, architected and implemented SIEM / Log Management solutions including HIPAA compliance, and has managed numerous Information Security and Compliance Risk Assessment projects.  
 
John Dolce
John has over 25 years of Technical and IT Senior Management expertise within various industries including manufacturing, wholesale, legal, as well as financial and logistics service organizations. He has been with True Value for 7 years developing and managing their security and GRC programs while also improving their SDLC, Change and Problem Management. Prior to joining True Value, John assisted Protiviti and Grant Thornton clients with internal audit testing and remediation efforts achieving Sarbanes-Oxley compliance. During 6 years with GE Rail Services, as CSO, he also developed and managed their Security and IT Audit Compliance programs. John has presented and been a panelist at many regional conferences and ISACA events. Along the way, he attained CISSP, CISA, Six Sigma and ITIL Foundation certifications.  
 
Douglas Ennis
Douglas has almost 20 years of experience in Information Technology. His path in Information Technology has touched many different technology specializations including: development, network, security, mobile device management, pre-sales, and IT Management.

Douglas career began designing and developing a Fixed Income Trading System for an Institutional Investment firm in Chicago. Several years later, Douglas transitioned into Management and was responsible for the IT staff that supported all technologies related to the Fixed Income Trading desk. In 1997, Douglas made a geographical move to Colorado and transitioned to a consulting role as a Network Architect for a regional firm. During his tenure, Douglas designed a variety of networks including: VOIP, Internal Core Networks, and Firewall for clients throughout the Rocky Mountain region. In 2001, Douglas moved to the manufacture side of the industry as a Pre-Sales Security Engineer and for the last 10+ years has worked for a variety of manufactures in a number of different capacities.

Most recently, Douglas is a Business Development Manager for Infoblox responsible for building market position by locating, developing, defining, negotiating, and closing business relationships.

Douglas has B.S. in Computer Science from John Carroll University and a Masters of IT with specialization in Security from Capella University.
 
Dave Hodgson
Dave Hodgson has almost 15 years of experience leading and building IT. He is soon to be a double D grad from DePaul University in Chicago. His experience covers a multitude of industries from Software Services, Distribution, Publishing, Hosting, and Manufacturing. Dave also has extensive experience in the security world having managed IT for a large Chicago based Data Security company. Most of his positions have involved taking the IT side of an organization from the startup phase over the hump to become an enterprise class department through implementing structure, polices, procedures, standards and developing high performance teams.
Most recently Dave was recruited to overhaul the infrastructure side of IT for a large US based defense manufacturer. In his current role Dave is responsible for a complete technology upgrade across the organization, covering network, systems, end user, and support. He has also renegotiated telecom contracts resulting in over $10,000 of savings per month.
Dave is a hands on leader with deep technical knowledge and extensive architecture experience covering technology from almost every major vendor. He travels almost every week spending time with his team, developing plans, strategy, and interfacing with the various business units. He is constantly looking across the organization to see how he can further develop and utilize the resources of IT to help drive the business forward.
 
John Kirkwood
John is responsible for the management of the information protection and risk management program at Security Innovation, including associated policies, procedures, controls and compliance. Additionally, he is the company’s principal security strategist and evangelist - driving the direction of products and services at Security Innovation, ensuring the company’s value proposition resonates with security, control, compliance, privacy and risk management executives. Further, John serves as chief liaison to current and prospective clients.
John has spent the past twenty years focused on Information Protection, Security, Compliance and Risk Management. Prior to joining Security Innovation, he held global Chief Information Security Officer Positions for eight years at Royal Ahold and American Express companies. John has also held leading information security, risk management and compliance positions at Credit Suisse, Lucent, Siemens, Merck and Medco.
Because of John's knowledge and experience in establishing and leading information protection and risk management programs, he has been asked to participate and numerous forums and conferences. He is also frequently asked to advise companies in establishing actionable information protection and risk management strategies and programs.
John has a BA in government from Harvard College and has earned CISA, CISM, CISSP, ITIL and CRISC professional certifications.  
 

Fred Kwong

Fred Kwong has been in the information technology field for the past 10+ years in consulting, engineering, management, and director level positions. He currently works at a U.S. Cellular as the Senior Information Security Manager. He works on all network and security related activities including project management, access and identity management, and security architecture. Fred has a passion of combining IT skills with organization development values. His broad range of IT skills has allowed him to view IT from many different paradigms and present them to the business partners in an easy to understand language. Fred is also an adjunct professor at Roosevelt University teaching courses in international business and organization behavior. He holds a Ph.D. from Benedictine University and is a certified project management professional.

 
Kevin Novak
Kevin Novak is Chief Information Security Officer, and IT Risk Manager at Northern Trust. Kevin is a member of the Northern Trust Corporate Operational Risk Group. He is responsible for the security of Company and Client information and for the management of information technology risks across Northern Trust's global business. Kevin joined Northern Trust in August 2011.

Prior to assuming the role of Chief Information Security Officer at Northern Trust, Kevin spent 5 years at Discover Financial managing their Information Security, Records Management, and Enterprise Risk Management programs, as Chief Operating Officer and Director of Consulting Services for Neohapsis, a Chicago based information security consultancy, and as a senior technology consultant at Ciber Network Services, a global IT consulting services provider.
Prior to joining Ciber Network Services, Kevin was a financial auditor and tax accountant for Best Travel and Tours, and Ameritech Credit.

Kevin has a B.S. degree in Accounting from Western Michigan University and is a Certified Information Security Manager - ISACA
 

David Ogbolumani
David Ogbolumani is Director, Global IT Security at the Kellogg Company where he focuses primarily on technology risk management, regulatory compliance, and defining organizational security requirements. David has worked on IT Operations, Network Security, Systems Auditing and Project Management for several leading organizations including GE, Abbott Lab, BP-Amoco, World Bank, Northern Trust Bank, JP Morgan, Aon Corp, Phillips Electronics, CNA Insurance, SunGard Data Systems and the US Government. He holds a Bachelor of Architecture Degree from Louisiana Tech University, a Masters degree in Information Technology and Management from Illinois Institute of Technology and a certificate in Information Systems Project Management from Northwestern University. David also holds the CIA, CISA, CISM and CISSP designations. He is an accomplished speaker, who has made presentations on IT Security and Compliance at Conferences and Symposium for the Institute of Internal Auditors and the MIS Training Institute, amongst others.
 
Colin Sheppard
Colin Sheppard is the Director of Incident Response & Education at Trustwave SpiderLabs. His team is responsible for performing over 1,200 breach investigations worldwide. Through this experience, his team has gained a unique insight into the world of cybercrime and frequently assists and trains various State and Federal Law Enforcement agencies on the current threat landscape.

Prior to joining SpiderLabs, Colin worked for Lucid Security as a Senior Security Researcher, focusing on vulnerability research and development of IDS/IPS signatures. Colin has written for a number of industry publications, including Computer World and Digital Transactions. His sustained research on data breach investigations and current threats have been presented at industry conferences such as PCI European Community Meeting, MRC, Gartner Security & Risk Management Symposium, Visa Latin America Security Summit, Visa Canada Franchisor Data Security Symposium, and Visa Asia Pacific Security Summit.

Colin obtained a BS in Business Administration from Old Dominion University. He also holds CISSP and PCI QSA certifications and is a contributing member of the U.S. Secret Service Electronic Crimes Task Force.
 
Umesh Tiwari
Umesh is an IT Governance, Risk & Compliance manager and information security technologist at US Cellular.  He has over 20 years of experience in IT Risk practice development, Security governance, Data Encryption, Monitoring, DLP and RBAC among others.

He began his professional career as Systems engineer at Hewlett-Packard in 1991,then managed IT Systems for a car manufacturing company. In 1994, moved to the USA and worked in Government, Telecom, Pharmaceutical, Consumer product and Financial services companies both as a consultant and in corporate positions managing IT Infrastructure, ERP systems, IT Security Architect and IT Risk Manager.  Umesh is certified in PMP (2003), CISSP (2008), CISM (2009) and CRISC (2011).

Umesh received his Bachelor of Science (Physics, Mathematics) degree from Ravishankar University, Raipur, India, 1988 and a Master of Computer Applications degree from The National Institute of Technology, Raipur India 1991.