Steve Katz, President, Security Risk Solutions
For over thirty-five years, Steve has been directly involved in establishing, building and directing Information Security and Privacy functions. He is the founder and President of Security Risk Solutions, LLC an information security company providing consulting and advisory services to major, mid-size, startup and venture capital companies. Steve is an Executive Advisor to Deloitte, is on the Advisory Boards for, Agari. Veriphyr, Glasswall, Vaultive, and ForcePoint. Steve served as a member of the (ISC)² Americas Advisory Board for Information Systems Security and has been an advisor to the executive committee of the Financial Services Sector Coordinating Council (FSSCC).
Steve organized and managed the Information Security Program at JP Morgan for ten years. In 1995, he joined Citicorp/Citigroup after the Russian hacking incident. At Citi, Steve was the industry's first Chief Information Security Officer. He spent the next six years directing Citigroup’s global Corporate Information Security Office. Steve then joined Merrill Lynch as their Chief Information Security and Privacy Officer, where he organized and instituted the company-wide privacy and security program. Recently Steve served as the interim CISO and Advisor to the Head of Technology Risk at Kaiser Permanente. He is also a mentor and coach to a number of CISOs in Fortune 50 companies.
Steve has testified before Congress on numerous information security issues and was appointed as the first Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury. He was also the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC) and is an Advisor to the National Health Sharing and Analysis Center (NH/ISAC) Board of Directors.
Lamont Orange, Chief Information Security Officer, Netskope
Lamont Orange has more than 20 years of experience in the information security industry, having previously served as vice president of enterprise security for Charter Communications (now Spectrum) and as senior manager for the security and technology services practice at Ernst & Young. Prior to joining Netskope, Orange was CISO for Vista Equity Partners/Vista Consulting Group. He was responsible for managing the cybersecurity programs and development of cybersecurity talent within the Vista portfolio, which included more than 50 companies. Prior to Vista, Lamont was Information Security Officer for Websense. In that role, he was responsible for developing, maintaining and socializing the company’s internal security program. He was also responsible for working with current and potential customers demonstrating security of the solutions and the connection to the overall security ecosystem. Orange is also an Adjunct Professor at Washington University Saint Louis, Masters of Cybersecurity Program and a member of University of Missouri Science and Technology Board of Trustee.
Jason Lish is currently the CISO of Advisor Group, a wealth management firm. Jason also served as Chief Information Officer of $2.3 billion Alight Solutions. As CIO he was responsible for Alight’s overall digital, technology, enterprise risk and security strategy, and execution. Lish also leaded the team charged with designing and developing Alight’s latest human-centric designs and advancements at the Alight Innovation Lab.
Jason initially joined Alight as the Chief Security Officer of Alight, where he directed all physical and cyber security initiatives. This included developing and enforcing security policies and strategies and establishing security standards and programs across the company.
Prior to Alight, Jason was the Senior Vice President of Security Technology and Operations for Charles Schwab and Company. In this role, he was responsible for operational and architecture security services to strengthen Schwab’s security posture and enhance the protection of Schwab’s critical assets. Jason also had responsibility for IT Risk and Operational Control across the information technology organization. Before Charles Schwab, Jason was Senior Director of Cyber Security Operations at Honeywell International where he was responsible for the design and maintenance of the cyber security program and delivering cost-effective and efficient secure IT security services.
Jason began his career in the United States Air Force as a telecommunication and intelligence specialist where he administered large network, communication, and cryptographic systems. Jason resides in Phoenix, Arizona and holds a Bachelor of Science degree and a Master’s degree in Business Administration. He holds several certifications in security, networking, process management, and participates in several industry security advisory boards including TrustMAPP, Privoro, Tigera, and Tech Mileage.
Aaron Pritz, President of Reveal Risk
Aaron is a former Eli Lilly Senior Leader with over 20 years of experience focused on information security, privacy and risk management. He now leads a boutique cyber security, privacy, and risk management consulting practice (Reveal Risk) where he helps companies better address risk, optimize their focus, and enhance their maturity. Aaron is a creative thinking strategist that has the ability to bring strategies to life through countless examples of successful execution. He effectively bridges Six Sigma, Information Security, Audit, Privacy, and IT experience to provide comprehensive solutions to the toughest problems. He is an active industry influencer and speaker on the topics of business driven risk management, insider theft, and cyber security in healthcare. He created a global insider threat and employee engagement program after a public insider threat event occurrence affecting intellectual property within the Pharma industry.
Allan Alford, CISO of Delivery at NTT Data
With 20+ years in IT and Engineering, Alford formerly served as CISO at Mitel, Forcepoint and Polycom. Alford has managed security strategy and led compliance with various frameworks and regulatory requirements such as NIST CSF, GDPR, ISO 27001, DFARS and others.
Alford secured Mitel’s enterprise and UCaaS environments and served at Pearson as Product Information Security Officer, where he created the security practice for a company-wide cloud transformation program. Alford also built and led the product security program at Polycom, integrating it fully into the product delivery process.
Alford gives back to the security community via his Defense in Depthpodcast – a weekly show that focuses each episode on a relevant topic in information security - and by authoring articles and speaking at conferences and summits.