Speakers at the Enterprise Risk / Security Management Conference

Gary Alterson

Gary Alterson leads IT Compliance and Risk Strategy in the Americas for Zurich, a global insurer. In this role he aligns business and IT strategy with security and risk management planning, architecture and polices. Gary acts as a liason to legal /compliance/audit to ensure responses to external requirements are anticipated, addressed, and integrated into overall IT plans. He's contributed to multiple outsourcing projects by developing requirements, performing due diligence, reviewing contracts, and managing security from transition through to steady state. Gary has held prior roles as the manager of a IT risk and security team, global architect, and external consultant in security, infrastructure, and operations.

Drake Cody
Drake Cody leads the Risk Management group at Allstate Insurance Corporation (AIC). Drake has 15 years of progressive IT and security experience and has been part of numerous key enterprise level security projects and initiatives enhancing Allstate's defense in depth approach to security. Drake has directed the development of the overall Risk Management practice for AIC that has been crucial in managing risk levels through effective security base-lining, metrics and effective risk management framework implementations. Drake also maintains the integrity and security of the corporation's data and systems through proactive management of Application Security, Vulnerability Management, Security Event Analysis, Computer Incident Response, Data leakage prevention (DLP), Electronic Discovery, Records Management and Computer Forensics practices.

Michael Gabriel
Michael Gabriel has been employed by Career Education Corporation, a $1.8B for-profit, post-secondary education services company, since 2004 when he was tasked with building an information security program from the ground up. Michael came to CEC from a background in the global investment banking industry, where he provided security management and engineering since 1995. He has also practiced in the security consulting field, including a stint as an interim security director for an Internet banking startup. Michael is sought out for speaking engagements on information security topics and is a frequent contributor to security-related articles.

Peter Gyurko

Peter Gyurko is senior consultant at Solstice Consulting, a firm that helps make companies more successful through custom software development, technology platform implementations and business process optimization. Peter specializes in Identity and Access Management having led the IAM practice at The Northern Trust Company and contributing to the Identity Provisioning implementation at Western Union. Peter held numerous technology positions at the Northern Trust Company prior to entering the consulting field, including Portal Product Development Manager and Sr. Technical Architect. Peter has fifteen years technology experience in the Financial Industry.

Daniel M. Harris
Danny is with Aon's Information Security Services group, and is instrumental in the development and refinement of corporate security policies, standards, and procedures. Specializing in security awareness training, Danny is responsible for the delivery of key security awareness training for the organization, as well as for the development, implementation, and maintenance of the corporate technical information security website. Danny's involvement also includes security audits, security vulnerability and risk assessments on Aon's Internet connections, E-commerce sites, and internal systems. Additionally, he functions as a consulting engineer and architect for secure network systems, with extensive involvement in the deployment of E-Mail content filtering and virus scanning at Aon. Danny is a key member of Aon's Information Security Incident Response Team, where he assists with incident handling. He also evaluates and recommends security products for Aon. Danny also teaches in the Computer Security and Forensics Investigation program at Wilbur Wright College in Chicago and has been an instructor with the SANS Institute for five years.

Kelly Manthey

Kelly Manthey is the Business Practice Partner at Solstice Consulting. Kelly is an accomplished management consulting professional for both technology and business process driven projects. Kelly has over a decade of experience working with clients to develop both technology and business process based solutions to meet business objectives. Kelly began her career at Andersen Consulting (Accenture) and has since had the opportunity to work with several Fortune 500 companies throughout her professional career. Kelly has been recognized by her clients and peers for her effective business and technical leadership. Kelly's ability to straddle both sides of the fence has enabled her to provide clients with holistic solutions for delivering enterprise-wide change. Most recently, Kelly has focused her work on helping clients in regulated industries use process and technology not only as a means for regulatory compliance but also as a competitive advantage. Kelly has been recognized as an Information Technology thought leader. Her perspective has been sought by and published in leading industry media outlets and she has served as guest speaker at conferences. Kelly has a Bachelors of Business Administration in Information Systems.

Yinal Ozkan

An expert in the field of corporate computer and network security, Mr. Ozkan (CISM, CISA, CISSP) specializes in the design of strategic security systems for mid-sized to large corporations and government institutions. During his tenure with Integralis he has managed pre-sales, consulting and engineering teams, restructured pre-sales operations, and developed compliance programs. His extensive experience has helped him build a strong foundation of specialized knowledge in risk management, information security management systems, financial systems, managed security services and network security solutions. He has managed a number of large-scale security infrastructure projects, compliance initiatives, sophisticated firewall and intrusion prevention system (IPS) integration projects, and the implementation of authentication solutions, particularly in the financial services sector. Prior to joining Integralis in 2002, Mr. Ozkan consulted for several Fortune 100 companies. He is the co-author of the book "Advanced Check Point Configuration," published by Sybex Publications.

Mark Phinick

Mark Phinick has over 20 years of experience helping clients leverage innovative technology for overall increased efficiency and cost saving. In his current position at BigFix, Mark helps to educate clients on how to reduce spending on software licenses, infrastructure costs and PC energy consumption while ensuring continuous endpoint protection and regulatory compliance. Prior to joining BigFix, Mark held similar positions at IBM, webMethods, Forté Software and other companies delivering ‘breakthrough’ technologies that have since become mainstream solutions.

Jim Powell, CISO/CTO

Jim serves our country as the Chief Information Security Officer (Assistant Chief of Staff) at the US Army Reserve in Arlington Hts., IL. He has executive oversight of composite Security, Intelligence, and Technology initiatives. Previously he was Division Chief /Colonel at U.S. Army Central – Kuwait where he provided strategic planning for delivery of $10MM in web-based technology for a 2500+ user organization. He provided delivery of critical resources for 5K+ personnel and implemented a rapid deployment mobile server /rugged laptop training environment. Before that he spent five years as Sr. Business /Program Manager at Altria Corporate Services and fifteen years at Kraft Foods. He began his long career as a Pre-sales Consultant /Technical Leader at Digital Equipment Corporation.

Patti Suarez

Patti Suarez is the Senior Manager of Information Security & Compliance for Wm. Wrigley Jr. Company located in Chicago. She specializes in risk management and information protection strategy, and has designed information security solutions for Fortune 500 clients in financial services, manufacturing, telecommunications, and healthcare. Ms. Suarez has a broad background in commercial security and critical infrastructure, including six years as an Internet Security Practice manager in financial services. She is a recognized expert in information security and compliance and regularly consults with top executives on security issues. She is a frequent guest speaker at conferences and seminars throughout the United States, presenting at SAP’s Tech Ed, ASUG’s Annual Conference, ASUG Chicago chapter events, and Technology Executive Forum. Ms. Suarez is a Certified Information Systems Security Professional (CISSP) and holds a Bachelor degree in Telecommunications from Roosevelt University. She is currently pursuing her Masters in Information Security and Privacy Law from John Marshall Law School in Chicago.

Steve Sullivan

Steve Sullivan is the Director of Information Technology and Chief Security Officer for Central DuPage Hospital located in Winfield, IL, with convenient care centers and physician offices throughout DuPage County. Central DuPage Hospital is the third largest employer in DuPage County and has been named as a Top 100 Most Wired and Wireless Hospital by Hospital & Health Networks. Steve's role and responsibilities encompass information security, business continuity and disaster recovery. His broad background includes over 20 years in the IT industry from computer/software sales, technical support, programming, product development, change management, project management, IT team management and regulatory compliance issues regarding JCAHO, HIPAA and PCI.

Steve Susina
Steve Susina has more than 20 years of engineering and marketing experience in the telecommunications and IT industries and currently serves as Director of Marketing for Laurus Technologies, a business consulting and IT solutions provider based in Itasca, IL. Previously, he was Senior Product Manager for UTStarcom's fixed/mobile convergence product line, and has also held various sales, marketing and engineering roles at Tellabs and AT&T. His speaking experience includes technology conferences around the world on such topics as IT & business strategy, optical networking, compliance and identity management and mobile communications. Susina holds a BS in Electrical Engineering from Marquette University and an MBA from the University of Pittsburgh.

Kurt A. Troyer, CISSP
Kurt Troyer is the Corporate Information Security Manager at ITW. He is responsible for information security strategy and development at ITW and its various business units. Kurt has over 15 years of experience in technology and security management, primarily in the financial services industry. With $15.9 billion in revenues, ITW is a multinational manufacturer of a diversified range of value-adding and short lead-time industrial products and equipment. The Company consists of 875 business units in 54 countries and employs some 65,000 people.

Bill Turner – CIPP, CIPP/G, CIPP/C, HITRUST CSF Practitioner, CHP and CHSS

Bill has over 20 years of privacy, security and Information Systems experience. He is an experienced senior leader who has spent a large portion of his career building and protecting advanced health information systems. He spends much of his time in analyzing changes to new federal and state privacy and security regulations and aligning privacy and security initiatives as Chief Security Officer for APS Healthcare. He has held the position of Director of Technology and Strategy for a 90 county hospital system in Texas. He also held the position of Director of Client Enterprise Services for a nationwide network of 1800+ community-owned hospitals and 8000+ physicians. He has worked in the defense industry working in the area of Advanced Electronic Warfare. Mr. Turner holds a degree in Social Work and has completed advanced business courses at SMU, Kellogg School of Business, and Harvard Business School. He has advanced training in Computer Forensics, E-discovery, physical, technical and personal security. He holds membership and participates in the following organizations: High Tech Crime Consortium (HTCC), Infragard, High Tech Crime Investigation Association (HTCIA), Health Information Management System Society (HIMSS), International Association of Privacy Professionals (IAPP), Information Systems Security Association (ISSA), American Society for Industrial Security and has been the Past President of the Dallas Chapter Microcomputer Managers Association and Past Director - AFEWS (Association of Old Crows – Electronic Warfare).