CISO Think Tank

Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement. Specialties: Areas of expertise include: Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance

Jordan Tannenbaum, MD, MBA, MPH, PgC Healthcare Informatics is Vice President/Chief Information Officer and Chief Medical Officer and a CHIME Certified Healthcare Chief Information Officer (CHCIO). Saint Peter’s Healthcare System, sponsored by the Roman Catholic Diocese of Metuchen, is the parent company of Saint Peter’s University Hospital, a 478-bed acute-care teaching hospital and acute care children’s hospital; Saint Peter’s Physician Associates, a network of primary and specialty care physicians; Saint Peter’s Foundation, the fundraising arm of the healthcare system; and Saint Peter’s Health & Management Services Corporation, which focuses on the wide group of the system’s non-hospital related healthcare services, including the CARES Surgicenter. Saint Peter’s University Hospital, received its sixth consecutive designation as a Magnet® hospital for nursing excellence by the American Nurses Credentialing Center in 2020, is a state-designated children’s hospital and a regional perinatal center, and is a regional specialist in diabetes, gastroenterology, head and neck surgery, oncology, orthopedics, and women’s services. The Children’s Hospital at Saint Peter’s University Hospital provides families with access to a full range of pediatric specialties, including a nationally recognized Level III Neonatal Intensive Care Unit, pediatric surgery and orthopedic surgery featuring innovative anterior scoliosis correction.

EisnerAmper clients are based in the U.S., or comprised of U.S. business interests of foreign entities. To serve domestically-based clients with interests in financial services opportunities overseas, Eisner Amper offers the resources of offices in the UK, Israel, India and  EisnerAmper Global, with offices in the Cayman Islands, Singapore, and Ireland; as well as the services of Allinial Global. Todd, leads the information security team and is an experienced, detail-oriented, and innovative professional with proven performance in information security, enterprise-level systems administration, and project management.

Ariel Weintraub is the Head of Enterprise Cyber Security at MassMutual. Ariel joined MassMutual in the fall of 2019 as the Head of Security Operations & Engineering, responsible for the Global Security Operations Center, Security Engineering, Security Intelligence and Identity & Access Management (IAM). Prior to joining MassMutual, Ariel served as Senior Director of Data & Access Security within Cybersecurity Operations at TIAA where she led a three-year business transformation program to position IAM as a digital business enabler. Before working at TIAA, Ariel was Global Head of Vulnerability Management at BNY Mellon and was part of the Threat & Vulnerability Management practice at PricewaterhouseCoopers (PwC). Ariel holds a Master of Science in Cybersecurity from New York University (NYU) Tandon School of Engineering and a Bachelor of Science in Business Administration from the University of Southern California (USC) Marshall School of Business. Ariel has a passion for empowering women, especially the next generation of female cybersecurity leaders, and for tackling the cybersecurity workforce shortage. To help address these important issues, she serves on the Board for the Executive Women’s Forum (EWF) and the ISACA One in Tech Foundation, which is focused on building a digital world that is safe, secure and accessible for all. Most recently, Ariel also joined the FS-ISAC Board of Directors on which she is furthering her other passion for maximizing the value of threat intelligence sharing across the financial services sector.

A cyber security professional well versed in Product/Application Security, Cloud Security, Enterprise Security Architecture (ESA), Risk Management, Identity & Access Management, Software Design, Data Security, Mobile Security, Project Management, Compliance and Large Scale Integration. A known international speaker and leader in the cyber security space with an extensive background in managing local cyber security associations and mentoring talent. Solid reputation for innovation, versatility excellent leadership and communications skills with a proven ability to analyze, prioritize, and implement complex and highly impactful programs. Specialties: * Product Security - S-SDLC, Threat modeling, SAST/DAST/SCA/Pen testing/red/blue/purple teaming * Cyber Security, Policy, Risk & Privacy Governance & Compliance * Access and Identity Management (AIM) - federation, authentication, access control * IT Strategy, Application Security, * Regulatory Compliance, Validation, Qualification and Audit (GDPR, CFR Part 11, SOX, ISO 2700x, FIPS, NIST 800-xx, PCI DSS, HIPAA, NYCRR 500 - DFS), * Security labels and data categorization, * Development of security models and security standards, * IT controls and risk assessment, * Service provider assessments, encryption, cryptography, identity theft, security breaches, threat assessment, security requirements & certificate services, * Digital and Electronic Signatures, * Mobile solutions support * Data Analytics & Machine learning

Johnny Wong is the Sr. Director of Solutions Architecture Veracode. He oversees the East technical sales team for Strategic, Enterprise, and Channel regions. Johnny has been in security his entire career. The first part of his career, he was focused on identity and access management.  Johnny started his career as a software developer and after nearly five years of creating insecure code, he was offered an opportunity to not be a software developer and to join the world of pre-sales.

Johnny received a BS in computer Engineering from Tufts University. He and his family reside in Boston and he has no plans to ever leave because of the Boston Celtics! He loves to travel specifically to find and eat at the best restaurants across the world. At this point, the only animal he hasn’t eaten are the endangered or extinct ones.

Ivan Durbak is CIO at Bronx-Lebanon Hospital Center. In this role he leads an IT organization that supports the Bronx-Lebanon Hospital Center community, including two major hospitals, two nursing homes, a large emergency room and a large clinic ambulatory environment that sees nearly one million patients a year

Adam Healy has 20 years of technology and security experience having held senior roles at Intercontinental Exchange’s Bakkt subsidiary, Palantir Technologies, Microsoft, and the U.S. Intelligence Community. He’s been responsible for leading the implementation of numerous strategic cybersecurity, physical security, and technology initiatives within the U.S. government, as well as enabling enterprise data efforts at several Fortune 100 companies. Currently, Adam serves as BlockFi’s chief security officer overseeing a cross-functional team of over 100 employees and contractors responsible for an array of functions including cybersecurity, fraud, physical security, corporate information technology services, cloud engineering and SRE, and data science and machine learning. Skills: Cybersecurity | Information Security | Project Management | Leadership | Penetration Testing | Network Security | IT Operations | Vendor Management | Consulting | Enterprise Architecture | National Security | Bitcoin | Blockchain | ISO 27001 | NIST CSF | FIPS | Threat Modeling | Team Building | SDLC | Incident Response | Security Operations | ITIL | CISSP-ISSAP | PMP | PCI DSS | HIPAA | SOC 1 | SOC 2 | P&L | Insider Threat | Custody | Digital Assets | Multiple-Party Computation | MPC | Cryptocurrencies | Cryptographic Systems | FedRAMP | Physical Security | Insider Threat | CCSS | Digital Assets

With over 30 years of experience in the IT industry, including more than two decades specializing in cybersecurity, I am a seasoned professional known for visionary leadership and comprehensive expertise in safeguarding organizations from evolving cyber threats. Key Highlights: * Cybersecurity Visionary: Throughout my career, I have consistently developed and executed robust cybersecurity strategies that align seamlessly with organizational objectives. I excel at protecting critical assets, data, and systems while proactively identifying and mitigating risks. My specialties encompass advanced threat analysis, cyber risk management, incident response, security architecture design, and regulatory compliance. As a cybersecurity visionary, I have pioneered solutions that fortify organizations against emerging threats. * Agility and Problem-Solving: My career has been marked by my ability to tackle complex challenges with agility and innovation. I leverage my expertise in cybersecurity methodologies, industry best practices, and compliance standards to provide effective solutions. * Mentorship and Leadership: I take pride in guiding and mentoring cybersecurity teams to excel in vulnerability assessment, threat detection, incident response, and recovery. I am deeply committed to fostering a culture of continuous learning and professional growth. * Communication and Work Ethic: My strong work ethic, exceptional interpersonal skills, and adept relationship-building capabilities are complemented by my proficiency in multitasking and effective communication. I thrive on embracing challenging tasks and delivering results. I am passionate about the ever-evolving field of cybersecurity and committed to contributing my expertise to secure and protect businesses in the digital age. Let's connect and explore opportunities to collaborate or share insights in this dynamic industry.

Mr. Swope brings over 20 years of experience in IT Project Management, BI Solutions Development, IT Security, IT Controls (CoBIT, SOX 404/MAR, etc) IT Risk Management, and HealthCare Compliance, to both the public and private sectors. His focus is on identifying gaps relating to key IT security processes and the implementation of IS Security and Risk Management programs to Health Care, Pharmaceutical and various commercial clients. Has a proven track record of delivering the following: • Interpreting and applying 21 CFR Part 11, GLP, GMP, GCP, and QSR regulations • MDM and Data Governance • Identity Access Management • HIPAA Risk Assessments and GAP analysis • Information Assurance Program Management - SCRUM, AGILE, SDLC, Six Sigma • Implemented large security, risk and compliance initiatives of SOX-404 IT, HIPAA/HITECH, including security policies, procedures and controls. • "Big Data", Data Management and Health Care Data Analytics • Federal Information Security Management Act (FISMA) Compliance Reviews • Implemented the security standards - 45 CFR Parts 160, 162, and 164 Health Insurance Reform: Security Standards; Final Rule He has supported these Information Assurance and IS Security initiatives for organizations that include: Excellus BCBS, Medimmune/Astra Zeneca, ENDO Pharmaceuticals, Novo Nordisk, Daiichi-Sankyo Solutions, Catalent Pharma Solutions, Johnson and Johnson, District of Columbia Government office of the Chief Financial Officer, District of Columbia Water and Sewer Authority, City of Richmond, Virginia Department of Public Utilities, Virginia State Department of Health, and the Kentucky Department of Health Services, as well as the U.S. Department of Labor.

Ganesh Pai is the Founder & CEO of Uptycs. Ganesh is a Boston-based entrepreneur and technologist who has been awarded multiple U.S. patents. Ganesh is a Featured Speaker at the CXO Think Tank in Boston, MA and will be discussing “Security Controls: Measuring Efficacy for Business Growth” in partnership with

Martin is an insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.

Amit Basu is the head of IT and IT Security at International Seaways (INSW). INSW, headquartered in New York City, is one of the largest tanker companies providing energy transportation services worldwide. Amit is a proven IT leader with over 25 years of experience in maritime IT and has pioneered several technology innovations in maritime. Over the last decade, Amit has led a digital transformation in INSW with a Cloud-Only IT strategy and is instrumental in designing a multi-layered cybersecurity framework promoting a cyber resilience culture. Amit holds an MBA as well as a Master of Science degree in Information Management from the Stevens Institute of Technology, New Jersey. He is also a Certified Information Security Manager from ISACA, certified in Cybersecurity Risk Management by HarvardX, Cybersecurity Oversight by Carnegie Mellon University, Maritime Cybersecurity by Lloyds Maritime, and Artificial Intelligence by MIT Sloan School of Management. Amit is an advisory board member for the Cybersecurity program at Pace University and Ithaca College, on the advisory board of Exium, and a member of the Governing Body of New York CIO Executive Summit.

MongoDB is one of the most popular NoSQL databases in the world. It is an open-source platform that provides the querying and indexing capabilities of a NoSQL database. Lena joined MongoDB with more than 20 years of cyber security experience. Before joining MongoDB, she was the Global Chief Information Security Officer for the international fintech company, Tradeweb, where she was responsible for all aspects of cybersecurity. She also served as CIO and Chief Security Officer for the New York Power Authority, the largest state power organization in the country, where she was responsible for physical and cyber security. She also has previously served as a Sector Chief with FBI InfraGard. Lena is a founding partner of Cybersecurity at MIT Sloan, formerly the Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity, which allows security leaders in academia and the private sector to collaborate on tackling the most challenging security issues.

David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.

Johnny Wong is the Sr. Director of Solutions Architecture Veracode. He oversees the East technical sales team for Strategic, Enterprise, and Channel regions. Johnny has been in security his entire career. The first part of his career, he was focused on identity and access management. Johnny started his career as a software developer and after nearly five years of creating insecure code, he was offered an opportunity to not be a software developer and to join the world of pre-sales. Johnny received a BS in computer Engineering from Tufts University. He and his family reside in Boston and he has no plans to ever leave because of the Boston Celtics! He loves to travel specifically to find and eat at the best restaurants across the world. At this point, the only animal he hasn’t eaten are the endangered or extinct ones.

Visionary, results and solutions-driven professional with 20+ years of experience in progressively responsible Cyber Security and IT leadership roles in the financial services, insurance, pharmaceutical, biotechnology, consumer goods,and chemical manufacturing industries. Adept in building and leading global Cyber Security, IT technical and support functions. Creative, resourceful problem solver with a track record of success in delivering cost-effective and value-added services to his customers. Additional experience in industrial engineering and process improvement. Specialties: Areas of expertise include: Cyber Security, Network Security,Application Security, Infrastructure Management and Security Incident Management, Disaster Recovery, Forensic Investigations, Operations Management, Financial Management, Project/Portfolio Management, Policy/Procedure Development, Budget Preparation, Strategic Planning, Process Design/Implementation, Risk Mitigation, Enterprise Architecture, IT Governance, Manufacturing/Laboratory Automation, Organizational Design, Vendor Audits, System, Start-Up Operations, Sarbanes-Oxley (SOX), Talent Development/Mentoring, International Team Management, and Regulatory Compliance

David Cass is a senior partner at Law & Forensics LLC where he leads the Cryptocurrency and Digital Banking Practice and is a member of the Cyber Security and Forensics Practice. He has extensive experience in financial services regulation, cryptocurrency, digital assets, blockchain, cloud, and digital banking. He most recently served as a lead regulator for the Federal Reserve Bank of New York where he was a member of the Large Institution Supervision Committee (LISCC). Prior to this appointment, David was the CISO & Global Partner of IBM’s Cloud Security Service Unit where he was responsible for its security practices, processes, and policies. He has been an active contributor of the FS-ISAC and the European Banking Federation on Cloud Compliance and Security for financial services firms and has worked closely with US and international regulators. He was part of the team that introduced the first financial services blockchain initiative utilizing public cloud supported by 10 major international banks. Previously, he served as SVP & CISO for Elsevier where he led an organization of experienced legal, risk, and security professionals who provided data protection, privacy, security, and risk management guidance on a global basis. He also served as Elsevier’s HIPAA officer. David has an MSE from the University of Pennsylvania, and an MBA from MIT. He is a frequent speaker at high-profile conferences and served on a public corporation’s Board of Directors. He also is an editorial board member for The Journal of Law & Cyber Warfare and serves as a board member for the UCLA Extension Silicon Beach Innovation Lab. He is a faculty member for the non-profit Global Cyber Institute, and an adjunct faculty member for Harvard and at the Rutgers Law School. He is a member of the New York City Cyber Critical Services & Infrastructure team organized by the NYPD and the office of the NY District Attorney. In his free time, David is a volunteer firefighter & Swiftwater Rescue Technician.

Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis is a national enterprise with 14 regional offices. Today, Avesis is a benefits provider for more than one million commercial members and more than eight million government members across the country. An insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.