Hyatt Regency Louisville 311 South 4th Street Louisville, Kentucky, USA, 40202


Last Years Speakers

2016 Keynote Speakers


Chandler Howell

Director of Engineering

Chandler has been in the IT Risk and Security business for over twenty years, providing intelligent risk management to finance, technology, healthcare, and even social networking firms.  Prior to joining the Nexum team, Chandler held key information security and risk management roles at Motorola, UBS, Baxter, and Practicality and realism are his hallmarks. His project and personnel management style is the same – straightforward, honest, and to the point.  In his youth, he was a *NIX sysadmin and software developer, and completed a BA and graduate coursework in Information Systems.  His experience spans application security, security architecture, security management, and IT compliance as well as providing thought leadership for information security at several large organizations.

Carbon Black

Ryan J. Murphy

Regional Sales Manager

Ryan has spent the last three years in security with a focus on Next Gen Endpoint Protection, Response and Detection. He proactively works with mid-market to fortune 100 organizations to help identify solutions that meet their security needs. He is an active member of the IT security community and belongs to several local and national groups. Ryan is a passionate cyber security professional and welcomes any opportunity to learn more about the security industry.

John Pollack
Senior Sales Engineer

John Pollack is a seasoned technology professional with extensive experience working with organizations ranging from Small/Medium Enterprises to Fortune 500 companies in all business verticals. He works with companies to design and implement Visibility Fabric Platforms integrating Security, Network and Application Performance, and Virtual/Cloud based solutions.

Subject: Harnessing the Power of Metadata for Security


Breakout Speakers

Chris Haley, Understanding Attacker’s use of Covert Communications

Chris Haley is a Security Consultant with Vectra Networks. Prior to joining Vectra, Chris spent nine years at Cisco in presales engineering and architecture roles, where he focused on data center and security technologies.

With 20 years of professional technology experience, Chris has worked in major healthcare, retail, and consulting organizations.  Responsibilities during this time have ranged from Banyan Vines administration to penetration testing in Fortune 500 companies.

Chris is a U.S. Marine Corps veteran and received his bachelor’s degree in business from the University of Massachusetts. He is currently enrolled in graduate school at the University of Massachusetts in pursuit of his MBA.  Chris resides in the Cleveland, OH area with his wife and three children.


Bill Dean, Darwinism via Forensics

Bill is a Senior Manager in LBMC’s Information Security Services division and is responsible for incident response, digital forensics, electronic discovery and overall litigation support. Bill has more than 20 years of information technology experience with a specialty in information security and digital forensics for the past 10 years.

Prior to LBMC, he served as the Director of Security Assessments and Digital Forensics for Sword & Shield Enterprise Security Inc. Bill was also the founder of Forensic Discoveries, before merging with Sword & Shield Enterprise Security and served as a senior security analyst responsible for information security for a large healthcare organization. In these roles, he was responsible for digital forensics to support litigation, incident response services, penetration testing, and overall security defense posture. In these roles, he has been qualified as an expert witness in Federal Courts and Tennessee State Courts.

Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Additionally, Bill is a faculty member for the Institute for Applied Network Security (IANS), is a Certified Computer Examiner (CCE), GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN) and GIAC Certified Forensic Analyst (GCFA). He is also an active member of the International Society for Forensic Computer Examiners and InfraGard Board member. Bill was awarded Knoxville’s “40 under 40” business leaders class of 2014. Bill holds an A.S. in Computer Science from Walters State Community College and a BS in Information Technology from Information Technology.


Martin Bos     Red and Blue working together

Martin Bos is a Senior Principal Consultant with TrustedSec, LLC and has multiple years of experience in the Information Security industry with a focus on Red Team and Blackbox style engagements. Martin Bos was also previously a developer for both the Backtrack & Kali-Linux projects. Additionally, Martin is also one of the founders of Derbycon, an annual security conference held in Louisville, KY. Although Martin still uses the super cool hacker name Purehate, due to political sellout he can be found on the Twitters as @cantcomputer. Martin is rumored to have feelings but this can neither be confirmed nor denied.


Harlen R. Compton, CISSP/Attorney at Law   How to Talk to Executives about Security

Harlen spent the first nine years of his career as a software developer and computer security “enthusiast” before becoming an attorney. His education background includes the United States Military Academy at West Point, a Bachelor of Science in Computer Engineering & Computer Science from the University of Louisville’s J.B. Speed School of Engineering, and a Juris Doctor from Louisville’s Louis D. Brandeis School of Law. He is a licensed Kentucky attorney and an (ISC)^2 Certified Information Systems Security Professional (CISSP).

Harlen currently advises Homecare Homebase, a part of The Hearst Corporation, on information security, risk management, regulatory compliance, secure software development, internal and third-party audits.


Chris Huntington     Securing Docker Containers

With over a decade in IT and Security, Chris is a security focused Solution Architect for Nexigen in Newport KY. Having worked with banks, publicly traded companies, and companies with complex compliance and security requirements Chris has a reputation for innovative designs and forward thinking security solutions.


Ken Dickey     The Rapidly Evolving Features of Cloud Access Security Brokers (CASB)

Ken Dickey heads the Business Development department at Cadre.  With over 29 years of experience in information technology, Mr. Dickey has established himself as a leading expert on IT security architecture design and deployment in both the commercial and government environments.


Kristen Bell     Building Our Workforce

Kristen Bell is an application security consultant who specializes in developing strategic recommendation plans for organizations trying to improve their application security program. With a background of more than 10 years working in state government and 4 years with Optiv, Kristen has extensive knowledge of regulatory compliance, enterprise policy development, and how to incorporate application security into the Software Development Lifecycle (SDLC). She has conducted numerous security assessments and served as the designer of application security architecture for client projects which utilized a wide spectrum of technologies such as Java, .NET, ColdFusion, SQLServer, Oracle, DB2, IMS, mainframe, UNIX, and Windows environments. Kristen’s ability to bridge the gap between technical and non-technical people coupled with her strong interpersonal skills has helped clients understand the need for application security and how to implement strategic application security frameworks in their business sectors.


Brandon Baker, CISSP     Data Loss Prevention – how to get the most for your buck!

Brandon Baker has been working in IT for almost 20 years with a career spanning engineering, service delivery, and security. Brandon enjoys speaking and training as a way to spread the knowledge and earn free drinks.


Max Aulakh     Emerging Governance Frameworks for Healthcare Security

Max Aulakh is a data security expert, innovator and the owner of cyber security firm MAFAZO Digital Solutions. He has been selected by Dell as a leader in cyber security based on “record of disrupting industry thought innovative products and solutions”. Recently his company has received an award as “Emerging Business of The Year” in Cincinnati. He is highly regarded for his ability to present complex information in an entertaining, understandable and digestible manner that stays with his audiences long afterwards, Max has presented about cyber security to many organizations including Healthcare Leadership, Universities, Department of Defense communities and local security chapters. Few of his clients include: The Christ Hospital, Flex Bank, Dell and US Air Force. Max holds a several industry certifications including a MBA from Wright State University. Prior to starting his business Max served in the Air Force as linguist and security specialist in Middle East.


Matt Bianco, CISSP, Sr. Systems Engineer     6 Steps to Addressing Your Cloud Risks

Matt Bianco is a senior security specialist with more than 12 years of experience. He has worked on both the professional service side, as well as the product side of the security industry, giving him a unique view of the overall security sector. During the past 12 years he has specialized in areas including penetration testing, vulnerability assessments, forensics, and technical counter surveillance to name a few. He was the first security sales engineer hired at Infoblox where he focused on DNS and network security. From there his goal was to find the best early stage companies and assist in defining the space and bringing new and innovative technologies to market. His resume has included companies such as Bromium, Exabeam, and currently Netskope where he works as a senior sales engineer focusing on cloud security strategies. Matt has earned some of the top industry recognized certifications such as the CISSP, EnCE, CCNA Security and multiple Microsoft certifications. He graduated from David N. Myers University with a degree in business management where he graduated with honors.


Brian Vecci    Insiders are the New Malware

Brian Vecci is a 19-year veteran of information technology and data security, including holding a CISSP certification, and has served in applications development, system architecture, project management, and business analyst roles in financial services, legal technology, and data security software organizations. Brian currently serves as a Technical Evangelist for Varonis Systems and works passionately to help organizations of all sizes get the most value from their data with the least amount of risk.


Sese Bennett     Cloud Security; Introduction to FedRAMP

Sese Bennett, CISSP, CISM, CCSK Senior Manager at LBMC Security and Risk Services Relevant Experience: With more than 15 years of experience in a career spanning both public and private sectors, Sese understands how to balance the business requirements of an organization with the need to effectively reduce risks. Sese has proven experience in identifying and remediating risk in highly complex environments. His information security experience includes large fortune 100 companies in the telecommunications space, health care organizations, governmental agencies, retail, software/hardware developers, manufacturing, and financial services. In his role at LBMC Information Security, Sese will be assisting clients to: develop, design and implement security solutions to identify and reduce both business and technical risk of LBMC Information Security clients; perform security assessments designed to assess regulatory requirements and eliminate compliance gaps in areas such as PCI and cloud security; evaluate and develop new technologies and service offerings designed to address the changing threat landscape of our clients. Professional Experience: Before joining LBMC, Sese spent the last 8 years in an information security leadership role, most recently as the Chief Information Security Officer for the State of Tennessee. In this role, he led the State’s Information Security team, and was actively involved in identifying, measuring, remediating and reducing the State’s business and technical risk across 45,000 users and all State agencies. Earlier in his career, Sese was the Senior Security Architect for Time Warner Cable Corporation – based in Charlotte, NC. As the Senior Security Architect, he was responsible for designing and implementing enterprise wide security controls for Time Warner systems and infrastructure. Sese has also served as Information Security Architect for Blue Cross Blue Shield of North Carolina and worked as a consultant for Sally Beauty Supply, Nieman Marcus, Lockheed Martin, and Johns Hopkins University. Credentials: • Certified Information Systems Security Professional (CISSP) at Certified Information Systems Manager (CISM) • Cloud Security Alliance at Certificate of Cloud Security Knowledge (CCSK)


Mick Douglas     Not One Thin Dime: Just Say No to Ransomware!

Even when his job title indicated otherwise, Mick Douglas has been doing information security work for over ten years. He received a bachelor’s degree in Communications from the Ohio State University and holds the CISSP, GCIH, GPEN, GCUX, GWEB, and GSNA certifications. He currently works at Binary Defense Systems as the DFIR Practice Lead. He is always excited for the opportunity to share with others so they do not have to learn the hard way! Please join in; security professionals of all abilities will gain useful tools and skills that should make their jobs easier. When he’s not “geeking out” you’ll likely find him indulging in one of his numerous hobbies; photography, scuba diving, or hanging around in the great outdoors.


Tom Kopchak     The Domain Name System (DNS) – Operation, Threats, and Security Intelligence

Tom Kopchak is the Director of Technical Operations at Hurricane Labs, where he pretends to managed a group of network and system engineers, but is still an engineer and technology geek at heart. His research areas include digital forensics and circumventing full disk encryption. Tom’s speaking experience includes numerous talks at security conferences around the country, including DEF CON. He holds a Master’s degree in Computing Security from the Rochester Institute of Technology. When he is not working with computers, Tom enjoys composing, music improvisation (Acts of Music), and playing the piano and organ.


Mark Loveless     The Art of Offense and Defense

Mark Loveless aka Simple Nomad has worked for software and hardware vendors in the security space, as well as in IT and security for large Fortune 500 companies. He has spoken at numerous security conferences worldwide including Defcon, Blackhat, Shmoocon, RSA, and has been quoted for his security and privacy views via numerous online, print, and television media outlets including Wired, Washington Post, CNN, and many others.


Jason Hale     The Current State of Memory Forensics

Jason Hale is a Digital Forensic Examiner at One Source Discovery and has worked in the digital forensics field for the last eight years. Jason earned his M.S. in Digital Forensics from the University of Central Florida, is a graduate of the Computer Information Systems and Information Security track at the University of Louisville, and is an adjunct instructor of Computer Forensics and Information Security at the University of Louisville. Jason holds several industry certifications related to digital forensics and incident response and has published articles related to digital forensics in journals including The Journal of Digital Investigation and the ISSA Journal.


Mike Neal     The Transition:  Risk Assessment > Risk Management

Mike over 15 years of experience in the IT industry, 10 in Information Security and Compliance, providing consulting to SDGblue clients in regulated industries where Information Security and Compliance are a strategic part of overall operations. His consulting services include HIPAA Security and Risk Analysis, HIPAA Compliance, Virtual CIO / Virtual CISO, Disaster Recovery, Strategic Management Consulting, IT Management, Project Management, and Solutions / Services Architecture.