The ISE® North America Leadership Summit and Awards was held November 12-13, 2020 on GoExhibit, a digital platform experience. The awards recognize the information security executives and their teams who demonstrate outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security.
The ISE® North America Awards are held in conjunction with a two day Leadership Summit which includes keynote speakers, interactive roundtables moderated by the CISOs and VPs of participating companies, and hot topic panel discussions. The two day program offers the opportunity to meet with peers and leading IT executives from across the region to discuss and share insights into today's issues and solutions.
Unique to the ISE® North America Awards, both executive and project divisions offer recognition within industry classification, including Commercial, Financial Services, Health Care and Academic/Public Sector.
ISE® North America Executive: Academic/Public Sector Award Winner 2020
Jason Belford
Chief Information Security Officer (CISO)
University of Virginia
ISE® Southeast Executive Award Runner-Up 2020
ISE® North America Executive: Academic/Public Sector Award Winner 2020
Biography
ISE® North America Executive: Commercial Award Winner 2020
Andrew Bjerken
Global Chief Information Security & Privacy Officer
Catalina
ISE® Southeast Executive Award Winner 2020
ISE® Southeast People's Choice Award Winner 2020
ISE® North America Executive: Commercial Award Winner 2020
Biography
ISE® North America Executive: Financial Award Winner 2020
Kevin Bailey
Director of the Kyriba Cyber Defense Center
Kyriba
ISE® North America Executive: Financial Award Winner 2020
Biography
ISE® North America Executive: Health Care Award Winner 2020
Mike Towers
Chief Information Security Officer
Takeda Pharmaceuticals
ISE® Northeast Executive of the Year Award Winner 2015
ISE® North America Executive: Health Care Award Winner 2015
ISE® Northeast Executive Award Winner 2020
ISE® North America Executive: Health Care Award Winner 2020
Biography
ISE® North America Project: Academic/Public Sector Award Winner 2020
UNDP Cybersecurity Response to COVID Crisis
Executive Sponsor: Paul Raines, Chief Information Security Officer
Project Team: Alexey Kuzmenko (Security Analyst), Sandra Jourdain (Security consultant), Yerim Fall (Security Analyst)
Location: New York City, New York
The cybersecurity unit took actions that allowed UNDP to continue to meet its global mission of providing humanitarian assistance to developing countries despite working remotely. Just prior to the crisis they tested and improved the business continuity plan to ensure the organisation was prepared. During the crisis they defended the organisation against numerous hacking attacks, wrote policies to support working remotely, provided cybersecurity training to employees on the new work situation, worked with law enforcement authorities on a criminal case against a criminal hacker group and supported UNDP’s digital transformation through cybersecurity assessments of new systems and applications.
ISE® North America Project: Commerical Award Winner 2020
CyberSOC to Enable Digital Journey
Executive Sponsor: Mario Chiock, Fellow, Cyber Security
Project Team: Cybersecurity Engineering: Jean-Loup Bevierre (Core Assets Cyber Security Engineering Mgr.), Tan Hung Hoong (Cyber Security Automation and Tooling Mgr.), Himali Saxena (IT Security Automation Engineer); CyberSOC: Andrey Melnikov (CyberSOC Mgr. – Western Hemisphere), Saptoto Aji (CyberSOC Mgr. – Eastern Hemisphere); Schlumberger Leadership: Ashok Belani (CTO), Mario Chiock (Fellow, Cyber Security), Sebastien Lehnherr (CIO); John Driggers (Digital Security Director)
Location: Houston, TX
As a large, global organization undergoing digital transformation, Schlumberger needed to more effectively prioritize and manage an increasing number of security alerts and a shortage of talent while maintaining a more consistent process for alert handling and response. The CyberSOC project deployed a Next Generation Cyber Security Operations Center using cutting-edge technologies and promoting Schlumberger Cyber Security as a differentiating capability to enable Schlumberger’s Digital transformation journey. By introducing orchestration, automation, and best-in-class tools, Schlumberger increased the number of incidents handled per month by up to 10× within the first year while increasing the engagement and motivation of the team.
ISE® North America Project: Financial Award Winner 2020
EFX Cloud Control
Executive Sponsor: Zach Tisher, VP, Security Risk
Project Team: Jone Le (Director, Global Security Asset Risk), Marcos Calderón (Information Security Risk Consultant), Shahid Shaikh (Information Security Consultant), Jerry Liu (VP, Global Security Engineering), Daniel Dartnell (Project Manager), Abdul Asfour (Security Architect), Bradley Lemming (Lead Security Engineer), Lonnie Harris (Director, Security Engineering), Amanda Mason (Scrum Master), Troin Artis (Security Engineer), Joe Coniglio (Security Engineer), Ben Oludotun (Platform Service Engineer)
Location: Atlanta, GA
Equifax Cloud Control is the paradigm shift always desired for third-party risk but never offered until today. With this solution offering a real time view into the operating effectiveness of the security control environment, gone are the days of low assurance, point-in-time, questionnaire based assessments. After accomplishing the original goal of giving real-time visibility into the security control environment internally, Equifax made the decision to offer EFX Cloud Control to its clients in order to provide transparency and initiate the shift towards a new industry standard for third-party risk management
ISE® North America Project: Health Care Award Winner 2020
Quacking the Code: Aflac’s Global Malware Analysis Program
Executive Sponsor: Tim Callahan, Senior Vice President, Global Security Officer
Project Team: DJ Goldsworthy (Director, Security Operations & Threat Management), Ben Harbin (Manager, Threat Management)
Location: Columbus, GA
The goal of the project was to proactively combat today’s cyber threat by leveraging the very same resource used by criminals: malware. Aflac first collected malware from sensors distributed in the United States and Japan, and then analyzed and incorporated the findings into defensive capabilities. Using the thousands of malicious samples sent to Aflac via email each day, the team deconstructed and analyzed the malware to extract precise indicators of compromise. The information was then tagged and organized in Aflac’s threat intelligence platform. The automatic orchestration ensured relevant data was then pushed to defensive technologies, strengthening Aflac’s overall security posture.
ISE® North America People's Choice Award Winner 2020
David Levin
CISO
American Express Global Business Travel
ISE® North America People's Choice Award Winner 2020
ISE® North America Executive: Commercial Award Finalist 2020
Biography
ISE® North America Executive: Academic/Public Sector Award Finalists 2020
Paul Raines
Chief Information Security Officer
United Nations Development Programme
ISE® Northeast Executive Award Finalist 2020
ISE® North America Executive: Academic/Public Sector Award Finalist 2020
Biography
Jonathan Stammler
CISO
Logistics Management Institute
ISE® North America Executive: Academic/Public Sector Award Finalist 2020
Biography
ISE® North America Executive: Commercial Award Finalists 2020
Amanda Fennell
Chief Security Officer
Relativity
ISE® Central People's Choice Award Winner 2019
ISE® North America People's Choice Award Winner 2019
ISE® Central People's Choice Award Winner 2020
ISE® Central Executive Award Finalist 2020
ISE® North America Executive: Commercial Award Finalist 2020
Biography
David Levin
CISO
American Express Global Business Travel
ISE® North America People's Choice Award Winner 2020
ISE® North America Executive: Commercial Award Finalist 2020
Biography
Sam Monasteri
Vice President, Cyber Security
ACCO Brands
ISE® Central Executive of the Year Award Winner 2020
ISE® North America Executive: Commercial Award Finalist 2020
Biography
ISE® North America Executive: Health Care Award Finalists 2020
Jim Nelms
VP, Chief Information Security Officer
LabCorp
ISE® North America Executive: Health Care Award Finalist 2020
Biography
Scott Stanton
Information Security Leader, Global Products Division
Owens & Minor
ISE® North America Executive: Health Care Award Finalist 2020
Biography
ISE® North America Project: Commercial Award Finalists 2020
Cloud Transformation: Building Automated Cloud-native Security and Governance
Executive Sponsor: Almir Hadzialjevic, VP of Enterprise Risk and Security
Project Team: David Nolan (Director, InfoSec), Jeremy Brooks (InfoSec Architect), Abigail Johnson (Senior Security Engineer), Joshua McNair (Infrastructure Principal Engineer), John McAleer (IAM Engineer), Joseph Moore (Systems Engineer), Eric Simmons (Lead AppSec Engineer), Stuart Lane (AppSec Engineer)
Location: Atlanta, GA
Aaron’s Technology and Information Security teams formed a joint cloud adoption and governance task force. Over the past year, this task force was able to improve security, reduce costs, and improve overall cost management in Aaron’s Azure environment. Due to the lack of existing commercial technologies and tools, the team shifted to a cloud-native approach by creating customized integrations and automation using Azure native functionality and open source tools to achieve leading security. This allowed Aaron’s to improve visibility, automate event alerting and remediation and as a result, reduced MTTR to milliseconds.
Cynet Comp Controls
Executive Sponsor: Andrew Bjerken, Global Chief Information Security & Privacy Officer
Project Team: Ken Pascua (Director Security Risk Management), Nancy Wright (Manager Security Operations), Mike Stolarik (Manager Security Architecture & Engineering), Anthony Prezenchuk (Pres-n-shook) (Security Engineer), Mike Hamilton (Sr. Implementation Analyst), Chris Bates (Sr. Director Support), Dulani McLaurin (Dir Product Management), Marion Hamacek (GVP International), Roberto Luberti (IT & Ops Director, Italy), Kanako Nukagawa “Nuk” (Manager, Japan), Toshihito Takahashi “Toshi” (Director Technology, Japan), Jerome Husson (System & Network Dir, EU), Ana Walsh (Program Manager), Sarah Sensibaugh (Project Manager), Hannah Lawrence (Enterprise Agility Leader), Steve Stephenson (Dir of Quality Engineering), Barry Hauhe (Test Engineer II), Penny Boyer (Sr. Dir Brand Development), Heather Talerico (VP Sales Enablement), Michael Wiege (IT Dir (Germany), Moira Hinson (ED Corporate Communication), Stephen Miano (Lead Systems Engineer), Kevin Buley (Lead Delivery Engineer), Crystal Stainrod (Privacy Analyst), Rajkumar Karuppaiah (Raj) (Sr. Network Firewall Engineer), Srihari Balu (Sr. Financial Analyst), Premal Patel (GM UK)
Location: St. Petersburg, FL
Catalina maintains appliances in 45,000+ stores worldwide across 325+ retailer networks. These appliances enable one of Catalina’s primary revenue streams and must remain compliant to continue to operate. Catalina launched the Retailer Awards Compliance (RAC) project to achieve ongoing and demonstrable compliance with PCI, HIPAA, APPI, and GDPR. The project included Symantec MFA and Cynet to reduce risk, assure security and privacy for 430M consumers. Key control requirements included the ability to operate on the existing legacy hardware/OS base, anti-virus, application whitelisting, FIM, and 24/7 monitoring capability. The successful implementation included global coordination for individualized rollout plans for each retailer.
ISE® North America Project: Financial Award Finalists 2020
Refinitiv NextGen Security Operations Transformation
Executive Sponsor: Patrick Sullivan, Head of Security Operations
Project Team: Thomas Willbye (Project Manager), Michael Sviben (Director - Offensive Security Operations), Corinne Bertolino (Director - Threat & Vulnerability Management), Jack Radigan (Director - Threat Detection Operations), Donna Goddard (Director - Data Loss Prevention), Will McGregor (Director - Cyber Incident Response Team), Bappa Dey (Director - Cyber Threat Intelligence), Madhu Nadig (Manager - Security Platform Services)
Location: Hoboken, NJ
In October 2018, Thomson Reuters (TR) divested Refinitiv in a $17 billion transaction with Blackstone which split the cyber security function and resulted in coverage gaps for both companies. To enable this transaction, Refinitiv’s Head of Security Operations, Patrick Sullivan, led the NextGen Security Operations Transformation Program to rapidly build and enhance Refinitiv’s solutions and capabilities. Over the course of 21 months, Refinitiv established a robust Cyber Security Operations function, building 3 global Security Operations Centers (SOCs), and maturing capabilities across Security Monitoring, Incident Response, Digital Forensics, Offensive Security, Threat Detection, Vulnerability Management, Data Loss Prevention, and Cyber Threat Intelligence.
Cyber Fusion Center
Executive Sponsor: Kevin Gowen, Chief Information Security Officer
Project Team: Robert Nixon (Cyber Fusion Center Lead), Aaron Fisher (Information Security Analyst), Teraney Montgomery (Information Security Analyst), Patrick Barnes (Information Security Engineer), Vincent Vu (Information Security Analyst), Donya Jenkins (Financial Crimes Detection Specialist), Ryan McDonald (Information Security Architect), Lee Himes (Sr. Dir., Information Security), Marissa Page (Information Security Co-op)
Location: Columbus, GA
Connect the people, processes and technology within Information Security, Financial Crimes and Information Technology to promote information sharing and produce a more efficient, informed, and secure organization. Standardize, consolidate, and streamline communication and processes and leverage automation where possible, to reduce the mean time to respond to cyber and fraud-related events. Areas included, but not limited to, Security Operations Center, Financial Crimes Unit, Identity and Access Management, Physical Security, Threat Hunting, Cyber Threat Intelligence, Vulnerability Management, and Incident Response.
ISE® North America Project: Health Care Award Finalists 2020
Avanos Medical - Cyber Security Transformation
Executive Sponsor: Elias Nyankojo, CISO
Project Team: Scott Stanton (Former Interim CISO), Elias Nyankojo (CISO), Pradeepthi C (Sr. Security Engineer), Javier Martinez (Sr. Security Engineer), Carl Springer (Security Engineer), Daniel Li (Security Engineer), Giuliana Vela (Security Operations Engineer), Camille Hines (Security Operations Engineer)
Location: Alpharetta, GA
In May 2018, Halyard Health was divested from Avanos Medical. During the divestiture, Avanos took advantage of the opportunity to modernize its legacy systems. Over the following 18 months, Avanos undertook a 100% greenfield cloud-first IT transformation. This transformation scope was IT systems for all business organizations including Supply Chain, Finance, HR, Quality, Customer Service, Sales, R&D, and Regulatory. During this IT transformation, Avanos implemented a brand-new cyber security program including new security infrastructure, software, architecture, governance, policy, process, operations, organizational structure, and outsourcing model.
COVID-19 Cybersecurity – Protect the Patient
Executive Sponsor: Mark Leary, CISO
Project Team: Enoch Long (Cyber Operations Director), Gregg Cortese (Technology Risk Director), Stephen Huvane (Engineering Director), Jeff Bayzk (IT Operations Director), Diarmuid O’Sullivan (Cyber IR Manager), David Glosser (Threat & Vulnerability Manager), Keith Keimig (Security Monitoring Manager), Christopher Filor (Security Analyst), Henry Howland (Security Intern)
Location: Tarrytown, NY
Regeneron’s “COVID-19 Cybersecurity – Protect the Patient” program was initiated to protect against cyberthreats that could potentially disrupt COIVD-19 research, clinical trials and drug manufacturing operations. Regeneron’s investigational COVID-19 antibody cocktail thrust the company into the epicenter of a global pandemic. This heightened visibility increased hostile nation-state threats to Regeneron’s IT operations and employees were bombarded with COVID-19 social engineering attacks. Information security immediately pivoted to a multifaceted program to increase public-private collaboration on cyber threat intelligence, improve the cybersecurity posture to protect a newly remote workforce and secure the COVID-19 value chain, and strengthen our vendor engagements and technology supply chain.