Panel Moderator
Jim Routh, CISM, Chief Information Security Officer,
The Depository Trust & Clearing Corporation
Jim Routh has over 20 years of experience in information technology and information security as a practitioner, management consultant and leader of technology functions and information security functions for global financial service firms. Jim designed and implemented an enterprise wide information security program for the Depository Trust and Clearing Corporation (DTCC) based on risk management best practice, COBIT and ISO 27001 standards. He implemented an information security risk assessment process and a security program for application development. Prior to joining DTCC he was the first CISO for American Express and responsible for the implementation of an enterprise wide implementation of GLBA specific controls and practices within two different banking entities in North America. Prior to that, he led a customer information management function within Risk Management for the US card businesses for American Express. Prior to that he led the information technology function for the Institutional Services and Investment Management businesses for American Express Financial Advisors. Mr. Routh was a management consultant in information technology for dozens of leading financial service firms for over 12 years.
Panelist
Mr. Dennis Brixius, Vice President, Risk Management and
Chief Security OfficerThe McGraw-Hill Companies
Dennis Brixius joined The McGraw-Hill Companies as Vice President and Chief Security Officer in January 2004. In this role, Dennis is responsible for establishing a complete information security program to limit technology-based security problems, protect the McGraw-Hill intellectual property rights, ensure business continuity and protect the privacy of our customers. His role also accommodates information risk analysis and assessment, developing security and risk management among internal technology groups, consulting with business units regarding their changing business and technical plans to ensure that information security issues are addressed early in a project’s development and educating senior management about changes in technical, legal and regulatory arenas affecting information security and business continuity. At the recent RSA Conference, Dennis received the SC Magazine Awards 2007 for CSO of the Year and has also been nominated for the 2007 Information Security Executive of the Year for both the TriState and National levels.
Parthiv Shah, CISM, CISSP, Director of Information Security,
Depository Trust & Clearing Corporation
Mr. Shah has over fourteen years of experience in information technology and information security as a practitioner and leader of technology functions and information security functions for global financial service firms. Parthiv has helped design and to implement an enterprise wide information security program for the Depository Trust and Clearing Corporation (DTCC) based on risk management best practice, COBIT and ISO 27001 standards. He has implemented an information security vulnerability management process (from 7 layers of OSI model perspective;) He has supported, designed implementation of a security program for application security. Prior to joining DTCC, he was Vice President, Information Security for Investec (US) Inc. responsible for the implementation of an enterprise wide Information Technology and Information Security program. He has managed various large online banking related projects from architecture design, implementation and management. He was in-charge of a large trading floor environment and production datacenter along with BCP including Confidentiality, Integrity and Availability of the trading floor and related environments. Parthiv has CISM, CISSP, CEH, LPT, ECSA, CHFI certifications.
Johna Till Johnson, President and Senior Founding Partner, Nemertes Research
Johna Till Johnson is president and senior founding partner of Nemertes Research, where she sets research direction and works with strategic clients. She has decades of experience in IT structure, processes, and organizations and has worked closely with senior IT executives at leading organizations across a broad range of industries. A widely regarded expert, Ms. Johnson regularly speaks at numerous trade shows, conferences, and seminars, and writes an insightful weekly column in Network World.
Ms. Johnson relates to the challenges senior executives face, as she’s managed large technology operations. Before founding Nemertes, she served as senior vice president and chief technology officer at Greenwich Technology Partners, a $60 million infrastructure consulting and engineering firm. At GTP, she secured $5 million in funding, managed strategic technology investments, partnerships, and acquisitions, and ran the technology practices to which GTP’s consultants and engineers belonged. She also managed the laboratory services, oversaw training, and performed consulting for strategic clients.
Prior to joining GTP, she headed the $12 million Global Networking Strategies Service business unit of META Group, where she advised Global 2000 IT organizations, vendors, and service providers. As senior technology editor of Data Communications magazine, Ms. Johnson managed the lab-testing program, and in the early ‘90s was one of the first experts to accurately predict and justify the rise of the commercial Internet.
Ms. Johnson also has designed and developed security, speech-synthesis, and free-space laser products at companies including Mosler Security Systems and Digitus Corp. She holds a BSEE (CS) from The Johns Hopkins University, has conducted graduate work in nuclear and particle physics at the University of Rochester, speaks three languages, and published a science fiction novel in 1995.
Rob Clyde, Vice President of Technology, Office of the CTO, Symantec Corporation
As Vice President of Technology, Rob Clyde sets the technology vision and strategy for Symantec, a five billion-dollar software company and the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Specialized teams within Symantec’s Office of the CTO such as Symantec Research Labs, a comprehensive assembly of scientists innovating the next generation of technologies, and the Advanced Concepts Team, which creates innovative first generation security products, were founded under Clyde’s direction.
With more than 25 years of information security experience, Clyde is a recognized industry authority and is a pioneer in the development of intrusion detection and policy compliance products. Throughout his career, Clyde has worked with leading Fortune 500 companies and government agencies to implement sound and practical security policies and solutions. He was a member of the executive team that created AXENT Technologies, Inc., an early innovator in the information security market. Clyde served as vice president of engineering for security management, assisting in growing the company from $8M in 1994, to more than $125M in 2000. In 1980, Clyde was a founder of Clyde Digital Systems, a Utah-based enterprise security software company before merging with Raxco Software eleven years later. Clyde Digital is credited with creating the first commercial intrusion detection system.
Clyde is a founding board member of the IT industry’s Information Sharing and Analysis Center (IT-ISAC) and currently serves as Treasurer on the Executive Committee. He is also a Certified Information Security Manager (CISM) and was recognized by CRN as one of the Top 25 Innovators for 2003.
Clyde earned a bachelor of science degree in Computer Science from Brigham Young University, where he graduated magna cum laude.
Eric Offenberg, CIPP and Business Development Manager, IBM
Eric Offenberg, CIPP and Business Development Manager at IBM, has established himself as a thought leader on data governance, database archiving, enterprise data management and data privacy. With more than a decade of experience across industries, Eric is a regular speaker in live Webinars, industry events, with media and analysts on behalf of IBM. He holds an MBA with a concentration in marketing from Rider University and a BA degree in communications from Rutgers University. He has recently spoken at events such as Collaborate 08, The Privacy Symposium at Harvard, The Symposium on Usable Privacy at Carnegie Mellon and others.
Paul Howard, Managing Director, DISUK Limited
Paul Howard is founder and managing director of DISUK, a British company specializing in the design and manufacture of data storage encryption systems. Howard has specialist knowledge in encryption, tape, SCSI and Fibre Channel. Originally trained in the UK Royal Air Force on communications and encryption systems, Howard worked for Plessey, Wang and Thorn EMI before founding a tape storage company in 1989. Paul is a glider pilot and motor racing enthusiast
