Speakers at the Enterprise Risk / Security Management Conference

Todd Covert
Todd Covert is an information technology manager specializing in IT operations, information security, enterprise architecture, and directory services with a passion for driving business results. He has over 15 years of developing and implementing enterprise solutions and leading teams within a multinational corporation and with small businesses.
Mr. Covert has worked at Baxter Healthcare for the last 12 years where he focuses on information technology and infrastructure operations. Over the course of his career at Baxter, he has been involved with projects of all sizes including global implementations, cost saving efforts, and business productivity improvements.
Mr. Covert recently obtained his MBA from the Lake Forest Graduate School of Management. He also holds a Masters degree in teaching with an undergraduate degree in Mathematics and Computer Science.
Chris Cronin
Chris Cronin is a Principal Consultant at Halock Security Labs in Schaumburg, IL in the Governance and Strategy Practice. Chris joined Halock after 15 years in IT leadership roles in operations, forensics and audit for private and public companies.

Chris’ involvement in regulatory compliance has a unique path, starting from forensic investigation at Enron, to bringing the first U.S. public company into compliance with Sarbanes Oxley, to now guiding companies toward compliance with Massachusetts CMR 17.00, HIPAA, ISO 27001, EU Safe Harbor, Sarbanes Oxley, PCI DSS and many other laws and regulations.

Chris is a certified GCIH and ISO 27001 Auditor, and holds a Master’s degree from Case Western Reserve University. He has served the SANS Institute on advisory boards and by developing course material for Audit and DLP.
Raphael Diaz
Rafael Diaz is a strategic IT leader with expertise in information assurance and compliance, IT operations, systems integration, application development, and business process development. Diaz came to Central Management Services at the State of Illinois to assume the role of Enterprise Business Applications and Services Executive. After seven months, he was promoted to CIO, where he focused his efforts on a state-wide IT consolidation program, which included architectural alignment, virtualization and service management.
Formerly the CIO for the Department of Human Services, Diaz ushered in an integration effort for social services management across all social services agencies in Illinois — the Human Services Framework. He also served in professional and managerial positions at Accenture, formerly Andersen Consulting.
Diaz is currently the CISO for the State of Illinois and serves on several boards and commissions. He is the cyber security chair for the Illinois Terrorism Task Force, policy and planning chair for the Illinois Integrated Justice Information System and chair of the Statewide Security Consortium. Diaz has led the state through two Cyber Storm national exercises and works closely with the Department of Homeland Security.
Diaz holds a post graduate certificate in Computer Career Program from DePaul University, an M.S. in Human Services Administration from Spertus College and a B.S. in Biology, Chemistry and Music from the University of Illinois at Chicago.
Michael Kern
Michael has over 30 years of IT experience, going back to the original IBM PC in 1982. He has worked in Health Care for 15 years, St. Louis Chamber of Commerce 7 years, and currently holds a Network Management / Facilities position for Witte Brothers Exchange a mid sized trucking and refrigerated / frozen warehouse facility in Troy, MO.

Mr. Kern was an instructor for Meramec Community College creating the first Network forensics class in 2003. This class specialize in email headers analysis, ISP tracking and various techniques used at this time for tracking spam and viruses. He has worked with Law enforcement on the training and decipher

When not working in the IT arena, Michael plays baseball in the STLMSBL; an over 52 league in St. Louis. He also enjoys working outside of the house.

Fred Kwong

Dr. Fred Kwong has been in the information technology field for the past 15 years in working in education, financial, and telecommunication sectors. Fred currently works at a Farmers Insurance where he currently is the Global Head of Privileged Access Control. Fred is currently building a new program seeking to govern, control, and profile privileged identities throughout the enterprise.
Fred’s work includes the creation of security and privacy policies, standards, and procedures. He is a subject matter expert in PCI, leading organizations to pass their report on compliance. With an extensive background in IT technologies, Fred continues to challenge the status quo by providing guidance in security and network architecture creating holistic designs that align to todays’ threat vector for organizations.
Fred has a passion of combining IT skills with organization development values. His broad range of IT skills has allowed him to view IT from many different paradigms and present them to the business partners in an easy to understand language. Fred servers as an adjunct professor at Benedictine and Roosevelt University teaching courses in international business, organization behavior, project management, and information systems. He holds a Ph.D. from Benedictine University and earned his master’s degree in business administration from Roosevelt University. Fred is a Certified Project Management Professional (PMP), a Certified Information Systems Manager (CISM), and a PCI Professional (PCIP).

Nikita Reva
Nikita Reva brings over 7 years of experience in Network and Information Security. Nikita currently works for MARS Food, a CPG leader with a portfolio of Global brands that include billion dollar brands like Snickers, M&Ms, Pedigree Pet Food and Wrigley Gum. In his current role as Project Manager, Nikita manages Global Information Security projects involving security technology, vendor risk management and assessment. Prior to MARS, Nikita focused on Information Security Audits of Credit Unions in the Midwest. Nikita has an M.S. in Information Security from DePaul University. Nikita is a Certified Information System Security Professional (CISSP), Certified Information System Auditor (CISA) and ISO-27001 certified Lead Auditor.

Nikita is also an active member of ISACA Chicago, (ISC)2 Chicago, Cloud Security Alliance Chicago and leads a monthly Meetup of Chicago Information Security professionals. Nikita is passionate about Cloud Computing Security. He has spoken on this topic many times in the Chicago area and has published research as part of his work with the Global Cloud Security Alliance (CSA).

In addition to his work at MARS, Nikita is the founder of Security Decisions, a boutique Security Consulting firm based in Chicago, IL. Security Decisions focuses on Information Security Assessment, Development and Compliance. Connect with Nikita on LinkedIn and follow him @IPSEC on twitter.

Richard Rushing

Mr. Richard Rushing is the Senior Director of Information Security for Motorola; He has been implementing security solutions for the last twenty years at, Equifax, Siemens Industrial Automations, and GE Capital Information Technology Services, Secure IT, VeriSign, Network Solutions, Air Defense and Motorola.  Richard has participated in several corporate Security Council's setting standards and policies for entire organizations and has been founder of 2 Startup Security companies that were extremely successful and acquired. A much-in-demand speaker on information and wireless security, Richard has presented at many leading security conferences and seminars around the world.

Tony Sabaj
Tony has been an information professional for over 15 years as part of a Global information Security Practice at Arthur Andersen, independent consultant, a Managed Security Service Provider and has spent the last 8 years at Check Point Software. Over the last 8 years Tony has worked with some of the largest organizations in the Midwest developing Security programs and architectures. Tony has also presented at many industry and partner events in the United States and Internationally and Check Point seminars on various topics, including Web 2.0 security, Compliance, Virtualization Security, Security Management and Security Program Management.
Brad Schaufenbuel
Bradley J. Schaufenbuel is currently Director of Information Security at Midland States Bank. Prior to his current role, he held security leadership positions at FirstMerit Bank, Midwest Bank, Zurich Financial Services, Experian Information Solutions, Q Center, and Arthur Andersen LLP Bradley is the author of "E-Discovery and the Federal Rules of Civil Procedure: A Pocket Guide", published by IT Governance Publishing. He has also co-authored multiple "For Dummies" books and has had articles published in professional journals on a wide variety of topics related to information security and governance. Bradley is licensed to practice law in Illinois and holds eighteen professional designations in the areas of information security management, IT compliance, fraud examination, IT audit, computer forensics, ethical hacking, project management, and process improvement, including the CISSP, CISM, CISA, CIPP, CSSLP, PMP, CRISC, CGEIT, ISSMP, ISSAP, CFE, CEH, DFCA, CIFI, CSOXM, CSOE, ITIL v3 Foundation, and Six Sigma Black Belt. He holds an MBA from DePaul University's Kellstadt Graduate School of Business and a JD and an LLM in information technology and privacy law from the John Marshall Law School in Chicago. Bradley has served as a speaker at numerous forums, including the RSA Conference and ChicagoCon, and performs freelance consulting engagements for banks and law firms throughout the Chicago metropolitan area. He is married and has a one year old daughter.  

Joshua Shi
Josh is currently working as Head of Information Security at Ceannate Corp. implementing a new information security program from the ground up. He is a “been there done that” kind the guy that implemented many successful security programs across difference industries. In most recent years, he successfully brought the company current in compliance such as PCI, SSAE and FISMA certifications; He has a proven track record in implementing successful security programs to various companies across different industries; He enjoys sharing his experience and connects the same with others.

Brian Tillett
Brian J. Tillett is the Chief Security Strategist for Symantec Public Sector. As a security practitioner with 19 years in the Information and Voice Security industries, Brian is a frequent contributor at Public Sector focused conferences, symposiums, and forums as a speaker/presenter on relevant real world Information Security topics. He collaborates regularly with Department of Defense, Intelligence Community, Federal Civilian, State and Local Government; Public Education, and Systems Integrator--Executives, Directors, and Key Personnel to focus on understanding and meeting real-world security challenges specific to the Public Sector. As an extension of the Symantec CTO office, and aligned with the Symantec Security Business Practice; he drives this feedback directly to Symantec business unit leaders in order to strengthen the connections between Symantec's solutions and Public Sector enterprise security and
management needs.

Arlene Yetnikoff, CISSP, CISA

Arlene Yetnikoff is the Director of Information Security for DePaul University.  DePaul University is one of the ten largest private universities in the United States, offering numerous degrees in Computer Science and other fields, including a Masters in Computer, Information and Network Security and a Bachelor's in Information Assurance and Security Engineering.  Arlene has worked in Information Security for over twenty years both as a consultant, educator and hands-on practitioner.  Arlene's many years of consulting experience in the Technology Risk group of a major accounting firm allowed her to help clients of varied sizes  in numerous industries assess and design their information protection architecture, policies and processes.  Today, Arlene leads DePaul's Information Security and Business Continuity initiatives.  Arlene also teaches Information Security sessions at DePaul and in the University of Chicago's Masters of Computer Science program.  Arlene is a CISSP and a CISA.  She holds a Bachelor's degree in Mathematics from the University of Chicago and a Masters in Computer Science, Telecommunications from DePaul University.

Kenneth Zoline
Ken Zoline is a Global Security Program Manager in IBM Corporation's Strategic Outsourcing practice and a Certified Information Systems Security Professional (CISSP). Ken is responsible for managing and improving his customers' security operations, risk management and security governance programs. Ken joined IBM through their acquisition of SPSS in 2010. As Director of Information Security and Risk Management, Ken implemented SPSS' first information security program and successfully completed 4 years of operation with no major malware breaks and no breaches of company or customer information security. Prior to joining SPSS in 2007, Ken was Security Practice Leader at West Monroe Partners for 1 year and Principal Consultant at Kenneth O. Zoline and Associates for 17 years where he provided networking and security consultation to 130+ clients. Prior to starting his consulting practice in 1990, Ken worked at Amoco Corporation and Continental Bank for 15 years in a variety of information technology areas and roles. For this CAMP event, Ken will be sharing his experience as a contributor to the Cloud Security Alliance's Consensus Assessments Initiative Questionnaire.