The Consulting Report is pleased to announce The Top 50 Cybersecurity Consultants and Leaders of 2023. In the rapidly evolving landscape of technology and globalization, businesses are increasingly exposed to numerous cybersecurity threats. Recognizing the criticality of safeguarding their data and systems, organizations in the United States are turning to cybersecurity consultants and leaders for guidance. These professionals possess a remarkable understanding of cyber risks and an arsenal of tactics to mitigate them effectively.
This year's awardees provide invaluable services such as assessing vulnerabilities, designing robust security frameworks, implementing cutting-edge solutions, and conducting rigorous penetration testing exercises. In addition, a few of them have completed rigorous training and attained advanced certification through the Certified Information Systems Security Professional (CISSP). Further, certain professionals in the list are considered among the elite in the field of cybersecurity and have established a strong reputation for offering exemplary services to their clients, which include IBM, Grant Thornton, and Charles River Associates.
Among the notable figures on this year's roster is Rex Thexton, Senior Managing Director in Accenture’s Security practice, who brings over 25 years of technology services expertise and a demonstrable success record in executing strategic initiatives by forging strong connections with business leaders and technological aptitude. Meanwhile, Senior Vice President at Booz Allen Hamilton, Kelly Rozumalski takes charge in driving groundbreaking strategies to overcome crucial cybersecurity obstacles faced by the nation. This includes protecting critical infrastructure and improving government networks defense mechanisms alongside ensuring the safety of connected devices. And with expertise in cyber risk, Shay Colson, the Managing Partner at Intentional Cybersecurity, has successfully conducted extensive cyber due diligence on over $50B worth of private equity transactions and collaborates frequently with management teams, investors, and boards.
Please join us in celebrating The Top 50 Cybersecurity Consultants and Leaders of 2023. This recognition serves as a testament to their outstanding contributions in protecting sensitive information, preventing cyberattacks, and shaping industry practices.
1. Rex Thexton
Title: Senior Managing Director
Rex Thexton is a Senior Managing Director in Accenture's Security practice. In his current role, he serves as the global practice lead for Accenture’s Cyber Protection business and the Global Technology Officer for Accenture Security. In the past two decades, Thexton has been a practice leader, company founder, and trusted advisor helping organizations with complex management and technology challenges related to cybersecurity, infrastructure, and digital identity strategy
Thexton’s current responsibilities within the Cyber Protection business include the following offerings: Cloud Security; Cyber Mesh, Zero Trust & SASE; Identity & Access Management; Application Security; Enterprise Platform Security; Data & AI Security; and Metaverse & Emerging Technology Security. With more than 25 years of technology services experience, Thexton has a proven track record for implementing strategic projects through a combination of effective relationship building with business leaders and technological aptitude. Thexton has an impressive list of career accomplishments including the development of numerous consulting organizations, deployment of successful technology solutions, and the growth of long-term customer and ecosystem partner relationships.
2. John Stevenson
Title: Managing Director Cloud Security Lead
John Stevenson is the Managing Director and leads Protivit’s Cloud Security practice, focusing on healthcare, retail, consumer goods and services, financial services, and payment processing. He brings more than 25 years of technology experience with 13+ years in cloud security and privacy. Stevenson holds multiple patents for cloud security, ranging from cloud security frameworks to cloud security threat intelligence. Protiviti is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Protiviti and their independent and locally owned Member Firms provide clients with consulting and managed solutions in finance, technology, operations, data, analytics, governance, risk, and internal audit through their network of more than 85 offices in over 25 countries.
Before joining Protiviti, Stevenson was a managing director and cloud security lead at PwC, and before that, a senior manager and North America retail and payment security lead at Accenture. Earlier in his career, he worked with Southwest Securities as a senior and Unix and security administrator. Stevenson graduated from Texas Christian University - M.J. Neeley School of Business with an MBA.
3. Carlos Oliver Mosquera
Carlos Oliver is a Partner in Communications, Media and Technology; Head of the Technology Centre of Excellence, at Kearney. Kearney’s Technology CoE provides advisory services to clients worldwide through a unique combination of the strategic impact of management consulting and the firm’s deep understanding of cybersecurity and ICT technologies. He first joined the firm in 2015.
Carlos has a more than 20 years career in cybersecurity and ICT, spanning over 40 countries. Prior to consulting, Carlos worked as engineer and consultant in the telco industry, including the industry’s foremost R&D institution, Bell Labs.
Along his long tenure, Carlos has covered most aspects of the cybersecurity industry, from the sell-side, doing product design and portfolio strategy for OEMs and MSSPs, to the buy-side, providing advice on risk management, security posture assessment, and security roadmaps for large enterprises, to the regulatory-side, leading the design of cloud, telecom, and cryptography standards for regulatory bodies and government cybersecurity agencies.
Carlos earned an MBA from the London Business School and another MSc in Telecommunications Engineering from the Polytechnic University of Madrid. Carlos also holds CISSP certification.
4. Nadya Bartol
Company: Boston Consulting Group
Title: Managing Director
Nadya Bartol, CISSP, CGEIT™, is Managing Director at BCG Platinion, a division of Boston Consulting Group. Her focus is on helping BCG clients improve their cybersecurity strategies and programs. Bartol has over 20 years of cybersecurity technology and management experience across multiple industry and government environments.
At BCG, Bartol advises clients in the financial services, technology, energy, insurance, professional services, and consumer packaged goods sectors on cybersecurity strategy and implementation. She provides strategic cybersecurity advice and support to Fortune 500 boards and executives. She is also responsible for developing cybersecurity service offerings, staff mentoring, and team growth.
In her work with the firm, Bartol has managed a team of cybersecurity experts supporting the cybersecurity program at a major consumer goods company, led a series of research projects for the National Institute of Standards and Technology (NIST), and provided advisory support to numerous firm clients on cybersecurity organization design, processes, practices, technologies, and integration into software development. Additionally, Bartol led the development of a harmonized cybersecurity regulatory framework for the financial services industry that has been adopted by numerous financial institutions in the US and globally. Bartol earned an MBA and an MIS from Questrom School of Business, Boston University.
5. Mark Leggate
Company: Bain & Company
Mark Leggate is a Partner of Bain & Company, a global consultancy that helps the world’s most ambitious changemakers define the future. Across 65 cities in 40 countries, they work alongside their clients as one team with a shared ambition to achieve extraordinary results, outperform the competition, and redefine industries. They complement their tailored, integrated expertise with a vibrant ecosystem of digital innovators to deliver better, faster, and more enduring outcomes.
With over 15 years' experience across a range of industries, Leggate has deep expertise in IT transformation strategy, IT operating model, and cybersecurity. Leggate has designed and mobilized complex technology transformation programs and helped clients make a step change in their cybersecurity strategy to build long-term capability. Prior to joining Bain, Leggate led technology solution design and build at another management consulting firm. Leggate holds an MBA from the Massachusetts Institute of Technology and a bachelor’s degree in economics, politics, and international studies from the University of Warwick.
6. Jan Brown
Company: McKinsey & Company
Jan Brown began her professional career 17 years ago. Today, she is a Partner of McKinsey & Company, a global management consulting firm. They are the trusted advisors to the world's leading businesses, governments, and institutions. They work with leading organizations across the private, public, and social sectors. Their scale, scope, and knowledge allow them to address problems that no one else can. They have deep functional and industry expertise as well as a breadth of geographical reach. They are passionate about taking on immense challenges that matter to their clients and, often, to the world. Brown helps financial institutions use technology to drive change and create lasting impact. A technologist at heart, his expertise lies at the intersection of digital, technology, and risk and security—he helps chief information officers and senior IT leaders define the business value of technology.
Brown first got her start in 2006 as a VP at Goldman Sachs. Brown graduated from the University of California, Berkeley with an MBA and from Howard University with an undergraduate degree in systems and computer science.
7. Arlene Mordeno
Title: Managing Director, Cybersecurity
Arlene Mordeno is a managing director in Ernst & Young LLP’s Cybersecurity Technology Consulting team, based in San Diego. At EY, their purpose is to build a better working world. The insights and quality services they provide help build trust and confidence in the capital markets and in economies the world over. They develop outstanding leaders who team up to deliver on their promises to all of their stakeholders. In doing so, they play a critical role in building a better working world for their people, for their clients, and for their communities.
She has more than 20 years of experience in the identity and access management (IAM) space. In recent years, Mordeno has broadened her focus in cybersecurity to include cloud security and threat resilience and is advising clients to use approaches such as zero trust and a multi-layer defensive stance. As a cyber leader in the health care sector, Mordeno advises and assists CISOs and senior executives who are responsible for maintaining security and compliance in a health organization. She has a BS in applied mathematics from the University of the Philippines, an MS in computer information systems from New Hampshire College, and an executive leadership certification from Cornell University.
8. Eric Thompson
Title: Managing Director Cyber Risk
Eric Thompson is the Managing Director Cyber Risk at Kroll. Kroll is the leading independent provider of risk and financial advisory solutions. Kroll leverages their unique insights, data, and technology to help clients stay ahead of complex demands. Kroll's team of more than 6,500 professionals worldwide continues the firm's nearly 100-year history of trusted expertise spanning risk, governance, transactions, and valuation.
Prior to joining Kroll, Thompson was the founder of AccessData, a leader in computer forensics, eDiscovery and cryptanalysis. During his 25 years at AccessData, the firm grew to over 500 employees with over $80 million in annual revenue. Thompson was the original designer of AccessData’s Forensic Toolkit (FTK), Password Recovery Toolkit (PRTK) and Distributed Network Attack. Thompson’s computer forensic research ultimately resulted in FTK’s adoption by the FBI, Secret Service and numerous other law enforcement agencies as an industry standard. Thompson also co-founded iServer, a successful web hosting company which in 1998 merged with two other web companies, H-Ways and Best, to form Verio. After a public offering, Verio was ultimately purchased in 2000 by NTT for $2.2 billion. Thompson received a B.S. in electrical engineering and B.A. in Japanese from Brigham Young University and a M.S. in finance from Florida State University.
9. Brian Corotis
Company: Deloitte Consulting
Title: Managing Director of Global Cybersecurity
Brian Corotis is a seasoned security leader responsible for protecting a US$50 billion global organization with over 350,000 professionals serving clients in over 150 countries and territories. He is currently a Managing Director in Deloitte’s Global cybersecurity organization, reporting to the Global CISO and leading Global Cybersecurity Strategic Programs. In this role, he is responsible for driving multiyear transformational programs to globalize cybersecurity as well as cybersecurity governance, communications, special projects, and cross-organization coordination. Deloitte drives progress. Their firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Their work combines advice with action and integrity. They believe that when their clients and society are stronger, so are they.
Corotis joined the Deloitte U.S. Firms in 1999 and performed information security consulting services for many significant Deloitte clients. In 2003, he joined the growing internal global security function to build an organization charged with securing Deloitte’s global applications. After assuming several expanded roles, he was promoted to Managing Director in 2011.
He has led and managed a comprehensive global information security organization with teams responsible for the security of applications, infrastructure, operations, threat monitoring, intrusion detection, and security relationship management across Deloitte’s global entities. Corotis graduated from Ohio State University with an undergraduate degree in management information systems.
10. Brian Levine
Company: EY Pantheon
Title: Managing Director Cybersecurity and Data Privacy Strategy and Transactions
Brian Levine is the Managing Director of Cybersecurity, Data Privacy Strategy and Transactions of EY Pantheon. EY Parthenon’s Transactions Cyber Group has significantly reduced the cybersecurity and privacy risk associated with hundreds of mergers, acquisitions, divestitures, going public/private, restructurings, and private equity investments. A byte of prevention is worth a terabyte of cure. Levine leads a team of 30 cybersecurity and data privacy professionals focused on the strategic application of security in the context of capital transactions, including mergers, acquisitions, divestitures, real estate transactions, and restructurings. He joined EY from the US Department of Justice (DOJ), where he served as the National Coordinator for more than 300 federal prosecutors focused on investigating and prosecuting computer crime and intellectual property crime. He also served as a federal prosecutor and senior counsel with the DOJ’s Computer Crime and Intellectual Property Section.
Prior to joining the DOJ, Levine served as an Assistant Attorney General for the Internet & Technology Bureau of the New York Attorney General’s Office, a civil litigator for international law firms, and a law clerk to federal district and appellate judges.
He earned his BA, summa cum laude, from the University of Pennsylvania and his JD, magna cum laude, from the New York University School of Law.
11. Julio San Jose
Company: Alvarez & Marsal
Title: Managing Director of Digital Transformation & Cybersecurity
Julio San Jose is a Managing Director with Alvarez & Marsal Global Cyber Risk Services in Madrid. A&M’s Global Transaction Advisory Group provides investors and lenders with the answers needed to get the deal done. They combine their firm’s deep operational, industry, and functional resources with Big Four-quality financial accounting and tax expertise to assess key deal drivers and focus on the root cause of any critical deal issues. As the largest transaction advisory practice outside the Big Four, their global integrated teams help private equity, sovereign wealth funds, family offices, and hedge funds, as well as corporate acquirers, unlock value across the investment lifecycle. He brings over 35 years of experience in security/cybersecurity in all its disciplines. San Jose’s primary areas of concentration are security/cybersecurity innovation; technology and IT management; IT security; risk management and compliance; and IT audits for critical environments. He has worked with clients across various industries, primarily in banking and insurance.
Prior to joining A&M, San Jose was a leader at EY’s Financial Services Consulting Practice for Spain and Head of Cybersecurity in Spain and Latin America, managing C-level projects and helping clients enhance and achieve significant improvements in their cyber and corporate security posture and create new revenue streams based on their security operations.
Previously, San Jose spent 16 years as a Manager of Technological Risks and Information Security with the Bankinter group, leading the design of its security architecture and fraud prevention systems and managing projects on the early detection of digital fires, branding protection, and surveillance of black markets. San Jose earned a master’s degree in information technology management and holds CISM and CRISC certifications from ISACA. He has earned multiple lead auditor certifications.
12. Pierson Clair
Title: Managing Director Cyber Risk Managed Security Services
Pierson Clair is a managing director in Kroll’s Cyber Risk practice, based in the Los Angeles office. As the leading independent provider of risk and financial advisory solutions, Kroll leverages its unique insights, data, and technology to help clients stay ahead of complex demands. Kroll's team of more than 6,500 professionals worldwide continues the firm's nearly 100-year history of trusted expertise spanning risk, governance, transactions, and valuation. Clair brings an uncommon perspective to cyber risk challenges from his years as a leading digital forensic examiner, technical security consultant, researcher, and educator.
Prior to joining Kroll, Clair was with Maryman & Associates, where he was a senior forensic examiner specializing in Apple and Linux desktop and server environments; mobile devices, including iOS and Android; virtualized environments; and network forensic and security investigations. He has assisted clients that range from major corporations with large network breaches to small businesses with unique software and infrastructure to federal, state, and local law enforcement and government agencies. His casework has included investigations on such matters as employee malfeasance, intellectual property theft, data loss, and network data breaches, including the loss of personally identifiable information and private health information. Clair graduated from Champlain College with an MS in digital forensic science and from the University of Southern California with an undergraduate degree in international relations, security studies, and technical security.
13. Omar Refaqat
Title: Managing Director
Omar Refaqat is a managing director in the consulting group at Crowe, a public accounting, consulting, and technology firm with offices around the world. Crowe uses its deep industry expertise to provide audit services to public and private entities. The firm and its subsidiaries also help clients make smart decisions that lead to lasting value with its tax, advisory, and consulting services, helping businesses uncover hidden opportunities in the market, no matter what challenges the markets present. Crowe is recognized by many organizations as one of the best places to work in the U.S. As an independent member of Crowe Global, one of the largest global accounting networks in the world, Crowe serves clients worldwide.
Refaqat specializes in cybersecurity strategy and incident response. Refaqat has more than 25 years of experience providing services related to information technology and business processes, internal audits, regulatory remediation, system implementation, and software development. Refaqat graduated from Benedictine University with an MBA and from Southern Methodist University with an undergraduate degree in electrical engineering.
14. Michael Biddick
Title: Managing Partner
Michael Biddick is the Managing Partner of Gartner. He first joined the company in 2021. Their unrivaled combination of expert-led, practitioner-sourced and data-driven research steers clients toward the right decisions on the issues that matter most. As a $5 billion company with over 19,500 associates and a member of the S&P 500, they are an objective partner with 15,000+ client enterprises in more than 100 countries—across all major functions, in every industry and enterprise size—and boast 40+ years of experience providing insights and expert guidance to client enterprises worldwide.
Previously, Biddick was a CEO and founder at Fusion PPT and, before that, an EVP at Windward Consulting. Earlier in his career, he worked with Technology & Data Systems (TDS) as a technology analyst. Biddick earned an MS from The Johns Hopkins University - Carey Business School and an undergraduate degree in political science and afro-american studies from the University of Wisconsin-Madison.
15. Alex Trafton
Title: Managing Director
Alex Trafton is a Managing Director Ankura’s National Security, Trade, & Technology (NSTT) practice, based in Irvine, CA. He has over 15 years of experience in finance, risk management, and cybersecurity. Trafton leads the NSTT cybersecurity function and serves as a subject matter expert in cybersecurity program design, implementation, and assessment with a focus on foreign investment control and oversight (CFIUS), Defense Industrial Base (DIB) cybersecurity requirements, and international trade control compliance program support (ITAR/EAR).
Trafton serves as a trusted fiduciary of U.S. federal agency regulators in sensitive Foreign Direct Investment (FDI) matters (CFIUS and Team Telecom) involving critical technology and national security-sensitive data. He specializes in helping companies manage national security and cost considerations in multinational mergers and acquisitions. He has served as a technology and cybersecurity advisor in infrastructure transitions worth over $10 billion in total.
16. Shay Colson
Company: Intentional Cybersecurity
Title: Managing Partner
As Co-Founder and Managing Partner of Intentional Cybersecurity, Shay Colson works closely with a wide variety of clients to strategically manage cyber risk across their businesses. After spending the better part of a decade as a security engineer at a government agency, Colson served as CISO and security advisor for various organizations and began consulting to help clients make rapid progress on their most critical security issues.
With an eye toward understanding cyber risk in the context of business growth, Colson has conducted cyber due diligence on more than $50 billion of private equity transactions and works regularly with management teams, investors, and boards on issues of cyber risk. He works with a variety of clients in banking, insurance, fintech, advanced manufacturing, professional services, education, and technology. Colson enjoys this broad range of engagement, expanding his professional curiosity and applying unique insights to solve client problems.
Based in the Pacific Northwest, Colson enjoys all types of outdoor adventures (solo or with his family). He is rarely found without a cup of coffee, a pair of running shoes, or a good book. Colson holds a bachelor's degree from the University of Washington, a master's degree from Syracuse University, and is the inventor of more than a dozen US patents in advanced technologies, including autonomous vehicles, drones, and 3D printing.
17. Henry Bell
Company: ScottMadden, Inc.
Henry Bell leads ScottMadden’s cybersecurity practice and is responsible for shaping cybersecurity strategy and delivering operational improvements across diverse industries, including energy, healthcare, entertainment, manufacturing, and consumer packaged goods. A trusted advisor, Bell collaborates closely with senior executives, providing expert guidance on risk mitigation strategies to fortify enterprises and regulated environments. In addition to spearheading the firm's cybersecurity practice area, he serves as the system enablement practice lead, overseeing and championing excellence within the consulting community.
Bell is a recognized thought leader in security operating models and has authored numerous works on the subject, spanning cybersecurity strategy, operating models, risk management, security metrics, and various related topics. With over a decade of dedicated service to ScottMadden's clients, Bell's consultancy primarily involves building continuously evolving security organizations. He works to effectively identify and mitigate risks throughout client organizations while harmoniously aligning these efforts with overarching enterprise objectives.
Prior to joining ScottMadden, Bell served in the United States Army as a civil affairs team leader. In this role, he led civil-military operations, infrastructure assessments, and improvements during multiple overseas combat and non-combat deployments. Beyond his professional commitments, Bell is committed to community service and actively contributes to the cultural enrichment of his local area. He serves on the board of a prominent local organization dedicated to supporting the Austin Symphony while volunteering with a community initiative designed to foster connections between children and families with the natural world.
Bell is a Partner at ScottMadden. He holds MBA degree from Emory University's Goizueta Business School and a Bachelor of Science from Vanderbilt University.
18. Andrew Turner
Company: Booz Allen Hamilton
Title: Executive Vice President
Andrew Turner leads Booz Allen’s Global Commercial business and brings over 20 years of experience providing cybersecurity services to mission-critical enterprises. His team helps clients solve complex cybersecurity challenges to enable positive business outcomes by defining an integrated vision of Booz Allen’s portfolio of cybersecurity services, including strategy, incident response, cyber defense, cloud, and operational technology.
Turner has served as chief information security officer for several Fortune 500 companies, building risk-based cybersecurity organizations and developing security programs. Before joining Booz Allen, Turner was chief security officer for a leading fintech company. He oversaw an integrated security organization responsible for information security, financial crimes, and corporate investigations. He also launched and directed strategic identity, cloud security, and cyber risk-management programs and was responsible for the company’s cyber governance, compliance, and other related policies.
Turner was appointed in 2014 by Virginia Governor Terry McAuliffe to serve on the bipartisan Virginia Cybersecurity Commission to expand the state’s economic footprint in cyber technology and to protect critical infrastructure from cyber threats. He was also the chair of the state’s Cyber Education and Workforce Development subcommittee. As a member of the Bank of England’s Cyber Resilience Board in 2018, Turner provided leadership and direction for the UK’s policies and standards in technology resilience. He currently serves as a board member for Halo Privacy.
19. Brad Medairy
Company: Booz Allen Hamilton
Title: Executive Vice President
Brad Medairy is a technology executive who leads Booz Allen’s National Cyber account. In this role, he focuses on the cyber missions of national-level clients including the intelligence community, U.S. Cyber Command, Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense (DoD). Medairy is responsible for addressing some of the nation’s top cybersecurity challenges including protecting critical infrastructure, securing the supply chain, protecting emerging platforms (5G, medical devices, and weapons and space systems), and defending the extended federal enterprise against cyber attacks.
Medairy is passionate about advancing the nation’s capabilities in cyberspace by integrating emerging technologies with intelligence tradecraft to deliver next-generation, full-spectrum cyber solutions. He leads a multidisciplinary team of cyber operators, artificial intelligence and machine learning engineers, software developers, and cloud engineers to develop and deliver these solutions across the federal and commercial markets.
In his community, Brad is a high school Science Olympiad coach focused on increasing youth interest in STEM, and a coach for elementary and middle school youth soccer and basketball programs. In addition, he serves as an advisory board member for the University of Maryland, Baltimore County, and the George Mason University Volgenau School of Engineering. Medairy earned a B.S. from the University of Maryland, Baltimore County, and an M.S. from Johns Hopkins University.
20. Kelly Rozumalski
Company: Booz Allen Hamilton
Title: Senior Vice President
Kelly Rozumalski is a Senior Vice President leading Booz Allen’s National Cyber Defense business. She develops solutions that address some of the nation’s top cybersecurity challenges, including protecting critical infrastructure, safeguarding connected devices, improving the defense and resilience of government networks, securing the supply chain, deepening cross-sector collaboration, and defending the federal enterprise against cyber threats.
Rozumalski has over a decade of experience driving differentiated solutions to help clients identify and understand cyber risks, automate compliance for real-time insights into security weaknesses, and mitigate vulnerabilities to reduce cyber threats. She supports the core missions of national-level clients across the Federal Civilian, Department of Defense (DoD) and intelligence communities. Prior to her existing role, Rozumalski led Booz Allen’s Secure Connected Health initiatives, advancing the healthcare industry’s cybersecurity capabilities. With the acceleration of digital health transformation, she and her team collaborated with federal and commercial clients to drive next-generation service offerings that combated vulnerable channels to biological data. Supporting the development of an increasingly connected, resilient healthcare system, she took a patient-focused approach to risk, remediation, and secure product development frameworks. Rozumalski has a B.S. degree in business from the University of Maryland.
21. Aniket Bhardwaj
Company: Charles River Associates
Title: Vice President, Global Cybersecurity & Privacy Services
Aniket Bhardwaj is the Vice President of Global Cybersecurity & Privacy Services at Charles River Associates, a leading global consulting firm that offers economic, financial, and strategic expertise to major law firms, corporations, accounting firms, and governments around the world. As the Vice President of Charles River Associates’ Global Cybersecurity and Incident Response Investigations, Forensics Services practice in Toronto, Bhardwaj provides cyber intrusion investigation services to clients globally. His 20 years of experience in crisis response, threat intelligence, attack surface identification, and other cybersecurity advisory services such as security hygiene, compromise discovery and red team, combined with his well-established understanding of challenges within the nation’s critical infrastructure, have made him one of the top cybersecurity leaders globally.
Before joining Charles River Associates, Bhardwaj worked with PwC’s Global Cyber Threat Operations team across the Americas and the EU, leading numerous incident response and cybersecurity transformation engagements. As well as being a GCIA, GREM, GCFA, and GNFA, Bhardwaj earned a Master’s degree in security & cryptography from Johns Hopkins University and is currently pursuing his MA in international affairs from King’s College London with a specialization in espionage & surveillance.
22. Arttu Leppälä
Title: Vice-President and Head of Cybersecurity Services
Arttu Leppälä is the Vice-President and Head of Cybersecurity Services of CGI, a wholly-owned U.S. operating subsidiary of CGI Inc., is dedicated to partnering with federal agencies to provide solutions for defense, civilian, healthcare, intelligence, and international affairs missions. Founded in 1976, CGI Inc. is among the largest IT and business consulting services firms in the world. With 91,500 consultants and other professionals across the globe, CGI Inc. delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services, and intellectual property solutions. Leppälä has 16 years of experience. He began his career in 2007.
Before joining CGI, Leppälä was a salesperson at Lemminkäinen Oyj. Leppälä graduated from Tampere University of Technology 1965-2018 with an MSc in knowledge management and information security.
23. Cuyler Robinson
Company: Charles River Associates
Title: Vice President Forensic Services Practice
Cuyler Robinson is the Vice President of Forensic Services Practice at Charles River Associates. He first joined the company in 2015. Charles River Associates (CRA) is a leading global consulting firm that offers economic, financial, and strategic expertise to major law firms, corporations, accounting firms, and governments around the world. Robinson has expertise in digital forensics, information security, and incident response. He leads high-profile investigations of cyber security attacks, trade secret theft, white collar crimes, data privacy breaches, and other disruptions that threaten a company’s integrity or value.
Robinson reports his investigation findings to counsel on behalf of company management and boards. He focuses on highly technical analysis that supports counsel as they provide legal advice and resolve potential notification obligations to the Federal Trade Commission, the Office for Civil Rights, US state attorneys general, industry regulators, and other enforcement agencies. Previously, Robinson was a director at Navigant. Robinson earned an undergraduate degree in computer information systems from Colorado State University.
24. Matthew McFadden
Company: General Dynamics Information Technology
Title: VP, Cyber and Distinguished Technologist
As Vice President of Cyber and Distinguished Technologist for GDIT, Matthew McFadden is at the forefront of driving cybersecurity strategy and innovation across various sectors, including Federal Civilian, Defense, Homeland Security, and the Intelligence Community. He focuses on the growth capabilities of the cyber sector through technological innovation, partnerships, and strategic opportunities that effectively address customers' mission challenges. He actively leads GDIT’s Cyber Center of Excellence, Cyber Digital Consulting, and GDIT Digital Accelerators: Eclipse Defensive Cyber Operations and Tidal Post Quantum Cryptography. His team is focused on advancing customers' capabilities in cloud security, autonomous cyber, threat hunting, zero trust, and using artificial intelligence and machine learning in cybersecurity.
McFadden previously served in technology and cybersecurity leadership roles at both CSRA and Computer Sciences Corporation. He earned doctoral degrees from both Northeastern University focused on organizational leadership, and Colorado Technical University focused on information assurance.
25. Lance Mathews
Company: Charles River Associates
Title: Principal of Forensic Services
Lance Mathews is a principal with the Forensics Services Practice of Charles River Associates (CRA). He leads the Practice’s data analytics and automation team and helps clients respond to internal or external events that may threaten their company’s integrity or success. He is known for applying his proven skills in investigative analytics to cybersecurity incident response, fraud, digital forensics investigations, and complex data privacy and class action litigation matters.
Mathews has been instrumental in developing CRA’s analytics and automation capabilities to conduct digital forensic investigations and is paving the way for integrating artificial intelligence (AI) models to provide deeper insights more quickly in his investigations. He leverages these capabilities and his more than 12 years of experience in investigations to lead engagements assisting clients in responding to cybersecurity incidents, including business email compromises, ransomware response and recovery, website cookie and pixel ad-tracking risk assessments, allegations of the misappropriation of trade secrets, and data privacy litigation matters.
Before joining CRA, Mathews established himself supporting legal and compliance investigations using data analytics techniques to solve complex client challenges. He holds a Master of Science in Information Systems and a Bachelor of Science in Finance from Indiana University. He also maintains certifications as a GIAC Certified Incident Handler (GCIH) and GIAC Certified Forensic Examiner (GCFE) by the SANS Institute, and is a certified Project Management Professional (PMP).
26. Sean Joyce
Title: Global Cybersecurity and Privacy Leader, US Cyber, Risk and Regulatory Leader
Sean Joyce is a Principal in PwC’s Consulting Segment where he has two distinct roles as Global and US Cybersecurity and Privacy Leader, and as the US Cyber, Risk and Regulatory Leader. He is an active member of the U.S. Consulting Leadership Team.
Joyce works closely with many boards and senior leadership teams on the challenges posed by digital transformations and the ever-changing threat landscape, understanding relevant cyber risks and threats, best practices in governance and cybersecurity risk oversight, and how to leverage cybersecurity and resilience as strategic business enablers. Notably, Joyce has consulted on some of the most prolific cyber breaches, providing guidance and expertise to top executives and boards.
Joyce previously led the US and Global Financial Crimes Unit for PwC, focusing on the interplay between cybersecurity, anti-money laundering and sanctions, fraud, and anti-bribery/anti-corruption. Prior to rejoining PwC, Joyce was the Chief Trust Officer at Airbnb, where he led Design Specialists, Product Managers, Engineers, and Data Scientists to help grow and defend the Airbnb platform. He was also responsible for the Privacy and Community Policy, and was a member of the Airbnb Executive Committee.
Joyce also served as the Deputy Director with the FBI and had daily oversight of the 36,000 men and women as well as its $8 billion annual budget. With more than 26 years of service in the FBI, Joyce has a wide range of operational and leadership experience. He was an integral part of transforming the FBI into an intelligence-driven orgaorganization spearheaded several strategic initiatives, including ‘next generation cyber’, which was a cross-organizational initiative to maintain the FBI’s world leadership in law enforcement and domestic intelligence. Joyce established a framework to operate and evaluate the FBI’s 56 domestic field offices. Joyce holds degrees from Boston College and Dartmouth’s Amos Tuck School of Business.
27. Pia Capra
Company: Booz Allen Hamilton
Pia Capra is the Director of the OT Cybersecurity Capability within Booz Allen Commercial. She has over fourteen years of professional experience, including leading technical programs relating to OT cybersecurity strategy, threat detection, and incident response. She has experience developing comprehensive strategies around the people, processes, and technologies needed to enable organizations to increase their ability to monitor threats within an OT environment. Through her assessment programs with manufacturing and energy companies, she developed and presented multiple presentations to site personnel and corporate management regarding the outcome of the site visits, assessment results, and next steps to improve their cybersecurity posture.
Capra also has experience leading an ICS Threat Detection program that enabled analytics to evaluate ICS network traffic, identity anomalies, and potentially malicious actors in the environment. Additionally, she has presented at several industry conferences on the topic of ICS and industrial cybersecurity. Capra has M.S. in Cybersecurity, University of Maryland University College and a B.S. in information sciences and technology, Minor in security and risk analysis, The Pennsylvania State University with certifications from Program Management Institute, PMP and CompTIA Security+ CE.
28. Ken Stasiak
Company: RSM US
Ken Stasiak is a distinguished executive with a remarkable track record of driving revenue growth and leading high-performing teams. In his role as Principal – Revenue Operations (RevOps) at RSM US LLP, Ken is at the forefront of aligning sales, marketing, and customer success strategies to maximize revenue generation within the Risk Consulting (RC) division.
With a career marked by a relentless pursuit of excellence and innovation, Stasiak is not only an accomplished cybersecurity executive but also a seasoned entrepreneur. His contributions to the cybersecurity industry have been significant, making him a thought leader in the field.
Stasiak's entrepreneurial spirit has led him to found and successfully sell four companies, two of which were sold within the past five years. One of his most notable achievements was founding and leading a management consulting company with a cybersecurity focus, which RSM acquired in 2018. His unique perspective on cybersecurity revolves around understanding how businesses generate revenue, enabling him to pinpoint where cybersecurity efforts should be concentrated.
Stasiak's diverse background, entrepreneurial spirit, and deep expertise in both revenue operations and cybersecurity make him an invaluable asset to RSM US LLP and a prominent figure in the business and cybersecurity communities. His passion for innovation and revenue growth continues to drive success in his role as Principal, Revenue Operations.
29. Charles Jacco
Title: Principal, Cyber Security Services
Charlie Jacco is a Partner in the New York office at KPMG LLP and is the US Cyber Threat Management Leader and the Global Financial Services Industry Leader for KPMG’s Cyber Security
Services practice. Jacco has focused extensively on multiple disciplines of the information security field, including Cyber Defense, Cyber Threat Management, Security Strategy & Governance, Security Transformation, Digital Identity, and Enterprise Identity & Access Management. Jacco’s career experience includes over 20 years of designing and implementing a wide variety of technology-based security solutions, which has resulted in a broad background in technology and cyber risk management.
Jacco is a Sector Board Advisor of the FS-ISAC, which allows him to participate in a wide variety of cyber security and cyber risk topics with senior executives across the Financial Services Industry and other Fortune 100 companies. As a senior leader in KPMG’s Cyber Security Services business, he frequently interacts with C-level executives for Fortune 100 companies, including some of the largest global banks, and is viewed as an advisor to some of the top Chief Information Security Officers in the cybersecurity field.
30. John Pearce
Company: Grant Thornton
Title: Principal Cyber Risk Advisory Services
John is a Principal in the Advisory Cybersecurity and Privacy practice at Grant Thornton LLP. He has over 20 years of professional experience conducting a number of large scale engagements for both the public and private sector in the following areas: security program strategy and implementation, security controls assessments, security operations capability maturity and development, and cyber remediation.
Pearce has led or managed projects across multiple industries including financial services, private equity, technology, and consumer products. He leads a multi-disciplinary team providing cyber risk, compliance, and advisory services to clients in the United States. Pearce also leads a number of alliances with key cyber technologies, as well as oversees the firms managed detection and response services. Pearce presents frequently to Corporate Boards and executive teams on the challenges of Cybersecurity.
31. Adam Hart
Company: Charles River Associates
Adam Hart is a Principal with Charles River Associates, specializing in digital forensics and incident response. He has over sixteen years of specialized training and experience involving complex matters including ransomware, network intrusions, business email compromises, malware analysis, and forensic analysis, supporting counsel during litigation. As a former detective with the Montgomery County Police in Maryland and member of the United States Secret Service Electronic Crimes Task Force (ECTF), he has managed numerous complex criminal investigations involving digital evidence and cybercrime. He has experience testifying as both a fact witness and an expert witness in the area of digital forensics in state and federal courts. He has also conducted numerous training classes in digital forensics, incident response, and social media investigations for law enforcement, attorneys, insurance investigators, and corporate clients.
Hart earned an MFS in digital forensics from George Washington University and a BA in political science from the College of the Holy Cross. He also holds a number of certifications. He is a Certified Forensic Computer Examiner (CFCE) and a Certified Digital Forensic Examiner (CDFE) by the Department of Defense Cyber Investigation Training Academy (DCITA) and is a member of the International Association of Computer Investigative Specialists (IACIS). He is certified in GIAC Reverse Engineering Malware (GREM) and GIAC Cyber Threat Intelligence (GCTI) by the SANS Institute and is a Cellebrite Certified Mobile Examiner (CCME), a Magnet Certified Forensic Examiner (MCFE), and a Blacklight Certified Examiner.
32. Matt Franko
Company: RSM US
Matt Franko is a principal in the risk consulting practice at RSM US LLP. He helps clients advance their cybersecurity programs by developing customized strategies to align security needs with business goals. He assists companies with risk and maturity, enterprise governance, and compliance. He is the cybersecurity lead for RSM’s consumer products industry and team lead for governance, risk, and strategy based in the firm’s Cleveland East office. RSM is the leading provider of professional services to the middle market. The clients they serve are the engine of global commerce and economic growth, and they are focused on developing leading professionals and services to meet their evolving needs in today’s ever-changing business landscape.
Franko has more than 14 years of experience in cybersecurity, assisting clients across a variety of industries to advance on their maturity curve. A problem solver by nature, he enjoys collaborating with RSM’s security and privacy risk team to create solutions to complex client problems. His deep understanding of global security and privacy regulatory complexities gives him the necessary tools to bring a first-choice advisor experience to every client engagement. Franko graduated from Bowling Green State University with an undergraduate degree in journalism.
33. David Sun
Company: CohnReznick LLP
David Sun is a Principal and National Leader of incident response and forensics at CohnReznick’s Cybersecurity, Technology Risk, and Privacy Practice. He has 25 years of cybersecurity and IT management experience responding to data breaches and privacy incidents, internal employee malfeasance, and government agency investigations.
Sun has served as a testifying expert or court appointed expert on hundreds of litigation matters. This includes providing expert testimony related to the handling of classified information by a Cabinet member and the destruction of public records by a sitting mayor of a major city; providing security assessments in support of the United Nations, the 2004 Summer Olympics, and various United States Federal Reserve Banks; assisting multiple state attorneys general to investigate a variety of data privacy violations; and more. Sun draws upon his experience responding to cyber incidents when providing cybersecurity advisory services. This allows him to create pertinent and practical processes to help mitigate the latest risks of cyber-attacks.
Prior to joining CohnReznick, from 2002 to 2019, Sun was the founder and president of SunBlock Systems, Inc., a global litigation and cybersecurity advisory firm. Through acquisition, he joined CliftonLarsonAllen (CLA) as a principal and its national practice leader for cyber incident response and forensics. He was also a co-founder and Chief Technology Office of S34A, a company that performed research on advanced computer forensics techniques for the Department of Homeland Security and other government agencies.
34. Brett Drummond
Brett Drummond began his professional career 15 years ago. Today, he is the Partner at IBM. At IBM, they do more than work. They create. They create as technologists, developers, and engineers. They create with their partners. They create with their competitors. If you're searching for ways to make the world work better through technology and infrastructure, software, and consulting, then they want to work with you. They're here to help every creator turn their "what if" into what is. Let's create something that will change everything. Drummond has 15 years of experience as a strategic leader focused on cybersecurity, business and technology risk, and financial advisory for large public and private companies. His areas of expertise include cybersecurity, governance, risk management, compliance, internal controls, business process redesign, and digital change.
Drummond first got his start in 2008 as a senior manager at Deloitte & Touche. From there, he went on to work for American Express as a security and compliance leader. Drummond holds a Master of accountancy and information systems from Arizona State University and a Bachelor of Science in accounting from the University of Arizona.
35. Laura Marsden
Company: PA Consulting
Laura Marsden is a Partner of PA Consulting. She first joined the company in 2020. There are over 4,000 strategists, innovators, designers, consultants, digital experts, scientists, engineers, and technologists. And they have deep expertise in consumer and manufacturing, defense and security, energy and utilities, financial services, government and public services, health and life sciences, and transport. As a partner in Public Services to lead PA’s Digital Trust and Cyber Security capability in the sector. Marsden supports key UK Government departments in solving complex security, privacy, and resilience challenges and boosts PA’s Cyber Transformation offering.
Prior to this, Marsden was Head of Cyber Consulting Services at Leonardo MW Ltd, where she was responsible for the Business Unit's commercial viability and assuring the delivery of all client services. As Head Consultant and a trusted advisor to the Ministry of Defense, Marsden provided advisory, assurance, and oversight to all client engagements on cyber security and information assurance. Marsden earned an undergraduate degree in information systems management from Cranfield University.
36. Max Scherr
Company: Arthur D. Little
Max Scherr is a Partner at Arthur D. Little and leads the Strategy, Organization & Innovation practice in our Vienna office. Arthur D. Little provides critical insight into industry challenges, accelerating performance, innovation through convergence and digital, and creating a positive impact in the world.
Scherr has over 20 years of experience in strategic consulting and senior management positions across Europe, the Middle East, Africa, and the US and has worked across several industries (e.g., telecom, oil & gas, travel & transportation, advanced manufacturing, public sector, pharma, and consumer goods). He mainly helps clients in growth and group strategies, digital transformation, and information security. In addition, he is responsible for our ESG/energy transition work in Austria, particularly for industrial companies, and is a regular speaker on innovation and ESG topics. Scherr graduated from WU (Vienna University of Economics and Business) with an undergraduate degree in business administration.
37. Angelo Rosiello
Company: Oliver Wyman
Angelo Rosiello is the Partner of Oliver Wyman, a global leader in management consulting. With offices in more than 70 cities across 30 countries, Oliver Wyman combines deep industry knowledge with specialized expertise in strategy, operations, risk management, and organization transformation. Rosiello brings more than a decade of hands-on expertise in large business and digital transformation programs for leading organizations in the utilities industry. It’s a role that he has been preparing for all his life.
Previously, Rosiello was a senior associate at Booz & Company. Rosiello graduated from Politecnico di Milano with a master’s in marketing and communication management.
38. Brian Abe
Title: Managing Director
Brian Abe is the Managing Director of MITRE. The MITRE Corporation is working to solve some of the nation's biggest challenges in defense, cybersecurity, healthcare, homeland security, the judiciary, and transportation. Abe’s current duties include providing project management and technical support to the National Cybersecurity Center of Excellence (NCCoE) in support of Use Cases intended to demonstrate practical solutions to cybersecurity concerns. Each Use Case is defined by working with sectors such as financial, energy, health, transportation, and others to identify their challenges to ensure we are putting resources towards the right problems.
Previous duties with MITRE included managing a team of engineers to assist the government sponsor with program management, systems engineering, biometric SME, and process management support. In addition, he worked across government agencies to solve complex data sharing issues. Abe graduated from West Virginia University with an MBA and from Shepherd University with an undergraduate degree in engineering.
39. Karen Schuler
Company: BDO USA LLP
Title: Partner, Global Privacy & Data Protection Chair
Karen Schuler is the Partner of Global Privacy and Data Protection Chair at BDO USA LLP, a Delaware professional service corporation. She is a US member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. Schuler has a broad background in managing businesses that provide governance, risk management, and compliance (GRC) services. With more than 30 years of experience, she builds and manages organizations that provide data protection (privacy and cybersecurity compliance), digital forensics, cyber investigations, and data breach notifications, as well as having focused those teams and her career on providing subject matter expertise across the GRC spectrum.
Prior to BDO, Schuler held senior level positions in the above specialties and worked as a senior forensic examiner for the United States Securities and Exchange Commission. She has also held board positions with industry associations and information governance companies in the past. Schuler earned a master’s in physiology from the University of Pittsburgh and an undergraduate degree from the University of Dayton.
40. Uwe Kissmann
Title: Partner & Managing Director
Uwe Kissmann is the Partner and Managing Director of AlixPartners. AlixPartners has worked with clients around the world for more than forty years, helping businesses respond to challenges when everything is on the line—from urgent performance improvement to complex restructuring, from risk mitigation to accelerated transformation. Each project is different, but they all have one thing in common—a need for decisive, informed, and often urgent action.
Kissmann has extensive experience helping Fortune 100 companies transform their cybersecurity and information security operations. He has served as a cyber executive in several board level cyber and digitalization projects and in advanced cyber implementation and transformation programs. He also has expertise in M&A in advanced cyber defense, managed security services, and digital identity. Kissmann received his MBA in Strategic Management from Strathclyde Business School in Glasgow, holds a Bachelor of Science in Electrical Engineering from the University of applied sciences Zurich, a Bachelor of Science in Industrial engineering from St. Gallen Business School and has undergone executive training at Harvard Business School.
41. Zachary Miller
Company: Worklyn Partners
Title: Co-Founder and President
Zachary Miller is a Partner and Co-founder of Worklyn Partners. Worklyn Partners is an investment firm focused exclusively on the cybersecurity and IT services markets. Worklyn has assembled a group of partners with extensive investing and sector expertise to help grow technology companies at the rapidly expanding and evolving intersection of cybersecurity and IT services. Worklyn Partners currently has offices in New York, NY; Jacksonville, FL; Denver, CO; and Walnut Creek, CA.
Previously, Miller spent five years at The Chertoff Group in Washington, DC, where he helped cybersecurity and defense companies achieve growth objectives and advised private equity funds on acquisitions in the cyber and national security markets. He then helped stand up Chertoff's private equity practice, sourcing and diligencing the firm's first investments in growth-stage cybersecurity companies. Miller has also worked in corporate development at Okta and advised VCs and startups in the cyber and defense markets. Miller is pursuing his JD/MBA from the University of Pennsylvania and received a B.A. from Dartmouth College.
42. Chris Harner
Company: Sia Partners
Title: Managing Director Cybersecurity
Chris Harner is the Managing Director of Cybersecurity at Sia Partners, a next-generation management consulting firm and pioneer of Consulting 4.0. They offer a unique blend of AI and design capabilities, augmenting traditional consulting to deliver superior value to their clients. Counting 2,700 consultants in 19 countries, they expect to achieve USD 420 million in turnover for the current fiscal year. Harner, FRM, CISSP, has over 20 years of experience in risk management covering the banking and insurance sectors as both a practitioner and consultant. Harner leads Sia Partners' Cybersecurity and Data Privacy practice in the United States. He recently joined Sia Partners from Milliman where he was managing director of the Cyber Risk Solutions practice focused on helping clients quantify cyber risk. Harner brings a risk professional’s view on enhancing senior management’s understanding and mitigation of cyber risk by overcoming information asymmetry through “translating” the technical into the language of risk and finance. Harner’s international work experience includes roles in Athens, Moscow, London, and Zurich.
Before joining Sia Partners, Harner was a managing director at Milliman and, before that, a senior manager at Ernst & Young. Earlier in his career, he worked with UBS, Zurich, as a credit analyst, financial institutions, and the Commonwealth of Independent States (CIS). Harner graduated from Thunderbird School of Global Management with an MBA in global finance and Russian language and from the University of Puget Sound with an undergraduate degree in international affairs and German.
43. David Chaddock
Company: West Monroe
Title: Managing Director, Cybersecurity Consulting
David Chaddock is the Managing Director of Cybersecurity Consulting at West Monroe, a digital services firm that was born in technology but built for business—partnering with companies in transformative industries to deliver quantifiable financial value. They believe that digital is a mindset—not a project, a team, or a destination—and it's something companies become, not something they do. Chaddock is an accomplished technologist and project leader. David partners primarily with Healthcare and Life Sciences, Consumer & Industrial Products, and Energy & Utilities clients to define cybersecurity strategies, launch new initiatives, and reduce their overall risk. He focuses on high-impact initiatives related to national security and critical infrastructure. He spearheaded the launch of a security and compliance program for a company focused on curing cancer and other diseases.
Chaddock first got his start in 1993 as an assistant manager at Sam's Club. From there, he went on to Infinite Partners before eventually rising to chief information security officer at Sema4, his most recent position prior to joining West Monroe. Chaddock graduated from DePaul University.
44. Todd Waskelis
Title: Managing Director, Cybersecurity Services
Todd Waskelis is the Managing Director of Cybersecurity Services at AT&T, a Texas-based telecommunications company that offers services such as mobile telephony and internet connectivity for residential and commercial sectors. Waskelis leads the AT&T Cybersecurity Consulting business and is responsible for the strategic direction, service delivery, and P&L operations of the group.
Waskelis joined AT&T Cybersecurity through the acquisition of VeriSign in October 2009, where he performed similar duties as the vice president and general manager of VeriSign’s Global Security Consulting organization. With active professional certifications, more than two decades of experience, and an enviable knowledge of business and technology, Waskelis has earned the respect of global, top-named clients and industry insiders. Waskelis’ experience is the result of more than 25 years of operations leadership at various organizations and over 20 years of information security experience. Waskelis holds a B.S. in management and information technology and has extensive experience in media relations, including radio, press, and live television appearances.
45. Jill Cochrane
Company: World Wide Technology
Title: Managing Director, Cyber Security Consulting
Jill Cochrane is the Managing Director of Cyber Security Consulting at World Wide Technology. They are thinkers and doers. They combine strategy and execution to help organizations accelerate growth and realize a brighter future. They take complex technology solutions and make them practical and actionable. Then they deliver them globally. Cochrane is a global technology executive with 15+ years of experience shaping strategy and governance, building infrastructure, and strengthening security for companies large and small, from startups to Fortune 500s.
Before joining World Wide Technology, Cochrane was a VP of global security technology at MetLife and, before that, a president, chief technology officer, and senior technology consultant at Tech Led Solutions. Earlier in her career, she worked with RBC Wealth Management as a manager and infrastructure PMO. Cochrane graduated from Bethel University with an MA in communication and from Clarke University with an undergraduate degree in computer information systems.
46. Michael Corcion
Company: PKF O'Connor Davies LLP
Title: Partner Cybersecurity and Privacy
Michael Corcion is the Partner in Cybersecurity and Privacy at PKF O'Connor Davies LLP, a top-tier accounting, tax, and advisory practice with a long history of serving domestic and international clients. Corcione has more than 30 years of experience in technology and the financial services industry. He specializes in asset management, including private equity, hedge funds, venture capital, real estate, broker dealers, and insurance.
Corcion most recently served as Partner and Global Cybersecurity and Privacy Leader of an international consulting, risk mitigation, and dispute resolution firm. In that role, Corcion led client engagements, performing cybersecurity business and IT risk assessments, evaluating cyber threats, incident response readiness, and testing. He also evaluated IT infrastructure and security implementations, regulatory compliance, vendor and third-party due diligence, and strategy. He routinely engages with the senior leadership of organizations, including board and C-suite executives, on M&A strategies as well as to identify cybersecurity business risks, threats, and potential impacts on their clients' regulatory, legal, and corporate responsibilities.
Corcion has led global efforts to help organizations comply with emerging cyber and information security regulations, including the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation, the U.K. Financial Conduct Authority (FCA), the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (SEC OCIE), the Office of the Comptroller of Currency (OCC), the Federal Reserve Board (FRB), the National Credit Union Association (NCUA), and the Consumer Financial Protection Bureau (CFPB). Corcion graduated from Pace University - Lubin School of Business with an undergraduate degree in MIS systems analyst.
47. Anjali Das
Company: Wilson Elser LLP
Anjali Das is a Partner in the Chicago office of Wilson Elser, LLP and Co-Chair of the Firm's national Cybersecurity and Data Privacy practice. Wilson Elser is the preeminent litigation defense law firm. At any given time, their more than 1,000 attorneys in 41 offices nationwide are engaged in more than 100,000 defense and coverage matters, with many defending clients in various local, state, and federal courts. Das has been instrumental in the long-term growth of Wilson Elser's cybersecurity and data privacy capabilities. She is a recognized authority on the key factors of cyber-defense, including incident response, regulatory investigations and enforcement actions, and the defense of nationwide Data Breach Class Actions. In 2021, Das launched the Firm's Virtual Privacy Officer Services (VPOS), which provides companies with data privacy, cybersecurity compliance, and risk management offerings.
Das developed her passion for the interplay of law, business, and technology when she earned her MBA at the Kellogg Graduate School of Management at Northwestern University while maintaining a full-time legal practice at the firm. Clients benefit from her ability to view legal issues from a business lens as well as her understanding of how shareholder obligations impact the corporate decision-making process. Das’ focused insurance and business background is further enhanced by her experience as a former in-house claims attorney for a domestic insurance company specializing in D&O and professional lines.
48. Mike Giacobbe
Title: US & Canada Leader, Marsh Advisory & Global Specialty Co-Leader, Marsh Advisory Marsh Specialty
Mike Giacobbe is the US and Canada Leader, Marsh Advisory and Global Specialty Co-Leader of Marsh Advisory Marsh Specialty at Marsh. Marsh is the world's leading insurance broker and risk advisor. With over 45,000 colleagues operating in 130 countries, Marsh serves commercial and individual clients with data-driven risk solutions and advisory services. Marsh is a business of Marsh McLennan, the world's leading professional services firm in the areas of risk, strategy, and people. With annual revenue of nearly $20 billion. Giacobbe has 24 years of experience. He began his career in 1999.
Before joining Marsh, Giacobbe was a global head of data, analytics, and consulting at JLT Specialty and before that, a head of analytics and consulting at JLT Specialty USA. Earlier in his career, he worked with Covansys as a senior manager. Giacobbe graduated from the University of Illinois Urbana-Champaign with a Ph.D. and from the University of Illinois Urbana-Champaign with an undergraduate degree in nuclear engineering.
49. Michael Pappacena
Company: ACA Aponix
Title: Partner, Cybersecurity and Risk
Michael Pappacena is the Partner of Cybersecurity and Risk at ACA Aponix, the leading governance, risk, and compliance (GRC) advisor in financial services. They empower clients to reimagine GRC and protect and grow their businesses. Their innovative approach integrates advisory, managed services, distribution solutions, and analytics with their ComplianceAlpha® regulatory technology platform, with the specialized expertise of former regulators and practitioners and a deep understanding of the global regulatory landscape. Pappacena has 25 years of experience. He began his career in 1998.
Pappacena is an accomplished Cybersecurity and Governance, Risk and Compliance professional with strong, practical leadership and extensive experience managing, engineering and implementing strategic and innovative technology solutions. Distinctive areas of expertise include: technology risk assessments, regulatory guidance, implementing large-scale software projects; delivering robust, low maintenance, scalable, and cost-effective products and processes, and having the ability to work effectively across organizational and hierarchical boundaries to achieve common goals. Before joining ACA Aponix, Pappacena was a senior consultant at Jefferies LLC and, before that, a VP at Goldman Sachs. Pappacena graduated from Adelphi University with an MBA and from Pratt Institute with an undergraduate degree in electrical and electronics engineering.
50. Mitch Evans
Company: BARR Advisory
Title: Director of Cybersecurity Consulting
Mitch Evans is the Director of Cybersecurity Consulting at BARR Advisory. He first joined the company in 2016. BARR Advisory is a cloud-based security and compliance solutions provider, specializing in cybersecurity consulting and compliance for software-as-a Service (SaaS) companies. A trusted advisor to some of the fastest growing cloud-based organizations around the globe, BARR simplifies compliance across multiple regulatory and customer requirements in highly regulated industries, including technology, financial services, healthcare, and government.
Previously, Evans was a senior associate advisor at KPMG and, before that, an insurance sales producer at Full Spectrum Insurance. Earlier in his career, he worked with Allstate as a senior sales producer. Evans earned an undergraduate degree in business management and finance from Brigham Young University.