Helen Patton is the chief information security officer at The Ohio State University (OSU), where she manages the Security Operations and Services team, as well as oversees Information Risk and Control Governance across university units. Patton also chairs the University Information Security Advisory Board, which governs the execution of the university’s Information Security Standard. With more than fifteen years of experience in the security, risk, and resiliency profession, Patton has a wealth of experience in managing technology and operational risk for global organizations and advocates using Information Risk and Security Operational Management to enable the mission of the Institution.
Prior to working at OSU, Patton spent nine years in the Fortune 50 Financial Services Organization, where she was responsible for creating risk and resiliency programs and operations that delivered pragmatic risk delivery capabilities to internal and external clients, in such areas as accountability and auditing oversight, vulnerability management, mobile technologies, cyber security, business continuity, and operations management.
Patton is CISA and CRISC certified from Information Systems Audit and Control Association. She is also a member of the Information Systems Security Association and the Chief Information Security Officer Executive Roundtable—a peer-to-peer organization dedicated to helping information security, IT risk management, privacy, and compliance executives be more successful.
Randy Marchany is the information technology security officer and director of the IT Security Lab at Virginia Polytechnic Institute and State University (Virginia Tech).
Marchany has been involved in the computer industry since 1972 and has made many contributions in the field of cyber security on a national level as well as within higher education.
As coauthor of the original SANS Top 10 and Top 20 Internet Threats documents, Marchany set the standard for most computer security and auditing software. His SANS document on the Consensus Roadmap for Defeating Distributed-Denial of Service (DDoS) Attacks was prepared at the request of the White House in response to the first major DDoS attacks responsible for crippling some of the Internet’s most popular websites in February 2000. As a member of the White House Partnership for Critical Infrastructure working group, Marchany helped develop the SANS Incident Response: Step-by-Step Guides, which are available for free and represent the first successful attempt to create a set of consensus documents with detailed steps for implementing system security.
Marchany has been a frequent speaker at such national and international conferences as EDUCAUSE, SANS, International CISO symposium, NY State OIT Security conference, and at such organizations as FBI-Infraguard chapters, US Forest and US Fish and Wildlife Services, and Air Force Material Command. He’s been the subject of several articles in the Chronicle of Higher Education on security issues at university campuses.
Marchany was also a recipient of the SANS Institute’s Security Technology Leadership Award in 2000 as well as the Virginia Governor’s Technology Silver Award in 2003. He was part of the team that won the EDUCAUSE Excellence in Information Technology Solutions Award in 2005. He is also a co-holder of two cybersecurity patents one of which was for a battery-based intrusion detection system that was the product of research conducted in the Virginia Tech IT Security Lab.
As senior vice president and chief technology officer (CTO) at FireEye, Inc.—a company that provides automated threat forensics and dynamic malware protection against advanced cyber threats—Summers oversees the global CTO team that supports research and development and product engineering. He has more than fifteen years of experience in information security, both as a chief information security officer (CISO) and consultant to many Fortune 500 companies, specializing in governance, program management, and Security Operations Center and Computer Incident Response Team development.
Summers joined FireEye through its acquisition of Mandiant in 2014, where he led the company’s strategic consulting and customer success divisions. Prior to Mandiant, Summers was a partner at Ernst & Young and was responsible for the firm’s information security program management practice. Before Ernst & Young, Summers was the CISO at General Electric, overseeing a large global information security organization.
Summer’s insights frequently appear in print, and he has been a guest on numerous television programs, including Starting Point, Andrea Mitchell Reports, Cavuto, ABC World News, Australia’s Lateline, and France’s The Interview.
Mary Wujek has extensive expertise in information security, portfolio and program management, business continuity, strategic planning, and product management. As Director of Global Security and Risk Management at Gartner, Inc.—a leading information technology research and advisory company—she has led many IT/Business product, service, and culture change projects, establishing new services in identity management, financial services products, customer support, penetration testing, incident response, crisis management, vulnerability assessment, application development, and network architecture.
Wujek specializes in “translating” across diverse business and IT perspectives to set strategic and implementation goals and plans, particularly for business information protection and cybersecurity programs.
Prior to joining Gartner, Wujek held executive assignments at the Federal Reserve Bank as information security officer and directed project management, business continuity, customer support, and various application development and systems integration functions.
One of her “best projects ever” was being the hands-on project manager for a nine-month implementation of the Federal Reserve Bank’s first generation (1997) customer transactional website, from back-of-napkin design to production, on time and on budget. She directed a team of specialists in architecture, standards, network and firewall design, application development, certificate authority practice, marketing, and business operations functions.
In addition to holding an Information Security Assurance Training and Rating Program – IAM certification, Wujek held US Government top secret clearance for the Federal Reserve System until 2011 and held Certified Information Systems Security Specialist and Information Systems Security Management Professional certifications 2003-9.