On Demand Events

Charlie Miller is a frequent speaker and a recognized expert in third party risk. His key responsibilities include expanding the Shared Assessments Third-Party Risk Management membership-driven program, facilitating thought leadership, industry vertical strategy groups, continuous monitoring / operational technology working groups, and loT research studies.

Demi Ben-Ari is a software engineer, entrepreneur, and international tech speaker. He has over 10 years of experience in building various systems both from the field of near-real-time applications and big data distributed systems. - Google Developer Expert (GDE) - Google Cloud Platform. - Co-Founder of the “Big Things” Big Data community and Google Developer Group Cloud.

Candan Bolukbas is a digital polymath and Certified Ethical Hacker. Candan fully appreciates the growing threat to digital communications and data accumulation which affects all of us. He is co-founder and chief technology officer at Black Kite, a Boston-based “security-as-a-service solutions” company. Besides being an Ethical Hacker, he is a certified secure programmer, certified incident handler, and certified computer hacking forensic investigator.

Mike Jordan is a leader in cybersecurity, third party risk, and compliance. He is passionate about bringing people together to make the right decisions for managing risk. To meet business objectives, we have to take risks. While we can’t have one without the other, we can greatly improve our chances of success by bringing the right people, processes, and technology together to effectively understand and respond to risk in a way that best fits the situation. Mike has more than 20 years in security and risk management, his experience includes designing and deploying multiple scalable and sustainable security technologies, programs, strategies, and products.

Evan Tegethoff is an information security professional focused on risk, compliance, technology, and program development. His goal is to promote the continued maturity of our industry into a discipline that holistically considers cyber security, data protection, technology, and business risk as a unified concept.

Mike Wilkes is a senior security executive with broad experience designing, building, and supporting high-availability infrastructures for the financial services, energy, travel, media, and retail sectors.

Tom is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Randy is Vice-President, Global Incident Management in State Street’s Enterprise Continuity Services where he focuses on response programs as well as supporting the firm’s 3rd Party Resilience program. Prior to returning to State Street, Randy was at Charles Schwab where his roles included Managing Mainframe Database, Systems and Network, Infrastructure Audit as well as roles including lead Engineer on Technology Resilience, developing and implementing 3rd party program resilience as well as Solutions Architect for Public Cloud implementation and data center strategy.

Tom Garrubba, Vice President, is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

John Bree is recognized as a global financial industry executive and subject matter expert with a proven track record in developing and managing Vendor & Third Party Sourcing Risk Management, AML/CTF, KYC, and Anti-Fraud programs.

Web Hull has a broad and deep knowledge of domestic and international laws, regulations, regulatory guidance, standards, and business practices. Known as an industry leader with deep experience and hands-on, practical expertise who guides companies as they seek solutions to domestic and international Privacy, Data Protection, InfoSec, & Compliance issues.

Nasser has 20+ years as a Cybersecurity, Supply Chain, and IT leader. With a focus on customer-first and team-building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain, and IT as enablers for enterprise-wide transformation initiatives. He partners with executives to identify and select strategic external partners to deliver essential IT and cybersecurity services to the business. Nasser worked with global parent companies and subsidiaries to establish technology standards to maximize investments and operations efficacy to best support business needs and growth. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges and is the chair for North America Shared Assessments – an industry best practices for the supply chain.

Trony has 30+ years as an IT Audit, cybersecurity, and technology leader. He is responsible for Site Assessments, PCI Compliance, and Cyber SME for Legal at the Bank. Trony is a former professor at NJIT and author of IT Audit and IT Security books.

Ron Bradley has been involved with Shared Assessments in some capacity for over 15 years. With a depth of experience building TPRM programs in financial services (Bank of America) and manufacturing (Reynolds, Trane Technologies), Ron understands how cultures and organizations drive the supply chain and third-party process. As Vice President, Ron strives to use his extensive knowledge of Third-Party Risk Management to help organizations build programs that realize the full potential of the Shared Assessments toolkit.

Philip Bennett has 15 years of experience in third party cyber risk management at top financial institutions. Some of his latest works include oversight of global assessments, assessment content, and the controls testing approach strategy. He is also the Chair of the 2022 Shared Assessments Steering Committee.

Rudy Patel is an Information Systems Security professional with experience in multiple domains of Information Technology. His most recent work focuses on the establishment of an IT Risk Management function including IT risk assessments of third parties.

Dan currently serves as CEO & Managing Partner of Echelon. With his talented colleagues, Dan has the pleasure of building and leading a team of Cybersecurity, Privacy and IT Risk Professionals that serve the business community through a number of several specialized services

Paul Poh, CISSP, CISM, CRISC is Managing Partner at Radical Security. Paul has over 25 years of technology and information security experience. Prior to Radical Security, Paul was Chief Technology Officer for a leading security ratings platform where he led multiple technology teams in building and scaling a platform that could instantaneously rate the cybersecurity posture of any company world-wide. With a background in both large Fortune 500 organizations and small successful startups, Paul was also head of information security and software architecture at the largest separately managed account processor in North America where he was responsible for the protection of over a trillion dollars in assets. He joined the account processor with the acquisition of a small highly successful provider of advanced wealth management trading tools where he designed the company’s software as a service offering. An early innovator, Paul was co-founder for a managed security services provider. He fondly recalls those years where he designed a proprietary client-server solution for remote management of an intrusion detection appliance while simultaneously implementing the 24×7 operations plan. As a regular contributor to the third-party community, Paul is a recognized leader in the educational development of third-party risk assessors. He also provides advisory CISO services for several public and private companies.

Matt Shelton is a Security Technologist with over 20 years of professional experience working in capability development, threat intelligence, security architecture, security operations, risk management and threat hunting. In current his role, he leads an intelligence-driven risk management program responsible for identifying technology risk at FireEye, prioritizing risk based on adversary intentions and capabilities, and then working with business partners around FireEye to ensure the correct mitigations are in place. As a passionate student and practitioner of cybersecurity, Mr. Shelton has spent his career advising commercial, government, and military clients on how to build intelligence-led security programs.

Alastair Parr is responsible for ensuring that the demands of the market space are considered and applied innovatively within the Prevalent portfolio. He joined Prevalent from 3GRC, where he served as one of the founders, and was responsible for and instrumental in defining products and services. He comes from a governance, risk and compliance background; developing and driving solutions to the ever-complex risk management space. He brings over 12 years’ experience in product management, consultancy and operations deliverables.

Tom Garrubba, Vice President, is an internationally recognized subject matter expert, lecturer, writer, and blogger on third-party risk, and is the head instructor for the Certified Third-Party Risk Professional (CTPRP) certification program. He is a contributor to Future of Sourcing, blogged for the Huffington Post’s Business section, and for Government Health IT, ISACA, Risk.net, and numerous eGRC websites.

Mike Jackson is a Cybersecurity Advisor with the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. Mr. Jackson is responsible for supporting the CISA mission of establishing and maintaining cybersecurity resilience for private and public critical infrastructure partners in the State of Oklahoma. His duties include conducting detailed management level assessments including Cybersecurity Resilience Reviews and External Dependency Management assessments. Mike Jackson is an Army veteran with extensive background and education in IT and cybersecurity.

Nasser Fattah has 20+ years as a Cybersecurity, Supply Chain and IT leader. With a focus on customer-first and team building approaches, Fattah is able to align programs to support company strategies, regulatory requirements, and growth initiatives. He drives cybersecurity, supply chain and IT as enablers for enterprise-wide transformation initiatives. Nasser has a strong, consistent record working successfully with Business and IT executives, regulators, auditors, and risk partners. Nasser also teaches cybersecurity at several colleges, and is the chair for North America Shared Assessments – an industry best practices for supply chain.

Christopher directly supports Shared Assessments Senior Vice President of Sales, where his key responsibilities are member service, market research, program development, prospective member outreach and membership renewals. Christopher has more than 17 years of experience in sales, customer relations and corporate operations.