October 27-29 | Sheraton Grand Wild Horse Pass | Phoenix, AZ

October 18-20, 2020 | Sheraton Grand at Wild Horse Pass | Phoenix, AZ

October 18-20, 2020

Sheraton Grand at Wild Horse Pass | Phoenix, AZ

"Evolving Definitions of Security ROI"

Tolgay Kizilelma is a business IT leader with almost three decades of experience covering the whole IT spectrum. He started his professional career in 1992 developing CASE ERP tools for System Software Associates (SSA, later acquired by Infor Global). After working briefly for the University of California, Berkeley as a business systems analyst, Tolgay transitioned to private sector leading and managing IT initiatives for a Distribution and Supply Chain Company, Shields Harper & Co. After almost two decades in private sector, Tolgay returned to UC and worked for UC Agriculture and Natural Resources (UC ANR) leading statewide infrastructure projects to extend broadband to UC researchers in rural communities by connecting UC ANR sites to the California Research and Education Network (CalREN). UC ANR has been awarded the CENIC 2018 Innovations in Networking Award for Broadband Applications due to these projects. At UC ANR, he also led and managed the service desk, network, infrastructure/systems, and information security teams covering the whole state.He is currently leading cybersecurity efforts as the Chief Information Security Officer at UC Merced. He is an advocate of lifelong learning and teaches graduate business analytics courses at Saint Mary's College of California. His current research interests are cybersecurity, digital transformation, business analytics, and educational IT programs. He has various industry certifications, a BS degree in computer engineering, an MBA, and PhD focusing on information security, quality, and patient safety.

Tolgay Kizilelma, Ph.D.


University of California, Merced


EBSCO is a diverse organization with many businesses, but it operates as one company. EBSCO manufactures steel joists, LED signs, merchandising displays, fishing lures, and three-ring binders. EBSCO is the leading provider of discovery services, databases, and other information resources and services for libraries worldwide. EBSCO is also a real estate developer, a producer of promotional products, and an insurance agency. As the Global Chief Information Security Officer, John provides leadership across a diverse portfolio of businesses balancing risk with controls.

His professional certifications have included CISA, CISM, CISSP, CRISC, which complement more than 20 years’ experience in technology. He balances this with a Bachelor of Business Administration degree in marketing from Georgia Southern University, and a Master of Science in Information Assurance (MSIA) from Norwich University in Northfield, Vermont.

John Graham

Global Chief Information Security Officer (CISO)

EBSCO Industries, Inc.


Kathleen Mullin is an influential information security practitioner with more than 30 years of experience. She has been a CISO at various organizations including publicly traded, private equity, start up, not-for-profit, and governmental entities. Kathleen is CISO at Healthmap Solutions in Tampa. Kathleen established the role of CISO at Tampa Airport and at Healthplan Services and was the CISO for Adventist Health System and WageWorks. Kathleen also is certified as Master Level Social Engineer. Throughout her career, Kathleen has volunteered and participated in maturing information security as a profession. Kathleen serves internationally as a featured speaker and panelist at webinars, seminars, and conferences.

Kathleen Mullin


Healthmap Solutions


David Cass is VP Cyber & IT Risk LISCC Program and Supervision at the Federal Reserve Bank of New York. Previously Mr. Cass served as the SVP & Chief Information Security Officer for Elsevier.  Where he lead an organization of experienced legal, risk and security professionals that provided data protection, privacy, security, and risk management guidance on a global basis for Elsevier. He also served as the HIPAA officer for Elsevier.  

David has over 4.5 years of experience running a regulated FTSE 100 enterprise in the cloud.David has extensive experience in IT security, risk assessment, risk management, business continuity and disaster recovery, developing security policies and procedures. He has played a key role in leading and building corporate risk & governance and information security organizations in the financial sector. As the Senior Director of Information Security Risk and Governance for Freddie Mac, David rebuilt the risk and governance function and developed a team to provide risk assessments, methodologies, tools, services, and training to improve the organization’s capabilities and maturity.

Prior to that he was Vice President of Risk Management for JPMorgan Chase, and was responsible for providing an accurate assessment of the current risk management state, contributing to the future direction of risk management, continuity and disaster recovery capabilities for the organization. David has a MSE from the University of Pennsylvania, and a MBA from MIT.  He is also a frequent speaker at high profile industry conferences, and serves on the Board of Directors for a public corporation.  In addition, David is a member of the editorial board for The Journal of Law & Cyber Warfare.

David Cass

VP Cyber & IT Risk LISCC Program and Supervision

Federal Reserve Bank of New York


As Chief Information Security Officer for Millicom International Cellular, John is responsible for all information security and risk management strategies, including security architecture, security operations, regulatory compliance, and business continuity for all global business lines at Millicom.

Previously, John has been the CISO for MIAX Options Exchange and Dow Jones/ The Wall Street Journal, overseeing security, risk management, and business continuity. He has held key leadership positions at several information security market leaders such as VeriSign and Guardent, as well as leading integrators such as EDS and SAIC.

A regular speaker, presenter, and panel moderator, John's experiences provide unique insight into developing and sustaining global information security programs. John is also a regular contributor to several industry publications, believing strongly in sharing his experience and giving back to the security community.

John is an active member of several Executive Boards, providing business strategy, product development, and go-to-market guidance for a number of Information Security product and service organizations.

Honors include: 2014 ISE North America Information Security Project of the Year by T.E.N.; 2013 Top 10 Breakaway Leader at the Evanta Global CISO Summit; and the 2010 ISE Northeast Information Security Executive of the Year by T.E.N.

Lewis Brodnax

SVP Chief Security Office



Dr. Grant Jacoby is the SVP Senior Director of Information Security Strategy and Development at Fifth Third Bank. He leads the Information Security and Information Technology efforts in providing strategic, architectural, and innovative initiatives, and translates complex technical security risks into opportunities understood by business stakeholders. He holds three masters of science degrees in business administration, information systems, and data-communications as well as two doctorate degrees in software engineering and electrical engineering. He is a senior board member of the Institute of Electrical & Electronic Engineering, has over 50 publications in peer-reviewed conferences, and holds a sizeable patent in mobile security with others pending -- one of which is used as the basis for a present day next-generation cyber security company known as Power Fingerprinting. He is a regularly sought after thought leader and public speaker, who enjoys the collaboration opportunities he is uniquely positioned to participate in due to his technical expertise and leadership in private, public and military service sectors.

Grant Jacoby

SVP Senior Director of Information Security Strategy and Development

Fifth Third Bank