Track Speakers 


Andrea Simmons

Managing Consultant at ;i3GRC
United Kingdom

Andrea is an experienced information security/ assurance/GRC evangelist with more than 17 years direct information security, assurance and governance experience (20+ years in the IT industry), helping clients establish appropriate controls and achieving and maintaining security certifications. Andrea's most recent role as Chief Information Security Officer for HP Enterprise Security was one of worldwide influence addressing Security Policy and Risk Governance seeking to support and evidence the delivery of organisational assurance across a wide portfolio of clients and services. Her work has included development of a patentable enterprise governance, risk and compliance (eGRC) approach to transforming and meeting information governance needs.

Andrea has always allowed time for volunteer involvement in various professional bodies – being a member of the BCS Chartered Institute for IT Security Community of Expertise, Director of the Institute of Information Security Professionals, Senior Member of the ISSA, ISACA member, volunteer delivering Safe and Secure Online programs to UK schools for ISC2 and has been involved with the management committee of the Information Assurance Advisory Council (IAAC) for many years. The endeavour is always to shape the information security landscape and develop the Information Assurance Profession for the future.


President at Cerberus ISC Inc

Barry Lewis is President of Cerberus and has over 45 years of experience in information technology, specializing in Information Security and IT Governance for more than 35 years. He began work in the consulting field in 1987 and worked for two major audit firms before starting his own company in 1991 and joining Cerberus in 1993. He was awarded the John Kuyers Best Speaker/Conference Contributor Award in 2008. Mr. Lewis is co-author of numerous books, including Computer Security for Dummies, Teach Yourself Windows 2000 Server in 21 Days and Wireless Networks for Dummies. His books have been translated into numerous languages around the world. He is co-developer of the COBIT 5 PAM and Assessor Guides and is Foundation accredited. Barry lectures and consults world-wide.

Bruno Horta Soares

Founder and Senior Advisor at GOVaaS - Governance Advisors as a Service

With more than 15 years of Information Systems professional services experience, particularly in areas related with Governance, Risk, Control, IS Audit, Information Security and Privacy and Project Management. Started his career at Deloitte Consulting, worked for Information Risk Management area at KPMG and for Enterprise Risk Services area at Deloitte Portugal. In 2012 he found GOVaaS - Governance Advisors as-a-service, where he is currently Senior Advisor, and since then devoted enthusiastically to advising, teaching and training of subject matters related with governance and management of enterprise IT and digital transformation, working with public and private Organizations in Portugal, Angola, Brazil and Mozambique.

He has a 5 years degree in Management and Computer Science, from ISCTE and a post-degree in Project Management, from ISLA Campus Lisboa. He is certified in Project Management Professional (PMP), from Project Management Institute (PMI), Certified Information Systems Auditor (CISA), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) and COBIT 5 Foundation from ISACA, ITIL® version 3 Foundation, ISO/IEC 27001 Lead Auditor and Training for Trainers Certification (CAP). He's also APMG individual accredited trainer for COBIT 5. He's advisor and visiting professor at ISCAC - Coimbra Business School, Instituto Superior Técnico (IST), Universidade Portucalense (UPT), Universidade Europeia | Laureate International Universities, Universidade Católica Portuguesa (UCP) and Unipê - Centro Universitário de João Pessoa - Paraíba, Brasil. He's the founding President of the ISACA Lisbon Chapter, member of several professional associations in the areas of Auditing (IIA), IT Governance (ISACA, IPCG), and Project Management (PMI) and keynote speaker at various conferences and seminars.

Christopher Rentrop

Professor for Business Information Systems at HTWG Konstanz (University of Applied Sciences)

Christopher Rentrop started his career being a Group Controller and later a CFO for a distribution company an elevator group. Since 2007 he is working as a professor for Business Information Systems at the Konstanz University of Applied Science. In this position he has specialized in Strategic IT Management, IT Governance and Shadow IT.

David Fagan

Director at Business Legal

David Fagan is a commercial lawyer. Until recently he was a partner in the largest international commercial law firm in Ireland, with offices in 47 locations around the globe, and with 200 staff in Ireland. Recently, he has set up own consultancy practice in conjunction with a number of other equally experienced lawyers and professionals, Business Legal. David has been involved in:

  • Managing and leading multi-jurisdictional legal privacy projects across Europe, Africa, Asia and the Middle East.
  • Dealing with Privacy issues in Courts, and with Regulators.
  • Advising on practical matters such as transferring data to non EU servers, marketing restrictions etc.

Gerard Smits CRISC, CISSP, CIPP/E, ISO 27001 LA

Founder at NedPrivacy

Gerard Smits is an international manager and have worked in senior management positions for multinationals, before starting to work as an independent consultant with an emphasis on privacy, IT security and cloud technology. His pragmatic view and creativity provides him the tools to look at problems from different perspective. He has an IT background supplemented with executive education in finance, legal and strategy. He divides his time on consultancy, research and building tools which helps his clients to be more effective.

Jeff Kalwerisky

VP and Director of Technical Training at CPE Interactive, Inc.
United States

Jeff Kalwerisky is director of technical training for CPE Interactive. He speaks frequently to ISACA chapters in North America where he has delivered sessions to hundreds of ISACA members on leading-edge information security topics, including data privacy, threat modeling, information security strategy, Cloud computing, and Big Data security. He was recently keynote speaker at the IIA's ""Evolve"" international conference in Johannesburg, South Africa.

As an executive at Accenture, Jeff focused on healthcare security. He acted as security architect for the UK's National Health Service, on the world's largest EMR (electronic medical records) project, with over 1,500 developers. As global security manager for VeriSign, he designed and deployed military-grade secure data centres around the world.

Jeff lives in Atlanta, Georgia (and on Delta Airlines.)

Jeff Lenton

Solutions Architect at RiskIQ EMEA
United Kingdom

Jeff is a highly experienced technical consultant with over 15 years experience in a variety of senior pre and post sales positions in the IT Security sector, architecting and supporting a wide range of threat intelligence, threat prevention, compliance and audit products. He has extensive experience in supporting and guiding enterprise customers through large scale projects from initial solution architecting through to production deployment. More recently Jeff has specialized in cloud based, software-as-a-service solutions for Google, Symantec and currently as a solutions architect with RiskIQ. Jeff holds a BA(Hons) in Political Science from the University of East Anglia.

Jenai Nissim

Data Protection Manager at Capital One (Europe) Plc
United Kingdom

Jenai Nissim heads up the Data Protection Legal and Compliance Programme for Capital One (Europe) Plc. Prior to undertaking this role Jenai was responsible for negotiating and advising on data protection contracts and third party outsourcing agreements.

Jock Forrester

Head of IT Cyber Security at Standard Bank
South Africa

Jock Forrester is responsible for the IT cyber security prevention, detection and response capabilities at Standard Bank. He is also responsible for the bank's penetration testing, where the greatest challenge is adding velocity to its assessments in order to support its drive towards DevOps.

He recently completed his MSc in Computer Science specialising in Information security, at Rhodes University. His thesis was entitled: "An Exploration into the Use of Webinjects by Financial Malware", and was a deep dive into how financial malware is used to target organisations.

John Linkous

CEO, InterPoint Group
United Kingdom

John Linkous is a technology advisor to CIOs, CTOs, and CISOs at the Fortune 500 level, a successful technology entrepreneur, a frequently sought-after speaker and author, and a hands-on security and compliance expert who has been in the data center as well as the boardroom throughout his entire career. Over twenty years in the technology industry -- most of it spent in security and compliance - he has leveraged his experience to establish a proven track record of improving organizations through rational, business-driven approaches to technology, security and compliance program development and management.

Joseph Mayo

President at J. W. Mayo Consulting, LLC
United States

Joseph W. Mayo is an Information Technology professional with over 20 years of experience. Mr. Mayo is a PMI certified Project Management Professional (PMP), Risk Management Professional (RMP), and a Certified Risk and Information Systems Control (CRISC) professional. Mr. Mayo has worked for a variety of professional services companies including Computer Sciences Corporation, Keane Incorporated, ManTech International, and NTT DATA. He is an author, frequent speaker and conference presenter on topics that include risk management, project management, and quality assurance. Mr. Mayo is the author of Chaos to Clarity: The Tao of Risk Management. Mr. Mayo was Program Manager for project #7 of the top 100 IT Projects of 2006 by InfoWorld. Mr. Mayo developed a risk management maturity roadmap for a U.S. Government Agency.

Michael Barwise

CEO at Integrated InfoSec ;
United Kingdom

Michael Barwise has consulted in systems engineering and business risk for over 30 years, concentrating for the last fifteen on the strategic management of information security. He is a fellow of the RSA, a member of both the BCS and the IISP and a Chartered Engineer. He has been a member of the DPA (EURIM) e-crime and cyber security panels since 2003, and has contributed to national cyber security strategy and e-crime legislation. Michael has made an extensive study of the psychology of decision-making, with the aim of improving the performance of a critical function on which the whole edifice of risk management is founded and can founder.

Ophir Zilbiger


Ophir Zilbiger, CRISC, CISSP is the CEO of SECOZ, a leading information security and cyber defense consulting group based out of Israel. He is a seasoned expert with approximately 20 years in Information security. He is the chairman of the ISACA Israel Cyber Security sub-committee. In his previous role, Ophir managed the Global Risk Management Services practice for PwC in Israel and was the PwC global SME for network security. Ophir is a veteran speaker in various Israeli and international conferences such as Check Point global conference, CA World, Microsoft and BMC partners and customer events and more. Ophir is the chairman of the Israeli Info-sec conference and trade show.

Peter Tessin CISA, CRISC, MSA, PMP

Technical Research Manager at ISACA
United States

In his role at ISACA, Tessin has been project manager for COBIT 5 and led the development of other COBIT 5-related publications, white papers and articles. Tessin also played a central role in the design of COBIT online, ISACA's latest web site that offers convenient access to the COBIT 5 product family and includes interactive digital tools to assist in the use of COBIT.

Prior to joining IASCA, Tessin was a senior manager at an internal audit firm, where he led client engagements and was responsible for IT and financial audit teams. Previously, he worked in various industry roles including staff accountant, application developer, accounting systems consultant and trainer, business analyst, project manager, and auditor. He has worked in many countries outside of his native US including Canada, Mexico, Germany, Italy, France, UK and Australia.

With more than 20 years of global business and IT experience, Tessin is able to address topical issues in business leadership.

Robert Findlay

Global Head of IT Audit at Glanbia

Bob is an experienced IT professional having worked in most areas of IT including operations, software development, project management, Information Security, IT Auditing and as a CIO.

He has 30 years in the IT industry working across a range of industries in multiple countries including significant periods in the banking, airline, manufacturing, retail and internet sectors in the UK, Ireland, Australia, India, Canada and the USA in addition to smaller IT and audit assignments across Africa, Europe, North America and Asia.

DR. Vishnu Kanhere

Consultant at V. K. KANHERE and CO / KCPL

Dr Vishnu Kanhere is a practicing Chartered Accountant, a qualified Cost Accountant and a Certified Fraud Examiner with a brilliant academic record having won several gold medals and awards. Certified in the Governance of Enterprise IT, Systems Audit, Risk Management and Information Security he has over 30 years of experience in I S Audit and security, consulting, assurance and taxation for listed companies, leading players from industry and authorities, multinational and private organizations. His academic achievements and “hands on” working experience reflect the wide canvas on which he operates. A renowned faculty at several institutions, Dr Kanhere has been a key speaker at national and international conferences and seminars on a wide range of topics and has several books and publications to his credit.

Wendy Goucher

Information Security Specialist at Goucher Consulting Ltd
United Kingdom

Wendy is an Information Security Specialist at Goucher Consulting and based in Scotland. Her proudest achievement so far is helping to devise a school curriculum for security awareness for the UAE. She mostly works with organisations to develop usable security guidelines, training materials and improve understanding of the potential risks of mobile working.

Wendy is researching at the University of Glasgow; focusing on mobile computing and the threats from increasing use of a virtual office. As an author she contributed to ‘Creating a Culture of Security' in 2011 and the 2012 revision of the Information Security Management Handbook. Her book ‘Information Security Auditor' for the British Computer Society is in pre-publication and she is co-authoring a book on Incident Management.