CDM Summit

Shane Barney is the U.S. Citizenship & Immigration Services (USCIS) Chief, Information Security Division (ISD) and the Chief Information Security Officer (CISO).  In this role, he manages USCIS’s next generation Information Technology Security program responsible for ensuring the confidentiality, integrity, and availability of USCIS networks, systems, and information, protection from both internal and external threats, as well as the implementation of the information security program and policies for the agency. 

Before accepting the CISO position, Shane served as the Deputy ISD Chief and Deputy CISO and has been Acting CISO since April 2018.

Prior to Shane’s roll as ISD Deputy, he was the Chief of the Cyber Intelligence Branch within ISD overseeing the classified operations, communication security, insider threat, and forensic programs for USCIS.  Before joining the federal workforce, he worked as a contractor for USCIS first in the Contracting Office in Vermont and then with the Office of Security and Integrity in Washington, D.C. As a contractor, Shane helping to charter the technical direction for the intelligence and fraud/risk detection missions on the classified networks. He developed analytical tools, data requirements, and system access needs in support of these missions.

Shane holds two Master’s Degrees and a Bachelor Degree all from the University of Vermont.

John entered the IT world in 1980, 40 years ago, and has witnessed the computer evolution first hand. First working in the UNIX world, then incorporating Windows in the 1990’s to become an IT enterprise architect. Ultimately, becoming a Sr. Enterprise Architect for a major governmental IT agency, responsible for over 5000 UNIX/Linux, Windows and networking devices, while performing the role of DR coordinator for Open Systems and also serving on the IT Security board, and the Change Control Board.

John joined Centrify in 2010. In this role as Cybersecurity Solutions Architect, he assists corporations, governments, and educational institutions resolve challenges that encompass enterprise privileged identity management, privilege access management, privileged account management, regulatory compliance, and secure multi-factor authentication, among others.

John holds UNIX engineering and instructor certifications from Redhat Linux (RHCE), IBM AIX, Sun/Oracle Solaris, HP/UX, and network architecture and security certifications from Sun/Oracle and IBM. He is also trained in VMWare 3, 4 & 5, Studied IT Security through specialty tracks through SANS International, including Intrusion Detection, UNIX Hardening, Windows Hardening, and Ethical Hacking.

When not working, John enjoys swimming and playing tennis. In his past, John was a “Night Club” DJ for Marriott Hotels, and was a Guest DJ for MTV’s “Club MTV” at the Palladium Night Club in NYC.

Kevin Yasuda currently serves as the Assistant Director for the Justice Security Operations Center, Cybersecurity Services Staff, Department of Justice (DOJ). He leads a team of skilled professionals providing Security Operations Center as a Service for DOJ Components and government customers serving as the central nexus for network monitoring, incident response, cyber threat intelligence collection, and cross-agency threat information sharing. Previously, Kevin was the Acting Assistant Director for architecture, engineering, and ICAM, Cybersecurity Services Staff, DOJ. Kevin has been with the Department for 11 years serving in various cybersecurity roles.

Troy K. Schneider is the Editor-in-Chief of both FCW and GCN, two of the oldest and most influential publications in public-sector IT. Both publications (originally known as Federal Computer Week and Government Computer News, respectively) are owned by GovExec. Mr. Schneider also serves GovExec's General Manager for Government Technology Brands.

Mr. Schneider previously served as New America Foundation’s Director of Media & Technology, and before that was Managing Director for Electronic Publishing at the Atlantic Media Company, where he oversaw the online operations of The Atlantic Monthly, National Journal, The Hotline and The Almanac of American Politics, among other publications. The founding editor of NationalJournal.com, Mr. Schneider also helped launch the political site PoliticsNow.com in the mid-1990s, and worked on the earliest online efforts of the Los Angeles Times and Newsday. He began his career in print journalism, and has written for a wide range of publications, including The New York Times, WashingtonPost.com, Slate, Politico, Governing, and many of the other titles listed above.

Mr. Schneider is a graduate of Indiana University, where his emphases were journalism, business and religious studies.

Betsy Kulick is a Senior Advisor to the Continuous Diagnostics and Mitigation (CDM) Program within the Cybersecurity and Infrastructure Security Agency (CISA).

As the former Deputy Program Manager and current Senior Advisor, she has specific responsibilities for managing portfolios to deliver CDM capabilities to agencies, engineering deployment and architecture-related activities, program support and acquisition, and outreach activities. Through partnerships with agencies and industry, the CDM Program fortifies the cybersecurity of civilian government data and networks by providing capabilities that deliver relevant, timely and actionable information. CDM enables cybersecurity professionals to manage risks by providing innovative tools, processes, governance and training required to defend against cybersecurity threats and vulnerabilities.

Betsy was engaged with the program from its inception, helping shape the program approach and delivery to the 23 civilian Federal Chief Financial Officer (CFO) Act agencies, as well as to 70+ non-CFO Act agencies. Betsy has been supporting DHS since its establishment, having served as the Information System Security Officer for several early DHS networks, one of which connected the Federal government with private infrastructure entities.

Betsy holds a B.A. degree in political science from Pomona College in Claremont, CA, a Master’s in International Affairs from Columbia University in New York City and is a Certified Information Systems Security Professional.

Kevin Cox is the Program Manager for the Continuous Diagnostics and Mitigation (CDM) Program within the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA). In this position, Mr. Cox leads the effort working collaboratively with federal agencies and industry to deploy cybersecurity solutions to identify agency networks and assets and protect them and agency data in near real-time against the growing cybersecurity threats.

Prior to joining DHS, Mr. Cox served as the Deputy Chief Information Security Officer (CISO) at the Department of Justice, where he oversaw the organization’s cybersecurity continuous monitoring capabilities and the security posture dashboard. Mr. Cox holds M.A. degrees from West Virginia University and the University of Chicago.

Krystle Portocarrero is currently the Product Line Manager for Advanced Threat at Juniper Networks. She is responsible for overseeing the security applications product strategy, roadmap prioritization, product line business execution, and product messaging. Her experience in enterprise business-to-business market has span multiple roles over her career. She has spent time in the field as a System Engineer for Juniper specializing in security solutions for the US Federal government. Prior to that, she was the Vice President at Training Experts which provides instructors and content developers for a variety of tech companies including Juniper Networks and Microsoft. Krystle leverages her technical and customer centric background to guide Juniper’s products and services in the quickly evolving field of automated threat prevention.

Pranjali Desai is the CDM Program Manager and Director of Policy and Compliance at the U.S. General Services Administration. As the CDM Program Manager, Ms. Desai leads the enterprise-wide implementation of CDM tools and update to Agency policy and procedures to operationalize the use of CDM tools and dashboard. Ms. Desai is an accomplished security leader with over 15 years of combined experience in both the commercial and public sectors. Her experience includes development and implementation of organization security policies and procedures, development of government-wide cloud security requirements for certifying cloud service providers, developing cloud computing strategy, management of enterprise-wide security awareness and role based training programs, management of enterprise-wide information security continuous monitoring (ISCM) and continuous diagnostics and mitigation (CDM) programs, management of Inspector General (IG) and other external audits, management of FISMA reporting including Cross-Agency Priority (CAP) goals and metrics, privacy metrics, and risk management assessments and scorecards. She holds security industry certifications including CISSP and CEH.

Dennis Reilly has been a Vice President at Gigamon for over eight years, leading the group to 43% compounded annual growth and a 58% market share in the network visibility and analytics space. With over 30 years of technology and business experience, Mr. Reilly is a strong advocate for the Federal, State and local governments and educational institutions applying information technology to strengthen security and improve innovation and productivity. He has supported government agencies in Continuous Diagnostics and Mitigation (CDM) program initiatives and implementations for 7 years.

Prior to joining Gigamon, Dennis held sales leadership positions at companies such as Oracle, Netscape, BEA, and Plumtree Software. Earlier in his career, Mr. Reilly served as an officer in the U.S. Navy and earned his Bachelor’s degree at the United States Naval Academy and has a Master’s degree in business from Boston University.

Dennis resides in northern Virginia with his wife and has four adult children.

Trafenia is an enthusiastic professional with a passion for security and people. She is trained in cloud security and has an appetite for learning all things security related. Collaborating with people of different backgrounds and skills in order to resolve the challenge presented is something she strives to do whenever possible. She has designed the cloud security architecture for a 17-billion-dollar financial institution as well as implemented a cloud access security broker with data loss prevention policies. Her 10 years of experience in information technology is used as a platform to help further security initiatives.

She currently works for the Small Business Administration as a Security Architect. She is the lead on several key initiatives including Zero Trust and TIC 3.0. Trafenia is the co-chair for the Zero Trust Working group for the Advanced Technology Academic Research Center (ATARC).

Her education includes a bachelor's degree from the University of North Florida as well as cloud specific certifications including but not limited to the Certified Cloud Security Professional (CCSP) from ISC^2.

Tommy Gardner is HP’s Chief Technology Officer for HP Federal, spanning the US Federal Agencies, Higher Education, K-12 Education, State and Local government customer segments, as well as Federal Systems Integrators. His current responsibilities include technology leadership, strategic technology plans, product and technology strategies, sales force technical support, and customer and partner relationships.

Previously, Tommy has served as the Chief Technology Officer for Jacobs Engineering, Scitor, and ManTech. Earlier in his career he was a senior technical executive at Raytheon. In the U.S. Navy he served as the Deputy for Science and Technology for the Chief of Naval Research. He oversaw the Navy’s Deep Submergence Program as well as its Advanced Technology Program. He also commanded the nuclear submarine, USS San Juan (SSN 751).

Tommy’s educational background covers multiple disciplines and fields of interest including: cybersecurity, data science, blockchain, quantum information science, artificial intelligence, high performance computing and systems integration.

Tommy holds a B.S. in Mechanical Engineering from the U.S. Naval Academy, a Masters in Public Administration from Harvard University, an M.S. in Management of Technology from MIT and a Ph. D. in Energy Economics from George Washington University. He is a Professional Engineer, an ASME Fellow, and serves on the ASME Board of Governors, the ANSI Board of Directors and the U. S. Council on Competitiveness as the Co-chair of the Advanced Computer Roundtable.

Mr. Johnson serves as the Director of the Cybersecurity Operations Center at the National Geospatial-Intelligence Agency. Named to the position in March 2019, Mr. Johnson oversees the 24x7 cyber network defense of NGA’s global information technology enterprise. He leads a combined civilian-contractor-military workforce of approximately 150 across multiple NGA mission locations. Mr. Johnson was appointed as the Intelligence Community Tri-Chair on the Committee on National Security Systems Subcommittee in November of 2018.

Prior to this assignment, Mr. Johnson served as the Chief of Risk Management for the Intelligence Community Chief Information Officer (IC CIO) at the Office of the Director of National Intelligence. In this role he supported and advised the IC CIO and IC Chief Information Security Officer in managing the shared risk of the IC Information Environment by leading and coordinating performance analysis, independent security assessments, enterprise IT risk assessments, and cybersecurity planning and budgeting functions for the Intelligence Community. Additionally, he served as the United States Representative to the Five Eyes Enterprise Information Assurance Group where he represented U.S. policy positions and interests to a group of multinational cybersecurity experts chartered to ensure the secure and trusted intelligence sharing, integration, and collaboration between five partner nations.

Mr. Johnson has over 17 years of experience in the public and private sectors, gaining expertise as an electronics technician, cybersecurity officer, and IT Program Manager. He joined the federal service in 2012 with the NGA, focusing on cybersecurity, vulnerability analysis, and risk management. His work on strategic planning, budgeting, and program execution began in 2014, when he became the first Cybersecurity Lead for NGA’s newly established Portfolio Management governance structure.

From 2007-2012, Mr. Johnson was a defense industry consultant, providing services related to IT risk management, assessment and authorization of information systems, and cybersecurity testing and evaluation for the U.S. Air Force and NGA.

A veteran of the United States Navy, Mr. Johnson served on active duty from 2001-2007 as an AEGIS SPY1A radar systems technician on board the USS Yorktown, and an IT systems and network administrator for Tactical Air Control Squadron 12. He has served in U.S. Navy Reserve since leaving active duty and currently holds the rank of Chief Petty Officer.

Mr. Johnson holds a Bachelor of Science degree in Information Technology from Excelsior College and is a member in good standing with ISC2 and ISACA, holding the credentials of Certified Information Systems Security Professional, and Certified Information Security Manager.

Anne Armstrong is Chief Content and Alliance Officer of Public Sector 360.

Mr. Sisson is currently serving in the Department of Energy’s Office of the CIO as the Deputy Chief Information Security Officer (CISO).
Prior to joining DOE, he served as the Chief of Staff and the Deputy Director of Operations (DJ3) at Joint Force Headquarters Department of Defense Information Network (JFHQ-DODIN). JFHQ-DODIN is a component of United States Cyber Command, and executes Command and Control of DOD information network operations and defensive cyberspace operations globally.
Before JFHQ-DODIN, he served as a Cyberspace and Information Technology Training Capabilities Analyst for the Joint Staff J7 Director of Joint Training (DJT). In this job he was responsible for engaging stakeholders across the Joint Staff, Office of the Secretary of Defense (OSD), Combatant Commands, Defense Information Systems Agency (DISA), US Cyber Command, Service Components, and the interagency community in order to identify common efforts, and coordinate actions integral to the development, delivery and implementation of the DOD’s Cyber Strategy.
Prior to serving as a DoD Civilian, Mr. Sisson served over 20 years as a non-commissioned and commissioned officer in the United States Army where he led diverse organizations at multiple echelons. He retired as a Signal Officer in 2004.
Mr. Sisson completed his undergraduate work at the University of South Carolina Aiken where he earned a Bachelor of Arts in History and, in 2014, graduated from the College of Naval Warfare in Newport, RI where he earned a Master of Arts in National Security and Strategic Studies.

Matt Campbell is a Regional Vice President of Sales at Elastic, responsible for Elastic’s federal business across civilian agencies. As an early member of Elastic’s federal sales organization, Matt has worked on all aspects of supporting the mission to accomplish triple digit growth for over three years running. With a background in software development coupled with experience founding and running a business for over eight years, Matt has a unique perspective that benefits his clients. Matt has been involved in supporting the federal mission for over 20 years at places like Rational, Actuate, Netezza, Fortify, IBM, and SAS. He gravitated largely toward helping our federal government utilize large scale data management and analytic technologies. Matt has a Bachelor’s degree in Computer Science from Clemson University and a Master’s degree in Information Systems from George Mason University. Off the clock Matt enjoys golf, riding his motorcycle or electric bicycle, and is a lifelong Rugby player and fan.

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored three Apress books: Privileged Attack Vectors, Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Jim Richberg’s role as a Field Chief Information Security Office (CISO) at Fortinet leverages his 35 years’ experience leading and driving innovation in cybersecurity, threat intelligence, and cyber strategy. He currently focuses on measuring cybersecurity performance (ROI) and cyber risk management within government and companies, on improving election security, and on helping public and private sector organizations maximize their IT efficiency and security post-COVID-19 in the face of increasing operational complexity and budgetary pressure to “do more with less”.

Prior to joining Fortinet, Mr. Richberg served as the National Intelligence Manager for Cyber, the senior Federal Executive focused on cyber intelligence within the $80B+/100,000 employee US Intelligence Community (IC). He led creation and implementation of cyber strategy for the 17 departments and agencies of the IC, set integrated priorities on cyber threat, and served as Senior Advisor to the Director of National Intelligence (DNI) on cyber issues. He brings a broad enterprise-level approach to cybersecurity honed as a member of the Executive team which created and oversaw implementation of the multi-billion dollar whole-of-government Comprehensive National Cybersecurity Initiative (CNCI) that generated new Government cyber capability and enhanced cybersecurity in the private sector and critical infrastructure.

Mr. Richberg’s broad operational, analytic and leadership experience –including his 20 years at CIA-- gives him practical insight into difficult cyber problems ranging from advanced threat capabilities to supply chain integrity and insider threat. He has extensive experience engaging with audiences ranging from Heads of State and CEO’s to analysts and IT staff. He brings a strong focus on strategic problem solving (identify and solve the key problem vs. the most visible one) and on framing complex problems in comprehensible terms that facilitate analysis and formulation of solutions.