CISO Council

IT infrastructure and security leader with 20 years experience spanning operations across 6 continents. Prior to joining Zscaler, Brett lead Bechtel's journey towards Zero Trust as the Manager, Cloud Architecture and Engineering. At Bechtel, Brett championed the local office breakout, VPN replacement and Password-less implementations and lead the infrastructure design of their Azure-based digital transformation application platform. Integrating platforms with advanced modern identity concepts is his specialty. Brett has enterprise management experience across a diverse range of technologies and disciplines, including PC and mobile technologies, unified communications, datacenter, LAN, WAN, identity and access management, APIs, enterprise architecture and cloud IaaS, PaaS and SaaS environments.

Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.

Martin is an insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.

Prabhath (PK) leads TripActions Security & Trust Org which is responsible for Product & Platform Security, Detection & Response, Enterprise Sec and Security Architecture & Engineering & GRC. His organizations core mission is to ensure Tripactions meets its security & privacy obligations to its customers, investors, regulators, and employees. PK is Senior security leader with 16+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. Prior to Tripactions, PK served as a security leader in Adobe for 9+ years where he drove several initiatives to level up security & privacy as Adobe reinvented itself in the cloud and grew from $30B to $300B business. Prior to Adobe, PK was with PwC, advising fortune 100 companies on info sec & privacy strategy, governance, operations & technologies. PK is active in the security community and advice startups on product & business strategy, market positioning and to solve security and business problems at scale. PK also mentors several professionals and presents in national and international conferences on thought leadership topics. His educational background includes a bachelor’s degree in electronics & communications engineering and holds CISA, CISSP, CIPT, CDPSE, ISO 27001 Lead Implementor & PCI ISA certifications. At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers. Past: - Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business - Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications - Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation - Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps Specialities: i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc. ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.

By day, he is a Fractional CISO and Cybersecurity Advisor for multiple companies building, running, and optimizing cybersecurity programs. By night, he champions cyber safety and ethics education throughout society via the 501(c)3 nonprofit Savvy Cyber Kids he founded. Ben has presented at the World Economic Forum, NACD directorship training, RSA Conference, TEDxSaintThomas, TEDxKids@Vilnius, GISEC Global, InfoSec World, SecureWorld, IEEE, ACM, CSO50, CIO/CISO Summits, and many other events. In addition to his numerous publications, Ben has been featured in the New York Times, Wired, Bloomberg, BBC, Kiplinger, Good Morning America, Good Day Atlanta, CNN HLN, Fox News, RogersTV, among others.

John Scrimsher has over 25 years of experience in developing and leading security organizations across some of the most iconic brands in technology and manufacturing. While based in North Carolina, John has lived all over the US and appreciates traveling around the world. His experiences with multiple cultures drives his desire to seek new and diverse opinions as a part of the security program. As the CISO for Kontoor Brands, the home for iconic Wrangler, Lee and Rock & Republic Jeans, John has built a forward looking security program focused on ensuring visibility and resiliency based upon a strong relationships across the business.

Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis is a national enterprise with 14 regional offices. Today, Avesis is a benefits provider for more than one million commercial members and more than eight million government members across the country. An insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.