CISO Council

IT infrastructure and security leader with 20 years experience spanning operations across 6 continents. Prior to joining Zscaler, Brett lead Bechtel's journey towards Zero Trust as the Manager, Cloud Architecture and Engineering. At Bechtel, Brett championed the local office breakout, VPN replacement and Password-less implementations and lead the infrastructure design of their Azure-based digital transformation application platform. Integrating platforms with advanced modern identity concepts is his specialty. Brett has enterprise management experience across a diverse range of technologies and disciplines, including PC and mobile technologies, unified communications, datacenter, LAN, WAN, identity and access management, APIs, enterprise architecture and cloud IaaS, PaaS and SaaS environments.

Erik Hart oversees global information security for Cushman & Wakefield, one of the world’s largest commercial real estate services firms. A recognized thought leader with more than 20 years of experience in providing information security services to various industries and organizations, he also serves in an advisory role for numerous companies and organizations in the information security field, including Mimecast, CrowdStrike, InfraGard Chicago Members Alliance and Western Illinois University. Before joining Cushman & Wakefield in 2018, he served as CISO and Director of IT Risk Management for Zebra Technologies, a provider of mobile, logistics and point-of-sale technology and systems to retail, health care, transportation, manufacturing and other industries. Erik earned his Bachelors from Western Illinois University and Masters from Western Governors University.

Martin is an insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.

Prabhath (PK) leads TripActions Security & Trust Org which is responsible for Product & Platform Security, Detection & Response, Enterprise Sec and Security Architecture & Engineering & GRC. His organizations core mission is to ensure Tripactions meets its security & privacy obligations to its customers, investors, regulators, and employees. PK is Senior security leader with 16+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. Prior to Tripactions, PK served as a security leader in Adobe for 9+ years where he drove several initiatives to level up security & privacy as Adobe reinvented itself in the cloud and grew from $30B to $300B business. Prior to Adobe, PK was with PwC, advising fortune 100 companies on info sec & privacy strategy, governance, operations & technologies. PK is active in the security community and advice startups on product & business strategy, market positioning and to solve security and business problems at scale. PK also mentors several professionals and presents in national and international conferences on thought leadership topics. His educational background includes a bachelor’s degree in electronics & communications engineering and holds CISA, CISSP, CIPT, CDPSE, ISO 27001 Lead Implementor & PCI ISA certifications. At TripActions my organization drives several defensive and offensive security disciplines and serves as the single voice for security both internally to employees and externally with customers. Past: - Served as a security leader at Adobe for 9+ years where I drove several security programs and initiatives to level up security as Adobe reinvented itself in the cloud to grow from $30B to $300B business - Architect of Adobe common Controls Framework. Championed the implementation of CCF across all Adobe cloud products, services, platforms and operations. CCF became the backbone of Adobe’s security & trust strategy, opened up global GTM opportunities and enabled Adobe to achieve compliance with various worldwide cloud security and privacy certifications - Built a SWAT team of secops engineers & security TPMs to enforce security & ops best practices at scale for multi cloud via a companywide repeatable program through security automation - Global leadership role around security policies, automation and cloud security. Built a team of leaders who embraced an agile mindset, and deeply engaged with 500+ product teams to ensure controls are baked into the product and feature development roadmaps Specialities: i)Compliance Frameworks - PCI, SOC1/SOC2/SOC3, SOX 404, HITRUST, HIPAA, FedRAMP, GDPR, CCPA, NIST 800-53, ISO27001, ISO 27701, SSPA, ISO 22301, ISMAP, IRAP, CAIQ, SIG, UK Cyber essentials, Spanish ENS, FERPA etc. ii)Security Maturity, Risk & Governance - NIST CSF, FAIR, ISO 27005, CMMI, COSO, COBIT, BSSIM, OpenSAMM iii)Cloud Tech - AWS, Azure, GCP, Kubernetes, Hyper-Converged Infrastructure, CI/CD, Multi Cloud, Containers/Microservices Architecture, Cloud identity management iv)Sec Ops/Eng - Web application security, cloud security, penetration testing, vulnerability scanning, threat hunting, Red/Blue/Purple teaming, enterprise security, Incident response/SOC, SOAR, Trust & Safety, shifting left security, EDR, email security, CSPM, encryption, authentication, authorization, access management, security architecture, disaster recovery, supply chain risk management etc.

Ben Halpert is a man on a mission: to educate and empower today’s digital citizens in the workplace, at schools, and at home. By day, he is the CISO at Groupon bringing his global experience in Risk Management, Cyber Security, Physical Security, Audit, Privacy, Compliance, and IT to benefit their merchants and customers. By night, he champions cyber ethics education throughout society via the 501(c)3 nonprofit Savvy Cyber Kids he founded in 2007. Ben is honored to speak and keynote at conferences and events worldwide. He has presented at the World Economic Forum, multiple times at the RSA Security Conference, InfoSec World Conference & SecureWorld events. Ben was invited to present at TEDxKids@Vilnius (Raising Savvy Cyber Kids) and TEDxSaintThomas (Technology addiction and what you can do about it). In addition, Ben has presented at IEEE, ACM, CSO50, CISO Summits, the Worth Safety & Security Summit and many other events over his career. Based on his early research and experience in the then emerging field of Cloud Computing, Ben was invited to publish Auditing Cloud Computing: A Security and Privacy Guide through John Wiley & Sons. Ben was a contributing author to Readings and Cases in the Management of Information Security and the Encyclopedia of Information Ethics & Security, wrote the security column for Mobile Enterprise Magazine and has contributed to seven NIST special publications. Through Savvy Cyber Kids, Ben provides cyber ethics educational and awareness sessions for parents, teachers, and students – from preschool through high school. Ben is the award-winning author of The Savvy Cyber Kids at Home children’s book series (The Family Gets a Computer, The Defeat of the Cyber Bully, and Adventures Beyond the Screen). As a trusted voice on a variety of cyber security issues, Ben has made numerous TV and radio appearances and has been featured in newspapers and magazines such as The New York Times, Wired, BBC, Kilinger, Good Morning America, Good Day Atlanta, CNN HLN, Fox News, RogersTV, RTVI, 11 Alive, WSB-TV, among others.

John Scrimsher has over 25 years of experience in developing and leading security organizations across some of the most iconic brands in technology and manufacturing. While based in North Carolina, John has lived all over the US and appreciates traveling around the world. His experiences with multiple cultures drives his desire to seek new and diverse opinions as a part of the security program. As the CISO for Kontoor Brands, the home for iconic Wrangler, Lee and Rock & Republic Jeans, John has built a forward looking security program focused on ensuring visibility and resiliency based upon a strong relationships across the business.

Martin is the EVP & CIO of Avesis. In 1978, Avēsis began as a regional ancillary benefits administrator. Today, Avesis is a national enterprise with 14 regional offices. Today, Avesis is a benefits provider for more than one million commercial members and more than eight million government members across the country. An insightful IT executive, Martin collaborates with his team to assess their technology capabilities and establish a strategic plan and projects to strengthen IT impact. Martin has a history of implementing complex enterprise systems – enterprise risk planning, electronic medical records, and customer relationship management – on time and under budget. He demonstrates a calm, cool and collected leadership style when considering security matters and handling compliance and data breach concerns. Whether working with a start-up or at a company with international operations, Martin embraces innovation and promotes utilizing IT to drive business transformation.