Bridgette Harris, Esq., CIPP/US

Senior Manager Cybersecurity - Privacy,

Ernst & Young

Bridgette Harris has over 14 years of experience advising businesses on issues surrounding data privacy and information governance. Her areas of focus are the development of enterprise-wide privacy program strategy and governance, operational enhancement, regulatory compliance, and compliant data strategy. She has supported clients through global privacy transformations and developing scalable privacy programs and solutions suited to the risk profile, privacy maturity and complexity of their organizations.

Prior to consulting, she practiced law in Illinois and California and served as counsel for a technology organization. She combines her legal, business, and technology experience to advise clients on the challenges they face complying with the evolving global privacy landscape. 

Session: Privacy and Trust

In today's digital landscape, privacy and trust are intertwined; managing personal data securely builds trust between individuals and organizations. This session will cover technological solutions and governance considerations for an integrated privacy and trust model that supports control over personal information and drives value for the business.

Tolgay Kizilelma, PhD

IT/Cybersecurity - GRC Executive

Tolgay is a business-driven IT/Cybersecurity leader and trusted business partner with three decades of experience covering the entire business IT spectrum within education, healthcare, research, and distribution industries. Tolgay is the founding Director of the MS in Cybersecurity program and teaches online Cybersecurity GRC courses as an Associate Professor of Cybersecurity in the Barowsky School of Business at Dominican University of California. As an adjunct faculty, he also teaches Data Analytics courses at Saint Mary’s College of California. Tolgay has also served as the Chief Information Security Officer for multiple University of California campuses. Early in his career, he managed the U.S. IT operations for a leading national fuel systems integrator and distributor.

Tolgay has extensive technical and business knowledge within information technology and information security/cybersecurity. As an advocate of lifelong learning, he has many industry certifications, a B.S. degree in computer engineering, an MBA, and a Ph.D. focusing on information security. He also volunteers for various non-profit organizations as a board member, and frequently participates at cybersecurity conferences as a keynote speaker, presenter, panelist, and moderator.

His contribution to the cybersecurity community was recognized with the 2022 C100 Award – Top 100 CISOs by CISOs Connect.

Session: Security Assurance and Compliance

Security culture is essential for achieving a culture of compliance. IT leaders are tasked with linking security assurance with organizational values. However, cyber compliance has traditionally been approached as a bottom-up problem and addressed with disjointed ideas that mistake effort as value. The session will cover challenges and opportunities around cybersecurity compliance through cultural changes that align with organizational vision, goals, and values.

Gustavo Mastroianni

CISO, Schools Insurance Authority

Gustavo has 17 years of experience as an Information Technology professional, mostly focused on Networking, Wi-Fi and Cybersecurity. As the Chief Information Security Officer for Schools Insurance Authority, he is responsible for the end-to-end definition and implementation of the cybersecurity program, ensuring processes are being followed, technologies are managed, and stakeholders are being trained as part of the Security Program. Gustavo holds well-recognized industry certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Chief Information Security Officer (C|CISO), and Certified Wireless Network Expert (CWNE #225).

Session: Congrats! You are now a Cybersecurity Leader! And now?

“With great power comes with great responsibility.” Isn't it what Spider-Man said in 1962? Becoming a Cybersecurity Leader isn't trivial and requires you to step-up by elevating yourself and being ahead of the game, while creating a strategic plan, understanding business risks, and aligning them to today's world threat landscape, by recommending the proper security controls to bring these risks to a level where the business feels it is acceptable. Gustavo will explain key points on creating a strategic plan that best fits you and the organization, aiming on the success of your cybersecurity program.

Trinh Ngo

Director of IT Controls and Resiliency Assurance, Blue Shield

Trinh Ngo is an inspirational servant leader with over 25 years in technology. She builds relationships with customers, stakeholders, business partners, and staff to achieve solutions. Trinh is known for bringing out the best in her teams and strong collaboration with customers and partners. She discerns and analyzes information to effect strategic direction.

Session: Why Resiliency is a Team Sport

Magaly Perez

IT Enterprise Security and Business Architect, Intel Corporation

Magaly Perez is dedicated to enhancing business value through cybersecurity and integrating business architecture into enterprise frameworks. She holds a master’s degree in IT Auditing and Cybersecurity from Temple University and has completed the Artificial Intelligence: Business Strategies and Applications program at UC Berkeley Haas Executive Education. Her work focuses on creating business-focused strategies that transform value delivery by connecting security and technology.

Magaly's influence in the field is undeniable. She co-authored the 2023 TOGAF® Series Guide Business Capability Planning Guide, published by The Open Group Architecture Forum, and holds several certifications. Her leadership in capability-based planning is widely recognized, driving transformation in her field.

Magaly is passionate and unapologetically ambitious, embodying a growth mindset in her leadership. She has been recognized as one of the Top 50 Women in Cybersecurity in the Americas. She serves as a board member for BUILD, a non-profit organization that empowers under-resourced youth with entrepreneurship to build career success and opportunity so they can become the CEO of their own lives. Magaly aims to inspire others in IT and cybersecurity by sharing her experiences and insights. She is committed to supporting and uplifting others in their professional journeys, embodying the spirit of “leaving the ladder down” for others to climb.

Session: The Importance of Business Architecture in Security

“The Importance of Business Architecture in Security” focuses on the value of integrating security with business architecture in today's rapidly evolving digital landscape. Magaly aims to educate on what business architecture entails in security and how it can shape effective security strategies that are closely aligned with business goals and operations. The goal is to provide valuable insights for professionals seeking to integrate business architecture into their security approach. This integration can enhance overall security posture, support business growth and resilience, and, most importantly, encourage new approaches or career pursuits in the field of security architecture. 

Matthew Rosenquist

CISO and Cybersecurity Strategist,

Mercury Insurance - Cybersecurity Insights

Matthew Rosenquist benefits from over 35 years as a Chief Information Security Officer (CISO), cybersecurity strategist, operational leader, and technologist in the cyber, physical, and information security fields. Matthew has become an outspoken advocate and respected authority in the field of cybersecurity. He speaks to audiences as a keynote speaker, author, thought leader, and podcast host. As one of the most recognized influencers in his industry, he has earned many awards for his work to make digital technology secure, private, safe, and trustworthy.

Matthew worked at Intel Corporation for over 24 years, building and managing key security organizations, including the company’s first Security Operations Center, M&A security, and the founding commander of the cyber crisis response team. He was the cybersecurity strategist for Intel’s Manufacturing Computing unit which advanced the protection for worldwide chip production operations. Matthew oversaw all the security features landing in Intel’s core CPU chips, was the cybersecurity strategist for Intel Security - the third largest security group in the industry and included the McAfee acquisition and established the cybersecurity governance for Intel’s billion-dollar AI business unit.

Currently, he is the CISO for Mercury Risk and Compliance and sits on over a dozen advisory boards for universities, startups, industry outreach, and conferences. Overall, a diverse career focused on the protection of computing infrastructure, business assets, and products.

Matthew advises companies, academia, and governments around the globe on cybersecurity emerging threats, privacy, regulatory compliance, digital ethics, disruptive technologies, and best practices for cyber risk management. He possesses the unusual ability to translate cyber risks and identify business opportunities to help organizations balance threats, costs, and usability factors to achieve an optimal level of security.

Panel Member