Greg Schaffer, vCISO, Podcaster
Greg Schaffer, VCISO
With over 33 years experience, Greg is a seasoned information security executive proficient in information security program and project management, information security risk assessment and mitigation, vendor risk management, policy and standards creation and implementation, and disaster recovery and business continuity. He is the founding principal of vCISO Services, LLC, an information security consulting firm providing small and midsized businesses with strategic information security expertise and has provided virtual CISO services for many small and midsized businesses in a variety of industries. Previous full-time CISO-level experience includes serving as the VP Information Security for FirstBank, the Chief Information Security Officer for the Metropolitan Government of Nashville and Davidson County, and the AVP Network and IT Security at Middle Tennessee State University.
Greg is active in the security, technology, and risk management communities. He hosts The Virtual CISO Moment podcast, weekly discussions with information security professionals with varied backgrounds and stories. He is the author of the book Information Security for Small and Midsized Businesses. He currently serves on the Middle Tennessee State University Information Systems and Analytics advisory board and board of directors for the Nashville Technology Council Veterans Peer Group as a veteran advisor (USAF, Operation Desert Storm). Previous security and risk management community leadership roles include FS-ISAC Community Council co-chair, Middle Tennessee ISSA chapter board member, Middle Tennessee Risk Management Association board member, and chair of the Tennessee CISO Roundtable. He holds a Master's degree in Information Systems Project Management from Middle Tennessee State University, a Bachelor’s degree in Mechanical Engineering from the University at Buffalo, maintains a current CISSP certification, is a CMMC Registered Practitioner, and is Open FAIR certified.
we hack people - Tim Roberts & Brent White
Tim Roberts // byt3boy
Tim is a Principal Security Consultant / Covert Entry Specialist with Dark Wolf Solutions, specializing in physical, social engineering, and Red Team security assessments. He is the founding member of the Lexington DEF CON group (DC859). He has been interviewed on the subject of “White hat hacking” for Microsoft’s “Roadtrip Nation” television series, was featured on IDG Enterprise’s CSO Online publication by Ryan Francis on social engineering, featured with Brent White on the popular series ProfilingEvil with Mike King, and was interviewed at Black Hat by HelpNetSecurity on security awareness and “Know Your Adversary”. Tim has over fifteen years of professional security experience and has held management, IT, and physical security roles across multiple industries, including healthcare, finance, and government. His experience includes Red Team, Internal/External Network, Wireless, Application, Physical Security, Social Engineering, and more. Tim has spoken and conducted training at numerous security and hacker conferences, including ISSA International, DEF CON, DerbyCon, NolaCon, various B-Sides, CircleCityCon, Techno Security Con, SaintCon, Appalachian Institute of Digital Evidence at Marshall University, Who’s Your Hacker, was keynote for the S&H Law – FBI/Hacker Panel, and more. By continuing to share these experiences, he hopes to further contribute to the InfoSec community and security awareness as a whole.
Brent White // BITKILL3R
Brent is a Principal Security Consultant / Covert Entry Specialist with Dark Wolf Solutions, specializing in physical, social engineering, and Red Team security assessments. He is the founder of the Nashville DEF CON group (DC615), and was the Global Coordinator for the official DEF CON conference “Groups” program for years before retiring in 2022. He is a trusted adviser for the TN Dept of Safety and Homeland Security on the topic of physical and cyber security. Brent has held the role of Web/Project Manager and IT Security Director for a global franchise company as well as Web Manager and information security positions for television personalities on The Travel Channel. He has also been interviewed on the popular web series, “Hak5” with Darren Kitchen, Security Weekly, BBC News, featured with Tim Roberts on the popular series “ProfilingEvil” by Mike King, and on Microsoft’s “Roadtrip Nation” television series. His experience includes Internal/External Penetration, Wireless, Application and Physical Security assessments, Social Engineering, and more. Advertisements REPORT THIS AD Brent has also spoken at numerous security conferences, including ISSA International, DEF CON, DerbyCon, SaintCon, PhreakNic, SkyDogCon, NolaCon, B-Sides Nashville, B-Sides Charleston, Techno Security Con, TakeDownCon and Appalachian Institute of Digital Evidence conference at Marshall University, and more.
Towerwall - Michelle Drolet
Michelle Drolet
Michelle Drolet is CEO of Towerwall, a highly specialized cybersecurity, cloud and virtual CISO services firm with clients such as Foundation Medicine, Boston College and Middlesex Savings Bank. Founded in 1999 in Framingham, MA, Towerwall focuses exclusively on providing small to mid-size businesses customized cybersecurity technology programs. Reach her at michelled@towerwall.com.Telephone 774-204-0700.
Peter Gallinari
Peter Gallinari
Peter Gallinari, over 49 years of experience in Information Technology, with 27+ years as a professional leader in the field of Data Privacy, Cyber Security & Compliance. Industry expertise in Financial services, Health Care and Government Sectors. Have held positions as: Chief Data Privacy Officer for the State of Tennessee, Domain Information Security Officer for the State of Tennessee, former Chief Security Officer (CSO) at GE Capital and GE IT Director of Operations, Chief Security Officer (CSO) supporting 3 hospitals in New York, AVP (Assistant Vice President) Delivery Services for Merrill Lynch. Regulatory compliance leader for such regulatory controls; GLBA, SOX, HIPAA, FERPA, FTI, CJIS, SSA, EU Privacy Directive (GDPR), Commercial compliance for PCI. Keynote speaker for Data Privacy and Cyber Security conferences, both public and private sector audiences.
Cori Brown "corgi"
Cori Brown
Cori is an information security consultant that provides penetration testing services for a variety of clients/industries. Her background in information security risk/compliance helps translate technical concepts into actionable and tangible items for security teams. She also organizes DC615/DEF CON Nashville, where like-minded hackers meetup on a monthly basis to share knowledge and cause trouble.
Dustin Childs, CISSP
Dustin Childs, CISSP
Dustin Childs is a part of Trend Micro’s Zero Day Initiative (ZDI) and handles communications for the group. In this role, Mr. Childs creates, implements, and oversees communications programs, both internal and external, that promote the work of ZDI and its researchers. This includes editing and writing security analysis and supporting collateral from researchers associated with ZDI. The ZDI team augments Trend Micro’s enterprise security products with 0-day research through a network of over 3,000 independent researchers around the world. Mr. Childs also responsible for providing insight into the threat landscape and competitive intelligence to the research team. He has presented at numerous conferences including Black Hat USA and ThotCon. Dustin began his infosec journey in the late 1990s at the Air Force Information Warfare Center, where he was a member of the Air Force CERT and a key player in Solar Sunrise and Moonlight Maze. He then transitioned from active duty to defense contractor, where he ran a multi-million dollar facility designed to test and verify network tools and architecture. Following this role, Mr. Childs worked in the Microsoft Trustworthy Computing group, where he served as a case manager in the Microsoft Security Response Center (MSRC) with a focus on addressing vulnerabilities in the Windows operating system and in Microsoft’s developer tools. His cases included the original Conficker vulnerability and Stuxnet-related bugs. With over 20 years in information security roles, Mr. Childs approaches issues with an understanding of the different real-world implications for various IT roles.
STEVE Mallard
Steve Mallard - CtF and Demo
Steve Mallard is a SME for government entities. Mallard retired as the Master Teacher II of the Information Technology and Infrastructure Management program at the Tennessee College of Applied Technology Shelbyville. Mallard and the program were recognized by Computerworld, TechTarget, the Whitehouse, US Department of Education Office of Career Education (OCTAE) -“Recognized for excellence, dedication, and leadership in Career Technical Education” , SC Magazine as one of the top five Cyber Security Programs, the TN State Governor’s Office and the TN Department of Homeland Security just to name a few.
He has provided testimony at the National Academies of Science-Engineering and Medicine – “Strengthening the Disaster Resilience of Academic Research Communities” , the TN Department of Education Advisory Committee for CTE and Information Technology, ES-ISAC “Partnership with Higher Education with the TN Dept. of Safety and Homeland Security”, DCEMA – Cyber Awareness at Georgetown University and testified for Broadband TN - TACIR – TNECD.
Mallard created the first live student ran Security Operations Center in the nation and his institution received A RESOLUTION to recognize and commend the Middle Tennessee Education Center Security Operations Center at the Tennessee College of Applied Technology Shelbyville. ~HJR(1382)