Step three in a three-part series, this checklist breaks down factors for product owners to identify sensitive data, evaluate roles and map roles to data access.

Tom is the Senior Director of Professional Services at Snyk, where he leads a team delivering solutions to secure software development. Previously, he served as Vice President of Consulting at Bishop Fox, a globally recognized offensive security firm, and as Senior Manager of Penetration Testing at Veracode. Over his career, Tom has held diverse roles as a penetration tester, security consultant, and leader of vulnerability management and security awareness programs. Tom has over 24 years of experience in information technology, including 19 years specializing in cybersecurity and offensive security.

Rachel Bierner is the Co-founder and CEO of Qubric Security, a cybersecurity consulting firm that enables secure organizational growth and resilience for its clients. She has held leadership roles in cloud security, cybersecurity strategic planning, technology delivery, and operations at two of the top three U.S. financial institutions. She also served as a management consultant at a "big 4" global consulting firm, where she led software configuration and development teams for clients that ranged from technology start-ups to multinational enterprises.

Holly has over 20+ years of global Cybersecurity, Risk and Technology experience and is recognized as an expert in her field. She has advised global clients in multiple sectors including: government administrations, financial, healthcare, high tech, hospitality, and professional services. Holly was Senior Executive Service in the federal government (DOJ/FBI/FDIC) which is the highest achievable level. Most recently, Holly was the Executive Vice President and Chief Security Officer at Citizens Financial Group.

Elena is Co-Founder and one of the Managing Partners at Aleada Consulting, where she specializes in privacy, data protection, and information security. With almost a 30-year career in compliance and legal, Elena has experience spanning the finance, healthcare, software, law, and government sectors. Through the years, Elena has built a reputation as a trusted advisor, merging business performance with robust information protection strategies. 

Mike has been an IANS Faculty member since 2011, and founded First Security Alliance, LLC, to serve as an independent cybersecurity advisory and consultancy. Mike spent nearly 20 years in financial services leading cybersecurity, IT operations, and digital banking services. After his long run in financial services, Mike was the head of global strategic alliances at VMRay as well as the director of technical alliances at Cofense. Additionally, Mike was research director at Security Current, focused on C-level research, practical advice, and trusted collaboration. In addition, Mike is involved in higher education as an adjunct curriculum advisor and mentor to cybersecurity students for over 20-years.

Edna Conway, CEO of EMC ADVISORS and an ultimate change agent, ensures security and resiliency are built in an enterprise and across its third-party ecosystem. With over 40 years of experience, she served as Microsoft’s Chief Security & Risk Officer for its Intelligent Cloud business, Cisco’s Chief Security Officer for its Global Value Chain, and Assistant Attorney General for New Hampshire. Recipient of over 40 awards from government, industry and academia, Edna seeks out and harnesses the power of diversity of thought, exemplified by her collaborative authorship in four books spanning areas such as Securing IOT, Designing Digital Strategy, Practical Cybersecurity Architectures and Security Careers Beyond Hacking.

Most notably, she brings energy, astute observation of dynamics, genuine caring and a healthy dose of humor to build lasting camaraderie and respect while delivering resiliency and security that “just works”.

Lee Kim specializes in cybersecurity, data privacy, governance, compliance, and generative artificial intelligence. Her insights are informed by her scientific training, creative pursuits, and diverse professional background. She presents before a wide range of domestic and international audiences. She has significant experience with the media and has been featured on the Canadian Broadcasting Corporation (live and pre-recorded interviews), radio shows, and podcasts. She also has significant experience working in the public policy realm, including with Congressional staffers and various governmental agencies around the world.

By way of background, Lee is an AV preeminent peer review rated attorney (a distinction that only 10% of all attorneys have earned according to Martindale-Hubbell). (Note, however, that while Lee is an attorney, she does not provide legal services through IANS.) Additionally, prior to law school, Lee worked as a database, system, and web administrator at a major university, software company, and a major academic medical center.

Lee is currently serving as an analyst with the US Department of Homeland Security Analytic Exchange Program. Over the years, her teams’ research topics have included phishing, healthcare cybersecurity, patient safety, and maritime and port cybersecurity.

Lee serves as a Director of InfraGard Northern Capital Region, Vice Chair of the Policy Committee of the American Bar Association Health Law Section, and National Visiting Committee member of the National Cybersecurity Training and Education Center. Previously, Lee served with the ISC2 Government Advisory Council Executive Writers Bureau.

Please note: The advice that Lee Kim provides through IANS is not legal advice and is not intended to be relied on as such. There is no attorney-client relationship.