Cybersecurity for business



Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity


| 703-907-7090


| 2500 Wilson Blvd, #245
Arlington, Virginia 22201


ISA provides cybersecurity expert testimony and thought leadership in government and serves as an expert witness to the press.


General Keith Alexander Endorsement

Mark Weatherford Endorsement

Daniel Dobrygowski Endorsement

Dr. Corey Hirsch Endorsement

Professor Scott J. Shackelford Endorsement

Ed Amoroso Endorsement

Chris Hetner Endorsement

Ryan Boulais Endorsement

Murray M Dalziel Endorsement

Harry D. Raduege, Jr. Lieutenant General Endorsement

Henry Stoever Endorsement

Andrea Bonime-Blanc Endorsement

Richard Rocca Endorsement

James C. Lam Endorsement

Jay Timmons Endorsement

Preet Bharara Endorsement

Jon Brickey Endorsement

Kevin Mandia Endorsement

Larry Clinton, President and CEO, Internet Security Alliance

Larry Clinton is President of the Internet Security Alliance. He advises industry and government on cyber policy. He has briefed NATO, the OAS and G-20 and the US Congress. He has twice been named to the Corporate 100 list of the most influential individuals in corporate governance. He has written cybersecurity best practices books used in the US, Europe, Latin America and Asia.

John Frazzini, President and CEO, X-Analytics

John Frazzini is CEO of Secure Systems Innovation Corporation and brings a background of cybercrime investigations, cyber threat intelligence, artificial intelligence-based security applications, and cyber-attack simulation technology in his experience as a cyber-risk innovator. Prior to SSIC, he served with the U.S. Service Electronic Crimes Task Force and as an investigator for the U.S. Senate Committee on Homeland Security and Governmental Affairs: Permanent Subcommittee on Investigations. He is also a senior fellow alumnus of the GW Center for Cyber and Homeland Security at the George Washington University in Washington, D.C.

Bob Vescio, Chief Analytics Officer, X-Analytics

Robert Vescio is recognized globally as the leading innovator and visionary of Categorial Outcome Analysis, an emerging leading approach for cyber risk decisioning. He is the Chief Analytics Officer for Secure Systems Innovation Corporation (SSIC) and is the inventor and patent holder for several patents for X-Analytics, SSIC’s state-of-the-art cyber risk decisioning application. In his role, Robert continues to drive innovation in cyber risk decisioning solutions to enable organizations to make better cyber risk decisions using the power of data science and analytics.

Jim Halpert, Partner, Global Data Protection, Privacy and Security Practice, DLA Piper US

Jim Halpert, an attorney at DLA Piper, has extensive experience helping clients on the full range of data risk issues domestically and internationally and across most sectors. He is rated as a Legal 500 “Hall of Fame” practitioner, as a Tier 1 lawyer by Chambers & Partners and as a BTI “client service all-star”. He has helped draft almost all the state privacy, security and breach notice laws enacted over the past 15 years, the National Association of Corporate Directors Cyber Risk Handbook, and two major US federal privacy laws. He advises clients regarding compliance, crisis management, corporate governance, and risk management strategies relating to transnational, federal and state security and privacy regulation, industry best practices and self-regulatory initiatives. He has helped clients through more than 600 cybersecurity incidents, including several of the most high-profile breaches in the world, and has helped over a hundred clients shape their preventive cybersecurity and privacy programs. 

Lisa Humbert, Managing Director, Operational Risk Management Officer, MUFG Union Bank

Lisa Humbert, Operational Risk Management Officer for the Americas, MUFG Americas is responsible for Operational Risk Management across the Americas. She has built and manages the second line of defense team and industry leading framework to deliver an enterprise-wide Operational Risk Management (ORM) program and services. Previously, Lisa served as Executive Vice President, Chief Information Risk Officer at BNY Mellon and Managing Director, Global Head of IT Risk Management and Business Continuity at Credit Suisse and Citigroup.

Greg Montana, Chief Risk Officer, FIS

Greg Montana is the Corporate Executive Vice President, and Chief Risk Officer for FIS Global. Previously he worked at Bank of America as senior vice president and senior operational risk executive; PayPal, as senior director of global risk operations; and Lloyds Banking Group as director of operational, credit and compliance risk. Montana holds a master’s degree in business administration from the Wharton School of the University of Pennsylvania and received a bachelor’s degree from Boston College. Montana was an adjunct professor of risk management at Flagler College in St. Augustine for seven fall semesters (2013 – 2019) and received the Risk Management Association’s (RMA’s) Special Service Award in October 2012, the same year he joined FIS. He has also authored four articles in the RMA Journal.

Gary McAlum, Chief Security Officer, USAA

Gary McAlum is the Senior Vice President and Chief Security Officer at USAA. Prior to USAA, he served in the US Air Force for 25 years in a variety of staff and leadership positions within the information technology career field including telecommunications, deployable and satellite communications, network operations, and information security and with the front line of cyberspace operations for the Department of Defense. He holds a bachelor’s degree in Mathematics from The Citadel, a master’s degree in Management Information Systems from the University of Arizona, and a master’s degree in national resource strategy from the Industrial College of the Armed Forces. In addition, he is Certified Information Systems Security Professional (CISSP) and a Certified Fraud Examiner (CFE).

Tim McKnight, Chief Security Officer, SAP

Tim McKnight is Head, Global Security Unit in the Global Finance & Administration at SAP SE. Prior to SAP, he was Chief Information Security Officer for Thomson Reuters and GE. He has served in various IT Security leadership roles at Northrop Grumman, BAE Systems and Cisco Systems. Tim began his career at the Federal Bureau of Investigation as lead investigator of all National Infrastructure Protection Center matters, including high-tech crimes, corporate espionage, foreign counterintelligence and telecommunications fraud. In addition to his membership on the ISA Board, he is also a member of the Board of Advisors for Amazon Web Services (AWS), ClearSky Security and Tenable.

Niall Brennan, Vice President and Global Head of Strategic Security Partnerships and Engagement, SAP

Niall P. Brennan is the Global Security Liaison Officer at SAP. In this capacity, he leads relationships with government security services, legislative and regulatory bodies, public-private partnerships, non-governmental organizations, and industry trade councils to address issues related to industry security and resilience, threat mitigation, reputation management, regulatory compliance, and legislative advocacy. He has over 30 years of experience in a variety of legal, advisory, security, and investigative roles in both the public and private sectors.

An attorney by education and training, Niall began his professional life as a commercial litigator in private practice. In 1996, he joined the FBI, where he spent 22-years in multiple operational and managerial capacities across all investigative and investigative support programs, including transnational organized crime, counterterrorism, counterintelligence, cyber and intelligence. In his last position with the FBI, Niall led the office in the U.S. Embassy in Paris, France for over 5 years. He retired from the FBI in 2018 and joined PwC as a Director in the Cybersecurity & Privacy practice where he led client engagements focused on cyber incident response and mitigation, resiliency-building and organizational transformation.

Elena Kvochko, Chief Trust Officer, SAP

Elena Kvochko, Chief Trust Officer, SAP

Elena currently serves as Chief Trust Officer at SAP. Her team spans four continents, 30+ countries and supports 450.000 SAP customers on matters regarding privacy and security of SAP applications and platforms.

Prior to this position, she served as Senior Vice-President and Technology Executive focusing on global security at Bank of America. Previously, she worked as a divisional Chief Information Officer at Barclays Bank in New York. Her focus was on delivering the highest degree of privacy and security of all customers and employees globally.

She served as an affiliate fellow at Harvard Law School. She was part of the G7 Women in Business. Her published work appeared in Forbes, Harvard Business Review, featured in the Wall Street Journal, the White House cybersecurity report, The New York Times, and multiple industry media.

She has invented patent-pending technologies in cybersecurity, privacy, and secure financial technologies (with 30+ pending patents named a top inventor at Bank of America). Elena serves as Adjunct Professor at Cornell University.

Jeannie Pumphrey, Head of Third-Party Risk Management and Change Risk Management, MUFG Union Bank

Jeannie Pumphrey has a diverse background of building cross functional teams, developing and managing risk management programs while delivering results within highly matrix global organizations.  She is currently the head of Third-Party and Change Risk Management at MUFG Union Bank, N.A., a U.S Army veteran, a 30-year executive in Supply Chain Management, Third Party Risk and a Six Sigma Black Belt.

Andrew Cotton, Partner, Ernst & Young

Andrew Cotton is a Partner and Americas Cybersecurity Leader for EY in which role he has responsibility for cross-service line, cross-channel evaluation and refinement of EY’s cybersecurity strategy and tactical operating plans. He has more than 25 years of industry experience serving EY’s largest global technology clients in the San Francisco Bay Area. Andrew has previously served on the Firm’s Partner Advisory Council and as the Americas Software Sector Leader, at which time he developed the firm’s technical guidance in that area. He has a Master of Arts degree from Oxford University.

JR Williamson, Chief Information Security Officer, Leidos

J.R. Williamson is the Senior Vice President and Chief Information Security Officer for Leidos. Previously, he held positions at Northrop Grumman, serving as the Corporate CIO, Deputy Chief Information Security Officer, Chief Engineer, Chief Technologist, Director of the Enterprise OneNGC Program Office, and Executive Director of IT Infrastructure and Enterprise Services Operations. Prior to Northrop Grumman, Mr. Williamson served a 4-year stint as a civilian working for Headquarters, United States Marine Corps in the Special Services unit. Mr. Williamson holds a bachelor’s degree in decision sciences and information management from George Mason University and a master’s in information systems from Virginia Tech.