About the Panelists
Dr. Stuart Broderick, CSIM, CCSK, CRISC, Lead Technical Architect
Dr. Broderick is a Lead Technical Architect on the Symantec Cyber Readiness & Response team. He is a
senior consultant with responsibility for developing and delivering Symantec’s comprehensive Security Program
Assessment (SSPA) consulting services to global customers. He leverages extensive private industry, government
and academic information security program expertise to help Fortune 500 clients assess their current programs
and develop the most secure and cost effective solutions to support business operations and regulatory
requirements. Stuart has extensive experience working with clients to help them to pragmatically align their
security program with their business objectives and goals. His experience is wide ranging and addresses the
people, process and technology aspects of information security. Clients typically benefit most from his expertise
in the people and process side, as these are areas that many security programs do not properly consider.
Jonathan Dambrot, CISSP (Moderator)
Prevalent Networks Co-Founder and Shared Assessments Steering Committee Member, works with the leading organizations in the world to help better manage third party and IT related risks. Prevalent provides compliance automation solutions from the cloud with its Prevalent Compliance as a Service including vendor risk management.
Trina Ford, Director, Global Third Party Assurance, Global Security Organization, ADP
Trina Ford is the Director of Global Third Party Assurance, in the Global Security Organization at ADP - one of the largest providers of business processing and cloud based solutions to employers around the world. She brings a wealth of risk management, compliance and security leadership experience, with emphasis on building strategic governance, risk and compliance programs. In her current role, her high level responsibilities include ensuring the right levels of due diligence are being applied to the corporate risks being assumed when utilizing third party partners to satisfy corporate business requirements worldwide and appropriately measuring, assessing, monitoring and controlling risks associated with Third Party relationships.
Ed Jennings, Chief Marketing Office, Veracode
Jennings has 20 years of technology sales and marketing experience. He has executive leadership experience at
successful VC-backed and Fortune 500 companies, and his deep knowledge of Sales 2.0 and SaaS business models has
made him a featured expert in top business publications including USA Today. Prior to joining the Veracode team,
Jennings served as General Manager at ADP. Before that, he was President and CEO of Copanion, where he established
a voice in the compliance industry, writing and speaking extensively on technology automating compliance. He has
held senior positions at PTC, AT&T, Qwest Communications and Broderbund Software.
Jennings is a graduate of Boston College and holds an MBA from the Kellogg School of Management at Northwestern University.
Brad P. Keller, Senior Vice President & Program Director, The Santa Fe Group
Brad Keller has been developing and leading risk management programs for more than 25 years. During this time
Brad has developed and implemented vendor and business risk management programs at several financial institutions
that have substantially improved risk management while also passing federal regulatory scrutiny. Focusing on the
risk of doing business online, he has implemented leading edge programs for the identification and mitigation of
identity theft and online fraud. He has testified on behalf of the financial services industry at Congressional
hearings on customer privacy issues; and, is a frequent member of financial industry led initiatives that address
issues related to risk management, anti-phishing, online fraud, customer privacy, and authentication issues.
Paul Poh, Vice President, Technology Investment Services at Fiserv, Inc.
Paul Poh, CISSP, CISM, CIPP/US, is Vice President of Technology and Information Security Officer, for the Investment Services Division of Fiserv. He has over 20 years of experience with a focus on infrastructure design, software development, and information security. He joined Fiserv in 2007 with the acquisition of Upstream Technologies, LLC, a small successful Boston-based provider of advanced investment decision support and trade order management tools, where he served as Executive Vice President and CISO, and developed the companies' security platform, designed and executed on systems operations, security policy, and compliance initiatives.
Prior to Upstream, Paul held management roles in information and technology management for Dow Jones, State Street Global Advisors, and several innovative startup organizations. Earlier, Paul worked as founder and partner for a managed security services provider, in start-up mode. He designed a proprietary client-server solution for remote control of an open source intrusion detection appliance, system software based on a Linux kernel. Paul still enjoys finding security vulnerabilities, and spends as much of his free time, searching for security weaknesses in open-source software.