2022 Panelists - Three Rivers Information Security Symposium

TRISS 2022 Panelists

CISO Panel

Erika Carrara

Vice President and Chief Information Security Officer
Wabtec Corporation

Erika Carrara is the Vice President and Chief Information Security Officer at Wabtec Corporation. She is an influential, strategic, business-focused C-Suite executive with a track record in the delivery of leading-edge security approaches within a fast-paced, global environment and extensive experience spearheading security, technology, and business transformations in diverse and ever-changing environments. Aside from leading the charge for collaborative, business-centric global security solutions, Erika also works to promote women and minorities in technology and develop the next generation of talent. Prior to her current role as Wabtec’s global chief information security officer, she was a Director of Information Security in the defense industrial base, former US Army Military Police Officer and small technology business owner.

Dr. Trebor Evans

Chief Information Security Officer
Dollar Bank

Dr. Trebor Z. Evans serves as the Chief Information Security Officer (CISO) and Senior Vice President in Information Security Governance at Dollar Bank, FSB. In these roles, he securely enables the business by managing risk in alignment with the company’s strategic goals. In addition to his primary focus at Dollar Bank, he is also active in academia. He is an adjunct professor for Southern New Hampshire University (SNHU), where he currently teaches the capstone course for the Master of Science in Cyber Security program. He serves on the Board of Visitors for the School of Nursing, Education, and Human Studies at Robert Morris University. He as served as an Independent Program Reviewer for Walden University’s Masters and Doctoral IT programs, and maintains approval to teach IT, Cyber, and Project Management undergraduate and graduate courses at SNHU. Dr. Evans’ 30 years of IT and security experience present from a variety of roles across vertical industries including insurance, healthcare, education, and banking. The Pittsburgh Technology Council in association with the Greater Pittsburgh CIO Group named him 2018 CISO of the Year, Gigabyte Category. He was featured in Toggle Magazine, TEQ Magazine, and RMU Foundations Magazine. In 2019, Dr. Evans graduated from both the Pittsburgh FBI Citizens Academy and a three-year program at the PA Bankers Advanced School of Banking. He maintains certifications including: Certified Information Security Officer, Project Management Professional, and Certified Data Privacy Solutions Engineer. He earned a BS in IT and an MBA from South University. He earned a Leadership Ph.D. from Robert Morris University. His dissertation and publications in chapters of books and in peer reviewed journals focus on student engagement and social media.

Dave Coughanour

Vice President of Cybersecurity and CISO
Ansys

Dave serves as the Vice President of Cybersecurity and CISO for Ansys where he safeguards the company’s leading edge simulation software. Prior to this role, he was responsible for security at the international law firm K&L Gates and was a core member in establishing PNC Bank’s outstanding cyber security program. Dave began his career in the United State Marine Corps where he served as an infantry sergeant, as well as in the Pennsylvania National Guard. From there, his sense of adventure was balanced out by a greater love of air conditioning and fresh coffee, leading to a career in the US Intelligence Community where he primarily focused on digital forensics in counter terrorism operations. He has spent a year at sea, two years in Iraq and four months in Afghanistan. He holds a master’s degree in cybersecurity from Utica College, CMU CISO certification as well as CISSP, GCIH, GCFA, GCIA. CIPP/EU, and EnCE certifications. Do to what can only be a clerical error, he was also elected as CISO of the Year in 2021 by the Pittsburgh Technology Council

Tom Dugas

Assistant Vice President and Chief Information Security Officer
Duquesne University

Tom Dugas, Assistant Vice President and Chief Information Security Officer (CISO) for Duquesne University is responsible for leading the Information (cyber) security program to protect the availability, confidentiality, and integrity of data and systems at Duquesne University. He is also responsible for leading and managing the Identity and Access Management and Data Governance initiatives at Duquesne.

Ransomware Panel

Stephanie (Sjoberg) Saunders

Senior Security Consultant
TrustedSec

Steph has over 10 years of experience in the Information Security field, working mainly in retail, critical manufacturing, and other IT organizations. Steph is on the Board of Directors for InfraGard Pittsburgh and serves as the Treasurer. She also mentors in cyber security for Pennsylvania’s 3 cups of coffee program and volunteers for Bsides Pittsburgh.

Dr. Trebor Evans

Chief Information Security Officer
Dollar Bank

Dave Feehan

Cyber Defense Manager
Wabtec Corporation

Dave Feehan is the Cyber Defense Manager at Wabtec Corporation. He has been in IT for 19 years covering all aspects of the field, The last 12 of which have been in Cyber Security. Having a true passion for Data Loss Prevention and incident handling has served him well throughout his career. Starting his journey in the United States Marine Corps as a data and network operator, advancing through the ranks and holding several billets including data chief and platoon sergeant of several units. He was the host-based security system chief for the entire Marine Corps before his early retirement. On to bigger things after the Marines he was at a large financial institution as a Senior DLP Analyst. However, the manufacturing industry was a huge interest to him, so he went to work for Wabtec in 2015 and has been there since. Advancing through the ranks to his current position of the Cyber Defense Manager reporting directly to Wabtec's CISO.

Ed Lisivick

Security Analyst
American International Relocation Enterprise Solutions (AIRES)

Ed graduated from Pittsburgh Technical College with a degree in Network Security & Computer Forensics. While in school, he took on a cybersecurity internship before accepting a full-time position at American International Relocation Enterprise Solutions (AIRES). As a Security Analyst, he is responsible for identifying, investigating, and remediating incidents caused by potential breaches, cyber threats, and security events to mitigate future attacks and protect the company and client data. Ed is passionate about educating cross-functional teams to increase awareness.

Operational Technology (OT) Security Panel

Dawn Cappelli

Head of OT-CERT
Dragos

Dawn Cappelli is the Head of OT-CERT (Operational Technology – Cyber Emergency Readiness Team) at the industrial cybersecurity company Dragos. Cybersecurity risks in OT environments continue to rise, and many organizations struggle with the resources or expertise to address them, especially small to medium-sized businesses. OT-CERT provides free resources to help them build a foundational OT cybersecurity program. Previously, Dawn was CISO for Rockwell Automation from 2016-2022, after serving as Director, Insider Risk. Before that she was Founder and Director of Carnegie Mellon Software Engineering Institute CERT Insider Threat Center. She started her career as a software engineer programming nuclear power plants for Westinghouse. She co-authored the book “The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud),” which was inducted into the Cybersecurity Canon - a list of must-read books for all cybersecurity practitioners. Cappelli is a Certified Information Systems Security Professional, holds a BS in Computer Science and Mathematics from the University of Pittsburgh, is co-founder of the Open Source Insider Threat (OSIT) information sharing group and is a member of the RSA Conference Advisory Board, the Cybersecurity Collaborative Executive Committee, and the CyberWire Hash Table. She was awarded the 2022 CIO Choice Lifetime Achievement Award by the Pittsburgh Technology Council, inducted into the ISSA Hall of Fame in 2021, honored as a member of the 2021 CISOs Top 100 CISOs, 2020 Global CISO 100, and was named Pittsburgh CISO of the Year in 2018.

David Carmona

Passionate about OT/ICS Cybersecurity, protecting our critical infrastructure from bad actors, and helping the local community with enhancing their security posture through frameworks, layered defenses, and resources. With years of experience in working in the chemical, transportation, and energy industries, I have detailed understanding of the various challenges that industrial control environments face and how to protect them.

Scott Christensen

Cyber Practice Lead
GrayMatter

Scott Christensen, is the Cyber Practice Lead for Pittsburgh-based GrayMatter, a leading solutions provider assisting industrial companies in their digital journeys. He leads all facets of GrayMatter's cyber business with a focus on delivering cybersecurity solutions into OT and industrial environments. Prior to joining GrayMatter Scott was the Cyber Subject Matter Expert for GE Digital, leading its efforts to help clients mitigate risks associated with digital transformation projects. He has held positions with Wurldtech Security Technologies; Dexa Systems (formerly a division of Schlumberger); CSI Software; NetIQ and Bindview, primarily focusing on cybersecurity in the oil and gas, power, manufacturing and healthcare markets.

Julie Ray

Chief Information Security Officer
United States Steel Corporation

Ms. Ray was appointed Chief Information Security Officer (CISO) in June of 2020 after serving in the Acting role for 6 months. In this role, she has responsibility for leadership of U. S. Steel’s global Cybersecurity program. She was recently awarded the 2021 CISO of the Year Award from Pittsburgh Technology Council. Julie has worked for U. S. Steel for nearly 20 years. During this time, she has held roles of increasing responsibility within the IT department, including Director positions in both Cybersecurity and Infrastructure. She developed the first U. S. Steel Cybersecurity Compliance program from the ground up, building critical capabilities and services necessary to advance the company’s Cybersecurity program. Julie holds a bachelor’s degree in Information Systems Management, a master’s degree in Internet Information Systems, and a doctorate in Instructional Management and Leadership, all from Robert Morris University. Most recently, she completed the Chief Information Security Officer Certificate program at Carnegie Mellon University, where she was awarded the Best of the Cohort award for her case study and presentation in June of 2020. She now serves as a ‘Coach’ for that same program. In addition, she holds a Certified Information Systems Security Professional (CISSP) certification. Julie is an active member and on the advisor group for the Greater Pittsburgh CISO Group, was nominated for the Athena Young Professional Award, serves on the Editorial Review Board for two peer-review journals (International Journal of Cyber Research and Education and International Journal of Information and Communication Technology Education), is a member of the Board of Directors for Biggies Bullies dog rescue, a volunteer dog walker for Humane Animal Rescue of Pittsburgh, and a foster for Pittsburgh CAT.

Derek Brown

Director of Cybersecurity and Infrastructure
EQT

Derek Brown is a seasoned technologist and security practitioner. He currently serves as the Director of Cybersecurity and Infrastructure for EQT Corporation, the largest Natural Gas Producer in the United States. In addition to the ONG industry, Derek has guided healthcare, financial, manufacturing, and educational organizations in development of their security strategies.