TRISS 2023 Panelists
CISO Panel
Susan Koski
Susan Koski is the CISO and Head of Enterprise Information Security for The PNC Financial Services Group. She is responsible for Information Security Strategy, Digital Identity for customers and the workforce; Data Protection; Fusion Center (cyber, insider, physical and fraud monitoring); Vulnerability Management; Threat Intelligence; Security Incident Management; Application Security; Security Metrics; Cloud Security; and Security Policy, Governance and Assessments. Susan has more than 25 years of experience in Information Technology (IT), cybersecurity, business continuity, third-party risk management and IT risk management. She has also served in executive leadership roles with BNY Mellon (Managing Director of Technology Risk Management), Synovus (Chief Information Security Officer - CISO) and Aetna (Chief Data Protection Officer). Susan has a record of rebuilding programs and developing highly functional teams. She re-engineers processes and technology for efficiency and innovation – or “Effovation” – creating opportunities for teams to achieve continuous learning and development through the use of creativity to tackle complex issues. Susan holds a Bachelors of Science in Electrical Engineering (cum laude) from the University of Pittsburgh and an Masters in Business Administration (summa cum laude) from Duquesne University. She is a CISO Executive Network Advisory Council member, Governing Body Member for the Evanta Pittsburgh CISO program, Advisor for the Robert Morris University Information Systems & Communications PhD Advisory Board, member of the BITS Security Steering Committee and a board member of the Cyber Risk Institute.
Jason (Jay) Rhykerd
Jason (Jay) is a seasoned expert in the field of cybersecurity, boasting over two decades of experience in evaluating, scrutinizing, and enhancing IT security frameworks. Throughout his career, he has served in diverse sectors such as manufacturing, education, healthcare, and government. Currently, he holds the esteemed position of Chief Information Security Officer (CISO) at Sheetz, a family-owned enterprise with a multibillion-dollar valuation. Fueled by a zeal for educating both the general public and budding security professionals, Jason demystifies the complexities of cybersecurity by breaking down its essential components: the 'why,' 'what,' 'when,' and 'how.' His extensive career has seen him architect, deploy, and steer multiple cybersecurity initiatives to success. In his role as the CISO at Sheetz, Jason works in concert with both internal teams and external partners to ensure that the company's security policies are in sync with its core mission and values. Under his leadership, his team thrives in a culture of excellence, continually pushing the boundaries in IT security and risk management.
Eris Symms
Before becoming the CISO in 2020, Eris led the security efforts for Arconic's digital transformation initiatives, including the transition to cloud collaboration platforms and cloud security solutions. He joined Arconic in 2011 as an infrastructure engineer and was later promoted to an incident response role within the information security team. Eris has also held IT roles at U.S. Steel and a DOE contractor. He holds a BS in computer science from Saint Vincent College and an MS in information systems management from Robert Morris University. In 2021, Eris completed the CISO certification program at Carnegie Mellon University's Heinz College.
Erika Carrara
As the Vice President & CISO at Wabtec, I lead the global information security strategy and operations, ensuring the protection of the company's data, assets, and reputation. I have over 24 years of experience in the IT and security field, with multiple certifications, honors, and recognitions for my innovative and effective solutions. Prior to joining Wabtec, my career started in physical security as a US Army Military Police Officer then transitioned into the civilian sector in IT and network engineering roles before moving into information security. My expertise extends across multiple sectors, industries, and leadership levels. I also have a proven track record of business acumen, having owned and managed my own IT and security consulting firm for over six years, delivering high-quality services and customer satisfaction. I am passionate about advancing the security culture and awareness within Wabtec and beyond, leveraging my expertise, skills, and values to empower and enable the organization's mission and vision. In my current role, I am tasked with leadership, direction and delivery of global information security services and activities across more than 50 countries covering 300+ operating locations and over 33,000 employees. I actively works across all areas of the business, from the frontline to Board level, supporting business outcomes and strategic objectives, where I am committed to making security “actionable and understandable” at all levels. I am a firm believer that people are the solution to solving technology and business problems. With people-centric approach and emphasis on fundamentals, I homage to the company’s Pittsburgh roots by using a Steelers football fundamental approach to cybersecurity; it begins and ends with “blocking and tackling.” Bringing big results to the global manufacturing giant. I believe that communication is the single biggest component to how we can change the security industry today, creating “leaders at all levels”, and that each leader has the responsibility to bring forward ideas and solutions to existing challenges. The most effective security teams and transformation programs take the time to understand business needs and desired outcomes. The approaches taken must be innovative in finding ways to help solve business and technology problems, working collaboratively and without silos.
Mike Conley
Mike Conley is a seasoned IT leader overseeing Industrial Scientific and Intelex Technologies, both part of Fortive Corporation. As the Chief Information Security Officer (CISO), he leverages 23 years of tech industry expertise to drive 24/7 data protection and privacy for Industrial Scientific (Pittsburgh) and Intelex (Toronto). He also provides oversight for Global IT Operations and Cloud Operations for Industrial Scientific. Mike actively contributes to cloud and connected-device projects while co-leading the Greater Pittsburgh CISO Group and serving on the board of FBI/InfraGard Pittsburgh Members Alliance. In 2023, he earned the prestigious 2023 Pittsburgh CISO of the Year award in the Megabyte Category from the Pittsburgh Technology Council. Mike's journey includes roles as a Security Engineering and Architecture Manager at U. S. Steel, and a decade-long stint as a software engineer. He graduated with a B.S. in Computer Science from California University of PA in 2000.
Government and Cybersecurity Panel
Michael Petrick
Special Agent Michael Petrick has been assigned to the FBI Pittsburgh Division Cyber Intrusion Squad since 2021. As a law enforcement officer tasked with investigating the ever-growing world of cybercrimes, SA Petrick has gained experience investigating an extensive range of cybercriminal activity. During his time on the Cyber Intrusion Squad, SA Petrick has investigated a range of cybercriminal activity to include ransomware, business email compromise, proxy services, dark web marketplaces, tech support fraud, and information stealing. During these investigations SA Petrick has forged relationships with both private and governmental partners and has worked collaboratively with both foreign and domestic law enforcement partners.
David G. Ries
David G. Ries is of counsel in the Pittsburgh, PA office of Clark Hill PLC, where he practices in the firm’s Cybersecurity, Data Protection and Privacy Group. He has devoted his legal career to helping organizations traverse complex environmental, technology, and data protection challenges. For over 25 years, he has increasingly focused on information governance, cybersecurity, and privacy. Dave frequently speaks and writes nationally on legal ethics, technology, and cybersecurity topics for legal, professional, and higher education groups. He is a coauthor of Locked Down: Practical Information Security for Lawyers, Second Ed. (American Bar Association 2016) and Encryption Made Simple for Lawyers (American Bar Association 2015) and a contributing author to Information Security and Privacy: A Legal, Business and Technical Handbook, Second Edition (American Bar Association 2011). He served on the ABA Cybersecurity Legal Task Force and is a member of InfraGard’s Legal Cross-Sector Council and ILTA’s LegalSEC Initiative.
Bob Kaminski
Bob Kaminski serves as a Cybersecurity Advisor (CSA) for the Cybersecurity and Infrastructure Security Agency (CISA). In support of CISA’s mission of reducing risks to US critical infrastructure, Bob works with public and private sector critical infrastructure owners and operators to strengthen their cybersecurity posture through various CISA cyber security products and services. Bob provides cyber preparedness assessments and protective resources, working group support, leadership, partnership in public-private development, and coordination and support in times of cyber threat, disruption, or attack. Since 2009, Bob has served in various roles within the U.S. Department of Homeland Security. Bob has an extensive military background as well. While conducting a hazardous combat mission in Iraq, Bob's vehicle was hit by two Improvised Explosive Devices (IEDs) amputating his entire right leg and nearly taking his life. After years of surgeries and extensive physical therapy, Bob was able to fight back and serve his country again in his current capacity. Bob possesses a BS from Duquesne University majoring in Computer Technology. Bob is a recipient of the Purple Heart and Army commendation medal.
Cloud Security Panel
Dave Coughanour
Dave serves as the Vice President of Cybersecurity and CISO for Ansys where he safeguards the company’s leading edge simulation software. Prior to this role, he was responsible for security at the international law firm K&L Gates and was a core member in establishing PNC Bank’s outstanding cyber security program. Dave began his career in the United State Marine Corps where he served as an infantry sergeant, as well as in the Pennsylvania National Guard. From there, his sense of adventure was balanced out by a greater love of air conditioning and fresh coffee, leading to a career in the US Intelligence Community where he primarily focused on digital forensics in counter terrorism operations. He has spent a year at sea, two years in Iraq and four months in Afghanistan. He holds a master’s degree in cybersecurity from Utica College, CMU CISO certification as well as CISSP, GCIH, GCFA, GCIA. CIPP/EU, and EnCE certifications. Do to what can only be a clerical error, he was also elected as CISO of the Year in 2021 by the Pittsburgh Technology Council.
Jon Zeolla
Jon Zeolla is the co-founder and CTO of Seiso, an information security company and recipient of the 2021 Innovator of the Year award. Jon is responsible for the research and refinement of cloud native security solutions, including contributing to open source projects and industry standards focused on Zero Trust, DevSecOps, and Cloud Security. He is also a SANS instructor for SEC540: Cloud Security and DevSecOps, and a member of the IANS Faculty.
Cameron Stish
Cameron is a seasoned cybersecurity professional with a unique distinction as the first graduate specializing in cybersecurity from Bethany College. Commencing his professional journey as a Security Engineer, Cameron accumulated invaluable experience in implementing robust security measures for both on-premises and cloud infrastructures. Today, as he holds the position of Senior Penetration Tester at Ethical Intruder, specializing in Windows, Active Directory, and Cloud Security. In his current role, Cameron shoulders the responsibility of orchestrating targeted attacks across a diverse range of environments. These environments span from hybrid configurations to cloud-exclusive setups in AWS and Azure. His deep expertise in Microsoft technologies empowers him to provide tailored security recommendations to clients, catering to a broad spectrum of businesses, from small enterprises to Fortune 500 corporations. Cameron's unwavering commitment to the ethos of "Hacking the Planet" and the broader realm of cybersecurity serves as a driving force behind his impactful contributions to the Ethical Intruder team. Cameron's journey, from graduating from Bethany College to his current role as a senior penetration tester, reflects his enduring commitment to fortifying organizations against cyber threats.