Capstone

The culmination of the MS CRS program is a capstone project which provides the students with the opportunity to integrate the technical and legal/policy training they have received over the past year in response to a real-world cybersecurity issue. The Integrative Cybersecurity Management Capstone is a team-based effort under the direction of three Capstone Directors: Samuel Rascoff, Nasir Memon, and Joel Caminer.

The Capstone experience is further enhanced by the direct attention to each team of an Industry Capstone Mentor who is a noted professional in the cybersecurity field.

Distinguished Capstone Mentors for the Class of 2019, Class of 2020, and Class of 2021 include/have included:

Omkhar Arasaratnam, Executive Director, Head of Data Protection, JPMorgan Chase & Co.

Omkhar Arasaratnam is an experienced cybersecurity and technical risk management executive. He has led organizations to realize their business goals while effectively managing cybersecurity risk and compliance requirements.

Omkhar has over 15 years of experience leading global cybersecurity projects. Omkhar is currently the Executive Director of Data Protection Engineering and JP Morgan Chase. He has previously led security organizations at financial and technology institutions, such as Credit Suisse, Deutsche Bank, TD Bank Group, and IBM. In this capacity, he has revolutionized the effectiveness of cybersecurity controls. He is an accomplished author with several granted patents and has led contributions to many international standards. Omkhar is also member of the NYU Cyber Fellow Advisory council, and a Senior Fellow with the NYU Center for Cybersecurity.

Close

Michael J Adams, Chief Counsel to COO and CISO, Zoom

Michael Adams is currently Chief Counsel to the COO and CISO at Zoom. He formerly led Palantir Technologies’ business in the Carolinas, serving in an executive capacity focused on building Palantir’s commercial and government business and designing data integration strategies and solutions for customers. Michael previously served for 25 years in the U.S. Navy and was deputy general counsel to the Chairman of the Joint Chiefs of Staff, where he advised Chairmen Dempsey and Dunford and the Joint Staff on international and national security law affecting military operations, including cyberspace, intelligence, special operations, maritime and other U.S. Government activities. He then transitioned to private practice and was a partner with the international law firm McGuireWoods. Michael is a graduate of Harvard Law School (LL.M.), Georgetown University Law Center (J.D.), and the United States Naval Academy (B.S.).

Close

Ed Amoroso, CEO, TAG Cyber LLC and Former CSO, AT&T

Dr. Ed Amoroso is currently Chief Executive Officer of TAG Cyber LLC, a global cyber security advisory, training, consulting, and media services company supporting hundreds of companies across the world. Ed recently retired from AT&T after thirty-one years of service, beginning in Unix security R&D at Bell Labs and culminating as Senior Vice President and Chief Security Officer of AT&T from 2004 to 2016.

Ed holds the BS degree in physics from Dickinson College, the MS/PhD degrees in Computer Science from the Stevens Institute of Technology, and is a graduate of the Columbia Business School. He holds ten patents in the area of cyber security and media technology and he has served as a Member of the Board of Directors for M&T Bank, as well as on the NSA Advisory Board (NSAAB). Ed’s work has been highlighted on CNN, the New York Times, and the Wall Street Journal. He has worked directly with four Presidential administrations on issues related to national security, critical infrastructure protection, and cyber policy.

Close

Radhika Bajpai, Global Head of Technology & Information Security Assurance, PayPal

Radhika Bajpai

Radhika Bajpai is a Senior Director, Global Head of Technology & Information Security Assurance at PayPal. Prior to this, Radhika was the Global Lead – Risk & Controls Assurance Engineering at Google Cloud and held leadership positions at Goldman Sachs and BNY Mellon. Radhika is also a 2022 Women in Power Fellow of 92nd Street Y’s Belfer Center.

Radhika has expertise within Risk Management, Control Oversight, Strategic Planning, Regulatory Response, Operational Risk, Project Management, Compliance, Recovery and Resolution, Resilience Management, Sarbanes Oxley (SOX), Risk and Control Self-Assessment (RCSA), SSAE18/SOC/ISO/PCI domains. Radhika has led external audit assurance programs with responsibility for continuous control monitoring and data analytics in various top tier global financial and technology institutions.

Radhika is an experienced Public Speaker and Advisory Board Member. She is currently serving on the Advisory Board of Sightline Security and ThriveDx (formerly known as HackerU). Radhika has been a session speaker, panelists in various industry events and seminars organized by multiple renowned institutions such as ISACA Global, Northeast Annual Cybersecurity Summit (NEACS), NYU School of Law, NYU Tandon School of Engineering, ISACA New York Chapter, Apex Assembly and BFSI CISO Gala.

Radhika was recently awarded the “Women In Technology” Spotlight award by ISACA New York Chapter for her work as mentor to the women in technology industry and active involvement in various volunteering initiatives including multi-year participation in the judges panel of annual Cybersecurity competition aimed to build the talent pipeline in Cybersecurity. Radhika strongly believes in her role in the overall Diversity, Equity & Inclusion (DEI) initiatives which women like her can bring to the workforce. Radhika’s motto in life has been, “the difference between dreams and goals is that you need to work to achieve your goals.”

Close

Geoffrey Brown, Vice President, Global Intelligence Platforms, Recorded Future

Geoffrey Brown is currently the Vice President of Global Intelligence Platforms at Recorded Future. Previously, he was appointed Chief Information Security Officer for the City of New York in 2016, a position focused on cybersecurity and aggregate information risk across all 100+ NYC departments and agencies. In July 2017, Mayor de Blasio established New York City Cyber Command, led by Geoffrey and charged with setting Citywide cybersecurity policies; directing response to cyber incidents; and advising City Hall, agencies and departments on the City’s overall cyber defense.

Prior to joining City government, Geoffrey worked in financial services, developing and operating threat management disciplines including threat intelligence, detection, response and countermeasures. Geoffrey also served in the federal government, including work with the National Commission for Terrorist Attacks upon the United States (the 9/11 Commission), supporting the investigation’s work with the first responder community in NYC. Geoffrey is a graduate of Middlebury College.

Close

Devon Bryan, Global Chief Information Security Officer, Carnival Corporation

Devon Bryan joined Carnival Corporation in October 2021 as the Global Chief Information Security Officer with responsibilities for conceiving, implementing and leading technology solutions that assure compliance, protect personal data and corporate assets, increase organizational capability and advance productivity within Carnival Corporation and our world-leading cruise line brands.

Prior to Carnival Corporation, Devon was  Managing Director, Chief Information Security Officer, MUFG Union Bank N.A where he was responsible for establishing and maintaining a comprehensive information security strategy and program to ensure that information assets and technologies are appropriately protected. He is also responsible for ensuring that information security risks are identified, evaluated, mitigated, and reported in a manner that meets compliance and regulatory requirements and aligns with the risk tolerance for MUFG in the Americas region.

Most recently, he  served as the CISO for KPMG LLC — one of the world’s big four accounting organizations — for the United States and the Americas, where he was charged with effectively designing and executing a best-in-class information and data security function with a proactive approach to enable business results.

Prior to KPMG, Devon was the Executive Vice President and Chief Information Security Officer for the National IT Organization of the Federal Reserve System.   As the System-level CISO, he was responsible for ensuring the Fed’s information security policies, architecture, programs and incident response team remain effective and efficient.  Prior to the Fed, Devon was the Global Chief Information Security Officer (CISO for Fortune 500 outsourced payroll and human resources provider ADP.  As Global CISO for ADP, Devon led ADP’s information security strategy, collaborating across the company’s geographically dispersed business operations to ensure coordination, consensus, and effective cybersecurity protections across global operations. Prior to joining ADP in 2011, he served as the Deputy Chief Information Security Officer (CISO) for the Internal Revenue Service (IRS) where he was appointed to the Senior Executive Services (SES) and directed the IRS’s FISMA-compliant information security program and the IRS’s cybersecurity incident response team.  His information security career began in the U.S. Air Force, where he served as a Captain and lead network security engineer working on systems and programs to protect the critical network and communications networks of the Air Force’s Air Combat Command.

Devon is Co-founder of ICMCP (International Consortium of Minority Cybersecurity Professionals), a 501c3 non-profit which he launched in 2014 and geared toward improving the underrepresentation of women and minorities in the field of cybersecurity through academic scholarships, certifications, mentoring and networking opportunities.

Devon received a Bachelor of Science, Applied Mathematics from South Dakota Technological University and a Master of Science, Computer Science from Colorado Technological University, graduating Summa Cum Laude.  He holds multiple cybersecurity certifications to include:  CISSP, CIPP/US and CIPP/EU, serves on several non-profit boards and participates in select industry forums as a sought-after speaker and writer on emerging cyber security trends and issues. LinkedIn Profile: http://linkedin.com/in/devon-bryan-a89045

Prior roles include: Managing Director, CISO – MUFG Union Bank N.A; Managing Director, CISO – KPMG US & Americas Ltd; Executive Vice President and Chief Information Security Officer – Federal Reserve System; Vice President, Global Technical Security Services (CISO) – ADP; Deputy Associate CIO Cybersecurity – IRS

Close

Una Dean, Assistant General Counsel and VP, Head of Global Investigations, IBM

Una A. Dean is currently the Head of Global Investigations, Assistant General Counsel and VP at IBM.

Prior to joining IBM, Una was a partner in Fried Frank’s White-Collar Defense, Regulatory Enforcement & Investigations and Cybersecurity Practices, resident in the New York office.

Una concentrated her practice on white collar criminal defense, internal investigations, cybersecurity and related civil litigations. She represented public, multinational corporations and financial institutions in conducting internal investigations involving allegations of fraud and other misconduct. She also routinely advised corporate clients on issues relating to cybersecurity corporate governance, cyber preparedness and incident response.

Prior to joining Fried Frank, Ms. Dean served as an Assistant United States Attorney (AUSA) for the Eastern District of New York (EDNY) from 2010-2017 where she investigated, prosecuted and tried some of the EDNY’s most important and high-profile cases across a wide spectrum of practice areas, including money laundering, securities fraud, trade sanctions, and cybercrime. Notably, she secured convictions in seven jury trials and successfully argued numerous cases for the United States Court of Appeals for the Second Circuit

Close

Christopher R. Hetner, Expert Advisor, Institute for Defense Analyses

Chris Hetner is a Senior Executive, Board Director, and leader in Cybersecurity recognized for raising cyber risk to the Corporate Board level in order to protect industries, infrastructures, and economies. He creates operational resilience by aligning robust Cybersecurity strategies with business objectives. Mr. Hetner’s professional judgment combined with a public company perspective and SEC regulatory and investor oversight experience has led to his success in corporate and government roles. Currently, he is an Expert Advisor to the Institute for Defense Analyses (US Dept. of the Treasury), the Special Advisor for Cyber Risk for the NACD, and a National Board Member of the Society of Hispanic Professional Engineers. Identifying potential risks and initiating solutions that can be replicated across industries is a hallmark of his career.

Throughout his career, Mr. Hetner has created and launched Cybersecurity programs in the public and private sectors. As business functions transfer to the cloud, he has consistently elevated the issue of enterprise-wide preparedness and continuity to Boards and Executive Management teams. The Covid-19 global pandemic has magnified cyber risks across sectors. Based on the growth of the distributed workforce and the increase in the prevalence of bad actors, the threat and severity levels of cyber breaches have become a security and operational resilience priority. According to the 2018 SEC Cyber guidance on board oversight responsibility, Mr. Hetner is primed to discharge his in-depth knowledge and experience in line with heightened regulatory and investor expectations in an executive role.

He served as the Senior Cybersecurity Advisor to the Chair of the United States Securities and Exchange Commission and as Head of Cybersecurity for the Office of Compliance Inspections and Examination at the SEC. He also represented the Chair of the SEC as a senior member of the US Department of the Treasury Financial Banking Information Infrastructure Committee. His greatest contributions included vision for and implementation of the first agency wide Cybersecurity governance structure, threat intelligence program, and incident response capabilities. The Cybersecurity framework he implemented improved the National Examination Program’s ability to monitor and respond to Cyber risks and threats across the US Securities market.

Mr. Hetner has also led efforts across financial, regulatory, and government agencies to enhance Cybersecurity coordination in the financial services sector. He successfully led diverse teams, in multiple global locations, through transformative thinking about cyber-risk management, Cybersecurity policy, and regulatory compliance to embrace change and become cultures of action and collaboration. He established governance and risk management structures aligned with strategy and business objectives, while integrating resilience into corporate DNA.

Mr. Hetner’s thought leadership is actively sought by governments, private and public entities, industry associations, and media outlets as the threats to critical infrastructure and economies increase. Throughout his career he has shared his professional expertise by mentoring students at Columbia University, New York University, Fordham School of Law, and Pace University.

He is a Certified Information Security Manager (ISACA), Certified Information Systems Security Professional (ISC2 ), and holds a high-level USA security clearance. Mr. Hetner earned a MS, cum laude, in Information Assurance from Norwich University and a BS in Security Management from John Jay College of Criminal Justice.

Close

Peter Keenan, CISO, Lazard

Peter is the Chief Information Security Officer (CISO) at Lazard where he is responsible for the global information security strategy and program at one of the world’s preeminent financial advisory and asset management firms with operations in 43 cities across 27 countries. Prior to Lazard, Peter was with Citigroup’s global information security team serving as the Head of Information Risk Governance, where he led the team that was responsible for Information Security Policy globally. His experience also includes 6 years as a Director with PricewaterhouseCoopers’ Threat and Vulnerability Management advisory practice and over a decade founding and operating a publicly traded technology consultancy that specialized in designing, building, and operating secure high availability data centers and networks around the world for military, intelligence, and commercial clients.

Close

Thien La, Vice President, CISO, GHX

Thien La is currently Vice President and Chief Information Security Officer (CISO) at GHX. Previously, Thien worked for Humana as Vice President, Cyber Security Innovation, Architecture, Engineering and Technology Delivery. Thien was responsible for leading Humana’s core security architecture and innovation and, engineering support for many security technologies.

Thien was previously the Chief Information Security Officer (CISO) at Wellmark Blue Cross Blue Shield. He joined Wellmark in 2016 as Vice President and CISO where he was responsible for cyber security strategy and the operational effectiveness of information security controls across the enterprise.

Previously, Thien served as Senior Vice President, Business Information Security Officer for Global Banking and Markets at Bank of America where he headed a global information security team supporting more than 50,000 users. He was also responsible for information security in Latin America (11 countries) and Canada. He also has experience at SunGard Data Systems as Vice President, Global Head of Application Risk Management and Business Continuity, and more than 10 years at Goldman Sachs as a Vice President in Technology Risk where he held various leadership positions in cybersecurity and risk management.

Thien was a board member of the Health Information Sharing and Analysis Center (Health-ISAC) where he currently serves as co-chair of the Software Security Working Group. He was also an active member of the Amazon Web Services CISO Council.

Thien earned a B.A.Sc., Computer Engineering specializing in Communication Systems from the University of Toronto. Thien is based in Washington, D.C.

Close

Erez Liebermann, Partner, Linklaters

Erez is currently Partner at Linklaters. He was previously Prudential’s chief counsel on cybersecurity and privacy matters. He led a team on a wide range of cybersecurity and privacy legal, policy and investigative matters. Erez served as primary counsel to the Chief Information Security Officer, Chief Privacy Officer, and IT Risk on information security and privacy matters. In this role, Erez also oversaw the High Tech Investigations Unit. Together with the Information Security Office and IT Risk, Erez worked closely to review the enterprise’s cybersecurity program and update executive management on the enterprise’s program. Erez also served as a point of contact to regulators and law enforcement on cyber security matters and provides updates to the enterprise on the regulatory and threat landscape. Erez also worked on response planning for a cybersecurity and privacy incidents including technical and business oriented tabletop exercises. Through his work with the High Tech Investigations Unit, Erez oversaw investigations into cyber incident response, cyber crimes, privacy breaches, and intellectual property theft, as well as E-Discovery production and computer forensics.

Erez previously led Prudential’s Corporate Investigations Division (CID), which consists of attorneys and investigators responsible for investigations relating to internal and external fraud, regulatory matters, employee misconduct, and sales practice.

Prior to joining Prudential Financial in February 2014, Erez spent 10 years as a federal prosecutor. He served as Deputy Chief of the Criminal Division at the U.S. Attorney’s Office, District of New Jersey, and Chief of the Computer Hacking and Intellectual Property Section. Additionally, Erez oversaw the white collar units, including Economic Crimes, National Security, Healthcare and Money Laundering. He was the lead prosecutor on numerous cyber, securities, and fraud matters, including United States v. Drinkman, the largest credit card data breach investigation and prosecution to date, involving the theft of over 160,000,000 credit and debit card numbers. Albert Gonzalez was sentenced to 20 years imprisonment for his role in the conspiracy.

Erez is the recipient of numerous awards, including the Attorney General’s Award for Distinguished Service, numerous letters of recognition from the Director of the Federal Bureau of Investigations, and Prosecutor of the Year Award by the Federal Law Enforcement Foundation.

Erez is a frequent lecturer on cybercrime, privacy, and fraud. He previously taught Cybercrime Law at Rutgers University School of Law.

He graduated from the University of Virginia with a degree in Aerospace Engineering. He received his law degree from Columbia University Law School.

Close

Amy Man, VP, Cybersecurity Risk Management, First Hawaiian Bank

Amy is currently the Vice President of Cybersecurity Risk Management at First Hawaiian Bank.

Previously, Amy was the AVP and Cyber Resiliency Manager at the Federal Reserve Bank of New York, where she was responsible for developing strategies that aimed to increase the cyber resiliency posture of the Federal Reserve’s most critical systems. Amy is a highly experienced public service professional with over 15 years of knowledge in cybersecurity policy development, assessments and training. Prior to joining the Federal Reserve, Amy was part of the National Security Agency working on offensive cyber tactics. Amy holds a Bachelor of Science in Computer Science from Polytechnic University and a Master of Science in Computer Science from Johns Hopkins University.

Close

Stacey Romanello, Regional Information Security Officer (RISO), Royal Bank of Canada

Stacey Romanello has over 18 years of global experience in the risk management and cyber security industries, implementing multimillion-dollar strategic initiatives, and defining and implementing successful risk and cyber solutions for global financial institutions. She is currently the Regional Information Security Officer at Royal Bank of Canada (RBC), responsible for driving the cyber strategy in the US, Canada and Caribbean, providing regional input into the overall cyber vision, supporting regulatory and operational cyber security processes, and ensuring RBC assets and technologies are protected.

Close

Thomas Quinn, VP & CISO, T. Rowe Price

Tom Quinn is Head of Enterprise Security for T. Rowe Price and serves as the firm’s Chief Information Security Officer.  He is responsible Cyber and Information Security strategy and execution.   Before joining T. Rowe Price, he was Managing Director and Technology Controls Officer for JPMC Consumer and Community Banking.  Previously, Tom was Managing Director, Chief Information Security Officer for BNY Mellon and Senior Vice President, Chief Information Security Officer for State Street Corporation.  He also managed both Infrastructure and Application Security teams at Goldman Sachs.

Tom earned a B.A. in Political Science from Old Dominion University and a M.S. in Information Technology Management from Naval Postgraduate School.   Tom has over 20 years of technology and cyber security experience in Financial Services, has served as a US Navy Officer during combat operations, is a Certified Information Security Manager (CISM) and a Board Member for Advanced Cyber Security Center.

Close

Phil Venables, VP – Google, CISO, Google Cloud

Phil leads the firm’s Operational Risk Management & Analysis function. He is a member of the Firmwide Risk Committee, Firmwide Technology Risk Committee, Firmwide Operational Risk Committee and Global Business Resilience Committee. Previously, Phil served as Chief Information Risk/Security Officer and Head of Technology Risk. He joined Goldman Sachs as a vice president in London in 2000 and transferred to New York in 2001. Phil was named managing director in 2003 and partner in 2010. Prior to joining the firm, he was Chief Information Security Officer at Deutsche Bank and also functioned as the global head of Technology Risk Management for Standard Chartered Bank. Before that, Phil served in various technology, network management and software engineering roles at a number of finance, energy, and defense organizations. Phil serves on the Executive Committee of the US Financial Services Sector Coordinating Council for Critical Infrastructure Protection, is co-chair of the Board of Sheltered Harbor, and is a member of the boards of the Center for Internet Security and the NYU Tandon School of Engineering. He is also an advisor to the cyber-security efforts of the US National Research Council, the Institute for Defense Analyses and a US intelligence agency. Phil is a member of the Council on Foreign Relations. Phil earned a BSc (Hons) in Computer Science from the University of York and an MSc in Computation and Cryptography from the Queen’s College at Oxford University. He was awarded the designation of Chartered Engineer in 1995 and Chartered Scientist in 2002 and was elected a Fellow of the British Computer Society in 2005.

Close

Ariel Weintraub, CISO, MassMutual

Ariel Weintraub is currently the Chief Information Security Officer (CISO) at MassMutual. Prior to joining MassMutual, Ariel served as the Senior Director of Data & Access Security within Cybersecurity Operations.  In this role, she was responsible for the Data Protection and Identity & Access Management (IAM) programs and led a three-year business transformation program to position IAM as a digital business enabler. Ariel first joined TIAA in 2015 as a Senior Manager within IT Risk & Information Security. In that role, she managed the Treatment & Vulnerability Remediation teams under Cyber Risk.

Prior to TIAA, Ariel held the position of Global Head of Vulnerability Management at BNY Mellon where she developed and led the Vulnerability Management function and designed a cross-department Information Security Metrics program. Ariel joined BNY Mellon during the inception of the Chief Information Security Officer (CISO) organization and played a critical role in laying the foundation for many of the security compliance functions including Mobile Device Security, Endpoint & Host Compliance, and Secure Configuration Management. Prior to her role at BNY Mellon, Ariel was part of the Threat & Vulnerability Management practice at PricewaterhouseCoopers (PwC) where she was responsible for performing Penetration Tests, Security Risk Assessments, and Payment Card Industry (PCI) compliance assessments for a variety of Financial Services clients.

Ariel holds a Master of Science in Cybersecurity from New York University (NYU) Tandon School of Engineering and a Bachelor of Science in Business Administration from the University of Southern California (USC) Marshall School of Business. Ariel has a passion for empowering women, especially the next generation of female cybersecurity leaders.

Close