Robert J. Darling
10:00 am - 10:50 am
On 9/11, I supported the White House response from the underground White House bunker known as the PEOC, witnessing firsthand the demands of crisis leadership. "Leading in Times of Uncertainty" explores how leaders like Vice President Cheney and National Security Advisor Rice made urgent decisions with limited information. The experience underscores traits essential in any crisis: clear communication, adaptability, and moral courage. Drawing parallels to IT professionals, the presentation provides a framework for responding under pressure, emphasizing preparedness, real-time strategy shifts, and decision-making amid uncertainty.
Lieutenant Colonel Robert “Bob” Darling (Ret.) completed over 20 years of active-duty service with the U.S. Marine Corps in 2007. He flew attack helicopters in Desert Shield/Desert Storm and supported Operation Restore Hope in Somalia. Selected in 1998 as a presidential pilot with Marine Helicopter Squadron One, he later joined the White House Military Office’s Airlift Operations Department, supporting the President, Vice President, and National Security Advisor in the President’s Emergency Operations Center on September 11, 2001. Bob is President and CEO of Flash Emergency Management, a crisis leadership training and technology company. A sought-after speaker on crisis leadership and decision-making, he has addressed Harvard’s Kennedy School, the FBI National Academy, and numerous academic, government, and military organizations. He is the author of 24 Hours Inside the President’s Bunker and a contributing author to the Routledge Companion on Security and Risk in Business.
Stephanie Schneider
11:00 am - 11:50 am
In today’s threat landscape, credential-based attacks and geopolitically driven cyber campaigns are persistent and evolving. This session shows how organizations can shift from reactive defense to proactive security by operationalizing Cyber Threat Intelligence (CTI) and AI-driven automation to anticipate identity-based threats. Stephanie Schneider will share real-world cases where CTI enabled early detection of credential leaks and geopolitical warning signals, helping organizations strengthen Identity and Access Management (IAM) and adjust security posture. Attendees will learn to embed CTI into IAM, automate response, and align intelligence with business risk.
Stephanie is passionate about raising awareness of cybersecurity challenges, blending strategic analysis with a deep understanding of how geopolitical trends influence current threats. In her current role as cyber threat intelligence analyst at LastPass, she tackles emerging threats, provides insights and actionable intelligence, and monitors significant events in the cybersecurity landscape. Prior to joining LastPass, Stephanie served as strategic cyber threat intelligence nation-state lead at Bank of America for over four years and consulted for the Congressional Research Service on Russian hybrid warfare. Stephanie is a graduate of George Washington University’s Elliott School of International Affairs (MA) and St. Edward’s University (BA).
Brandon Finton
1:00 pm - 1:50 pm
Penetration testing is often treated as a technical checkbox or annual compliance task, with findings reviewed briefly and then forgotten. This session challenges that approach by showing how pen test results should be integrated into an organization’s GRC program. Through real-world examples, we’ll show how technical issues often reflect deeper governance failures like weak policies or poor change control. Attendees will learn how to map findings to risk, track them through governance, and communicate them in business terms. We’ll also define stakeholder roles to ensure issues aren’t just patched—but prioritized and managed at the right level.
Brandon Finton is an experienced cybersecurity professional with over 20 years in technical and leadership roles across healthcare, finance, education, defense, and manufacturing. He specializes in risk management, compliance, and penetration testing with deep knowledge of standards such as HIPAA, PCI DSS, CMMC, and NIST frameworks. Brandon holds a master’s in Telecommunications and Network Management from Syracuse University and a bachelor’s in Business Administration from RIT. He is a CISSP, CISM, and speaks regularly at security conferences and industry events.
Mark Christman
2:00 pm - 2:50 pm
Governance, for all the hype, is straight forward and simple. That doesn't mean 'easy'. We'll peel away all the extras and get to basics about what Governance is, and what all governance frameworks will have in common regardless of context. This talk will help build the foundation to build a solid governance framework on.
Mark formed many of his ideas about governance over the 20 years working for Xerox. Most recently, the past four years with Microsoft have been focused on teaching and consulting about IT Service Management, Governance, and Adoption. Although Mark's background is infrastructure, he can talk security and compliance.