Susan O'Sullivan (Moderator), Linda Weller, Annette Warren, and Mehruz Kamal
10:00 am - 10:50 am
This dynamic roundtable brings together local IT leaders, educators, and emerging professionals to explore the future for women in tech. Through a moderated discussion covering leadership, barriers, opportunity, and equity, panelists will share insights and personal stories to inspire change. Attendees will hear data-driven context, rapid-fire reflections, and audience Q&A—leaving with actionable takeaways and resources to support women’s advancement in IT.
Following a 20-year career at Ingram Micro, Susan O’Sullivan is now the President of S0S – Strategies, Opportunities & Solutions in Buffalo. She has over 30 years’ experience as a thought leader, driving digital transformation, business growth and inclusive leadership.
With a belief that IT should be both a business and a people-oriented organization, Linda Weller has guided Info Advantage toward its continued success as a top-tier information technology service firm in Rochester. Her leadership as President combines strategic insight with a genuine passion for maintaining a workplace that is both high-performing and human-centered.
With a lifelong passion for business and people, Annette Warren leads iSECURE with integrity, vision and a unique perspective shaped by her family and business roots. As President, she is known for building strong client partnerships and tackling challenges head-on, guiding iSECURE to become a Top 100 Rochester company.
Mehruz Kamal, PhD is Chair and Associate Professor of the Department of Computing Sciences at SUNY Brockport. She previously worked as a software engineer for Motorola and is currently involved in the IS/T research community, where she focuses on Information Technology for Development, investigating how IT can help bring about both social and economic development of a community.
John D. Flory III
11:00 am - 11:50 am
Join us for Breach Response in Real Time, an interactive incident response simulation that puts you in the middle of a live cyberattack scenario. Through video storytelling and expert-led discussion, you'll make key decisions as a breach unfolds. Explore third-party risk, public notification, damage control, malware containment, and more. This hands-on tabletop exercise challenges assumptions, sparks new strategies, and prepares your team for real-world threats. Ideal for IT leaders, executives, and security professionals.
John D. Flory III is a recognized cybersecurity expert with 25+ years of hands-on experience combating real-world cyber threats. He’s collaborated globally with law enforcement to disrupt cybercrime, leading to arrests, extraditions, and victim restitution. A featured keynote speaker and thought leader, John has been published in major industry outlets and presented at top conferences including DHS, NYSBA and Symantec. He’s a proven leader, former Partner at TAG Solutions, Co-Founder of Cyberstone, and currently serves as CISO at Harbor IT and creator of HarborShield Cybersecurity.
Alicia Gristmacher
1:00 pm - 1:50 pm
Traditional third-party risk management often relies on basic compliance checks, missing critical risks. This session introduces subjective and deductive reasoning methods within the MITRE ATT&CK framework to deeply assess vendor security. Real-world examples illustrate how these techniques effectively uncover hidden vulnerabilities and strengthen proactive risk management.
Alicia Gristmacher, Manager of IT Vendor Risk Management at Hyatt Hotels Corporation, leads the global Third-Party Risk Management program with 25 years’ experience in vendor risk, cybersecurity compliance, and information security. She oversees the full vendor lifecycle, from onboarding and risk assessments to continuous monitoring and incident response. Known for automating processes, improving efficiency, and aligning governance with industry standards, Alicia holds CRVPM and C-VMPRA certifications. She excels in communicating complex risks to executives, managing vendor-related cyber incidents, and fostering cross-functional collaboration. A speaker at ISC2 Security Congress and RH-ISAC events, she drives innovation, ensures compliance, and safeguards Hyatt’s vendor ecosystem while enabling strategic growth.
Jason Taylor
2:00 pm - 2:50 pm
This presentation covers how to create a practical disaster recovery plan to quickly restore operations after a widespread or severe service disruption. Organizations often struggle to create usable disaster recovery plans due to limited visibility into their infrastructure or the assumption that disaster recovery preparedness is cost prohibitive. We’ll break down these barriers by sharing an approachable, methodical strategy for creating a disaster recovery plan. You’ll learn about the disaster handling lifecycle, backup strategies, recovery priorities, and more. We’ll also examine a disaster recovery plan template adaptable for your organization.
Jason is the Senior Cybersecurity Program Analyst at Sedara, a Buffalo-based MSSP. He specializes in helping organizations build holistic, sustainable cybersecurity programs achievable for their resources and risk tolerance. Disaster recovery planning is one of his favorite aspects of a cybersecurity program because it brings together technical and non-technical stakeholders for a shared goal: ensuring the organization can continue to operate. Prior to joining the cybersecurity field Jason was a social studies educator in the Rochester City School District.