North American Information Security Summit

Phil is a Strategic Security Advisor at Google, specializing in supporting Google Cloud, Cybersecurity and AI for companies and governments at all scales, globally. Prior to this Phil was the first Chief Information Security Officer of Google Cloud, from 2000 to 2025, where he built the risk, security, compliance, and privacy teams. Before joining Google, he was a Partner at Goldman Sachs where he held multiple roles over a long career, initially as their first Chief Information Security Officer, a role he held for 17 years.

In subsequent roles, Venables was Chief Operational Risk Officer, an operating partner in their private equity business and a Senior Advisor to the firm’s clients and executive leadership on cybersecurity, technology risk, digital business risk, and operational resilience. In addition to this, he was a Board Director of Goldman Sachs Bank. Before Goldman Sachs, Venables held multiple Chief Information Security Officer roles, and senior engineering roles across a range of finance, energy, and technology companies. He has been honored with many distinctions and awards most recently, in 2024, being inducted into the Chief Security Officer Hall of Fame.

Outside of Google, Venables serves on the boards of the NYU Tandon School of Engineering, the NYU Stern Business School Volatility and Risk Institute, the Information Security and Privacy Advisory Board of NIST, the Security and Technology Advisory Board of MITRE, and is a member of the Council on Foreign Relations. From 2021 to 2025 he served on the President’s Council of Advisors on Science and Technology at The White House where he drove multiple initiatives from cyber-resilience, the future of AI, through to improvements in scientific communications.

Tim is SVP, Global Cyber Defense and Security Engineering for United Health Group.  His team and he are responsible for defending the Fortune 4 from cyber threats. Previously Tim was CSO for Mandiant where he and his team got to defend Mandiant and Google Cloud from some of the most sophisticated adversaries in the world. Tim has 40 years in the technology space, starting his professional career in 1984, and has been privileged to work in security since 1994. Over the course of these years he’s had the opportunity to work in all aspects of cyber security and has a particular passion for cyber threat intelligence, reverse engineering, and incident response and breach investigation. He’s also authored or co-authored 17 books to date as well as spoken frequently internationally at some of the largest cyber security conferences in the world. Ultimately, Tim has a passion for finding and developing talent as he believes that leaving the world a little better than we found it is everyone’s responsibility.

Nasrin Rezai is senior vice president and Chief Information Security Officer for Verizon. She is responsible for setting information security strategy, policy, standards, architecture and processes. Rezai and her team work with and across Verizon’s business units to protect its customers and its leading networks.

Prior to joining Verizon, Nasrin held the position of Global Chief Information and Product Cyber Security Officer at GE. She was responsible for all aspects of cyber security strategy and operations for GE products and enterprise, including incident response, threat intelligence, security services, architecture, commercial OT security, and regulatory & compliance.

Her previous roles include Global CISO for GE Capital and head of Corporate Governance, Technology Risk and M&A security, for the industrial GE businesses. Prior to GE, she served as SVP, Chief Tech. Risk Officer in the Enterprise Risk Management Organization at State Street and as CTO of Security at Cisco Systems.

Throughout her career, Nasrin has promoted engineering and architecture in designing security solutions for large enterprises. She is passionate about helping others develop their potential, and mentors many young men and women. She holds a master’s degree in business administration and a bachelor’s degree in information systems. She also holds an Executive Certification from Harvard and Cambridge.

Nasrin lives with her family in New York City.

Garima Maheshwari is Vice President of Information Security and Risk Management (ISRM), Business Information Security Officer (BISO) for Johnson & Johnson Innovative Medicine. She leads a global organization responsible for information security and risk management activities for Innovative Medicine Commercial, R&D and Supply Chain areas with a focus on Digital Trust, ensuring that we protect our innovation, secure our products & drive resilience of our supply chain and enable availability, integrity, and confidentiality of company assets. Garima also has responsibility for Operational Technology (OT) Security for Johnson & Johnson. Garima is responsible for the Innovative Medicine business’s cybersecurity strategy and direction, working closely with senior leaders to identify and prioritize cybersecurity solutions and oversee the consistent implementation of business solutions in a secure manner. Garima started her career at Johnson & Johnson and has held roles of increasing responsibility in Business Technology, Risk Assurance, and Information Security across Consumer, MedTech, Shared Services and Innovative Medicine. Garima is passionate about talent development and is a mentor and sponsor of diverse talent through both formal and informal programs and channels. She is also an active contributor across industry cybersecurity working groups and forums. Garima holds a Master of Science degree in Computer Science from the New Jersey Institute of Technology and a bachelor’s degree in English and Economics.

Sherrod DeGrippo is Director of Threat Intelligence Strategy at Microsoft. She was selected as Cybersecurity woman of the year in 2022 and Cybersecurity PR Spokesperson of the year for 2021.

Previously, she was VP of Threat Research and Detection at Proofpoint, where she led a global team of threat researchers, malware reverse engineers, and threat intelligence analysts. Her career in cybersecurity spans 19 years with prior roles including leading Red Team Services at Nexum, senior solutions engineer for Symantec, senior security consultant for Secureworks, and senior network security analyst for the National Nuclear Security Administration (NNSA).

She is a frequently cited threat intelligence expert in media including televised appearances on the BBC news, and commentary in the Wall Street Journal, CNN, New York Times, and more. Having presented at Black Hat, Tech Crunch Disrupt, B-Sides Atlanta, RSA conference, RMISC, BrunchCon, and others, Sherrod is a well known public speaker. Currently Sherrod hosts THE Microsoft Threat Intelligence podcast.

In her personal time, Sherrod spends time with her rescue dog Boris Karloff.

Abie has 25 years of experience in technology, risk, and cybersecurity for complex, multi-stakeholder environments in public and private enterprises. Abie has built cyber programs over several years as a CISO, consulted for many companies, and worked with nationally recognized leaders across the cyber security industry. His recent work has involved rapid cyber and technology transformation of innovative global companies and startups, guiding business resilience and post-breach crisis recovery.

Abie holds a bachelor’s degree in computer science from the University of North Texas and an MBA from Indiana University. He is also a Certified Information Systems Security Professional (CISSP).

Eric is a highly innovative, versatile, and dynamic executive leader with over 20 years of experience in Cybersecurity, Technology Controls, and Third Party Risk Management in the Financial Services Industry, primarily at Global Systemically Important Banks (G-SIBs).

In his current capacity, Eric is the US Chief Information Security Officer (CISO) for TD Bank, America’s Most Convenient Bank (AMCB) and TD Securities (TDS), and is based in Wilmington, Delaware. Prior to joining TD, Eric was the Supplier Assurance Services Executive at JPMorgan Chase & Co., where his organization was responsible for the assessment, continuous monitoring, and third party risk management activities for a highly complex supply chain with teams positioned across the globe. Eric also served as the Head of Cybersecurity for Chase Consumer and Community Banking (CCB), the North America Consumer Bank Group Information Security Officer (GISO) at Citi, and held progressive cybersecurity leadership roles at Bank of America.

Eric is a champion for Diversity, Equity and Inclusion (DE&I) both inside and outside of the organization, including previously serving as the Head of DE&I for Global Supplier Services at JPMorgan Chase & Co., and supporting innovative programs enabling minority suppliers to become cyber-ready to do business within the Financial Services Industry.

Eric is active in the community through board service, and currently serves as the Vice Chairman of the Board for the Delaware Community Reinvestment Action Council (DCRAC). He also serves as the Financial Services representative on the Delaware Cybersecurity Advisory Council, appointed by Governor John Carney in 2018.

Jeff Northrop was recently promoted from Chief Information Security Officer for Mars Petcare into his current role as Chief Information Officer for Mars Wrigley North America. Mr. Northrop joined Mars, Incorporated in May 2019 as Director, Security CoE where he established an OT security program, operationalized the data protection program, and managed Security Architecture before assuming the CISO role for Mars Petcare.

Prior experiences include positions as Security Officer for Liberty Mutual, CTO for the IAPP, and Head of Technology for Reed Elsevier. Mr. Northrop lives in Maine where, along with his wife, he has raised two boys. He now spends his free time hiking, tending to his gardens, and spoiling his cat and chickens.

Michael Elmore holds the position of SVP, Global Chief Information Security Officer (CISO) at GSK.  Prior, he was the CISO for Haleon, GSK’s Consumer Healthcare business, which was divested in 2022. In this role, Michael was responsible for successfully standing up the dedicated Cybersecurity Office for the new company spinout.

Before GSK, Michael was the Chief Experience Officer for Cisco’s $15B Enterprise Networking & Security Business Unit, and before Cisco, he was the Global CISO at Cigna Healthcare (Fortune 15).

Michael is a forward leaning technologist and has spent his entire career building and leading technology teams across several functional areas, including Cyber Security, IT infrastructure, Application Development, Contact Center and Collaboration. He has executive experience on both the customer and vendor sides of the table, leading large Infrastructure and Cyber Security transformations at UnitedHealth Group, Cigna, and GSK as well as driving the customer experience transformation towards a software-first, subscription-based business at Cisco. He has a proven track record of execution through M&A and insourcing transitions, improving security, compliance and driving cost optimization, while leading distributed teams in fast evolving global markets, including China and India.

Michael regularly advises venture capital firms and early to mid-stage startups that focus on IT infrastructure, Enterprise Software and Cyber Security advancements.  He currently serves as an Independent Board Director at Graphiant (Sequoia backed) and a board observer for Selector.ai.

Michael holds a B.S. and double major in Information Network Management and Marketing from the University of Minnesota.  A former college hockey player, he is passionate about sports and continues to play and coach youth hockey. He is also an avid runner and an active board member with the Special Olympics.  He and his wife Jennifer have two children, Ellie (16) and Landon (12).

Nate Vanderheyden is an Executive Director and Deputy CISO for the U.S. Banks at Morgan Stanley.

Mr. Vanderheyden is responsible for the evaluation and evolution of banking systems to enhance cyber resiliency and defensive measures. He started at the firm in 2018 on the Wealth Management Cybersecurity team in direct support of Global Banking Technology and the Private Bank.

Prior to joining Morgan Stanley, Mr. Vanderheyden served for 11 years in the U.S. Marine Corps and was deployed to Iraq and Afghanistan. His last six years of duty were spent at the National Security Agency (NSA), where he conducted and led a team performing computer network operations, advised senior government officials, and authored multiple policy documents shaping cyberspace operations in support of the U.S. Intelligence Community and national security objectives.