Conference: Governance, Risk and Compliance

James Routh, CISM Chief Information Security Officer The Depository Trust & Clearing Corporation Jim Routh has over 20 years of experience in information technology and information security as a practitioner, management consultant and leader of technology functions and information security functions for global financial service firms. Jim designed and implemented an enterprise wide information security program for the Depository Trust and Clearing Corporation (DTCC) based on risk management best practice, COBIT and ISO 27001 standards. He implemented an information security risk assessment process and an innovative security program for application development and vendor management. Prior to joining DTCC he was the first CISO for American Express and responsible for the implementation of an enterprise wide implementation of GLBA specific controls and practices for two different banking entities in North America. Prior to that, he led a customer information management function within Risk Management for the US card businesses for American Express. Prior to that he led the information technology function for the Institutional Services and Investment Management businesses for American Express Financial Advisors. Mr. Routh was a management consultant in information technology for dozens of leading financial service firms for over 12 years.

Jennifer Mack is a Vice President, in the MasterCard Worldwide Payment System Integrity group. In this role, she is responsible for developing and delivering a multi-faceted global approach for education and training based on the Payment Card Industry Data Security Standard. In addition to her MasterCard role, Ms. Mack is also Chairperson for the PCI Security Standards Council Marketing Working Group which is compromised of MasterCard and other leading payment brands. . Before joining MasterCard, she spent 12 years in the field of technology specializing in data security and is a subject matter expert within the Payment Card Industry where she held positions in product architecture and development, marketing, quality assurance and technical sales support. She has worked for major telecommunication and technology companies including Cybertrust/Verizon Business, TruSecure, and MCI Telecommunications.

James Routh, CISM Chief Information Security Officer The Depository Trust & Clearing Corporation Jim Routh has over 20 years of experience in information technology and information security as a practitioner, management consultant and leader of technology functions and information security functions for global financial service firms. Jim designed and implemented an enterprise wide information security program for the Depository Trust and Clearing Corporation (DTCC) based on risk management best practice, COBIT and ISO 27001 standards. He implemented an information security risk assessment process and an innovative security program for application development and vendor management. Prior to joining DTCC he was the first CISO for American Express and responsible for the implementation of an enterprise wide implementation of GLBA specific controls and practices for two different banking entities in North America. Prior to that, he led a customer information management function within Risk Management for the US card businesses for American Express. Prior to that he led the information technology function for the Institutional Services and Investment Management businesses for American Express Financial Advisors. Mr. Routh was a management consultant in information technology for dozens of leading financial service firms for over 12 years.

Khalid is a leading expert in the areas of information security services, strategy and IT GRC (Governance Risk and Compliance). Khalid's research focuses on building and maintaining effective security programs and making (CISOs) Chief Security Officers more successful in their role. . His research focuses on the strategies, operational processes, and organizational structures for developing and maintaining effective security programs. Khalid covers information risk management, information security strategy, best practices and metrics. He also covers security governance topics such as roles and responsibilities, policies, awareness, training and reporting for the security organization. Khalid has been widely quoted in the press, including such media outlets as Boston Globe and the Wall Street Journal. Khalid is a frequent keynote speaker at national and international executive conferences. During his career, Khalid has worked in both the consulting and enterprise sectors. Prior to joining Forrester, he worked for a global insurance company where he provided leadership and direction for the information security program. Previously, Khalid consulted organizations in healthcare, finance, entertainment and communication industries on information security strategy and architecture. Khalid holds a master's degree in telecommunications management from University of Pennsylvania and a bachelor's degree in business and economics from University of Texas at Austin. Khalid is also a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM), and a Certified Information Security Auditor (CISA).