Roll Of Honor

CISO Roll Of Honor

EC-Council strives to recognize the best and brightest of our executive Information Security community. The C|CISOs below have made exemplary contributions to the IS industry and represent the level of executive the C|CISO was designed to serve. Congratulations to the outstanding professionals below.

Zachery S. Mitcham, MSA is the Chief Information Security Officer at the University of North Carolina Wilmington, where he plays a significant role in the strategic planning and policy development for information technology security programs. Zachery has over 29 years of combined practical experience working in the field of operations and information systems security with the, New Hanover Regional Medical Center, State of North Carolina University System, and the Department of Defense which included accrediting sensitive compartmentalized Information facilities within the Central Region of Europe. Specifically, V Corps Headquarters. He is a 20 year veteran of the United States Army where he retired as a Major. He earned his BBA in Business Administration from Mercer University-Eugene W. Stetson School of Business and Economics. He also earned an MSA in Administration from Central Michigan University. Zachery graduated from the United States Army School of Information Technology where he earned a diploma with a concentration in systems automation. Mr. Mitcham holds several computer security certificates from various institutions of higher education to include Stanford, Villanova, Carnegie-Mellon Universities, and the University of Central Florida. He is certified as a Chief Information Security Officer by the EC-Council and a Certified Computer Security Incident Handler from the Software Engineering Institute at Carnegie Mellon University. Zachery received his Information Systems Security Management credentials as an Information Systems Security Officer from the Department of Defense Intelligence Information Systems Accreditations Course in Kaiserslautern, Germany.

Zachery S. Mitcham
MSA is the Chief Information Security Officer

Nitin is a subject matter expert in cyber security, brings 25 years of Industry experience in Internet, network engineering and operational experience from leading corporations including Aegis, Godrej and Philips.

As a vice president of Information Security and GRC at AGCNetworks and as founder of Highband, Nitin has been a pioneer in developing innovative technologies to meet challenges related to Information Security and compliance requirements of commercial enterprises. He has implemented Information security and compliance solutions for Fortune 100 clients globally.

Prior to Highband, Nitin has worked at various positions in Godrej and Philips. There he worked at various positions and matured as technology and security professional.

Nitin Kanade

Richard Ryan Hernandez II is currently working as the Chief Information Security Officer for Aeon Credit Technology Systems, a subsidiary of Aeon Group and one of Japan’s biggest retailer groups. He is a recognized subject matter expert in the field of Information Security, Risk Management, Penetration Testing, and Audit. During his free time he conducts several ECCouncil classroom trainings, Information Security seminars, and workshops in the Philippines and APAC region. His students are from different private financial companies, government agencies, US Army and US Air Force service members that are based in South Korea. He has conducted several Penetration Testing projects for Fortune 500 companies and has appeared on Information Security related TV interviews in the Philippines.

Richard Ryan graduated last October 25, 2011 with his Master of Security Science degree, which was awarded at Hacker Halted 2011. He is the first graduate of ECCouncil University. He also holds two bachelor degrees in Commerce Management and Computer Science from San Sebastian College – Manila, Philippines. He holds and maintains several certifications from ECCouncil, ISACA, ISC2, Microsoft, Cisco, HP, IBM, Checkpoint, Fortinet, CompTIA, CWNP, CIW, GIAC. He has 12+ years of Information Security experience and started his career as an Instructor before working in information security domains.  He continuously does research for Insider Threat Mitigation. During his free time he also does vulnerability research, handles security classes, forensic investigations. His wish is to pursue his Ph.D. in Information Security and Assurance in the future.

Richard Ryan
Chief Information Security Officer,
Aeon Credit Technology Systems

Tim Johns is the Chief Information Security Officer at Northeast Georgia Health Systems where he plays an integral role in the planning and development of security policies and procedures for one of the most accredited heart hospitals in the country. Tim has over 25 years of Information Systems experience with the past 12 years working primarily in the healthcare field. Tim’s principal motivation is to ensure that patient information is secure. He has worked diligently with physicians and clinical staff over the years to safeguard patient confidentiality while maintaining efficient patient care. Mr. Johns possesses multiple computer certifications including Certified-Chief Information Security Officer from EC-Council, Certified Information Systems Security Professional from ISC2, Microsoft Certified Systems Engineer from Microsoft, and Nextgen Electronic Health Records for patient care.

Tim Johns
Chief Information Security Officer,
Northeast Georgia Health Systems

Nitin Kumar is a global executive and management consultant with deep operational experience. He has leadership experience in start-ups, turnarounds and driving exponential growth with full P/L responsibility.

He has held several executive roles such as Consulting Partner, Turnaround Leader, M&A Integration Leader, and Start-up CEO focused on strategy, sales, delivery, growth and operations. Nitin has vast global experience spanning the US, Europe, Asia (Middle East, India, and Far East), Australia, and Africa where he consulted with Fortune 500 clients in the areas of Growth Strategy, M&A Integration, Business Model Innovation, and Complex Transformation.

Nitin has pioneered several concepts for the CISOs including “Wargaming for CISOs”, “Managing Information Risk during M&As” and “IT Risk Strategies during M&A” and he is widely regarded as a Growth Strategist and M&A Leader. In his prior life he has built IT Risk and Security organizations focused on serving CISOs of Fortune 500 clients.

Board Member: EC Council (CISO); Institute of Management Consultants (NJ Chapter)

Nitin Kumar
Director, PricewaterhouseCoopers LLP

William S. Akel is a Chief Compliance Officer, 20 + years proven and progressive Core banking systems experience, 11 + years in financial services and IT compliance, including direct accountability for AML.Comprehensive understanding of BSA / AML / FFIEC / OFAC / FCRA / GLBA / PCI / SOX compliance regulations and an understanding of bank products and issues. Ability to think intuitively and strategically so that the department is enabled to anticipate / plan / execute and mitigate legal and regulatory risk. Highly developed managerial, communications, negotiation, analytical, organizational, project management, and strategic planning skills. Ability to take decisive action and to motivate / develop others. Provided timely, comprehensive and cost effective analytical services for wire transfers, SWIFT checks and international cash deposits of a high volume, high risk nature with foreign and domestic financial institutions, major corporate clients and private premier customers.

William S. Akel

Rocco A. Del Carmine is a Principal Technology Security Specialist at AT&T reporting to the (CSO) Chief Security Office and has recently completed his twelfth year of service with AT&T Services, and his thirty-second year of service in the Information Security domain.

Rocco’s technical and managerial responsibilities has spanned across all industry security domains in his thirty-two year IT Technology and Information Security career. He has designed and implemented a number of security programs. products, tools and solutions to minimize risk and exposure to a diverse number of corporations and business partners such as; PepsiCo, USCO Logistics, Bayer Pharmaceuticals, Sun Micro Systems, AstraZeneca and Nortel, including providing security-consulting services for U.S. Financial organizations. While at PepsiCo as the Senior Security Technical Manager, he managed staff concentration and career path expansion in the Information Security, Operations and Business Continuity domains. He assisted the Pepsi-Cola CSO directly in establishing Pepsi-Cola’s Information Security and Business Continuity programs, including the design, planning and implementation of logical security mainframe, midrange and handheld access control systems. As the Director of Information Security for USCO Logistics (3PL Logistics Solutions Provider), he managed staff concentration and career path expansion in several security domains and developed their Corporate Information Security and Business Continuity programs, including responsibility for facility physical security controls consisting of the design and implementation of security access control systems, alarms, metal detectors, surveillance and biometric security systems for Corporate headquarters, datacenters, offices and business partner subsidiary facilities domestically and internationally. As a Financial organization lead security consultant, he participated and directed teams in the IT audit domain for PCI-DSS audits including Third Party Suppliers.

Rocco joined Prodigy Corporation in 2000 as the Directory of Information Security and developed an ISP security strategy, to minimize risk and exposure to Prodigy and customer information assets. He led a Third Party extensive security assessment engagement of Prodigy’s ISP Internet accessibility that included penetration testing to critical supporting infrastructure components, to evaluate and improve Prodigy’s Internet security posture where applicable and required. He shortly thereafter joined AT&T in early 2001 after AT&T acquired Prodigy. Rocco immediately stepped into the Senior Technical Security Manager role and assumed responsibility for AT&T Internet Services, with further expansion that included Prodigy, Internet Data Centers, AT&T Labs, Sterling Commerce and Yahoo! affiliates and business partners.In the seven year period in the Affiliate and Business Partner manager space, he managed 350+ projects both in an out of his immediate realm of responsibility, including subject matter expertise on several AT&T Chief Security Office Task Force teams.

In 2009, Rocco’s responsibility expanded to the Corporate Security Compliance domain and managed both technical and administrative staff concentration with regards to public facing Web Application layer testing, for AT&T’s portfolio of applications. His team successfully developed a new application compliance testing and review process and was applied to AT&T public facing websites, portals, associated back-end applications and databases using a three-tier application layer approach. Rocco currently reports into the Chief Security Office “Supplier Review Team” organization with concentration on Third Party Supplier security compliance audits and provides extensive team security expertise and assistance where requested.

Rocco has held the Computer Systems Security Certification since 1990 and holds additional domestic and international security certifications including Home Land Security. Rocco has assisted local and Federal law enforcement agencies on a number of security investigative and forensic cases and for his efforts, has received several commendations from the F.B.I., Secret Service and Home Land Security agencies. He has developed a number of corporate security patents and in 2010 was appointed to the Executive Advisory Board of Directors of the American Board of Information Security and Computer Forensics (ABISCF). He is also a member of the American College of Forensic Examiners International (ACFEI).
In February 2012, he acquired the Chief Information Security Officer Certification (C|CISO). This IT/Information Security certification acknowledges professional executive and technical career achievements in leading, designing, developing and enhancing Information Security Programs for small, mid-size and large diverse corporations. The C|CISO certification also recognizes an individual’s accumulated skills in developing and executing an information security management strategy in alignment with organizational goals.

In March 2012, he received the AT&T Business Unit Recognition Award for – Extraordinary Leadership Model “Focus on Results” in the area of Third Party Supplier audits and compliance. In August 2012, he achieved the C|CISO “Roll of Honor” recognition credential that recognizes outstanding information security career accomplishments of industry security colleagues around the world.

Rocco has received a number of additional organizations, performance, managerial and development Information Security awards throughout his career and continues to spread the Information Security message to Public Schools, Universities and local communities as part of his community service volunteering efforts.

Rocco A. DelCarmine
Principal Technology Security Specialist,
AT&T reporting to the (CSO) Chief Security Office