Speakers

Jonathan Feibus serves as the Chief Information Security Officer and Director of the Cyber and Infrastructure Security Division at the Nuclear Regulatory Commission (NRC). Mr. Feibus was selected for this role in 2023 to oversee the NRC’s cybersecurity program, including systems supporting the safety and security mission of the agency’s oversight of the civilian use of special nuclear materials. Mr. Feibus is also responsible for the supply chain risk management and controlled unclassified information programs.

Mr. Feibus has served in other roles since joining the NRC in 2008, including as the Director of the Governance and Enterprise Management Services (GEMS) Division, Deputy Director for GEMS, and Deputy Director for the Cybersecurity Division and Deputy Director of the Computer Security Office. He has also held a number of leadership roles in the private sector prior to joining the NRC in information technology and cybersecurity policy and operations.

Jennifer R. Franks directs the Center for Enhanced Cybersecurity within GAO’s Information Technology and Cybersecurity team. She oversees reviews that primarily focus on emerging cybersecurity issues and assessing an agency’s ability to protect the confidentiality, integrity, and availability of its sensitive data and computing infrastructure. Her multi-disciplinary teams actively review agencies’ computer security vulnerabilities across their enterprise-wide computing environment by assessing program management compliance and technical controlsrecommended for the agencies to follow in accordance with federal guidance and leading practices.

In addition, Ms. Franks leads reviews in the areas of IT management and operations, financial management, data protection, privacy, and cybersecurity issues related to the COVID-19 pandemic. Further, she is a certified facilitator of agency new hire and Diversity, Equity,Inclusion, and Accessibility (DEIA) courses.

Ms. Franks earned a master’s degree from Carnegie Mellon University in information security policy and management, and a bachelor’s degree from Hampton University in computer information systems.

Amy S. Hamilton, Ph.D. is the Visiting Faculty Chair from the Department of Energy to the Department of Defense (DOD) National Defense University (NDU) College of Information and Cyberspace (CIC). She has served for the past three years as the Senior Advisor for National Cybersecurity Policy and Programs at the Department of Energy. She spent two years as a senior cyber security policy analyst at the Office of Management and Budget, Executive Office of the President. She served in the Michigan Army National Guard as a communications specialist and was commissioned into the US Army Officer Signal Corp, serving on Active Duty and later the US Army Reserves. She has worked at both the US European Command and the US Northern Command & North American Aerospace Defense Command (NORAD) on multiple communications and IT projects.

She became a certified Project Management Professional through the Project Management Institute in 2007 and earned her Certified Information Security Manager certification in 2011.  She presented on the “The Secret to Life from a PMP” at TEDxStuttgart in September 2016. She taught Project Management Tools at Colorado Technical University and was a facilitator for the Master’s Degree Program in Project Management for Boston University. She is an award-winning public speaker and has presented in over twenty countries on overcoming adversity, reaching your dreams, cyber security, and project management.

Amy holds a Bachelor of Science (BS) in Geography, from Eastern Michigan University, a Master of Science (MS) in Urban Studies from Georgia State University, Master in Computer Science (MSc) from the University of Liverpool, Master Certificate in Project Management (PM) and Chief Information Officer (CIO) from the National Defense University, and completed the US Air University, Air War College. She completed her Doctor of Philosophy (PhD) at Regent University in their Organizational Leadership Program with a dissertation on “Unexpected Virtual Leadership: The Lived Experience of US Government IT and Cybersecurity Leaders transitioning from physical to virtual space for COVID-19.”

Amy’s motto is “A woman who is passionate about project management, public speaking, and shoes.”

Steven Hernandez is an information assurance expert serving the past twenty years in a variety of contexts and missions. He has worked on the front lines in operations centers and led research teams attempting to balance security, privacy, and mission delivery considerations. Transforming risk management in international manufacturing, healthcare, non-profits, and governments at the federal, state, and local levels is extensive through his professional portfolio. Leading tactical, day-to-day security operations as well as guiding and influencing broad security initiatives such as the US government’s Zero Trust Architecture approach across large organizations with international presence are areas he’s frequently called upon to support.

Presently he is the Chief Information Security Officer and Director of Information Assurance Services at the U.S. Department of Education. Steven also serves as the co-chair of the US Government Federal CISO Council and government chair of the ACT-IAC Cybersecurity Community of Interest.

Prior to his position at Education, he held a variety of roles at the Office of Inspector General, US Department of Health and Human Services including CTO, CIO, CISO, Senior Official for Privacy and Chief Services Engineering Officer.

He is an inaugural member of the United States Scholarship of

Steve Faehl is the Microsoft Federal Security CTO leadingMicrosoft's efforts to help the US Government accelerate security modernization and realize the benefits of security transformation. His primary mission is to identify and evangelize the most valuable defensive cybersecurity tactics available to organizations today.

As he works closely with US Government clients, he partners internally with Microsoft security
leaders and experts from every area of the company to align security engineering efforts to
agency needs. Steve also remains an active cyber practitioner leading several R&D efforts in
pursuit of new security features and novel strategies to disrupt emerging cyberattacks.

Before joining Cohesity Marlin was the Federal CTO at Riverbed Technologies. Where he brought more than 25 years of engineering, leadership and technology experience leading technical initiatives. He is a strategic and supportive voice for customers, partners and team members, and helped ensure successful solution delivery. In his role, he explored emerging technologies, advised on development, and recommended strategies through research and collaboration with business and technology leaders across the company and public sector organizations.

Prior to taking on the role of CTO, Marlin was the Technical Director of the Advanced Technology Group in the Office of The CTO, responsible for being the subject matter and industry expert to the world's largest and most complex customers. As well as at Circadence, as a Software Engineer, Solutions Architect and ending as their Systems Engineering Manager leading  the engineering teams for both commercial and government business units.

An empathetic and engaged leader, Marlin refuses to limit himself to the more traditional constructs of the C-suite. As an Army veteran, he is a self-taught technologist and transformed his personal technical curiosity into one of the leading voices in the Federal IT community. He makes himself readily available and accessible to colleagues, partners, and customers to tackle some of the most difficult challenges in IT, breaking down difficult concepts to empower integrated teams and helping government customers achieve mission success.

Igor Volovich is the Vice President of Compliance Strategy at Qmulos, a security and compliance automation market leader driving the revolutionary concept of Converged Continuous Compliance™. Igor is an award-winning cybersecurity executive with broad experience in corporate risk governance, M&A due diligence, internal investigations, crisis management, incident response, and public-private partnerships in the domain of cybercrime enforcement. He is a recognized industry thought leader who's led and advised some of the largest commercial and public sector enterprise security programs, including CISO roles at Invensys and Schneider Electric, and most recently as a senior enterprise security strategy and architecture advisor to the Office of the CISO at the United States Postal Service.

Igor is a frequent speaker, host of the "Compliance Therapy" podcast, and the author of the upcoming security strategy and policy title, "Insecure at Any Price: Why spending more on security is not the answer." He can be found on LinkedIn and Twitter (@CyberIgor) sharing his thoughts on all things enterprise risk, leadership, and cybersecurity strategy.