The Cloud and your Database: Rethinking Data Governance

Lawrence Montle is currently the Chief Information Security Officer and Privacy Officer at the New York State Insurance Fund (NYSIF). He is responsible for the development and implementation of a comprehensive information security plan to improve and insure agency security levels. In this role, Mr. Montle oversees the recommendation and design of targeted strategies and initiatives to effectively assess risks, maintain the security of NYSIF’s proprietary data, and ensure its protection from unauthorized use.

He also functions as a liaison to the Office of CyberSecurity and Critical Infrastructure Coordination, administering security training for agency staff and ensuring NYSIF's compliance with statewide security policies, privacy standards and controls. Prior to joining NYSIF, Mr. Montle served as internal audit director for the Department of Financial Services, where he oversaw audits conducted by the New York State Comptroller’s office and other external entities, and monitored compliance and adherence to policy review and internal controls.

Among other achievements, he implemented a comprehensive internal audit internship program to train and mentor students. Mr. Montle’s previous positions include serving as information technology director at the New York Liquidation Bureau and working at Verizon as an IT auditor, systems engineer, and network engineer for over a decade. He holds certifications in information privacy (CIPP/US), fraud examination (CFE), information systems auditing (CISA) and is licensed to practice law in N.Y. and D.C. Mr. Montle received his MBA in finance and management from Fordham University and his JD from New York Law School. He obtained his undergraduate degree from New York University.

John Whiting is the global CSO at DDB Worldwide. He leads the global information and physical security organization and is charged with establishing security strategy and direction. He is also the corporate advocate for information security best practices. Whiting has extensive experience in developing and managing information security programs, including subject matter expertise in threat and vulnerability management, incident management and forensics, secure application coding and testing, third-party due diligence, IT risk, and IT compliance.

Whiting regularly presents at technology and security conferences and is an active member in the InfoSec community