To view speaker bio, click on first letter of last name.

Todd Babione, KPMG

Todd Babione is a Managing Director in KPMG’s Advisory practice and has more than 16 years of experience in delivering business process and information technology advisory services to Fortune 500 organizations. He has extensive experience performing large SAP transformation projects with a concentration on internal controls and security design. He has also led a number of large implementations and assessments of SAP’s Governance, Risk and Compliance (GRC) solutions including Access Controls and Process Controls. He is KPMG’s SAP Cyber Security leader and has help many clients address the unique security risks prevalent in the market today.

Todd's Session(s):

Back to top

Alessandro Banzer, Xiting

Alessandro Banzer has worked in Information Technology since 2004, specializing in SAP in 2009. Since then, Alessandro has been involved with global SAP projects in various roles. Alessandro is an active contributor and moderator in the Governance, Risk and Compliance space on SAP Community. He is responsible for Xiting in the Americas region and a subject matter expert in SAP Access Control (GRC) and SAP Security in general.

Alessandro's Session(s):

Back to top

Ming Chang, SAP

Ming Chang leads Cloud Information Security Awareness for both North America and Latin America at SAP. He has nine years of experience working for SAP, five of which he spent working in the support team delivering security services for SAP MaxAttention customers. Ming is an SAP GRC certified consultant, and an Oracle Certified JAVA programmer. His primary role at SAP is to help customers and colleagues understand how SAP Cloud Secure applies to SAP solutions, as well as to create and maintain white papers on cybersecurity. In addition, he is involved in both internal and external discussion on cybersecurity.

Ming's Session(s):

Back to top

Christian Cohrs, SAP SE

Christian Cohrs is Product Manager for Identity and Access Management at SAP. He has a background in computer science and worked in various positions at SAP during the last 17 years, most recently as Area Product Owner for SAP Single Sign-On.

Christian's Session(s):

Back to top

Aishwarya Dey, PwC

Aish Dey is a manager based in PwC's Irvine, CA office. She has over 10 years of experience in setting up security and GRC access control for Fortune 500 clients across various industries including Beverage & Foods, Defense, Entertainment, Manufacturing, Retail, and Utilities. She has a rare blend of technical and functional expertise as well as strong business acumen with an accomplished background in SAP ECC/HANA security design/redesign, SAP GRC-AC 5.3, 10.0 & 10.1 implementation, SoD review, SAP HCM security & functional design, and SAP BW/BI security & reporting set up.

Aishwarya's Session(s):

Back to top

Stephen DuBravac, Security Weaver

Stephen's Session(s):

Back to top

Michael Eastman, Coca-Cola

Michael's Session(s):

Back to top

Gadi Evron, Cymmetria

Gadi is the founder and CEO of Cymmetria, a cybersecurity startup that is pioneering the space of cyber deception. He is also founder and Chairman of the Board of the Israeli CERT, founding Chairman of the Cyber Threat Intelligence Alliance (CTIA), and founder of the Israeli Government CERT. Gadi is widely recognized for his work in internet security operations and global incident response, and is considered the first botnet expert. Prior to founding Cymmetria, Gadi was VP of Cybersecurity Strategy for Kaspersky Lab, led PwC's Cyber Security Center of Excellence (located in Israel), and was CISO of the Israeli government's internet operations. He has authored two books on the topic of information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.

Gadi's Session(s):

Back to top

Keith Goldschmidt, Fastpath

Keith's Session(s):

Back to top

Stephanie Gruber, SAP America

Stephanie's Session(s):

Back to top

Julie Hallett (Ford), Customer Advisory Group

Julie Hallet (Ford) is a Senior Member of the Customer Advisory Group with a Masters Degree in Cybersecurity from the University of Maryland and more than 13 years experience as an architect in SAP Security, Cybersecurity, Governance, Risk, Compliance, and Information Assurance. Julie is accustomed to working in global fast paced, high volume environments working with local and offshore resources, complex landscapes, and integration issues. Leveraging a wide-range of talents in computer technology, staff leadership, federal audit, and regulatory compliance, Julie provides a solid foundation to address all aspects of information systems across all platform types, project requirements, and business needs. Julie has worked with multiple GRC implementations, security redesigns, and audit remediation. She is an SAP TechEd & dCode speaker and an expert in the area of Cybersecurity for SAP.

Julie's Session(s):

Back to top

Vaibhav Jani, Deloitte

Vaibhav Jani is an SAP Security & Governance, Risk, and Compliance (GRC) consultant with Deloitte and has more than nine years of SAP security, controls, and GRC experience with a focus on securing large-scale SAP landscapes for multiple industries. He advises on and designs solutions to help companies protect their sensitive data and take measures toward complying with regulations applicable to the organization.

Vaibhav's Session(s):

Back to top

Tobias Keller, SAP

Tobias Keller is Product Manager for SAP UI Logging and UI Masking and growing the security portfolio at SAP Innovative Business Solutions. Tobias has worked in various positions in SAP for the last 11 years.

Tobias's Session(s):

Back to top

Kevin Knight, PwC

Kevin is a Manager in PwC’s Digital Risk Solutions practice (DRS) with 8 years of experience advising clients around SAP Governance, Risk & Compliance, and Security and Controls solutions. Kevin is known as one of PwC’s National SAP Access Control thought leaders and subject matter specialists. Kevin has significant experience driving technology-driven process improvements through SAP GRC, across all modules. Kevin had led over 15 SAP security and GRC-related projects in assessing, implementing, and designing security and GRC solutions with a deep focus on governance, compliance, data protection, and cybersecurity. Kevin more recently has been focused on helping develop and drive PwC’s thought leadership and capabilities around SAP cybersecurity solutions. Kevin has extensive experiencing serving clients across multiple industries including: Consumer Products, Industrial Products, Energy, Publishing, Technology, and Utilities.

Kevin's Session(s):

Back to top

Michael Kummer, Xiting

Michael Kummer is spearheading Xiting’s sales and marketing activities in the Americas. Before taking over this responsibility, he held various leadership positions at Secude IT Security in Europe and North America. Michael Kummer has enjoyed a decade-long history within the IT industry, focusing on SAP security. As an innovative and independent thinker with a broad knowledge of security-related technologies, he is on the front lines of helping customers to protect their data and privacy.

Michael's Session(s):

Back to top

Raymond Mastre, PwC

Raymond is a Director based in PwC's San Francisco office. For over 12+ years, Ray has specialized in SAP Security and the implementation of Governance Risk and Compliance (GRC) solutions. He has completed 10 global SAP security redesign projects and multiple end-to-end implementations of the SAP GRC Access Controls suite, including GRC version 10.x and the customization of client specific Segregation of Duties (SoD) rule sets. Recently, Ray completed a 3.5 year exchange program with the Zurich, Switzerland PwC office, where he led the business unit dedicated to providing compliance solutions for companies running SAP (SAP GRC, Approva One, Security Weaver, etc.). His technical expertise paired with his international perspective make him ideal for multi-national clients looking to optimize SAP GRC solutions.

Raymond's Session(s):

Back to top

Abdul Rafey Mohammed, Deloitte

Abdul Rafey is a Senior Consultant at Deloitte specializing in SAP security and SAP GRC. He has over 10 years of experience in SAP security architecture, design, and implementation of large-scale global SAP business transformation projects for Fortune 100 clients across various industries. He has extensive experience leading teams through full life cycle security implementations for various SAP systems including SAP S/4HANA, SAP Fiori, and SAP GRC. He has advised clients on security strategy and road maps along with implementation approaches and post-go-live support. Abdul’s experience includes catering to a wide array of clients in the Oil & Gas, Telecom, Industrial Products, and Consumer Products industries. In addition to in-depth technical knowledge of SAP security, Abdul has strong project management skills and is very familiar with industry leading practices and security implementation methodologies.

Abdul Rafey's Session(s):

Back to top

Bill Oliver, Winterhawk Consulting

Bill is a founding Partner of Winterhawk Consulting , a SAP Services Partner ® and global provider of Governance, Risk, and Compliance (GRC) services. Bill has over 20 years’ experience in the field of SAP Information Security and auditing which includes large scale Security and GRC implementations as well as managerial roles in external audit, advisory, and assurance services. Bill holds a Master’s Degree in Information Technology from Boston University and is a Certified Information Systems Auditor (CISA).

Bill's Session(s):

Back to top

Juan Pablo Perez-Etchegoyen, Onapsis

Juan Pablo is the CTO at Onapsis, leading the research team that keeps the company on the cutting-edge of the business-critical application security market. He is responsible for the design, research, and development of Onapsis' innovative software solutions, and helps manage the development of new products as well as the SAP cybersecurity research that has garnered critical acclaim for the Onapsis Research Labs. He is regularly invited to speak and host trainings at global industry conferences including Blackhat, HackInTheBox, Troopers, and SAP TechEd/DCODE. Prior to joining Onapsis, Juan Pablo led many Information Security consultancy projects for companies in Latin America, the U.S., and Europe. His strongest experience is in the fields of Penetration Testing, Web Application Testing, Vulnerabilities Research, Information Security Auditings and Standards.

Juan Pablo's Session(s):

Back to top

Chris Radkowski, SAP

Chris Radkowski is a Director of Solution Management at SAP and responsible for SAP Access Control. He has extensive industry experience with a broad range of identity, access, and security products and helped manage SAP Access Control through three major releases. Chris’s current areas of focus at SAP include access control, access governance, role management, HANA and analytics.

Chris's Session(s):

Back to top

Matías Sena, Onapsis

As one of the team leaders of Onapsis Research Labs, Matías is responsible for researching security patches and vulnerabilities in SAP systems. Among his main tasks, he creates detection rules for risk and vulnerabilities in SAP, in order to improve the Onapsis Security Platform offering to enhance customers' security around their business critical applications.

Matías's Session(s):

Back to top

Manish Singh, Deloitte

Manish has over 12 years of IT/Business consulting experience. He provides architectural guidance for large, complex solution development for SAP, system integration, and package-based SAP implementation projects to manage risks. Manish also defines integration standards, governs project solutions against standards, and develops and uses enterprise integration design patterns to maintain security and control and achieve application integrity. Manish has led multiple projects which includes security assessment and related activities for design, build, and support of SAP security and controls in the enterprise systems implementation, GRC implementations and enterprise wide transformational projects.

Manish's Session(s):

Back to top

Frederik Weidemann, Virtual Forge

Frederik Weidemann is Head of Consulting at Virtual Forge GmbH with a focus on SAP Security for eleven years. He is co-author of the first book on ABAP Security "Sichere-ABAP Programmierung" by SAP Press and spoke at several SAP and Security related conferences like RSA, Troopers, OWASP and DSAG. Frederik frequently teaches on secure ABAP programming (course WDESA3) at SAP University in Walldorf and on SAP security for Virtual Forge's customers. He also writes articles on SAP Security on a regular basis and has found numerous Zero Day defects in Business Software. Frederik holds a German Diploma in Computer Science and scored several Capture-The-Flag hacking contests first or second place during his time in university.

Frederik's Session(s):

Back to top

Jayden Weinschenk, Fastpath

Jayden Weinschenk is the Director of SAP Development at Fastpath. He has been developing and implementing SAP solutions for 17 years. Prior to Fastpath, Jayden worked for Fortune 500 companies including DuPont, Kelloggs and Pepsi Bottling as a SAP Solutions Engineer and SAP Architect. Jayden understands the importance of governance risk and compliance in SAP environments.

Jayden's Session(s):

Back to top