John De Santis

Chair John De Santis is a former company builder, chairman and CEO of multiple enterprises with experience in the software, networking and information security domains. He has more than 40 years of international and US-based experience at venture-backed technology start-ups and large global public companies in the telecom and IT fields. He currently serves on the boards of directors in a fiduciary capacity for organizations active in cybersecurity and artificial intelligence spaces, including Paladin Cloud, Cequence Security and ValiMail, leading innovators cybersecurity, and NoHold and Tweelin, early-stage innovators in the application of artificial intelligence.

De Santis holds a bachelor’s degree (concentration: Philosophy and Mathematics) from Fairfield University, and is a dual citizen of Italy and the United States maintaining homes in both countries. In addition to his work experience in the United States, he lived and worked in Europe and the United Kingdom for over 20 years.

ISACA Board Committees: Compensation & Human Capital Management; and Executive Committees

Brennan P. Baybeck

Vice Chair and 2019-2020 ISACA Board Chair Brennan P. Baybeck, CISA, CISM, CRISC, CISSP, is SVP & CISO for Customer Success Services at Oracle Corporation. In his role, Baybeck leads a global team that addresses cyber security risk management for one of the largest lines of business at Oracle. He is responsible for leading security, privacy and resiliency for customer facing services, including Oracle’s Security Services. He has more than 30 years of experience in IT security, governance, risk, audit and consulting, and has worked in various industries designing, implementing and operating enterprise-wide programs to address global security risks. He has held other leadership positions at Sun Microsystems, StorageTek and Qwest Communications, and served as a security risk consulting director at a global consulting company for several years. Baybeck also has been actively involved with ISACA for more than 30 years, as ISACA’s International Board Chair and a board Director for several years, and served many years as a chapter board leader. He currently serves as a Director on the global ISACA Board. He is a recipient of the Western Michigan University’s Business Information Systems Outstanding Alumni Award in recognition of his distinguished service and accomplishments. He is based in the United States.

ISACA Board Committees: Compensation & Human Capital Management; Governance & Nominating; and Executive Committees

Tracey Dedrick

Director and 2020-2021 ISACA Board Chair Tracey Dedrick serves on the board of First Bancorp Puerto Rico and is Lead Director of Sterling Bancorp. Dedrick was EVP and Head of ERM for Santander Holdings US, where she was responsible for enterprise risk, operational risk and market risk for the Americas. Prior to this role, she was EVP, Chief Risk Officer and a member of the executive team for Hudson City Bancorp, where she built regulatory compliant risk, compliance and information security functions. Prior to that, Dedrick spent nine years at MetLife, where she successively built the capital markets function for the newly demutualized company as assistant treasurer, reinvented the investor relations function, helping to double the share prices as head of investor relations, and installed a market-consistent economic capital model as head of market risk, leading to the eventual disposition of the annuity business. Dedrick is a past ISACA Board Chair and current Board Director and recently served as ISACA’s Interim CEO. She is based in the United States.

ISACA Board Committees: Audit & Risk; Compensation & Human Capital Management; and Governance & Nominating Committees

Stephen Gilfus

Director Stephen Gilfus is general partner at Oversight Ventures, an education and workforce-based investment firm focused on knowledge and learning solutions in growing industry sectors (cybersecurity, A.I., safety, and risk). He is also chairman of the board of the Gilfus Education Group, a DC-based education and training industry think tank he founded in 2008. Gilfus started his career in 1997 as one of the founders and business architects of Blackboard Inc., a global eLearning software and eLearning technology and infrastructure company. He is a seasoned and entrepreneurial board member, operator, investor, and founder with over 25 years of experience guiding, strategically growing, and supporting mission-based organizations, not-for-profits, education businesses and institutions, industry investors, government entities, education companies, and entrepreneurs serving them.

Gilfus also has extensive experience evaluating and combining synergistic value and managing transactions for business combinations, roll-ups, acquisitions, and divestitures, as well as start-up experience with high-growth organizations serving global education, Fortune 1000 corporations, and government institutions. He is a limited partner and industry advisor at New Markets Venture Partners and an operating partner and advisor for The Vistria Group, a middle-market private equity firm. He is passionate about empowering organizations and people with capabilities that can positively impact industries while improving the lives of individuals. He is based in the United States.

ISACA Board Committees: Compensation & Human Capital Management and Innovation & Technology Committees

Niel Harper

Director Niel Harper, CDPSE, CRISC, CISA, CISSP, NACD Certified Director, is a technology and cybersecurity executive and the former Chief Information Security Officer and Data Privacy Officer at the United Nations Office for Project Services (UNOPS). He has had senior leadership and advisory experience with AT&T, Bemol, Canonical, CIBC, Deloitte Consulting, European Commission, and the Internet Society, among others. Harper has more than 20 years of deep interdisciplinary knowledge across the domains of IT risk management, cybersecurity, privacy, ICTs for development (ICT4D), and technology law & policy.

He is the recipient of the 2021 ISACA Technology for Humanity Award and the 2021 IFSEC Caribbean Security & Resilience Award. Harper has also been recognized by the World Economic Forum as a Young Global Leader and a Global Shaper. He has held fellowships to the American Registry for Internet Numbers (ARIN), British Computer Society, OECD Technology Foresight Forum, and the Royal Society of Arts. He obtained a master of laws from the University of Strathclyde, master in business administration (MBA) from the University of Leicester, and an executive certificate in cybersecurity leadership and strategy from Florida International University. He is based in Germany.

ISACA Board Committees: Innovation &Technology Committee

Gabriela Hernández-Cardoso

Director Gabriela Hernández-Cardoso, NACD Certified Director, has spent her career in both public and private sectors. In 2010, she was appointed President and CEO of GE Mexico, and in 2013, she was named Latin America General Counsel for GE. Prior to joining GE, Gabriela worked in the Mexican government, holding positions in the NAFTA negotiation team, Under-Attorney for Consumer Protection and in the Ministry of Communications and Transportation, first as General Director for Telecommunications and then as Undersecretary for Communications, a presidential appointment. In the private sector, she has had experience in corporate law and international trade, working in companies such as Motorola and Tellabs. Gabriela earned her law degree with honors from Escuela Libre de Derecho, completing post-graduate studies. She is a Yale World Fellow (2016). She taught the course “Building a Business in a Failed State—A Practicum for Hope Village, Somalia” at Yale, leveraging the student´s talent to create a sustainable business model for Hope Village bringing economic resources, purpose and dignity to the population. This was the beginning of a continued effort to pursue social enterprises to enhance the intersection of public, private and social sectors in order to target a culture shift and create a virtuous circle with the main focus areas: tools for the XXI Century human being, a conscious economic vehicle and the rule of law as a backbone.

Gabriela is also an independent board member of diverse institutions and corporations in Mexico and other countries. As an active board director her focus is pursuing purpose capitalism with a focus on Sustainability/Environmental, Social and Governance. She is based in Mexico.

ISACA Board Committee: Compensation & Human Capital Management Committee

Jason Lau

Director Jason Lau, CGEIT, CRISC, CISA, CISM, CDPSE, CISSP, CIPP/E, CIPM, CIPT, CEH, HCISPP, FIP, is a seasoned professional with over 23 years of experience working with global Fortune 500 companies, and demonstrated expertise in cybersecurity, data privacy, corporate governance, risk management and management consulting. He currently serves as the chief information security officer at Crypto.com and previously held cybersecurity advisory leadership positions at Microsoft. In addition, Lau serves as an adjunct professor for cybersecurity and privacy at the HKBU School of Business and an elected official member of the Standing Committee on Technological Developments for the Privacy Commissioner for Personal Data (PCPD). He is also on the Asia Advisory Board for the International Association of Privacy Professionals (IAPP) and is a member of the Singapore Institute of Directors, a Fellow of the HK Institute of Directors, as well as being honored as an IAPP Westin Emeritus Fellow.

Lau participates in multiple global think tanks as a cybersecurity and data privacy subject matter expert, including the World Economic Forum and Centre for Information Policy Leadership (CIPL), and is a contributor to the Forbes Technology Council. His contributions to the industry have consistently earned him a spot on the IDG Top CSO30 list, and he has also been awarded Business Magazine Executive of the Year for Cybersecurity and Data Privacy. Additionally, he has completed executive director corporate governance programs at Stanford University. He splits his time between Singapore and Hong Kong.

ISACA Board Committees: Innovation & Technology Committee

Massimo Migliuolo

Director Massimo Migliuolo is an experienced CEO from the technology sector, currently serving as executive chairman at Intuin and founder and director of Cedro and Kibe, three companies created with his sons, where he is engaged in developing value chain optimization in the sustainability, retail and construction verticals. Previously, Massimo was the Chief Executive Officer of Vads and Vads Lyfe, both owned by government-controlled Telekom Malaysia. While at Telekom Malaysia, Massimo also served as Chief Executive Officer of Intelsec, where he executed on customer partnerships and joint ventures. Before that, Massimo served as a senior executive at Cisco for twelve years, including as vice president of emerging markets and vice president of mobile operations worldwide, as well as in various roles with AT&T Network Systems and Lucent Technologies. He splits his time between Malaysia and Switzerland.

ISACA Board Committees: Compensation & Human Capital Management and Innovation & Technology Committees

Pamela Nigro

Director and 2022-2023 ISACA Board Chair Pamela (Pam) Nigro, CRMA, CISA, CGEIT, CRISC, CDPSE, is Vice President of Security and Security Officer at Medecision, where she is responsible for all cybersecurity efforts that secure and protect information important to Medecision and its customers, while ensuring the overall cyber resiliency of the company. Previously, she was Vice President of Information Technology and Security Officer at Home Access Health Corporation. She is a recognized subject matter expert in HIPAA, HITRUST, SOC 1, SOC 2, Sarbanes-Oxley (NAIC-MAR), and IT/cybersecurity controls and risk assessments. Nigro is also an adjunct professor at Lewis University in Illinois, USA, where she teaches graduate-level courses on healthcare data security, privacy, ethics, risk, IT governance and compliance, and management of information systems in the MSIS and MBA programs. She has more than 25 years of experience in the information technology industry and holds numerous IT certifications. She has also been awarded “Distinguished Toastmaster” from Toastmasters International. Nigro is a frequent speaker at industry conferences. She is based in the United States.

ISACA Board Committee: Audit & Risk; Compensation & Human Capital Management; and Governance & Nominating Committees

Maureen O'Connell

Director Maureen O’Connell, NACD Certified Director, has executive experience in both finance and education. Most recently, she was executive vice president and CFO of Scholastic Corp., where she was responsible for finance, operations, supply chain, technology, HR and legal. O’Connell has also served as president at Gartner and CFO of Barnes & Noble. She has more than 30 years of progressive experience in finance and operations management and has been named “Financial Executive Who Will Make a Difference in the Next Decade” by CFO magazine. She also received the CFO World-Class Award from CFO Studio and was named one of the 30 Outstanding Women in Business by Treasury & Risk Magazine. She is based in the United States.

ISACA Board Committees: Audit & Risk Committee

Erik Prusch

Director Erik Prusch is Chief Executive Officer for ISACA. Prior to joining ISACA, Erik most recently was chief executive officer at Harland Clarke Holdings Corp., a provider of integrated payment solutions and integrated marketing services. He has also served as CEO for Outerwall, Lumension, NetMotion Wireless, Clearwire and Borland Software Corporation. Additionally, he has been a board member for RealNetworks, WASH, Calero Software and Keynote Systems. Previously in his career, Erik served as chief financial officer for a number of public companies, such as Identix and Borland, and for divisions of public companies, such as Gateway Computers and PepsiCo. He began his career at Deloitte & Touche (then Touche Ross). Erik holds a bachelor’s degree from Yale University and an MBA from NYU’s Stern School of Business. He is based in the United States.

Gregory J. Touhill

Director and 2021-2022 ISACA Board Chair Gregory J. Touhill, CISM, CISSP, Brigadier General (ret), is director of the world-renowned CERT Division of Carnegie Mellon University’s Software Engineering Institute, a federally-funded research and development center. Prior to this appointment, he was president of Appgate Federal, a cybersecurity and advanced technology company. Also a professor of Cybersecurity at Carnegie Mellon University’s Heinz College, he has extensive experience as the director of profit and loss corporations and non-profit organizations, including serving on the Splunk, Intel and Symantec Federal Advisory Boards. Prior to entering the private sector, General Touhill concluded a distinguished career of public service culminating in his selection by the President of the United States as the US government’s first Chief Information Security Officer. His other civilian government service includes duties as the Deputy Assistant Secretary, Cybersecurity and Communications at the United States Department of Homeland Security; and as Director of the National Cybersecurity and Communications Integration Center, where he led national programs to protect the United States and its critical infrastructure. He is a retired Air Force general officer, a highly decorated combat leader, an accomplished author and public speaker, a former American diplomat, and is based in the United States.

ISACA Board Committee: Governance & Nominating; and Innovation & Technology Committees

Asaf Weisberg

Director Asaf Weisberg, CSX-P, CISM, CRISC, CISA, CGEIT, CDPSE, is a highly experienced IT and cyber security executive with strong strategic skills, and the founder & CEO of introSight Ltd. Over the years at introSight, he developed a unique quantitative risk management methodology, led development efforts of cyber risk management best practices and IT related regulation for governmental agencies, and directed countless business-centric projects in various areas of IT governance, risk and compliance. He has more than 25 years of hands-on, managerial, and mentoring experience in cybersecurity and various other IT disciplines. Weisberg has been a member of ISACA and a chapter leader for more than 18 years and served as the president of the ISACA Israel Chapter. He is based in Israel.

ISACA Board Committee: Audit & Risk and Innovation & Technology Committees