2025 Speakers
Jack Jones
Keynote Speaker
Jack has worked in information security and risk management for over thirty-seven years, ten years of which as a CISO with three different companies. He’s won several industry awards and teaches in Carnegie Mellon University’s CISO executive program. Jack also created the “Factor Analysis of Information Risk” (FAIR) and FAIR-CAM models which have been adopted as international standards for measuring risk. In 2015 he co-authored a book on FAIR entitled “Measuring and Managing Information Risk, a FAIR Approach,” which was inducted into the Cyber Security Canon in 2016.
David M Zendzian
David has over 30 years Information Technology and Security experience and is the VMware Tanzu by Broadcom Global Field CISO and Security Champion. Tanzu Field CISO focuses on the security, risk, governance and compliance aspects of modern applications in highly secure or regulated businesses and as Security Champion David represents the Tanzu Division for Broadcom governance, risk, compliance and security. David came to Tanzu through VMware and Pivotal and previously from a stealth startup bank where he was the first employee and CISO responsible for the complete security program for a startup FDIC regulated bank. Before the bank startup, David was co-founder of a multi-regional provider of hybrid cloud managed security and hosting focusing on businesses needing PCI, HIPAA and other security solutions. David saw the need to create ZZ Servers after spending years as a PCI QSA and Penetration tester working with companies such as Virgin Mobile, Williams Sonoma, Wells Fargo Bank, US Marine Corps and Kayak.com. As an industry leader David also gives his time back and volunteers with and speaks at industry events such as Security BSides and is co-founder and Board member of Security BSides Charleston a 501c3 founded in 2012 providing information security training to the local Charleston community.
Steve Thomas
Steve is the founder and CEO of HackNotice, with 20 years of experience as a threat intelligence engineer. In 2013, he built and sold one of the world’s first threat intelligence startups. A serial entrepreneur, he has launched successful ventures in identity theft, third-party risk, and intellectual property. Steve is also a well-published security researcher.
Samyuktha Anand
After a long and impactful career in healthcare, Dr. Anand transitioned into the field of cybersecurity, where she now applies her analytical skills and expertise to protect critical industries. In addition to her day job in cyber defense, she currently teaches cybersecurity courses freelance and is an active member of Infragard. Her academic pursuits continue as a graduate student at SANS University, where she has earned certifications including GIAC Cloud Security Essentials (GCLD) and GIAC Public Cloud Security (GPCS).
Bill Morrison
Bill Morrison's career has spanned multiple industries, critical infrastructure segments, notably the Healthcare and Financial sectors. He has led teams at multiple Fortune 25 multinationals in the healthcare and high-tech business lines working on the engineering, implementation, and deployment of security controls and processes. Previously, Bill spent 3 years with the nation’s largest not-for-profit healthcare system, leading their Incident Response program. Additionally, Bill has over 22-years’ with a Fortune 15 company as an Information Security & Compliance Officer for their pharma & high-tech manufacturing customers, providing expertise in information security, threat & vulnerability assessment, incident management, and information security policies and standards. Bill is also involved in the cybersecurity professional community with multiple organizations, including serving on boards and as an officer for InfraGard's Atlanta Chapter.
Jason Gilliam
Jason Gillam is the CIO of Secure Ideas, a security consulting and penetration testing firm. He brings over 25 years of experience in enterprise software solutions, system architecture, and application security. He has held technical leadership roles in startups and Fortune 100 companies. As an OWASP project lead for SamuraiWTF and an OWASP project committee member, Jason is committed to application security and ensuring the integration of security best practices within the SDLC.
Juan Carlos Paris
Juan Carlos Paris is a highly respected cybersecurity expert based in Panama City, Panama, with over 25 years of experience in the financial and banking sectors. Known for his innovative approach to cybersecurity, leadership, and digital resilience, he continues to empower organizations to defend against evolving threats.
He is a passionate advocate for empowering users through continuous training, resilience, and awareness — equipping them to be the first line of defense against cybercrime.
Juan Carlos serves as an Ambassador for the Comunidad Dojo de Ciberseguridad in Panama and is a key member of the BSides Panama team. He is dedicated to building bridges within the global cybersecurity community and hopes to welcome speakers from Charlotte to the next BSides Panama in 2026.
Peter Ukhanov
Peter Ukhanov is a Senior Consultant with the Google Public Sector (Mandiant) IR team. Prior to joining Mandiant, Peter worked at Dragos focusing on OT/ICS environments. He started his career in incident response and digital forensics in 2014 at the Defense Information Systems Agency, spending almost 7 years supporting various Department of Defense entities.
Stanley Harris
​Stanley is the CEO and Cofounder of Katilyst, where he leads initiatives to build strong security culture via Security Champion programs. An avid gamer his entire life, Stanley leverages his gaming experiences, as well as his career in organizational change management, to apply effective gamification techniques in professional settings.
Brady McLaughlin
​Brady McLaughlin is an offensive security consultant, graduate student, and security enthusiast who most enjoys Active Directory tradecraft and exploitation. Brady has contributed vulnerable Active Directory Certificate Services misconfigurations to be exploited in cyber ranges deployed by Ludus, an automated cyber range provisioning project by Bad Sector Labs. Brady occasionally releases tutorial- and walkthrough-style content for aspiring security professionals on Github, YouTube, and Twitch.
Peyton Smith
Peyton has spent 10+ years in cyber security with an emphasis in Red Team, Incident Response, and Threat Intelligence. He was a member of CrowdStrike Services from 2018 - 2023, where he was a first responder to many of the most sophisticated nation state and e-crime cyber intrusions in the world. He also led red team exercises across a range of industry verticals and breached 20+ Fortune 1000 organizations.
Today, Peyton is the founder and CEO of Specular where he's focused on combining cyber security and AI to assist organizations with identifying, assessing, and remediating cyber security vulnerabilities.
