Lancope Executive Advisory Board
Paul Butka is the founder of PB Retail Advisors, LLC, an information management and consulting company specializing in all aspects of retail technology, including security and compliance, infrastructure, application development, operations and IT strategy. Most recently, the firm performed an assessment to better enable security and compliance sustainability for a major North American corporation.
In 2009, Paul retired after spending 35 years in the IT division of The TJX Companies, Inc. formerly known as Zayre Corporation, where he led multiple initiatives in various operating divisions and served as director of systems, chief information officer and executive vice president of global application development. During his tenure, TJX grew to more than $20B in annual revenue and became a global Fortune 200 company. TJX now operates more than 2500 stores in North America and Europe under TJ Maxx, Marshalls, Home-Goods, AJWright, Winners, T.J. Maxx and other banners.
With considerable expertise in IT infrastructure, application standardization, compliance and security, Paul is a recognized and respected technology leader, who has spent many years on the National Retail Federation's (NRF) CIO council. Recently he was appointed CIO Council Emeritus by the NRF.
Currently Paul serves on the Fujitsu Retail Advisory Board and the ArcaTech Systems' Advisory Council and was a past advisory board member for Teradata and AMR.
Active in his community, Paul is now fulfilling his second elected term on his district's Regional School Board. Recently, he was honored Humanitarian of the Year by the Cardinal Cushing Centers, a non-denominational, residential school for challenged children, and continues to serve on its Board of Directors.
Bryan Palma is the founder of Ponic, an information risk consulting firm, focused on helping senior executives and boards of directors build and improve information risk functions.
Bryan spent three and a half years as the chief information security officer (CISO) for PepsiCo and was responsible for global information security management and information technology compliance at Frito-Lay, Pepsi-Cola, Quaker, Tropicana, Gatorade and PepsiCo International. He advocates a holistic, business driven approach to information security and compliance management that focuses on mitigating enterprise risk through a combination of technical, business, and legal strategies.
Prior to joining PepsiCo, Bryan was a special agent with the United States Secret Service assigned to the Washington Field Office. He has worked a number of high profile electronic crime investigations, both domestically and internationally, and supervised numerous cyber assessments.
He was a founding member of the US Secret Service Washington DC Electronic Crimes Task Force, a joint venture between corporations, government, and academic institutions focused on improving information security.
Bryan is well-recognized in the information technology field for his pragmatic, business-centered approach to information security and compliance. Bryan earned a Bachelor of Arts degree from the University of Richmond, a Master of Education degree from the University of Maryland, and an M.B.A. from Duke University's Fuqua School of Business.
Donald A. (Andy) Purdy, Jr., Esq., CISSP
Earlier this year, Andy Purdy formed DRA Enterprises, Inc., a consulting firm specializing in information assurance and cyber security, software assurance, business development, and government relations. In addition, Andy currently serves as a Special Government Employee on the U.S. Department of Defense Science Board Task Force on Software Assurance.
In his role as Acting Director of the National Cyber Security Division/US-CERT of the Department of Homeland Security (DHS), Andy served as the U.S.' "cyber security czar" for two years ending in October 2006. Andy served for three and a half years at DHS beginning with his role in the set up and launch of the NCSD beginning in April 2003 after he moved to DHS from the White House staff. On October 4, 2004, Secretary Ridge appointed Andy as Acting Director to lead the cyber security effort, where he served for 24 months. From October through December 2006, Andy served as a Visiting Scientist at the Software Engineering Institute of Carnegie Mellon, working on the Resiliency Engineering Framework with the Financial Services Technology Consortium.
Prior to his work in support of DHS, Andy served as a member of the White House staff as Deputy to Howard Schmidt, the Vice Chair of the President's Critical Infrastructure Protection Board (PCIPB), where he helped to draft the National Strategy to Secure Cyberspace. Previously, at the U.S. Sentencing Commission, Andy served as Acting General Counsel from November 1999 to January 2001 and was Chief Deputy General Counsel from 1989 until that time. Andy served as a Federal prosecutor in Philadelphia, Special Counsel to the House Ethics Committee, Counsel to the Senate Impeachment Trial Committee, and Assistant Attorney General in Missouri. He also worked as Senior Staff Counsel to the House Select Committee on Assassinations' investigation of the assassination of President Kennedy. Andy served for five years in a producer capacity with NBC and CBS News in Washington, D.C.
Andy is a graduate of the College of William and Mary and the University of Virginia Law School, and is a member of the bar in the District of Columbia, Maryland, Missouri, and Pennsylvania.
Kenneth J. Tyminski
Ken Tyminski is an independent consultant specializing in Strategic Advisory services for Information Technology Security and Risk Management. Ken focuses on working with firms that provide services and products in these areas. Additionally, Ken is also available to work with organizations that are implementing, enhancing and evolving their information security or risk management programs.
During Ken's 32 years in the field, he spent six as the Chief Information Security Officer for Prudential Financial. He championed the cultural change that recognized that the responsibility for security lies not only with those who implement and maintain Information Systems, but also with users, facility managers, compliance officers, contract and financial staff, and every employee in the organization. His expertise in providing consulting services focuses not only on the technical infrastructure, but also on the business processes and staff practices which play a crucial part in the effective implementation of any security, compliance or IT governance program. Throughout his career, Ken has worked closely with technology vendors often participating in an advisory role for the company, working closely with product marketing and development teams. While he is focused on information security and risk management, his experience covers all aspects of Information Technology.