Speakers

Shon Lyublanovits is the Cyber Supply Chain Risk Management Program Management Office Lead within CISA’s Cybersecurity/Capability Building organization. Under Shon’s leadership is the SIGMA team which provides  operational support to the Federal Acquisition Security Council and serves as the Information Sharing Agency. She also leads the STORM team which focuses on improving processes and establishing C-SCRM best practices  which can be leveraged across the FCEB, SLTT, and industry. She is a Fed100 award recipient and was named  one of the “Rockstars of Cybersecurity” by IEEE. She has over 25 years of federal service and experience in the  areas of cybersecurity, privacy, governance, and supply chain risk management. 

Prior to joining CISA in July 2022, Shon served as the Senior Advisor for Cybersecurity and the Supply Chain Risk  Management lead for the Office of Information Technology Category (ITC) in GSA’s Federal Acquisition Service  (FAS). While at GSA, she successfully served as ITC’s very first IT Security Subcategory Manager and was the  leading force and advocate for dealing with the challenges of infusing cybersecurity and supply chain risk  management into the acquisition process. Shon developed one of the top initiatives under the Obama  Administration in creating the Highly Adaptive Cybersecurity Services (HACS) SIN in response to the OPM  breach. She also successfully created a Supply Chain Risk Management (SCRM) center of excellence, ensuring  FAS IT products and services aligned with federal cybersecurity standards and mandates. She also led the NDAA  Section 889 Part B implementation within ITC and served as a champion to promote a SCRM Enterprise  Framework focused on Acquisition and Policy Compliance, Cyber Risk Management, and Supplier Relationship  Management. 

Shon has also held senior cybersecurity leadership positions at the Department of Labor, Army Criminal  Investigative Division, and the Defense Logistics Agency. She is a graduate of the Cybersecurity for Managers  program at MIT Sloane School of Management. She holds graduate certificates in Information  Systems/Information Technology Project Management, Applied Project Management, Six Sigma and  Organizational Leadership from Villanova University and is a graduate of Mitchell Hamline’s School of Law  Cybersecurity and Privacy Law Program

Ms. Jeanette J. McMillian serves as the Assistant  Director for the Supply Chain and Cyber  Directorate (SCD) of the National Counterintelligence and Security Center (NCSC). In this role, Ms. McMillian participates in interagency strategic programs and National  Security Council initiatives to bolster the security  of cyber and supply chains across the federal  enterprise. She works closely with NCSC  directorates, Office of Director of National  Intelligence (ODNI) components, and other  Departments and Agencies, specifically the  Departments of Homeland Security and Defense,  to address supply chain security as a critical  component of the National Counterintelligence  Security and National Cyber Strategy.  

Prior to joining NCSC, Ms. McMillian served as  the Acting Deputy Inspector General to the Acting  Inspector General of the Intelligence Community (IC IG). Ms. McMillian was most familiar with the IC IG office construct having served in various leadership roles since 2010. She was instrumental in the development of the  legislation that created the IC IG to provide  oversight of IC programs and activities within the authority of the Director of National Intelligence  (DNI).  

As the Acting Deputy Inspector General, Ms. McMillian partnered with the IC IG to coordinate  and supervise independent audits, inspections, investigations, and reviews. She supported the  Acting IC IG in supervising the Assistant  Inspectors General for Audit, Inspections,  Investigations, and Management and Administration. Ms. McMillian also chaired the  Deputy Inspectors General Committee that supports the IC IG Forum on several key initiatives  including the IC IG Awards Program.  

Ms. McMillian continued to serve as the General  Counsel to the IC IG during this interim period. She supervised a staff of legal counsels who conducted  legal and policy reviews, provided legal guidance on pertinent IG matters, served as liaison to congressional staff and members, and chaired the IC IG Forum Counsels Committee. Ms. McMillian was  also an invited lecturer with the Federal Law  

Enforcement Training Center teaching various legal  courses including Workplace Searches (4th Amendment), Civil Investigations, Administrative  Remedies, Employee Rights and Warnings (5th Amendment), and Whistleblower Protections. Ms. McMillian also served in several Intelligence  Community (IC) advisory positions before serving in  the IG community. At the National Counterterrorism Center (NCTC), Ms. McMillian assisted with the  stand-up of the Directorate of Strategic Operational Planning by analyzing the legal and regulatory aspects of strategic counterterrorism plans. As an Assistant General Counsel with the Office of General  Counsel at the Central Intelligence Agency, she assisted in the establishment of the ODNI as a legal  advisor to the ODNI’s predecessor organization, the IC Community Management Staff. Ms. McMillian holds a Bachelors of Arts in Political  Science (1997) from Howard University and a Juris  Doctorate (2000) from Washington University School  of Law.

Mr. Ray is currently the Civilian Deputy for the Director of the Supply Chain Management Directorate (SCMD), G-3 HQ Army Materiel Command. In this role, Tom is responsible for planning, directing, integrating and coordinating the Army’s supply chains and the Organic Industrial Base, as well as the Enterprise Resource Planning software underpinning both.

Prior to his move to AMC Mr. Ray was the Director of Industrial Operations for the U.S. Army Aviation & Missile Command (AMCOM) Logistics Center (ALC).  In this role at AMCOM he led the Industrial Operations Directorate to facilitate the work loading of the Organic Industrial Base and provided value added solutions that enable Corpus Christi Army Depot (CCAD), Letterkenny Army Depot (LEAD) as well as National Maintenance Provider (NMP) to act as a viable source of repair for the Army and the Warfighter. 

Mr. Ray has over 30 years of combined government and industry experience.  Mr. Ray earned a degree in Mechanical Engineering from the University of Alabama and began his career at PPG Industries as a Maintenance Engineer.  During his 18 years of industry experience he worked for PPG Industries, General Electric and Tyler Tool Company (where he was part owner).  His titles in industry include Maintenance Engineer, Manufacturing Engineer, Global Aviation Quality Process Manager, Operations Manager, and Master Black Belt.  Mr. Ray joined the government service in 2012 where he served as AMCOM’s inaugural Master Black Belt guiding the Office of Continuous Improvement (OCI).  In 2015 Tom joined the ALC Industrial Operations team and as served various leadership roles before becoming Director of AMCOM Industrial Operations in early 2018.  In October of 2022 Mr. Ray moved to AMC as the Civilian Deputy for the Supply Chain Management Directorate at the G-3 HQ Army Materiel Command.

Mr. Ray holds multiple certifications including Lean Six Sigma Master Black Belt, Certification in Production & Inventory Management (CPIM, APICS) and Program Management Professional (PMP, PMI).  Mr. Ray is also Defense Acquisition University Level III trained and certified in Production and Quality Management (PQM).  In addition, he has been awarded the Achievement Medal for Civilian Service on two different occasions as well as the Ernest A. Young Logistics Achievement Award in the management/executive category in 2017. He was also awarded the 2019 Louis Dellamonica Award for outstanding service and accomplishments that significantly contributed to AMC’s mission to develop and deliver materiel readiness solutions to U.S. warfighters.

Mr. Ray is a native of Russellville, AL. He and his wife, LaJeanna, have four children, Jacob (26), McKenna (24), Dylan (21) and Brayden (19)

Tom Smith is Supervisory IT Specialist with the General Services Administration’s Federal Acquisition Service (FAS) and has over 32 years of Air Force Active Duty and Federal Civil Service Acquisition experience. As a Branch Chief in the IT Software Division team, he is the recognized FAS IT Category Cyber Supply Chain Risk Management (C-SCRM) subject matter expert responsible for leading the technical execution strategy for the 2nd Generation IT program management office and FAS Cloud Marketplace initiatives. His government-led continuous monitoring vendor risk management surveillance program has become a critical benchmark for the IT Category delivering compliant information capabilities and solutions and services to government customers. 

Mr. Smith previously served as the Chief Engineer, Business Enterprise Services Division, for the Air  Force PEO Business Enterprise Services Division at Maxwell-Gunter AFB in Montgomery, AL before  joining GSA in October 2018. He provided technical leadership direction for $30B+ Air Force enterprise wide strategic sourcing requirements in Information Technology Applications and Network Operations,  Directorate Portfolio Engineering professional technical services, enterprise architecture development  support, and IT Business Analytics to enable USAF Information Network commonality and  standardization of warfighting IT capabilities. 

His previous assignments included tours supporting numerous Major Defense Acquisition Programs in  weapons, aircraft, and avionics systems development. He retired as a Lt Colonel in 2009 having served  as Deputy Director for DoD Joint Test Groups, Deputy Group Commander, and Deputy for Air  Force/Detachment Commander at White Sands Missile Range. His military awards include the Defense  Meritorious Service Medal and Joint Service Commendation Medal. 

Mr. Smith attained DAU Acquisition Corps membership and Level 3 professional certifications in  Program Management, Systems Engineering, and Test & Evaluation during his Air Force career. He holds a Bachelor’s degree in Electrical Engineering from Auburn University, a Master’s of Science degree in  Engineering Management from Florida Institute of Technology, and completed Air Command and Staff  College Leadership training from Air University.

Pete Chestna serves as the CISO of North America at Checkmarx, where he provides customers and prospects with practical advice for building successful application security programs. Bringing more than 15 years of direct AppSec practitioner experience, Pete has held roles ranging from developer and development leader to his most recent position as the Global Head of AppSec for the Bank of Montreal where he was responsible for the security of thousands of applications. 

Over his years as a software engineer and engineering leader, Pete has led organizational transformations from Waterfall to Agile to DevOps and from monolith to microservice architectures. He is certified as both a scrum master and product owner. Stemming from his experience as both an avid practitioner and consultant, Pete has spoken internationally at numerous prominent security and developer conferences including DevOpsDays, All Day DevOps, OWASP AppSec, and DevSecCon. 

Pete has been granted 3 patents. He enjoys whiskey tourism, astronomy, model rocketry and listening to Rush in his spare time

Christine is an accomplished Application Security Executive and highly regarded for strategically orchestrating security programs, SDLC capabilities, automation and security tooling, risk mitigation strategies, and multi-party coordinated incident response and disclosure. She has contributed to several security working groups in the U.S and Canadian governments.  Her current primary focus at BlackBerry is driving the secure software supply chain efforts focusing on the NIST SSDF, Cybersecurity Executive Order, ISO 29147, ISO 30111, Open Source software licensing and compliance, and SBOM efforts. She is a known keynote industry expert speaker and contributor, including RSA, CCTX, Black Hat, IoTSF, ISACA, CAV, Women in IT, and FIRST. She has provided thought leadership content to CSO magazine, Silicone Angle, Siliconrepublic, Authority Magazine, and Dark Reading. 

• Currently, Senior Product Manager for Servicenow
• Professional background in Sale Engineer, Consulting and Training
• 12+ years of Third-Party Risk Management experience
• MBA University of Maryland
• Certified Third Party Risk Professional