Cyber Risk Summit

Cyber Risk Summit

Join the discussion to understand how your firm can quantify and mitigate cyber risk

Hear from industry experts actively finding and implementing new solutions and strategies to fend against cyberattacks, encouraging robust data governance and ensuring compliance.

AGENDA          SPEAKERS          BOOK NOW


Key themes include:

  • Mitigate cyber risk to ensure stable and secure financial infrastructure panel

  • Learn how to build cyber resilience in a fast-evolving landscape of threats

  • Ensure regional data compliance and mitigate the risk of a breach

  • Effectively managing risk in the cloud: moving from a data warehouse to the cloud

  • Witness the most cutting-edge solutions driving automation, analytics, AI and more 

  • Keep pace with the evolution of AML and fraud, mitigate risk and avoid fines

  • Gain insight into cloud migration and effectively manage hybrid infrastructure

Tom Kartanowicz

Regional CISO

Commerzbank AG

Flora Sah

CRO, data technology and enterprise initiatives

Bank of America

Flora Sah is the Chief Risk Officer for Global Risk Management at Bank of America. She is the lead risk partner and central delivery conduit, responsible for driving ownership, execution, and oversight between the technology teams and the horizontal risk functions to provide a holistic view of all risks and create robust future state strategy and implementation roadmap.

Before joining Bank of America, Flora was the executive advisory council at Gerson Lehrman Group, responsible for business advisory and technology consulting. Prior to that, Flora held multiple leadership roles at State Street Corporation, including COO of Enterprise Risk Management, Head of Risk & Regulatory Technology, and CTO & Head of Vendor Risk Management. Before joining State Street Corporation, Flora spent several years at Cambridge Technology Partners where she led consulting practices in financial services, retail, and healthcare industry.

Flora holds a M.S. in Engineering Management from Northeastern University and a B.S. in Industrial Engineering and Information Systems from the University of Massachusetts at Amherst.

Neil Roth

Chief operational risk officer

Santander Investment Securities U.S.

Neil Roth is the Chief Operational Risk Officer for Santander Investment Securities U.S. and Banco Santander S.A. New York, where he oversees Operational Risk, Third Party Risk, and Business Continuity Management in the second line of defense.

He previously held senior operational risk positions at RBC where he was Head of Operational Risk for Combined U.S. Operations, MUFG Securities where he was the Deputy International Head and U.S. Head of Operational Risk, and Fortis where he was U.S. Head of Operational Risk.

He was featured on the cover of the July 2013 edition of "Operational Risk & Regulation Magazine." Mr Roth graduated from Brown University with a double-major in Philosophy (cum laude) and Economics.

Michael Barton

Senior director of quantitative assessments

United Health Group

Michael Barton is the Director of Operational Risk Quantification and Scenario Analysis at AIG.  In his role, he leads the development and implementation of operational risk stress testing, economic capital estimation, and allocation of those estimates to the business lines, as well as supporting the development of and quantification of operational loss scenarios for the organization.  In this role, Michael has worked extensively with cyber and business professionals around identifying and quantifying cyber risk.  Before working at AIG, Michael was the Head of the Regulatory Solutions Quantification group in U.S. Bank’s Corporate Treasury department.  In this role, he was responsible for CCAR/DFAST and Regulatory Capital modeling for Operational Risk as well as setting up a governance framework for models and analytical tools in the Corporate Treasury department.  Previous to those roles, Michael worked in an actuarial capacity at Sun Life Financial in Boston handling variable annuity reserving, fixed and variable annuity lapse study estimations, and retirement product pricing.  He held a similar variable annuity reserving role in Security Benefit Corporation in Topeka, KS before that.  Michael has a Bachelor’s Degree in Mathematics with an Actuarial Emphasis, and a Master’s Degree in Theology.

Sophia Kazinnik

Quantitative research

Federal Reserve Bank of Richmond

Chris Beck

Executive risk consultant


Chris is a member of Milliman’s Cyber Risk Solutions (CRS) practice group.  The practice delivers a portfolio of risk consulting services, such as enterprise risk design, cyber risk assessment and quantification, test and build projects, operational risk assessments, enterprise risk management (ERM) education and training, and ERM technology evaluation. The CRS practice uses diagnostic consulting strategies to understand an organization’s enterprise risk goals and challenges and then customize solutions to deliver required business results. 


Chris has 15 years of professional experience.  His experience includes work in the banking, insurance, capital markets and card sectors helping clients assess and mitigate risk. 

Prior to joining Milliman, Chris was a Senior Manager in Accenture’s Finance and Risk Management Consulting practice, delivering work for global financial service clients.   Additionally, Chris served as an active duty Naval Officer and has multiple overseas deployments. 

Professional experience and subject matter advisory includes: 

  • Cyber Security metrics and governance
  • Financial Service Regulatory and Compliance initiatives
  • Risk Management 
  • Corporate and Risk Governance
  • Surveillance 
  • Financial Services operating model and cost reduction
  • Regulatory remediation and responses
  • Legal department risk and optimization
  • Leading large cross functional projects and teams


  • BS Political Science, University of Wisconsin–Madison
  • MBA, University of Chicago – Booth School of Business

Managing opportunistic cybercrime
Cyber quantification in crisis
Innovative technology solutions
Fincrime: AML and fraud
Remote working and third parties
Cyber security and ransomware attacks
Phishing sophistication
Managing risk in the cloud
Building cyber resilience
Cyber risk reporting
Machine learning implementation

Our Cyber Risk Summit partners

EY is a leader in serving the financial services industry

We understand the importance of asking great questions. It’s how you innovate, transform and achieve a better working world. One that benefits our clients, our people and our communities. Finance fuels our lives. No other sector can touch so many people or shape so many futures. That’s why globally we employ 26,000 people who focus on financial services and nothing else. Our connected financial services teams are dedicated to providing assurance, tax, transaction and advisory services to the banking and capital markets, insurance, and wealth and asset management sectors. It’s our global connectivity and local knowledge that ensures we deliver the insights and quality services to help build trust and confidence in the capital markets and in economies the world over. By connecting people with the right mix of knowledge and insight, we are able to ask great questions. The better the question. The better the answer. The better the world works.

Milliman is an independent, privately owned, global professional services firm. Our legacy is actuarial science; we have become a global leader in actuarial services, risk and predictive analytics. Our background and business model is driven by our client focus using rigorous quantitative techniques applied to risk assessments and modeling.

Milliman’s Cyber Risk Solutions (CRS) is composed of a cross-functional team with complementary skills sets:

  • Enterprise Risk Management and Operational Risk
  • Emerging threat detection and modeling
  • Consumer behavioral data and time series analytics
  • Data sciences, including predictive modeling
  • Regulatory remediation
  • Actuarial science

Milliman CRS understands the quantification of operational risks such as conduct, vendor, cyber, reputational, climate, disgruntled employee, etc. is becoming ever more important. We understand where models that quantify risk are beginning to fail and how decision makers can take actionable steps to mitigate financial losses.

If you have any queries regarding OpRisk North America or Cyber Risk Summit, please contact the appropriate person below: