Dr. Sherly Abraham is currently the Program Director for Cybersecurity degree programs at Excelsior College. She earned a Ph.D. from the University at Albany with a specialization in information assurance and her dissertation focuses on improving the effectiveness of information security training programs in organizations. Dr. Abraham has published in referred journals and presented in leading conferences on cybersecurity related topics. Dr. Abraham has over 10 years of work experience in the information technology field in the higher education environment. She has been involved in campus wide technology deployment projects consisting of voice over ip, campus network security, and telecommunications infrastructure planning. She has a graduate degree in Telecommunications from SUNY Institute of Technology, NY and an undergraduate degree in Computer Engineering from Assumption University, Bangkok, Thailand.
MITRE Corp/ABA Information Security Committee
Michael Aisenberg is a Principal Cyber Security Counsel in the Center for National Security of MITRE's Defense and Intelligence FFRDC. He has a career-long record as a leader in Washington's information technology policy community bridging information technology interests in government and industry with public policy makers. Trained as an attorney, he has held numerous leadership roles in industry and government policy bodies. Michael's present position includes providing strategic policy advice and support for MITRE's systems engineering work at Federal agencies in defense, intelligence and homeland security, supporting MITRE projects in such areas as security of national security information systems, privacy, civil rights/civil liberties issues in the national security community, health information systems, and critical infrastructure sectors such as financial services systems. He holds Top Secret clearances from the IC, DoD and DHS. Previously, Michael was Counsel to the CEO of Electronic Warfare Associates- Information & Infrastructure Technologies, Inc. From 2000 to 2007, Michael was Director of Corporate Government Relations at VeriSign, Inc., managing its industry relations, communications and technology regulatory and national security programs. From 1981 to 1997, Aisenberg was Digital Equipment Corporation's Washington public policy program Director and lobbyist, addressing issues including intellectual property, electronic health and health care economics, technology trade and tariffs, Federal I/T acquisition policy, critical infrastructure protection, E-commerce policy, the Year 2000 computer problem, export controls, antitrust reform, and Federal R&D budget policy. From 2007- 2008, he served as elected Chairman of the Information Technology Sector Coordinating Council (IT SCC), a statutory body providing industry advice to the Department of Homeland Security. From 2002 to 2007, Aisenberg led VeriSign's participation in the President's National Security Telecommunications Advisory Committee (NSTAC), chairing the NSTAC's International Task Force. From 2005 to 2008, Aisenberg served as Parliamentarian of the Dept. of HHS/ONC chartered Health Informatics Technology Standards Panel (ANSI- HITSP). From 2007-2009, he served as President of the International Systems Security Engineering Association (ISSEA), the sponsor of the CMM/CMMI capability maturity model for security (ISO 21827). From 2006 to 2009, Aisenberg was Chairman of the American Bar Association's Information Security Committee, and continues as its Vice-chair and Chair of its Cyber Policy/Law working group; he is also Assistant Editor and a member of the Editorial Board of the ABA Science/Technology Lawyer journal. He was previously Vice-Chair of the ABA Homeland Security Committee, and has served on numerous organizational boards, including the Board of Directors of the ITAA (now TechAmerica) Commercial Division, and of the IT Information Sharing Advisory Committee (IT ISAC).
Peter Allor is a security strategist guiding the company's overall security initiatives and participation in enterprise and government implementation strategies. He assists the IBM Watson and X-Force research and development teams with the collection, analysis and dissemination of information regarding cyber vulnerabilities, exploits, incidents, threats and early warning products. He is responsible for security strategies, especially as they intersect with critical infrastructures and networked protection. Allor is a member of the Information Technology - Sector Coordinating Council (IT-SCC) Executive Committee, which works within the private sector on policy and strategy input to the U.S. government. He is also a board member of the Forum for Incident Response and Security Teams (FIRST) where he also serves as CFO/Treasurer. Allor has spoken at numerous events on security, information sharing and cyber intelligence, including last year's NYS Cyber Security Conference, IAEA for Nuclear Power Plant Security, Homeland Security for Networked Industries, GFIRST National Conferences, FIRST, Infragard National Conferences, Forbes Corporate Security Forums, iSecuTech Taiwan and Secret Service San Francisco and Chicago and FBI Regional Forums (internal). In 2005, Allor was presented with IT Security Magazine's Individual Innovation Award. Prior to joining IBM, Allor served as an Officer in the United States Army where he worked in a variety of security related positions reporting from Panama to Korea, as well as multiple places in the Middle East. Allor holds a bachelor's degree in business administration from Rollins College and a master's degree in organizational management from the University of Phoenix. He is a graduate of the U.S. Army Command and General Staff College. In addition, he is a member of the Atlanta InfraGard Chapter.
Broome Community College
James L. Antonakos is a SUNY Distinguished Teaching Professor of Computer Science at Broome Community College, in Binghamton, NY, where he has taught since 1984. James teaches both in the classroom and online in classes covering electricity and electronics, computer networking, computer security and forensics, information management, and computer graphics and simulation. James is the designer and director of the new 2-year AAS Degree in Computer Security and Forensics at Broome Community College. James is also an online instructor and faculty advisor for Excelsior College, as well as an IT security consultant for Excelsior College. James is also an online instructor for Champlain College. James has extensive industrial work experience as well in electronic manufacturing for both commercial and military products, particularly in flight control computer technology for Navy aircraft. James also consults with many local companies in the areas of computer networking and information security. James is the author or co-author of over 40 books on computers, networking, electronics, and technology. He is also A+, Network+, and Security+ certified by CompTIA and ACE certified in computer forensics by AccessData. James is also a frequent presenter at the annual New York State Cyber Security Conference.
Bruce Barnett is a NYSTEC Information Security consultant who assists clients with vulnerability testing and analysis. Bruce joined NYSTEC after a 27-year career with GE Global Research, where he was a Senior Scientist responsible for devising new solutions to difficult issues and problems. He proposed, researched, and implemented dozens of innovative solutions involving advanced network protocols and security-related technologies. Bruce is knowledgeable in multiple technology areas, including security technologies, programming languages, numerous operating systems, networking and wireless systems and solutions, and system-administration platforms. He holds 14 patents and has written for 27 publications. Bruce earned a BS in the Mathematics of Computation from Rensselaer Polytechnic Institute.
Mandiant, A Fire Eye Company
Nick Bennett is manager of professional services for Mandiant, a FireEye company. He is based in FireEye/Mandiant's NY office, where his work includes network and application vulnerability assessments, host audits, policy reviews, social engineering testing, and incident response. Mr. Bennett is an expert in application security and has performed numerous application penetration tests.
Prior to FireEye's acquisition of Mandiant in January 2014, Mr. Bennett was a principal consultant in Mandiant's NY office. He was previously a security consultant with Symantec Corporation, where he supported a 24-hour Security Operation Center (SOC). In this role, Mr. Bennett provided incident response for large state networks, conducted vulnerability assessments of state networks, and performed forensic analysis of compromised devices to investigate intrusions.
Mr. Bennett also has experience as a web application developer, having developed several web-based applications and tools during his time as a student at Georgetown University.
Dell Secure Works
Dane Boyd, a Georgia State University graduate, has been a member of Dell SecureWorks for over five years. Dane has combined his passion for cyber-security and training to deliver engaging security awareness presentations.
Todd is a PMI certified Project Manager and Principal Consultant with NYSTEC. He has extensive experience in communication, quality assurance, metrics, and managing complex technology projects at start-ups and Fortune 400 organizations. Todd is also a Lean Six Sigma Green Belt and Certified Scrum Master. He is pursuing an MBA and CGS in Information Security from SUNY Albany.
Mr. Brennan has helped global corporations with information security programs and is just as comfortable ripping through a packet capture, doing delivery on a red-team or speaking before live audiences worldwide. Tom is a Veteran of the United States Marines Corps, lives in Morris County, New Jersey with his wife and children
Critical Technologies Inc.
Dr. Card has 30 years of experience in computing and related fields. He currently leads several U.S. Air Force funded R&D efforts to escape the "Red Queen's race" of perpetually patching vulnerabilities.
John Cassidy has more than seventeen years of industry experience with strong competencies in telecommunications engineering, information technology, and business management. Over the past 6 years, Mr. Cassidy's primary focus has been driving and developing strategic public-private Federal Government initiatives protecting the US Homeland from advanced cyber attacks. Mr. Cassidy works extensively with Sr. Leadership at the Department of Homeland Security and Intelligence Agencies to develop innovative programs that enable U.S. private entities to receive protection using government class intelligence on cyber threats. In 2010, Mr. Cassidy was a key contributor on the Defense Industrial Base (DIB) pilot between the DoD, interagency partners, and representatives of the private sector. The DIB pilot was the first successful voluntary public/private cyber intelligence information sharing initiative of its kind. Mr. Cassidy has played a key role in assisting the Federal government transform this pilot into the fully operational program and system known as the DHS Enhanced Cybersecurity Service (ECS). In parallel to the efforts on ECS, Mr. Cassidy has and continues to be actively engaged with DHS and Intelligence Agencies on the development and creation of custom managed security services that will be provided to Federal Civilian Agencies through the DHS Einstein 3 Accelerated (E3A) contract. The E3A contract was awarded to CenturyLink Government in April 2013, making CenturyLink the first Internet Services Provider (ISP) to be awarded a four year IDIQ contract. Through Mr. Cassidy's efforts and the team at CenturyLink, CenturyLink now provides active protections to multiple Federal Civilian Agencies and close to 500k end-users through the E3A system. Mr. Cassidy holds a Master of Science (M.S.) in Information Systems Management from the George Washington University and a Bachelor of Science (B.S.) in Business from James Madison University. He is a member of the Armed Forces Communications and Electronics Association (AFCEA), DC Chapter. Mr. Cassidy is also a member of the Intelligence and National Security Alliance (INSA), and a participating committee member on the Cyber Task Force.
CGI Solutions and Technologies, Inc.
Mr. Corby has been operating a successful IT consulting business for over 25 years and has over 40 years of experience in IT strategy, operations, development and security. He has successfully managed large projects, developed flexible IT infrastructures and sound security organizations for hundreds of the world's most successful organizations. He is the founder of (ISC)2, Inc. the organization that established the CISSP security professional credential. In 1992, Mike was named the first recipient of the Computer Security Institute's "Lifetime Achievement Award". A frequent global speaker and author, he held executive positions with several global consulting organizations including Netigy Corporation, QinetiQ, Gartner Group and Marsh & McLennan, prior to his current responsibilities. He was formerly CIO for Worcester's Riley Stoker division of Ashland Oil and for Bain & Company. A community supporter through the Worcester Chamber and many professional groups, Mike has established a reputation for creativity and excellence in technology and its application to business needs. He holds a BS EE degree from Worcester Polytechnic Institute; holds the PMP distinction from Project Management Institute; is a Certified Computer Professional (CCP), Certified Information Systems Security Professional (CISSP) and a Certified Business Continuity Professional (CBCP).
Medical Science & Computing, LLC
Din Cox, PhD has over 15 years cross-domain expertise encompassing security engineering, networks, software development, enterprise architecture, application security, IT risk, governance and compliance, providing consulting services across various industry verticals including government and internationally known clients. Dr. Cox is currently the Application Security Lead for Medical Science & Computing, LLC. Prior to joining MSC, he was the Technical Manager leading a team responsible for application security and penetration testing, supporting the U.S. Courts. Prior to his role as a Technical Manager, he was a Senior Application Security Architect supporting the USDA's application security program. Din holds a Doctor of Philosophy (PhD) degree in Information Assurance and Security from Capella University, an MBA and a Master of Project Management (MPM) degree from Keller Graduate School of Management, and a Bachelor of Science Degree in Technical Management from DeVry University. Some of his research interests include application and mobile security, biometrics, cloud computing, machine learning, and authentication schemes. He maintains several industry certifications, which includes the Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), Information Systems Security Management Professional (ISSMP), Certified Secure Software Lifecycle Professional (CSSLP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certificate of Cloud Security Knowledge (CCSK), and the Certified Ethical Hacker (CEH), among other certifications. Dr. Cox is also active in various professional organizations, including the Information Systems Security Association (ISSA), Information Systems Audit and Control Association (ISACA), International Information System Security Certification Consortium (ISC2), Cloud Security Alliance (CSA), and the Open Web Application Security Project (OWASP). He is also involved in the academic community and currently serves as an Adjunct Faculty in the School of Business and Technology at Excelsior College.
Dr. Anita D'Amico is the Director of Secure Decisions, an organization devoted to the development of advanced technologies in cybersecurity, primarily for DHS and DoD. She is currently engaged in transitioning two new application security technologies, sponsored by DHS, into open source and commercially available tools. She is a human factors psychologist and a specialist in information security situational awareness, particularly the visualization of complex cybersecurity information. She has a B.A. from the University of Pennsylvania, and an M.A. and Ph.D. from Adelphi University. Prior to starting Secure Decisions, she led the Information Warfare team at Northrop Grumman. Anita is a widely published thought leader in cybersecurity. She testified before the Congressional Subcommittee on Science and Technology on the topic of cybersecurity R&D and education. Her research has been nominated twice for best Small Business Innovative Research of the year by DARPA, and has been featured in Volumes I and III of DARPA's Small Business Success Stories.
Air Force Research Lab
George Duchak, a member of the Senior Executive Service, is Director, Information Directorate, Air Force Research Laboratory, Rome, New York.
The Information Directorate is the Air Force's and nation's premier research organization for command, control, communications, computers and intelligence (C4I) and cyber technologies. The mission of the Information Directorate is to explore, prototype and demonstrate high-impact, game changing technologies that enable the Air Force and nation to maintain its superior technical advantage.
As Director, Mr. Duchak leads basic research and advanced development activities in information exploitation, information fusion, information understanding and management, cyber operations, connectivity and networks, command and control, and advanced computing architectures. He oversees a workforce of 1,166 military, civilians, and on-site contractors and executes an annual budget of over $1 billion, including $185 million in core funding plus additional $845.8 million in externally funded research and development (Fiscal 2014).
The Information Directorate encompasses a 65 acre campus with state-of-the-art laboratories for research and development. Additionally the Information Directorate owns two unique off-site testing facilities covering 378 acres.
Tim Finn is Vice President of Global Cyber Security at First Data. He is a 25 year veteran of the Merchant Payments business, 15 of those years dedicated to business units that are part of today's First Data. During his career, Mr. Finn has had managerial responsibility for Sales, Relationship Management, and Account Service teams; overseeing client portfolios in nearly every vertical segment of the merchant landscape. Mr. Finn had P&L responsibility for First Data's Petroleum & Convenience Store, and Restaurant/QSR business units from 1997 to 2004.
Since 2004, he has focused on new and emerging technologies that bring incremental value to the merchant community. Since 2011, Mr. Finn he has led First Data's Cyber Security Sales and Solution Consulting efforts.
Mr. Finn earned his Bachelor's degree in Finance, and his MBA in Marketing and Management; both from the University of Nebraska. He resides in Roswell, GA, with his wife and three children.
Austen D. Givens is Professor of Practice in Cybersecurity at Utica College and a PhD candidate in the Department of Political Economy at King's College London. He is co-author of The Business of Counterterrorism: Public-Private Partnerships in Homeland Security (Peter Lang, 2014), which explores the increasing influence of businesses in the homeland security and cybersecurity fields since 2001. Austen is a graduate of the University of Virginia, and can be reached via Twitter: @GivensAD
Robert has more than 30 years of global Privacy and Information Technology experience within the Federal, Public and Private Sectors. He began as career as a Navy Hospital Corpsman where he was trained in several disciplines including submarine medicine. Subsequent to receiving his commission Robert held positions that included Global Program Director for the Department of Defense Persian Gulf Illness Program and Medical Chief Information Officer for the U.S. Pacific Command and U.S. Pacific Fleet. Since his military retirement, Robert has held positions as the VP/CIO of a regional integrated health system; VP International Operations and Business Development for global internet application provider; and served as the Chief Privacy Officer for the U.S. divisions of three global pharmaceutical companies.
Robert joined Deloitte & Touche LLP from industry in 2012. Robert is an acknowledged subject matter leader in privacy and data protection and has completed multiple engagements including US and global privacy assessments, co-sourced internal audits, global privacy program design and build, and staff augmentation / privacy office support.
Raj Goel, CISSP, is an IT and information security expert with over 25 years of experience developing security solutions for the banking, financial services, health care, and pharmaceutical industries. A well-known authority on regulations and compliance issues, Raj has presented at information security conferences across the USA, Canada, and now, Europe! He is a regular speaker on PCI-DSS, HIPAA/HITECH, Privacy Breach laws, and other technology and business issues. His 1st book "The Most Important Secrets To Getting Great Results From IT" is available on Amazon. His articles and contributions have appeared in: Information Security Magazine, Entrepreneur Magazine, PenTest , CSO Online and law magazines and newspapers globally. Raj is a frequent speaker at: NY County Lawyers Association CLE sessions (NYCLA), NY State Society of CPAs (NYSSCPA), Long Island Association of Certified Fraud Examiners (LICFE), ISC2 Secure Events, ISC2 Webinars, BrightTalk webinars, NYS Cyber Security Conference and ASIS Conferences. He has appeared in New York Times, PBS Television, ITV Television, Cyberhood Watch Radio, De Volkskrant newspaper.
Mobile Active Defense
Eric is both SVP of Business Development and board member at Mobile Active Defense.
In that role he's been consulting as a subject matter expert (SME) with primarily the FORTUNE 500 and Federal Agencies on the subject of mobile security and management. This includes serving as an SME for both the NSA's National Information Assurance Partnership (NIAP) in developing the requirements for the mobile device management protection profile used to create a Common Criteria for mobile device management as well as for CompTIA in the creation of a mobile security management certification.
Outside of that role, he has been involved in the security industry for over a decade. Past experience also includes running a technology book division publishing 12 books with a wide variety of industry luminaries, primarily in security.
For the last 7 years, Eric has and continues to also serve as program director for SC Magazines SC Congress events.
Steve Hamby has 30 years' experience in Information Technology, and is a former award-winning Chief Technology Officer. He now consults with multiple organizations to improve their cyber situational awareness and enhance their cyber-aware mission assurance posture.
Vince is an Information Security Consultant with more than 20 years of experience in Information Technology (IT), including more than 15 years in cyber security. Most recently, Vince has been serving in a cyber-security advisory role for the New York State (NYS) Department of Health (DOH), at the Medicaid Information Service Center of New York (MISCNY) for the Medicaid Data Warehouse (MDW) Quality Assurance (QA) team. Vince has performed Health Insurance Portability and Accountability Act (HIPAA) compliance audits, provided assistance with Request for Proposal (RFP) technology requirements and Statements of Work (SOW), completed vulnerability testing and analysis, and developed NIST and HIPAA-compliant governance. This experience is complemented by cyber security leadership roles in the private sector and academia. Vince's broad cyber-security experience includes program management, strategic planning, network and application security architecture, risk analysis, measurement systems and reporting, technology acquisition and implementation, data loss prevention, data classification, multifactor authentication, policy and standards development, global regulatory compliance, cryptography, security training and awareness, information security audit and findings remediation, advanced persistent threat response, Intellectual Property (IP) and Classified spill remediation, incident response and investigation, and endpoint security. Project experience includes Department of Defense Classified and other highly regulated information. Vince holds a Bachelor of Arts in Computer Science and Mathematics from the College of Saint Rose and is an ISACA Certified Information Security Manager and holds a CISM certification.
Reg Harnish (CISM, CISSP, CISA, ITIL) is an entrepreneur, speaker, and the CEO of GreyCastle Security. With nearly 15 years of security experience in Financial Services, Healthcare, Higher Education and other industries, Reg focuses on security solutions ranging from risk management, incident handling and regulatory compliance to network, application and physical security. Reg is a frequent speaker and has presented at prominent events, including the NYS Cyber Security Conference, US Cyber Crime, Symantec Vision, ISACA, ISSA, InfraGard and more. Reg's successes have been featured in several leading industry journals, including Software Magazine, ComputerWorld and InfoWorld.
Reg is a fellow of the National Cybersecurity Institute, located in Washington, DC and currently serves on the Advisory Board for ITT Technical Institute.
Terry Hect is a security technologist and architect. He has extensive background in building and managing security operations centers at large government (DOD) and Fortune 100 businesses. Terry has been actively involved in the development and deployment of security efforts for over 20 years, rotating through various responsibilities in R&D, Operations, Marketing and Sales.
Terry has been a key asset in many of the firm's most strategic businesses and efforts, including the launch of the U-verse, Security and Cloud, and Business Transformation.
Currently, Terry leads several key initiatives for AT&T Security supporting key customers, various industry organizations, AT&T Partners, and internal marketing teams in the development of security models to help reduce risk and improve visibility and control of elements within the network.
Previously, Terry was a Lead Member Technical Staff in AT&T Labs supporting the development of security on AT&T's MPLS network. This position developed the solutions, processes and assets needed to secure the MPLS based network, improving the security posture for AT&T and its customers.
Terry served as Director, Product Marketing for AT&T U-verse during the inception of that offer. His team managed the programs surrounding the development and deployment of over 1 million instances of hardware needed to support AT&T U-verse services. Earlier in his career, Terry was the Director of Security Operations and Engineering for SBC.
Terry has an undergraduate degree in Computer Information Systems from Park University. He holds a number of security certifications including CISSP and CISM, and also holds two patents in the mobility space pertaining to Bring Your Own Device.
Ken Kaminski is the BYOD and Network Security Technical Solutions Architect for the Northeastern United States specializing in BYOD implementation, Security in the Data Center, Identity Management Systems, and Cisco Security, Wireless, and Network Switching and Routing Products and Technologies for large enterprise and global accounts. He has been a member of the Security Field Advisory Board at Cisco that drives security training and programs for Cisco's Security Systems Engineers and provides customer feature requirements to Cisco Engineering. He teaches and speaks often on security related topics including Cisco Networkers and other industry forums. Prior positions include Security Architect for the Northeast U.S. and Consulting Systems Engineer for voice, video, and WAN technologies at Cisco Systems. He was one of the first Consulting Systems Engineers hired at Cisco. Prior to that, he was the Senior Systems Engineer for a startup company in the carrier ATM switching market. He was also a Telecommunications Officer in the US Army leaving the service as a Forward Signals unit Company Commander. Ken has his CISSP, GCFA, GPEN, GAWN, GMOB, and GCIA along with a BA and MA from Boston University.
University of Calgary
Tom combines a deep technical knowledge with lively insights into the social and cultural aspects of technology. He was educated at Columbia University, receiving BA, M.Sc., MA and Ed.D. degrees in Philosophy, Mathematics, Engineering and Education. He is a popular professor of Environmental Design and Computer Science at the University of Calgary, a Fellow of the Canadian Information Processing Society and the Canadian Defence and Foreign Affairs Institute, and a Research Fellow of the Centre for Military Security and Strategic Studies. Tom taught Canada's first computer crime course, in 1974, and was involved in drafting that country's inaugural computer crime legislation. He has been an expert witness in civil and criminal cases including one involving claimed "Internet defamation". He is the author of over 500 academic papers, book chapters, presentations and articles, and has spoken on five continents to academic audiences, major conferences and the general public. His latest book, Technocreep (www.technocreep.com) dissects how technology is becoming creepy in hidden ways that are difficult for most people to understand. It has recently appeared in the top ten on Amazon.ca in categories including Civil Rights and Liberties, Technology and Society, and Social Aspects of Technology. Tom's prolific work in the media ranges from being the National Technology Correspondent for Business Edge News Magazine to writing a syndicated Men's Health column that appears in the Calgary Herald and other Postmedia newspapers. He is a member of the Psychology Today panel of experts and blogs regularly on the intersection between the human mind and technology. A regular guest on a number of TV and radio programs, he has recently been interviewed by the San Francisco Chronicle, the New York Daily News, Singapore Straits Times, Forbes, the New York Post, National Public Radio, CBC Television's The National and CTV's Canada AM.
Northeast Cyber Forensics Center (NCFC)
As a 20-year veteran of the Utica, N.Y., Police Department, Anthony Martino is an expert in cyber crimes and cyber forensics. A nine-year participant in the United States Secret Service electronic crime task force, and co- founder of the Central New York Internet Crimes Against Children Task Force, Martino received the Wallie Howard Jr. Award for Excellence in Law Enforcement from the U.S. Attorney's Office. Martino holds a bachelor's degree from SUNY Geneseo and a master's degree in economic crime management from Utica College, where he researched wireless data network security.
Department of Homeland Security
Dr. Douglas Maughan is the Cyber Security Division Director for the Homeland Security Advanced Research Projects Agency at DHS S&T. Maughan has been at DHS since October 2003. His research interests and related programs are in the areas of networking and information assurance.
Prior to his appointment at DHS, Maughan was a program manager at the Defense Advanced Research Projects Agency in Arlington, Virginia. He also worked for the National Security Agency as a senior computer scientist and led several research teams performing network security research. Maughan earned Bachelor degrees in computer science and applied statistics from Utah State University, a master's degree in computer science from Johns Hopkins University and a doctorate in computer science from the University of Maryland, Baltimore County.
Michael McCutcheon is Rational Enterprise's Technologist and Chief Solution Officer with responsibility for the strategy and design of the Rational's product suite. Mr. McCutcheon brings a deep experience of creating technology in data security, information governance, e-discovery, and systems management. Prior to joining Rational Enterprise, Michael was Chief Technology Officer of a litigation services and software company, where he pioneered a scalable web-based litigation repository. In 1999, Michael founded and held the post of Chief Technology Officer at ProductivityNet, a company focused on developing cutting edge software to control servers and network devices via web and wireless interfaces. Mr. McCutcheon attended Rensselaer Polytechnic Institute, majoring in Computer Science. He is a certified Microsoft Systems Engineer and Cisco Network Professional.
Department of Homeland Security
Erin Meehan is the Program Lead of the State, Local, Tribal, and Territorial Cybersecurity Engagement Program within the Department of Homeland Security's Office of Cybersecurity and Communications (CS&C). In her role, Ms. Meehan has worked to build strong partnerships with associations such as the National Governors Association and National Association of Counties, state chief information officers and chief information security officers, as well as governor's homeland security advisors to help state and local governments strengthen their cybersecurity postures. To this end, Ms. Meehan's program brings to bear all of the programs and resources CS&C has to offer.
Smith Buss & Jacobs LLP
David Menken is an attorney with the Yonkers, New York Smith Buss & Jacobs LLP, specializing in information technology, privacy and data security. He represents individuals and businesses in a full range of corporate and information technology matters. He also provides legal assistance regarding, among other things, trade secret protection, data security, software development and information technology issues. Many of David Menken's clients are based outside the United States, particularly in India and Western Europe. He provides a full range of legal services for those clients including oversight of legal affairs and advice and assistance on general business matters. David has achieved certification as an Information Privacy Professional ("CIPP"), with a specialty in U.S. privacy laws and policies, through the International Association of Privacy Professionals. The "CIPP/US" credential is earned by demonstrating a strong foundation in U.S. privacy laws and regulations and an understanding of the legal requirements for the responsible transfer of sensitive personal data to/from the United States, the European Union and other jurisdictions. David has expertise in advising businesses which collect data on compliance with data security and privacy laws and policies. David is a graduate of The Johns Hopkins University (BA with Honors) and New York University School of Law. He also serves as Town of Bedford, New York, Town Justice.
Manny Morales has consulted and managed in the field of Information Technology, Information Security, and Auditing for over thirty five years for IBM, MetLife, Netigy, NYSTEC, NYS Department of Labor, Worker's Compensation, Department of Health, and recently as the Information Security Officer for the New York State Office of the State Comptroller. He is a certified security and auditing management professional. He has written many articles on information security and has been a frequent speaker at security conferences throughout his career. His certifications include: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified Software Manager (CSM).
Verizon Enterprise Solutions
Christopher Novak is an internationally recognized expert in the field of Investigative Response and Computer Forensics. He has been involved with information security for over 15 years. He has assisted corporations, government agencies, and attorneys with all matters involving IT security compliance, litigation support, computer forensics, fraud investigations, and computer security incident response matters. Christopher is a co-founder of the Verizon Business Investigative Response Unit and an active senior investigator. He has led dozens of tactical response cases over the past 18 months and continues to respond to high-profile cases on a global basis. He works closely with local, state and federal law enforcement agencies, as well as joint investigative operations coordinated with foreign law enforcement. As both a manager and a technical forensic investigator, Christopher provides regular advice and guidance to medium and large size organizations on a global basis. He specializes in resolving complex computer security incidents in a discreet manner. He maintains extensive experience on the latest and greatest commercial forensic hardware and software, as well as working internally to develop proprietary and situation-specific applications. Christopher is an active public speaker and can be commonly heard at IAFCI, RSA, Gartner, SANS and other popular IT security events around the world discussing various topics ranging from high-level best practices to in-depth and technical training. He has also written numerous articles for various IT Security journals and trade magazines. Most recently he co-authored the 2008-2014 Data Breach Investigations Reports and is an active IT Security blogger. Christopher holds a Bachelor of Science Degree in Computer Engineering from Rensselaer Polytechnic Institute.
AX Enterprize, LLC
Mr. Palmer is a multi-disciplined engineer with over 30 years of experience in military aerospace and communications systems and is Technical Lead for AX Enterprize's UAS business area. His current research involves unique uses of software defined radios for detection, coercion, and exploitation of UAV systems.
Dr. Leonard Popyack was one of the first Government research scientists to study offensive information warfare. An accomplished researcher himself, he set up a group of highly talented personnel in 1999 to develop next generation cyber tools. In 2001 he and a partner formed a company (Assured Information Security, Inc) to concentrate on delivering quality technology to the warfighter. He left that company in 2009 and now concentrates on teaching and his own research interests. Popyack holds a PhD in Electrical Engineering from Binghamton University and has held various positions with the U.S. government, large and small businesses, and universities. He is currently an Associate Professor at Utica College teaching Cyber Security. Popyack has taught courses on Internet Security Principles, Mobile Code Security, Systems Assurance Seminar, Steganography & Data Hiding, Malicious Code Analysis, Cryptography, as well as the military's Advanced Course in Engineering on Cyber Security, Steganography and Data Hiding Section. Popyack also is president of Anjolen Inc, a small NY company which focuses on cyber related R&D. Dr. Popyack has recently participated as the interim Executive Director for a new non-profit Cyber Research Institute where he has successfully bootstrapped a research institute focused on Cyber Security and related issues.
Hassan Radwan is Director of Software Development for Code Dx, which is an application security suite of tools developed under the sponsorship of the U.S. Department of Homeland Security. He is a developer by trade with a passion for consumable application security. He recently led the development of Code Pulse, a real-time code coverage tool, which is available as an open source application security tool through OWASP. Hassan has worked in the application security and quality field for the past six years at Secure Decisions with a focus on representing application security information in a visual and consumable manner. Among his other relevant contributions are CWEvis.org, a community resource to visually explore and search the CWE, and CodeFacts - a freeware tool that assesses the health of Java codebases. Hassan has published papers and presented at a number of conferences and other venues including DHS' Software Assurance Forum, VizSec, and the AppSec 2014 conference. He holds a B.S. in Computer Systems Engineering from Rensselaer Polytechnic Institute.
Faruki Ireland & Cox P.L.L.
Raether is a partner at the law firm Faruki Ireland & Cox P.L.L. in Dayton, Ohio. He has handled numerous matters involving technology-related issues in areas including antitrust, contracts, employment, trademark, domain name disputes and federal and state privacy statutes. He has addressed compliance with statutes that regulate the use and disclosure of personal information and laws that concern the adequacy of securing against unauthorized access to personal information. Raether has worked as a data breach resolution coach for companies that have experienced unauthorized access to consumer data and also has advised organizations about developing their breach response.
CEO and Lead Consultant for Redmond Worldwide www.redmondworldwide.com
Dr. Redmond is an International Speaker, Author, Trainer and Consultant.
Dr. Michael C. Redmond has helped organizations create great Cyber Incident Response Programs. Her vast background includes consulting as a Sr. Manager for both Deloitte and KPMG for 7 1/2 years, and 9 years with Redmond Worldwide She has developed, documented and trained in this area for years. Dr. Redmond is aware of many of the most recent incidents and why some of their plans did not work.
Dr. Redmond has a strong Compliance background. She is up to date on ISO 27001, HIPPA, CMS, FFIEC and more. She was an Adjunct Professor for New York University and John Jay Master's Program in Continuity of Business after an Event.
As a Cyber Security Subject Matter Expert, advisor, and consultant for Cyber Security projects, she has improved the Incident Management process by:
Defining the business requirements for a regulatory reporting function in a Cyber and in the Industry environment
Designing full training program as well as table top and simulation testing. Executing an Incident Drill using the Plans and Playbooks and ensuring that the procedures are executed, finalized and the response teams are trained.
Developing Cyber Security Incident Response plans
Developing full Breach Incident Response Plan that ties in with the Enterprise Risk Management, Disaster Recovery and Business Continuity programs.
Identifying gaps and closing those gaps
Meeting best practices, including NIST (National Institute Standards and Technology), ISO 27001, Cobit 4.1 and 5 in planning, testing and documenting.
Reviewing the current policy and procedures
She served as an Adjunct Professor for Continuity Management at New York University and the Masters program at John Jay College. She served on the Boards of the New York Chapter for Association of Contingency Planners, Contingency Planners Association and NY Chapter of the Communications & Electronics Association. Currently responsible for event speakers for the Western NY Chapter of ACP.
Dr. Redmond is an author, an International Speaker and Trainer. She spoke in Nigeria and was endorsed by Gen Yakubu Gowon, Past Head of State. She served as the attache to Chile for a special Speaking and Training project at the request of the President of Chile. Ms. Redmond trained Agencies for the New York City Department of Health and Mental Health on Continuity of Operations Training. She recently spoke in Angola and trained over 50 corporations.
Paul Romeo (CISA, GSEC, C|EH, ITIL) is a Senior Security Specialist at GreyCastle Security. Paul has worked in the Information Technology field for over 14 years including 5 years of IT Risk and Security experience gained while working for global companies in the insurance, pharmaceutical and research industries. Paul's security experience encompasses network, end point, data loss prevention, security operations, application and physical security.
Dr. Stephanie Schuckers is a Professor in the Department of Electrical and Computer Engineering at Clarkson University and serves as the Director of the Center of Identification Technology Research (CITeR), a National Science Foundation Industry/University Cooperative Research Center. She received her doctoral degree in Electrical Engineering from the University of Michigan. Professor Schuckers research focuses on processing and interpreting signals which arise from the human body. Her work is funded from various sources, including the National Science Foundation, National Institute of Health, Department of Homeland Security, the Center for Identification Technology Research (CITeR), and private industry, among others. She has started her own business, and has over 40 journal publications, as well as over 60 other academic publications.
Ronald Smalley leads First Data's Global Cyber and Fraud Investigations team, a team responsible for coordinating and leading all cyber incident response functions, as well as identifying and reducing First Data's fraud and cyber related risks through critical incident response, and by performing detailed investigations and thorough root cause analysis.
Ron joined First Data from the United States Secret Service where he began his career as a Special Agent in the New York Field Office. Following his New York Field Office assignment, Ron transferred to the Cyber Intelligence Section at Secret Service Headquarters, a unit focusing on identifying individuals involved with large scale data breaches and other significant cyber related financial crimes. In this capacity, Ron conducted criminal investigations, and supported worldwide Secret Service criminal investigation, intelligence sharing, and undercover operations.
Prior to his Secret Service career, Ron was a State Investigator with the New Jersey Division of Criminal Justice, assigned to the Computer Analysis and Technology Unit, where he investigated violations of the New Jersey cyber crimes laws.
Ron holds a Bachelor of Science Degree in Computer Science and a Bachelor of Science Degree in Law and Justice.
Dan Srebnick is the owner of Technical Merits LLC and a national leader in government information security. He currently offers executive information security strategies to his clients in the NYC metropolitan area. He recently retired as New York City's Chief Information Security Officer. As Associate Commissioner for IT Security with the New York City Department of Information Technology and Telecommunications, he was responsible for an information security program across 50 City agencies that includes operational security, planning, policy and standards, application accreditation, information security auditing, and identity and access management. Significant accomplishments included the establishment of a Citywide endpoint security cloud service and an enterprise IAM system linking together identities from over 50 agencies and providing public account management and social media login integration for nyc.gov. Throughout his 32 year in City government, Dan found new ways to implement and expand upon security while saving money or avoiding additional cost. His municipal government career also included almost 20 years with the NYPD, where he was instrumental in bringing the use of internet technologies into law enforcement. Dan's accomplishments have been recognized with awards from the Center for Digital Government, ISE, and an Information Week award as a government innovator. Dan is a frequent contributor to SC Magazine's "From the CSO's Desk" and "Last Word" columns.
Deloitte and Touche
Srini is a principal in Deloitte & Touche LLP's Cyber Risk Services practice, and leads the Risk Advisory Practice for State Government. He has more than 27 years of IT experience, and more than 16 years of security, and privacy experience in the areas of information security strategy, and innovation, governance, identity, access management, and shared services. Srini actively participates in NGA, NASCIO, and state committees to elevate cyber risk awareness in government.
Jesse Torzs is a Corporate Systems Engineer for Bit9 + Carbon Black. Her unique and interesting perspectives are what drew standing-room only crowds at the recent RSA Conference in California.
Joseph V. Treglia is a research professor and adjunct faculty member in both the School of Information Studies and Martin J. Whitman School of Management at Syracuse University. He earned his PhD in Information Science and Technology from the School of Information Studies (iSchool). He earned his Master of Science in Information Resources Management from Syracuse University's School of Information Studies, and he has a Bachelor of Arts in Political Science from Syracuse University as well. He was a National Science Foundation (NSF) Scholar in the Federal Cyber Service Program. He volunteers as Director of Programs and Development for the Jim Marshall Farms Foundation, Inc. He was previously a Director for ARISE, Inc., a large nonprofit human services agency in Central New York. Mr. Treglia also has 25 years' experience in law enforcement and criminal justice, and continues to be involved with the Madison County Sheriff's Office. He is founder of United Information Services, an internet services and information systems consulting group. His research interests include trusted information sharing, information assurance, cyber security issues, intelligence and information sharing within and across organizations.
Absolute Software Corporation
In 2010, Stephen Treglia retired from a 30-year career as a prosecutor in New York with Monroe, Nassau and Queens Counties. During his final 14 years, he created and supervised one of the first Tech Crime Units while with the Nassau County DA's Office. For ten years prior to that, he was an organized crime investigative prosecutor. From these experiences, he was, obviously, heavily involved in resolving issues pertaining to the legality of acquiring telephonic and electronic communications.
He is currently Legal Counsel of the Investigation Section of Absolute Software Corporation, the leading maker and distributor of tracking software for stolen mobile devices. Stephen aids in-house investigators with a total of over 900 years of former law enforcement experience in ensuring that the acquisition of data from stolen devices being tracked is performed in a proper and legal manner.
Stephen was appointed HIPAA Compliance Officer for the Investigations Section at Absolute in January of 2013, and has added learning regulatory compliance and training Absolute staff on such issues to his repertoire of responsibilities. In March of 2015, he acquired his certification as a HealthCare Information Security and Privacy Practitioner with the International Information Systems Security Certification Consortium.
Stephen is a renowned nationwide lecturer on the subjects of communication privacy law and the admissibility of forensics and other computer-generated evidence. This is the sixteenth year he has presented at the New York Cyber Security Conference. He writes a regular column for the Technology Today section of the New York Law Journal. He is also routinely requested by the FBI to act as both prosecutor and defense attorney at the Moot Court training sessions for members of the Computer Analysis Response Team.
Mark Villinski brings more than 18 years of technology sales, marketing experience and channel leadership to Kaspersky Lab. As Director of Field Marketing, Mark is responsible for marketing efforts in the United States and for increasing awareness of Kaspersky Lab as a thought leader in the online security industry. Prior to joining Kaspersky Lab, Mark served as the Director of Worldwide Channel Operations at Enterasys Networks. Mark has presented at several industry conferences across North America addressing audiences on the challenges facing IT departments today and discussing ways organizations can protect themselves from the current threat landscape
Lower Colorado River Authority (LCRA)
Larry Whiteside Jr. is the Chief Information Security Officer at LCRA, an organization that supplies cost effective electricity for Central Texas, manages water supplies and floods in the lower Colorado River basin, provides public parks, and supports community development in 58 Texas counties.
Larry is a seasoned executive having served as CISO and in several other leadership positions in both the private and public sector. Larry has served as the CISO of Spectrum Health, CISO of Visiting Nurse Service of NY, Deputy CISO of Marsh & McLennan Companies, Inc. and VP of Global Information Security among other roles.
A dedicated security professional and sought after speaker, Larry started his career in the United States Air Force as an officer. While in the military he held various roles including Chief- Information Warfare/Network Security Divisions at the Pentagon, and Chief- Network Security Division - Single Agency Manager at the Pentagon.
Larry received his BS in Computer Science at Huston-Tillotson University in 1994 and is an active member in of various organizations, including Information System Security Association, Infragard, Cloud Security Alliance, Phi Beta Sigma Fraternity, Boys and Girls Club, YMCA, and multiple industry-based Security Committees committed to strengthening security in the public sector.
Kevin Wilkins is the Chief Technology Officer (CTO) at iSecureLLC. Mr. Wilkins oversees the implementations of Network Security product portfolios specializing in the heavily regulated environments such as PCI, SOX, HIPPA/HITECH. Mr. Wilkins has been in the IT industry since 1998 and has had extensive operational experience in network engineering, systems administration, telecommunications, and information security.
Tyler Wrightson is the author of Advanced Persistent Threat Hacking and Wireless Network Security: A Beginner's Guide. Tyler is the founder and president of Leet Systems, which helps organizations solve their technical cyber security challenges. Leet Systems focuses on offensive security services such as Penetration Testing and Red Teaming to secure organizations against real world attackers. Tyler has over fourteen years experience in the IT security field across many industries including healthcare and financial services with extensive experience in many areas of technical security including networking, systems architecture, offensive security and penetration testing. Tyler holds industry certifications such CISSP, CCSP, CCNA, CCDA, and MCSE. Tyler has also taught classes for CCNA certification, wireless security, and network security. He has been a frequent speaker at industry conferences including NYS CyberSecurity Conference, Derbycon, BSides, Rochester Security Summit, ISACA, ISSA, and others. Follow his security blog at http://blog.leetsys.com.