 |
Industry Experience: Mr. Abella has over 10 years of experience in IT with a recent focus on security auditing, policy development, and incident handling. He was interviewed as part of the SANS What Works series of webcasts, and has participated as a SANS Mentor at Rutgers University. He has given a number of talks on Regulatory Compliance, Enterprise Defense, PCI Auditing and Compliance, and is also a member of the New Jersey Infragard.
Expertise:
Network security
Log management
PCI compliance
Website: www.abella.net
|
|
 |
Industry Experience: Mr. Aldrich has been awarded several grants by the Institute for National Security Studies to study the legal and policy implications of cybercrime and information warfare. He served as the Deputy Staff Judge Advocate for the Air Force Office of Special Investigations, specializing in the cybercrime and information operations portfolios. He was a co-author of DoDs award-winning CyberLaw 1 and CyberLaw 2 computer-based training.
Expertise:
Cybercrime
Information warfare
Network defense
|
|
 |
Industry Experience: Ms. Bace led the Computer Misuse and Anomaly Detection research program at the National Security Agency, where she instigated early research in intrusion detection and related technology. She is a noted author on topics in intrusion detection and network security, and recently co-authored A Guide to Forensic Testimony: The Art and Practice of Presenting Testimony As An Expert Technical Witness.
Expertise:
Intrusion detection
Network security
Network IDS
Network operations
|
|
 |
Industry Experience: Mr. Birkholz has over 15 years of experience in Information security with deep technical knowledge of and experience with performing vulnerability assessments, security infrastructure reviews, penetration testing and software development lifecycle. He has authored or contributed to seven critically acclaimed books including the internationally bestselling Hacking Exposed series, the bestselling book SPECIAL OPS: Host and Network Security for Microsoft, UNIX and Oracle, Security Sages Guide to Hardening the Network Infrastructure, and SQL Server Security. Erik is a frequent lecturer and speaker at security conferences such as RSA, SANS and Black Hat Briefings.
Expertise:
Threat Management
Network Architecture
Web Application Security
Software Development Lifecycle
Vulnerability Management
|
|
 |
Industry Experience: Mr. Blasks 20 years of experience have spanned several successful startups as well as Cisco Systems. Chris invented the BorderWare Firewall Server, one of the first commercial firewall products. He was a member of the founding team of Protego Networks, built a multi-billion dollar business as Firewall Product Line Manager at Cisco Systems and founded the Critical Infrastructure services company Lofty Perch Inc. Mr. Blask created compliance validation frameworks as Chief Evangelist at NSS Labs. Chris is currently working as VP Operations at N2NetSecurity Inc, co-authoring a book on SIM/SIEM and pursuing Critical Infrastructure security initiatives.
Expertise:
Critical infrastructure/government
Data leakage
Engineering and marketing information technologies
Firewalls
Log management
Management issues
Network architecture
Network operations
Risk compliance
Risk management
Security awareness
SIM/SIEM
|
|
 |
Industry Experience: Adam boasts over 20 years of experience in information security, risk management, and IT governance in the financial services industry with both large publicly and privately held companies most recently as Information Security Officer for Fidelity Investments Retail Brokerage Division.
Over the past 10 years, Adam has provided oversight of projects requiring compliance with Sarbanes Oxley, HIPAA, Gramm Leach Bliley, FINRA, NASD, OCC, FHLBB, and FFIEC requirements. In addition Adam has provided support for vendor management, RFP/RFI solutions, SAS 70 certification, advanced authentication, and systems hardening. Adam holds a Certified Information Systems Security Professional (CISSP) from ISC2 and a Certified Information Systems Auditor (CISA) from ISACA, as well as a Bachelors of Science degree from Boston University. He is a member of the Financial Services Information Sharing and Analysis Center (FS-ISAC) and of the High Tech Crime Network (HTCN).
Expertise:
Risk Management
IT Governance
|
|
 |
Industry Experience: Dr. Anton Chuvakin is a recognized security expert in the field of log management and PCI DSS compliance. He is an author of books "Security Warrior" and "PCI Compliance" and a contributor to "Know Your Enemy II", "Information Security Management Handbook" and others. Anton has published dozens of papers on log management, correlation, data analysis, PCI DSS, security management. His blog "Security Warrior" is one of the most popular in the industry.
In addition, Anton teaches classes and presents at many security conferences across the world; he recently addressed audiences in United States, UK, Singapore, Spain, Russia and other countries. He works on emerging security standards and serves on the advisory boards of several security start-ups.
Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations. Before LogLogic, Anton was employed by a security vendor in a strategic product management role. Anton earned his Ph.D. degree from Stony Brook University.
Expertise:
Log Management
PCI Compliance
|
|
 |
Industry Experience: Dr. Cole has over a decade of experience in information technology and is the author of several books including Hackers Beware, Hiding in Plain Site, Network Security Bible, and Insider Threat. He is the holder of over 20 patents and is a researcher, writer, and speaker for SANS Institute. He is an advisor to Cyberwatch and Purdue University CERIAS, and is a Lockheed Martin Fellow.
Expertise:
Application security
Critical infrastructure/government
Data leakage
Encryption
Insider threat
Intrusion detection systems
Mobile security
Network access control
Network architecture
Network operations
PCI compliance
Penetration testing
Perimeter defense
Secure network design
Vulnerability discovery
Vulnerability management
|
|
 |
Industry Experience: Mr. Corman has more than a decade in security and networking, and is currently leading a charge to educate and challenge the security industry. He is well-known for his candor and brings a rare balance of deep technical acumen, business context, and the ability to communicate in accessible ways. His thought leadership includes 7 Dirty Secrets of the Security Industry and the Evolving Threat awareness campaign. NetworkWorld magazine recently recognized Corman as a top 10 influencer of IT for 2009.
Expertise: Virtualization Security Industry Trends Host protection Information protection Network security Threat management Insider threat
|
|
 |
Mr. Davis has over 20 years of experience in solving business security challenges for top global companies. In his career he has been CISO for a Fortune 5 company, VP for Security for a major networking VAR CSO for a global chemical manufacturer; and the lead architect on multiple projects including a unique complex financial claims processing system for the UN.
Expertise: Risk management Professional services IT, outsourcing and consulting
|
|
 |
Industry Experience: Mr. Devlin has nearly four decades of IT and security leadership experience in both Fortune 500 companies and major universities. He has initiated and led enterprise-class programs in security, privacy, identity management, electronic messaging and emergency notification. Dennis is also a frequent lecturer, speaker and panelist on information security management topics at institutes and conferences.
Expertise:
Security Program Development
Executive Leadership and Sponsorship
Policy and Compliance
Security and Privacy Awareness
|
|
 |
Industry Experience: Mr. De Graaff has extensive experience in information technology, with a distinct specialty in information security. He led the IT Security effort at Depository Trust & Clearing Corporation (DTCC) for a number of years. He is a sought-after speaker and panelist on a variety of information security areas.
Expertise:
Management of security
Risk management
IAM/identification
Data leakage
Policy
|
|
 |
Industry Experience: Mr. DeStefano has over fifteen years of experience in information security and holds several industry certifications. He has been an intelligence analyst for the US Air Force, worked on the Air Force Computer Emergency Response Team (AFCERT), founded and managed a global security operations center at EDS, and managed a global team of security consultants at ArcSight.
Expertise:
Incident management
Network operations
Security management
Log management
SIM/SIEM
Website: http://blog.decurity.com/index.php/dec_template/C5
|
|
 |
Industry Experience: Mr. Dunlap has over 13 years of experience managing business technology risk. He was a Senior Project Manager at a large security products company and led the Information Protection Unit of a Fortune 200 energy company. Serving in roles across a variety of highly regulated industries, he has successfully led all aspects of IT security programs: policies and procedures, oversight and controls, strategy, architecture development, and training.
Expertise:
Business technology risk
Compliance and regulations
Configuration management
IAM/Authentication
IT security programs
Management of security
Messaging security
Network access control
Patch management
Security awareness
Policy
Vulnerability management
|
|
 |
Industry Experience: Mr. Harper has 17 years of IT experience and 10 years of information security experience with the Marine Corps. He has also taught penetration testing for the Navy and has worked in his spare time as a Security Analyst for the IRS. He has a BS in Computer Engineering from North Carolina State and an MS in Computer Science from the Naval Post Graduate School. He is a co-author of Gray Hat: the Ethical Hackers Handbook.
Expertise:
Critical infrastructure/government
PCI compliance
|
|
 |
Industry Experience: Mr. Keogler has over 10 years experience in information technology. He has been nominated for several Information Security awards, has conducted a SANS What Works webinar, and has been a SANS mentor since 2001. He served as Senior Security and Network Engineer for AutoTrader.com, and also led the team that built the company's network and provided help with the system architecture.
Expertise:
Perimeter defense
Wireless defense
Intrusion detection
Application assessments
Database assessments
Proactive security practices
Application security
|
|
 |
Industry Experience: Mr. Hoff served as Crossbeam Systems chief security strategist and was CISO and Director of Enterprise Security Services for WesCorp. He also founded and served as CTO of a national security consulting company that provided services to Fortune 500 and service provider customers. He holds several security credentials including CISSP, CISA, CISM, and IAM and is an accomplished and accredited technical instructor.
Expertise:
Innovation in information assurance
Resilience
Rational risk management
Data leakage
Virtualization
Network security
Network architecture
Network operations
Website: http://rationalsecurity.typepad.com/
|
|
 |
Industry Experience: Mr. Kuper has been covering the software industry for over a decade. He was the lead software analyst at Morgan Stanley where he wrote a number of industry-defining reports and market-moving stock calls. Previously, he was a director and equity analyst at SG Cowen, where he covered the software sector with a particular focus on security. He has also been an equity analyst and vice president at FAC/Equities and a research analyst at Keefe, Bruyette & Woods.
Expertise:
Information security
Content management
Data leakage
|
|
 |
Industry Experience: Mr. Marty is an expert and author in the area of data visualization. His interests span anything related to information visualization and computer security, which is his traditional background. Previously, he has held various positions in the log management space at companies such as Splunk, ArcSight, and IBM research, where he also earned his masters in computer science. Raffy has been instrumental in building and defining the security visualization space.
Expertise:
Log management
Log analysis
Security visualization
Industry standards
Intrusion detection
|
|
 |
Experience: Eric J. McNulty is a seasoned business writer and speaker on leadership and management issues. He has served as Editor at Large and Director of Conferences for Harvard Business Publishing. Eric has developed workshops working with such thought leaders as Marcus Buckingham, Clayton Christensen, Gary Hamel, and others. He has written for Harvard Business Review, Marketwatch, and the Boston Business Journal, and other journals. He is a frequent speaker at business events and has been a guest lecturer at MIT and Bentley College.
Expertise: Leadership Management Organizational Change
|
|
 |
Industry Experience: Dr. Nichols has founded multiple software companies. Digital Analysis Corporation (DAC) implemented network and systems management software. ClearPoint Metrics was the first company dedicated to implementing software products for security metrics. She is author of five textbooks on microprocessor programming and interfacing as well as numerous articles in both the trade press and academic journals.
Expertise:
Industrial process control
Enterprise systems
Network management
Security metrics
|
|
 |
Industry Experience: Ms. Orebaugh has 15 years of hands-on experiences within industry, academia, and government. She is an adjunct professor at George Mason University, where she performs research and teaching in intrusion detection and forensics. She is the author of Nmap in the Enterprise, Wireshark and Ethereal Network Protocol Analyzer Toolkit, and Ethereal Packet Sniffing, as well as co-author of several other texts.
Expertise:
Assurance strategy and management
Intrusion detection and prevention
Data mining
Attacker profiling
Network forensics
|
|
 |
Industry Experience: Mr. Potter is the former Manager of the Security Assurance Program at Cisco Systems, where he was responsible for the direction and strategy of Ciscos global security certification and assurance initiatives. Prior to that, Mr. Potter was a consultant with a global management consulting firm, assisting Fortune 500 companies and government agencies to implement IT solutions and process improvement initiatives.
Expertise:
Software development assurance
Security operations management
Facilitation of public policy and end-user education
Critical infrastructure/government
Encryption
Compliance
Management issues
Risk management
Website: www.apexassurance.com/blog/
|
|
 |
Industry Experience: Mr. Ranum has been consistently recognized as one of computer securitys innovators and creative thinkers. Since 1989 he has held every position that is possible within a high-tech business from junior system administrator and software engineer to CEO, CTO, and marketing director. He is the principal author of several major Internet security products, including firewalls, VPNs, and intrusion detection systems.
Expertise:
Intrusion detection
Virtual private networks
Firewalls
Data leakage
Host IDS
Network architecture
Network IDS
Application security
Log management
Vulnerability management
Website: www.ranum.com/security/computer_security/
|
|
 |
Industry Experience: For a decade, Mr. Rice has advised, counseled, and defended global IT networks for government and private industry. David has been awarded by the U.S. Department of Defense for "significant contributions" advancing security of critical national infrastructure and global networks. He is author of Geekonomics: The Real Cost of Insecure Software.
Expertise:
Identity and access management
Software security
Management issues
|
|
 |
Industry Experience: Dr. Ritchey has over 20 years experience working within the IT industry. He is an active researcher in the IA field and is widely published on network security topics including co-authoring the well-regarded book Inside Network Perimeter Security. He has authored courses on computer security that have been taught across the country and is a faculty member of the SANS Institute, the Institute for Applied Network Security, and George Mason University (GMU).
Expertise:
Application security
IAM/Authentication
Encryption
Messaging security
Network architecture
Network IDS
Wireless security
Log management
Insider threat
Patch management
Vulnerability management
Compliance and regulations
Awareness
|
|
 |
Industry Experience: As co-chair of the Information Security Committee of the Section of Science and Technology of the American Bar Association, Mr. Sabett edited for Information Security: A Legal, Business, and Technical Handbook and The Digital Signature Guidelines. He was also Co-Rapporteur for the PKI Assessment Guidelines and author of several other publications. Admitted to practice before the USPTO, he is a member of the Maryland, Virginia, and D.C. bars. He is also part of the Commission on Cyber Security for the 44th Presidency.
Expertise:
Compliance and regulations
Data classification
eDiscovery
PCI compliance
Risk management
IT licensing
|
|
 |
Industry Experience: Mr. Scambray, CISSP, has provided strategic security advisory services for more than 12 years. He has assisted companies ranging from newly minted startups to members of the Fortune 50 address information security challenges and opportunities, in diverse roles including consultant, author and speaker, corporate leader, and entrepreneur.
Expertise: Application security Threat management Web Application Security Software Development Lifecycle Vulnerability Management
|
|
 |
Industry Experience: Mr. Selby has provided guidance in the fields of data classification and leakage prevention, penetration testing and security operations to both large enterprises and government. Previously, he was Vice President, Research Operations at industry analyst firm The 451 Group, where he established the 451's Enterprise Security Practice and consulted to Fortune 500 companies, investment banks and US government agencies, among other customers. A recognized thought leader in the information security field, Mr Selby is a regular speaker at industry conferences including The RSA Conference and SANS WhatWorks.
Expertise:
Data classification Data leakage Information protection and assurance Penetration testing Security information and event management Log management Security operations Open source intelligence gathering Intelligence analysis
|
|
 |
Industry Experience: Mr. Sharluns career has included founding an advanced intrusion and deception lab at a DoD Research Center, leading the Marine Corps global monitoring and emergency response team, and being a lead investigator of a DoD IT outsourcing program. He has also been responsible for all defensive network operations, budgeting, and acquisition for a global and mobile DoD enterprise.
Expertise:
Critical infrastructure/government
Data leakage
Log management
Network architecture
SIM/SIEM
Data classification
Management of security
Incident management
Network operations
Risk management
|
|
 |
Industry Experience: Before joining INL as the Cybersecurity Strategist for the National & Homeland Security division, Mr. Turner worked in several of Microsofts security divisions. He was also the Security Readiness Manager for Microsofts Sales, Marketing, and Services Group where he led the development of information security curriculum. He has designed security solutions and responded to incidents in more than 25 countries around the world.
Expertise:
Information protection
Intellectual property protection
Critical infrastructure/government
Encryption
Host IDS
Network architecture
Network IDS
Data classification
Mobile security
Wireless security
Threat management
|
|
 |
Industry Experience: Mr. Windsor previously managed the forensics training at the Department of Defenses Cyber Investigations Training Academy, where he led a team of instructors that developed and delivered incident response and digital forensics training. He is currently an adjunct professor at a university in Baltimore, MD, where he develops and teaches incident response and digital forensics courses at the graduate level.
Expertise:
Incident management
Threat management
Insider threat
Forensic analysis
|
|
|
|