Faculty of Industry Experts

The IANS Faculty are at the core of our Decision Support service. This group of over  hands-on practitioners understands the key issues you face and delivers actionable recommendations, research, and step-by-step guidance. Our collection of independent experts spans nearly every field. For each security problem you need to address, IANS can connect you with someone "in the trenches."

Practitioner-based insights

Explore our content

Dave Kennedy, IANS Faculty

"In the Trenches"

The insights of the IANS Faculty are based on real-world experiences. Our Faculty includes:

  • Instructors and curriculum authors of industry standard training programs, such as SANS
  • Several founding members of the Penetration Testing Execution Standard (PTES)
  • Authors of well-known security books, including Metaspolit: The Penetration Testers Guide and Offensive Countermeasures: The Art of Active Defense
  • Current and former CISOs at Fortune 1000 companies
  • Major contributors to popular open source projects
 

Areas of Expertise

Mobility and Communications

Governance, Risk Management and Compliance

Threats and Vulnerabilities

Incident Response and Recovery

Application Development

Enterprise Software

Cloud Computing

Data Protection, Integrity and Availability

Networking

Management and Leadership

Infrastructure

Security Operations

Identity and Access Management

Managing Vendors and Third Parties

 

Faculty Directory

Iftach Ian Amit

IANS Faculty

Ian is the CSO of Cimpress, the world leader in Mass Customization, with over 15 businesses worldwide and remote teams. Before Cimpress, Ian held senior leadership positions with Amazon, ZeroFOX, IOActive and has over 25 years of experience in the security industry as a practitioner. Ian is also the co-founder of DC9723 - the Tel Aviv DEFCON group-and serves as a BSides Las Vegas board member. He is also the creator and co-CEO of The CISO Track - a series of CISO centric curated events.

Achievements & Noteworthy Contributions

  • 2019 FAIR Business Innovator Award
  • Guest appearances of Fox Business, and other news outlets
  • Featured speaker and keynote at leading security conferences (BlackHat, DEFCON, BSides, RSA Conference, BlueHat, and more) 
  • Founding member of "Penetration Testing Execution Standard (PTES)" - the industry-leading methodology and guidelines for penetration testing.

Certifications & Credentials

  • BA in Computer Science and Business Administration from the Interdisciplinary Center, Herzliya (IDC).
  • Certified FAIR Analyst (2010)

Hobbies & Fun Facts

Holds a private pilot license, enjoys racing, running, weightlifting, and being a foodie.

David Bauer

IANS Faculty

David is Managing Partner and Co-Founder of Holding Ground Decision Intelligence LLC. Holding Ground is a boutique firm that provides technology assessment and advisory services to C-level executives and Boards. David was a pioneer in the information security field, was CISO for two large financial services and several smaller companies. David also has had executive technology positions outside of security including CTO, COO, and Chief Architect for global companies. David regularly advises senior corporate leaders on the business issues of security and technology.

Achievements & Noteworthy Contributions

  • One of the first CISOs and Privacy Officers in Financial Services
  • Early adopter of MSSP, threat intelligence, and other security services
  • Chair of the Security Leadership Fund CyberSecurity Advisory Board
  • Computerworld Premier 100 IT Leader

Certifications & Credentials

BA and MS in Computer Science from Rutgers University

Hobbies & Fun Facts

Underwater and nature photography, travel, cooking, practicing Emergency Medical Technician.

Kevin Beaver

IANS Faculty

Kevin is the Founder and Principle Consultant of Atlanta-based Principle Logic, LLC, an independent information security company that focuses on vulnerability and penetration testing, security operations reviews, and virtual CISO services. He also serves on the Industry Advisory Board for Computer Engineering at Kennesaw State University – Southern Polytechnic College of Engineering and Engineering Technology. Kevin has served in many information technology and security roles for healthcare, e-commerce, finance, education, and consulting organizations. Kevin is also a prominent writer having written over 1,000 articles on information security.

Achievements & Noteworthy Contributions

  • Author of Hacking for Dummies (2004, 2007, 2010, 2011, 2015, 2018)
  • Co-Author of Hacking Wireless Networks for Dummies (2011), Laptop Encryption for Dummies (2007), PCI Cardholder Data Protection for Dummies (2010), Identity & Access Management for Dummies (2011), Next-Generation IPS for Dummies (2013), Point-of-Sale Security for Dummies (2015), Securing the Mobile Enterprise for Dummies (2006)
  • Co-Author of The Practical Guide to HIPAA Privacy and Security Compliance (2014)
  • Author of white paper Implementation Strategies for Fulfilling and Maintaining IT Compliance (2011)
  • Contributor to TechTarget's SearchSecurity.com, Ziff Davis's Toolbox.com, and Iron Mountain’s InfoGoTo.com
  • Speaker at security conferences such as Gartner, ISACA, RSA and SecureWorld Expo
  • Appeared as a security expert on CNN Television and CBS Radio
  • Quoted as a security professional in Wall Street Journal, Entrepreneur Magazine, Fortune Small Business, Men’s Health, Women’s Health, Woman’s Day, and Inc. Magazine’s IncTechnology.com.

Certifications & Credentials

  • MS, Management of Technology – Georgia Tech | Dupree College of Business
  • BS, Computer Engineering Technology – Southern College of Technology
  • CISSP – (ISC)2

Hobbies & Fun Facts

For fun, Kevin enjoys road racing his Mazda Miata in the Spec Miata class with the Sports Car Club of America (SCCA), riding dirt bikes, and snow skiing.

Justine Bone

IANS Faculty

Justine is the CEO of MedSec, a company focused on medical device security management and the delivery of security solutions to healthcare delivery organizations and medical device manufacturing companies. She also serves as a member of HP’s Security Advisory Board, a member of BlackHat’s USA Guest Review Board, and as an advisor to technology startups.

Achievements & Noteworthy Contributions

  • Organizer for The Pwnies, an annual awards ceremony for information security practitioners
  • Former CISO at Dow Jones, a news and information company that publishes the Wall Street Journal
  • Former Global Head of Risk Management at Bloomberg LP
  • Former X-Force Researcher and Consultant at IBM
  • Former Executive Director & CTO of American Diamond Mint
  • Former CEO of Immunity Inc. (now Cyxtera), a security research firm
  • Chair of the Miami Children Corp’s Board of Directors

Certifications & Credentials

  • BS, Computer Science –University of Otago

Hobbies & Fun Facts

Justine is a New Zealander by origin, an ex-professional ballet dancer, and mother of three boys.

Bruce Bonsall

IANS Faculty

Bruce is the Owner and Principal Consultant at Bruce Bonsall, LLC, an independent information security consultancy. A trusted security advisor across many industries, he has extensive experience designing and implementing progressive, cost effective countermeasures to protect assets and reduce costs. He has assessed the information security regulatory compliance and operational readiness of organizations of all sizes and industries,and is adept at tailoring security programs to fit each organization. At IANS, Bruce has performed 100+ CISO Impact reviews. Additionally, he serves as a mentor for the Air Force Association’s Cyber Patriot, a national cyber education program for youth.

Achievements & Noteworthy Contributions

  • Former CISO at MassMutual Financial Group, a global, highly regulated, Fortune 100 financial services company
  • Led a security team that ranked #1 in Information Week 500’s Information Security category and #1 in TechForum’s Security Best Practices category
  • Recognized as one of Security Magazine’s Top 25 Most Influential People in Security in 2008
  • Winner of the National Information Security Executive of The Year Award in 2006

Certifications & Credentials

  • BS, Interdisciplinary Studies –New York Institute of Technology, Manhattan
  • AS, Civil Engineering –Springfield Technical Community College
  • CISSP –(ISC)2

Hobbies & Fun Facts

Bruce is an accomplished outdoorsman, persistent golfer, and staunch supporter of the US Constitution.

Bryson Bort

IANS Faculty

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, as well as Co-Founder of ICS Village, a nonprofit advancing awareness of industrial control system security. He is a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute and DHS/CISA. Prior to that, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain.

Achievements & Noteworthy Contributions

  • Board Advisor to the Army Cyber Institute
  • Fellow at the National Security Institute
  • Contributor to Forbes magazine
  • Presenter at information security conferences such as Black Hat, DEF CON, RSA, and ShmooCon
  • Former VP at ManTech, and information security technology and service company
  • Former Global IT Asset Manager for Smiths Group plc, a FTSE100 technology group

Certifications & Credentials

  • MBA, Business Administration and Management – University of Florida
  • MS, Telecommunications Management – University of Maryland
  • MS, Electrical Engineering and Computer Science – University of Texas
  • BS, Computer Science – United States Military Academy at West Point
  • ITIL Master

Hobbies & Fun Facts

In his free time, Bryson competes in Jiujitsu. He also was an amateur clown.

Jeff Brown

IANS Faculty

Jeff is a recognized information security and IT risk expert, author and public speaker with a strong track record of more than two decades implementing cost-effective controls for global Fortune 500 financial institutions including Citigroup, Goldman Sachs, GE Capital, BNY Mellon and AIG. He currently serves as the first CISO for the State of Connecticut.

Achievements & Noteworthy Contributions

  • Board advisor for Ithaca College, the Connecticut Institute of Technology and iQ4
  • Author of the Security Leader’s Communication Playbook (CRC Press, 2021)
  • First CISO for the State of Connecticut: building a centralized program for the State
  • Co-chair for the Evanta CISO Executive Summits New York
  • Built and led the first-ever application security program in Goldman Sachs’ Investment Bank

Certifications & Credentials

  • Certified Information Systems Security Professional (CISSP) and Information Systems Security Management Professional (ISSMP)
  • Risk and Information Systems Control (CRISC)
  • Ithaca College Certificate in Cybersecurity
  • Certified Information Security Manager (CISM)
  • Project Management Professional, (PMP)

Jeffrey Brown

IANS Faculty

Jeff is the President and CEO of Front Range Security, an information Security Consulting Company. Jeff was the Chief Information Security Officer of Raytheon Company for 15 years where he built an industry leading cyber security capability and worked closely with the Department of Defense on policy and regulatory issues. Prior to his time with Raytheon, Jeff served in the U.S. Air Force for 28 years in software development, telecommunications and cybersecurity positions.

Achievements & Noteworthy Contributions

  • Founding member of the Defense Security Information Exchange
  • Holds a patent for an email malware screening capability
  • Presenter and panelist at numerous cyber security Conferences
  • Former Chairman of the Board of the Internet Security Alliance
  • Co-author of several Internet Security Alliance Publications

Certifications & Credentials

  • CISSP
  • BS in Computer Science from the United Stated Air Force Academy
  • MS in Computer Science from the University of California, Berkeley
  • MS in National Security Strategy from the National Defense University

Matt Chiodi

IANS Faculty

Matt is the CSO of Public Cloud at Palo Alto Networks where he works with organizations to develop and implement security strategy for public cloud adoption and maturity. He has extensive experience in information security leadership and blogging. Matt currently leads the Cloud Threat team which is an elite group of security researchers exclusively focused on public cloud concerns. He also serves as an advisory board member for Rutgers University's Cybersecurity Certificate program.

Achievements & Noteworthy Contributions

  • Presenter at information security conferences such as RSA and BSides
  • Former CISO & VP at RedLock, a cloud security threat defense startup
  • Former Board VP and Governor of InfraGard’s Philadelphia chapter
  • Former Director and Global Head of Cloud Security Advisory Services at Cognizant
  • Former Senior Consultant and Senior Security Architect at Deloitte Consulting

Certifications & Credentials

  • BS, Business Information Systems – Messiah College
  • CISSP – (ISC)2
  • CCSK – Cloud Security Alliance

Hobbies & Fun Facts

Matt identifies as a personal growth junkie who enjoys exercising in his free time. For his first job, he directly approached the CEO of Johnson & Johnson and got the job!

Anton Chuvakin

IANS Faculty

Dr. Anton Chuvakin is now involved with security solution strategy at Google Cloud, where he arrived via Chronicle Security (an Alphabet company) acquisition in July 2019.

Anton was, until recently, a Research Vice President and Distinguished Analyst at Gartner for Technical Professionals (GTP) Security and Risk Management Strategies team. Anton is a recognized security expert in the field of log management, SIEM and PCI DSS compliance. Anton has published dozens of papers on log management, SIEM, correlation, security data analysis, PCI DSS, security management.

In addition, Anton teaches classes and presents at many security conferences across the world; he addressed audiences in United States, UK, Australia, Singapore, Spain, Russia and other countries. He works on emerging security standards and serves on advisory boards of several security start-ups. Before that, Anton was running his own security consulting practice, focusing on logging, SIEM and PCI DSS compliance for security vendors and Fortune 500 organizations. Dr. Anton Chuvakin was formerly a Director of PCI Compliance Solutions at Qualys. Previously, Anton worked at LogLogic as a Chief Logging Evangelist, tasked with educating the world about the importance of logging for security, compliance and operations.

Achievements & Noteworthy Contributions

  • Author of books "Security Warrior", "Logging and Log Management: The Authoritative Guide to Understanding the Concepts Surrounding Logging and Log Management" and "PCI Compliance, Third Edition: Understand and Implement Effective PCI Data Security Standard Compliance" (book website)
  • Contributor to "Know Your Enemy II", "Information Security Management Handbook" and other books.
  • "Security Warrior" Blog

Certifications & Credentials

  • Ph.D. in Physics, SUNY at Stony Brook, Stony Brook, NY

Mark Clancy

IANS Faculty

Mark is the CISO and VP of Cybersecurity at Sprint and is Founder of Cyber Risk Research LLC, an independent information security R&D consultancy. He also serves as an Advisor and Advisory Board Member for Global Cyber Institute and The Florida Center for Cybersecurity respectively. Mark has testified before congress three times on cybersecurity policy and is a frequent speaker on cybersecurity and technology risk management forums globally.

Achievements & Noteworthy Contributions

  • Former CTO at Emergynt (formerly Emergynt Network Defense)
  • Former CEO and Co-Founder of Soltra Solutions, a cyber threat intelligence software company
  • Former CISO and Managing Director of Technology Risk Management at Depository Trust & Clearing Corporation (DTCC)
  • Former Executive VP at Citigroup

Certifications & Credentials

  • BS, Electrical and Electronics Engineering – Drexel University

Stephen Clark

Retired Major General, United States Air Force

Stephen is the CBO (Chief Business Officer) and a board member of Summit Technology Laboratory (STL) Summit Technology Laboratory (STL), a deep tech projection mapping start-up based out of Irvine CA. Stephen serves on the boards of Education Loan Finance (ELFi), a not-for-profit student loan financial holding company, Support Systems Associates INC (SSAI) a medium size defense contractor and the Jack and Jill Late Stage Cancer Foundation (JAJF), a national charity. Stephen served 32 years in the United States Air Force Special Operations community retiring as a Major General. He is a combat pilot with multiple deployments in Bosnia, Somalia, Haiti, Afghanistan and Iraq with leadership tours at the squadron, group, wing and Task Force level.

Achievements & Noteworthy Contributions

  • Member of the National Association of Corporate Directors
  • Command pilot with over 3300 hours primarily in the AC-130H/U gunship

Certifications & Credentials

  • BA in Political Science from the University of Tennessee
  • MA in Public Administration from Troy State University
  • MA in National Security from the Naval War College
  • National Defense Fellow at Harvard University's Center for International Relations
  • Center for Creative Leadership
  • Graduate Air War College

Hobbies & Fun Facts

Fly fishing, snow skiing, road biking, hiking, cooking with a bottle of red wine and spending time in the mountains or on a lake.

Steve Coplan

IANS Faculty

Steve is the Director of Product and Solutions Marketing at BigID. He also serves as a Principal Consultant for Khova Consulting where he provides advisory services to help information security vendors, end users, and investors navigate the information security landscape. During his time at 451 Research, Steve was pivotal in establishing the firm as a leading source of analysis and insight on shifts in the information security market, focusing on the ripple effects on identity management and data security from IT shifts.

Achievements & Noteworthy Contributions

  • Former Director of Security Business Unit Strategy & Market Analysis at CA Technologies
  • Former Senior Director of Marketing & Strategy at Vaultive, a cloud security gateway vendor
  • Former Director of Product Marketing at Whale Communications (acquired by Microsoft)
  • Former Research Manager of Enterprise Security Practice at 451 Research

Certifications & Credentials

  • MSJ, Economics & Science Reporting – Northwestern University
  • BHons, Linguistics – University of Cape Town

Hobbies & Fun Facts

Steve speaks Afrikaans, Hebrew, and Zulu.

Joshua Corman

IANS Faculty

Josh is the Chief Security Officer and SVP at PTC, a global computer software and services company that provides CAD modeling, Internet of Things, and Augmented Reality software products. He is also a Co-Founder of @IamTheCavalry and @RuggedSoftware to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. Additionally, Josh serves as an adjunct faculty for Carnegie Mellon’s Heinz College.

Achievements & Noteworthy Contributions

  • Member of the 2016 HHS Cybersecurity Task Force
  • Speaker at TEDxNaperville - “Swimming with Sharks –Security in the Internet of Things” (2013)
  • Former Director of Cyber Statecraft Initiative for Atlantic Council’s Brent Scowcroft Center on International Security
  • Former CTO at Sonatype, a company that develops an integrated open source governance platform
  • Former Director of Security Intelligence at Akamai Technologies
  • Former Research Director of Enterprise Security at 451 Group, a technology-focused research and advisory firm
  • Former Principal Security Strategist and Technical Product Manager at IBM

Certifications & Credentials

  • BA, Philosophy –University of New Hampshire

Hobbies & Fun Facts

Josh is a film enthusiast who also enjoys cooking and diving in his free time.

Earl Crane

IANS Faculty

Earl Crane is a cybersecurity executive and trusted advisor to public and private sector organizations, helping them manage their strategy, risk, and cybersecurity programs. He has made appearances in The Wall Street Journal, American Banker, National Public Radio, and The Council on Foreign Relations. He has spoken at multiple conferences, including RSA, SXSW, the World Bank, and Mexico's National Cybersecurity Forum.

Achievements & Noteworthy Contributions

  • Adjunct Professor, Carnegie Mellon University and The University of Texas at Austin
  • Serves on multiple Boards of Directors and Advisory Boards
  • Former CEO, Emergynt (formerly Emergent Network Defense) Patent #9860276, Emergent Network Defense
  • Former Director, Promontory Financial Group
  • Former Director for Federal Cybersecurity, White House National Security Council
  • Letters of Commendation from Barack Obama and Lisa Monaco

Certifications & Credentials

  • Ph.D. Engineering Management, The George Washington University (Emergent Network Defense)
  • Masters ISM Carnegie Mellon University
  • BS Mech-E Carnegie Mellon University
  • CISSP, CISM, CGEIT

Hobbies & Fun Facts

Earl used to raise ducks and now raises small humans in Austin, TX.

Justin Daniels

IANS Faculty

Justin Daniels is a cybersecurity subject matter expert who is also a corporate attorney who specializes in M&A and other business transactions. He is an equity partner at the law firm Baker Donelson, an Am law 60 firm.

He has developed deep subject matter expertise in cybersecurity as he believes cybersecurity is a strategic business enterprise risk. He quarterbacks the design and implementation of cyber plans. He also handles incident response from wire fraud to ransomware. He also brings a cyber lens to business and legal issues in day to day operations, mergers and acquisitions, investment capital transactions.

Achievements & Noteworthy Contributions

  • Helped design and build cybersecurity and privacy into the DNA of a smart city initiative that tests drones, autonomous vehicles, IOT devices and first deployment of escooters in the country.
  • Ted Talk entitled "Why You Hold the Key to Cybersecurity" October 2017
  • Founder of Cybercon and Atlanta Cyber Week security conferences

Certifications & Credentials

  • BA. In Political Science & History, Virginia Tech
  • JD and MBA, Law, Accounting, Finance, Duquense University

Hobbies & Fun Facts

In his free time, Justin spends time with his wife Jodi and two daughters. He is an avid outdoor enthusiast who bikes, kayaks, hikes, ski's, snowshoes, and paddleboards. He is also a passionate squash player who plays in local tournaments.

Bill Dean

IANS Faculty

Bill is a Shareholder at LBMC Information Security,where he is responsible for security assessments, incident response, digital forensics, electronic discovery and overall litigation support. He also serves as an expert witness in federal courts and numerous state courts and has conducted digital forensic investigations and electronic discovery services to support litigation efforts. He is also an active member of the International Society for Forensic Computer Examiners and Board Member in East Tennessee’s InfraGard Chapter.

Achievements & Noteworthy Contributions

  • Former Director of Computer Forensics and Security Assessments at Sword & Shield Enterprise Security
  • Former Founder of Forensic Discoveries before merging with Sword & Shield Enterprise Security
  • Former Senior Systems Analyst at Covenant Health
  • Former Systems Manager at Citizens Bank of Tennessee

Certifications & Credentials

  • BS, Information Technology –East Tennessee State University
  • AS, Computer Science –Walters State Community College
  • Certified Computer Examiner –International Society of Forensic Computer Examiners
  • GPEN, GCIH, GCFA – GIAC
  • PCI Professional – PCI Security Standards Council

Hobbies & Fun Facts

In his free time, Bill enjoys boating, UT Football, and hanging out with his two sons.

Jared DeMott

IANS Faculty

Jared enjoys securing code and data in big tech after leading a successful startup. Jared has been passionate about cyber, since the early days of his career with the NSA. He holds a PhD from Michigan State University, and has often spoken on cyber matters at popular conferences. He was a finalist in Microsoft’s BlueHat security architecting contest, and has been on three winning Defcon capture-the-flag teams. Dr. DeMott has authored books, blogs and online courses on application security and malware analysis.

Achievements & Noteworthy Contributions

  • Big Tech Experience at Amazon and Microsoft
  • Successful startup exit
  • Speaker at information security events such as RSA, Black Hat, ToorCon, GrrCon, HITB, US Military Academy, and DerbyCon
  • Finalist in Microsoft’s BlueHat Prize contest, which helped make Microsoft customers more secure
  • Member of 3 winning Capture-the-Flag teams at DEF CON
  • Co-Author of Fuzzing for Software Security Testing and Quality Assurance (2008, 2018)
  • Former CTO for Binary Defense, an attack intelligence and security solutions company
  • Former Principal Security Researcher at Bromium and Harris Corporation
  • Former Cyber and Information Security Exploitation Engineer at NSA, Booz Allen, ASI, and FSU

Certifications & Credentials

  • PhD, Computer Science – Michigan State University
  • MS, Computer Science – The Johns Hopkins University
  • BS, Computer Networks and Systems – Ferris State University
  • Immunity Certified Network Offense Professional (NOP) – Immunity Security

Hobbies & Fun Facts

During his free time, Jared is enjoying time with his family, particularly vacationing and outdoors. Jared is a Christian and will happily discuss faith should you desire to do so.

Rocky DeStefano

IANS Faculty

Rocky is the Executive Director of Cybersecurity at JP Morgan. Rocky was a member of the USAF and subsequently supported AFCERT as part of the Incident Response Team. Rocky founded and led the Global Security Operations Center for EDS and has supported cybersecurity advancement in notable companies such as ArcSight, NetWitness, RSA and Visible Risk. At every step in his career, Rocky's focus has been to continually enhance visibility and detection solutions to defend the enterprise.

Achievements & Noteworthy Contributions

  • Former VP of Product at JASK, an advanced SIEM platform
  • Former Cyber Security Subject Matter Expert at Cloudera supporting Big Data initiatives
  • Former CEO & President of Visible Risk, a network visibility and static analysis platform

Certifications & Credentials

  • E-Business – University of Phoenix
  • AAS, Community College of the Air Force
  • CISSP – (ISC)2

Dennis Devlin

IANS Faculty

Dennis is an emeritus CISO with nearly five decades of accomplishment leading enterprise IT and information risk management in both private industry and higher education. He has built and led teams that delivered highly successful enterprise-class initiatives and programs in information security, privacy, identity management, messaging, business continuity and emergency notification. Dennis serves as a Distinguished Fellow for the Ponemon Institute and a Contributing Author for Amazon’s Security 2020.

Achievements & Noteworthy Contributions

  • Speaker at education institutions and information security conferences such as RSA and Gartner
  • Co-Founder and former CISO for SAVANTURE, Inc., a cloud security services provider
  • Former AVP for Information Security and Compliance Services at George Washington University
  • Former CISO and Adjunct Facultyat Brandeis University
  • Former Corporate VP & CSO at The Thomson Corporation (now Thomson-Reuters)
  • Former member of executive IT leadership at Harvard University

Certifications & Credentials

  • BA –University of Pennsylvania

Hobbies & Fun Facts

In his free time, Dennis enjoys digital photography, world travel and volunteering.

Ron Dilley

IANS Faculty

Ron Dilley is a leading information security practitioner and thought leader with more than two decades experience building and implementing information security practices for global companies, overseeing and revitalizing infosec teams and advising on mergers, acquisitions and divestitures from an infosec perspective. In the constantly changing infosec landscape, Ron is dedicated to staying abreast and ahead of current and emerging threats across all relevant technologies.

Mick Douglas

IANS Faculty

Mick is the Managing Partner for InfoSec Innovations, an information security advisory and research firm. He also serves as an Instructor and GIAC Advisory Board Member for the SANS Institute. Mick empowers information security professionals with useful tools and skills from his extensive experience as an analyst, consultant, and software developer.

Achievements & Noteworthy Contributions

  • Presenter at information security conferences such as ShmooCon and DerbyCon
  • Former Practice Lead DFIR for Binary Defense Systems, an attack intelligence and security solutions company
  • Former Senior Security Analyst & Research Specialist at Black Hills Information Security
  • Former Consulting Systems Analyst at Nationwide Insurance
  • Former Senior Security Engineer at Diebold
  • Former VP of Systems & Data security at Bank of America

Certifications & Credentials

  • BA, Communications – Ohio State University
  • CISSP – (ISC)2
  • GPEN, GCUX, GWEB, GSNA – GIAC

Hobbies & Fun Facts

In his free time, Mick enjoys photography, scuba diving, and the great outdoors.

Nicole Dove

IANS Faculty

Nicole is an award-winning information security leader with 17 years of experience driving results across cybersecurity, audit, global operations and relationship management functions. As Business Information Security Officer at WarnerMedia, she leads cybersecurity strategy for CNN Digital, Turner Sports and Advertising Technology businesses. Nicole uses a practical, balanced approach to maturing security programs, leveraging her experience from investment banking, media, offshoring, audit and management consulting to enable innovation, manage risk, drive operational efficiencies and improve client experience. 

Achievements & Noteworthy Contributions

  • White House Summit on the United State of Women, Changemaker Participant
  • LinkedIn Learning Cybersecurity Instructor 
  • Visiting Lecturer, Clark Atlanta University School of Business
  • International speaker (Facebook, Deloitte University, Yale School of Management, RSA, OWASP, Executive Women’s Forum)
  • Cybersecurity podcast contributor (CISO Series, CISO Talk, Defense in Depth, Urban Girl Corporate World)

Certifications & Credentials

  • Harvard University Executive Certificate, Cybersecurity: Managing Risk in the Information Age
  • Certified Internal Auditor
  • Certification in Risk Management Assurance 

Hobbies & Fun Facts

Nicole performed voice over work on two Grand Theft Auto video games, sang back up for Michael Bolton and enjoys boating, road cycling, reading and playing tennis. 

Russell Eubanks

IANS Faculty

Russell is the founder and CEO of Security Ever After and helps companies who lost their CISO reduce their cybersecurity risk. He is the former CIO and CISO of the Federal Reserve Bank of Atlanta and is a Certified Instructor and Author with the SANS Institute.

Russell has developed information security programs from the ground up and also led extensive cybersecurity teams. Russell actively seeks opportunities to add value to organizations and measurably increase their overall security posture.

Achievements & Noteworthy Contributions

  • Former CIO and CISO of the Federal Reserve Bank of Atlanta
  • Wrote the first paper on applying the Critical Security Controls without a budget
  • Instructor and Author with SANS Institute
  • Handler with the SANS Internet Storm Center

Certifications & Credentials

  • BS in computer science from the University of Tennessee at Chattanooga.
  • CISSP, CISM, GSEC, GCIA, GCIH, GPEN, GISP, GWAPT, GCPM, GCED, GCCC, GSTRT.

Hobbies & Fun Facts

In his free time, Russell studies leadership, keeps up with his wife, son and daughter.

Russell also stays busy with his recently discovered passion for running and recently ran his fourth marathon.

Summer Fowler

IANS Faculty

Summer Craze Fowler is the Chief Information Officer and Chief Information Security Officer for Argo AI, an artificial intelligence company focused on self-driving vehicle technology. In this role, she develops and leads the strategy and execution of both the IT and cybersecurity teams. Fowler also leads Facilities, Logistics, and Physical Security at Argo. She led the technical activities of the successful international acquisition of a 300+ person company in the EU. She is an expert in business continuity and cyber crisis management. Fowler currently serves as a cybersecurity expert on the audit committee of a healthcare organization with over $1B in annual revenue. She also advises the board of an international fintech company as the cybersecurity expert. Summer was recently named one of the Top 25 Women Leaders in Cyber Security in 2021 by The Software Report. 

Fowler is an accomplished C-Suite executive and cybersecurity expert with 20 years of experience developing technical strategies and leading engineering teams to achieve aggressive technical goals while also in hyper-growth mode. Prior to joining Argo, she was the technical director for cybersecurity risk & resilience at Carnegie Mellon University’s Software Engineering Institute (SEI) and was responsible for a $30M+ program portfolio. She was also a technical member at the Johns Hopkins University Applied Physics Laboratory where she designed and prioritized the Department of Defense’s $2B cybersecurity budget. Her career began as a software engineer at Northrop Grumman Corporation where she developed software for special operations forces. Fowler holds a Bachelor of Science degree in computer science and a Master of Science degree in information science and telecommunications from the University of Pittsburgh.

George Gerchow

IANS Faculty

George is Chief Security Officer at Sumo Logic, a secure, cloud-native, machine data analytics service provider. George has extensive experience in board and executive communications serving as a Board Member for ANTIVIUM, Inc., a cloud monitoring and analytic startup, and VENZA, a data protection company. Likewise, George is an Adjunct Faculty member at University of Denver and Cloud Academy, in addition to a Participant in the US Technical Advisory Group: Privacy by Design, which aims to define an international standard for consumer protection as part of ISO Project Committee 317.

Achievements & Noteworthy Contributions

  • Co-Founder of VMware Center for Policy and Compliance
  • Co-Author of Center for Internet Security QuickStart Cloud Infrastructure Benchmark v1.0.0
  • Author of the MIS|TI Fundamentals in Cloud Security course
  • Speaker at information security conferences such as RSA, AWS reInvent, Cloud Expo Silicon Valley, SANS Institute Cloud Security Summit
  • Former Global Director of Security Evangelism and Product Strategy and Director of VMware Policy and Compliance at VMware
  • Former Cloud Business Director at EMC

Hobbies & Fun Facts

George’s first language is Spanish. He is an avid snowboarder, golfer, and yogi who is always looking for the best sandwich and IPA in any city that he visits.

Jason Gillam

IANS Faculty

Jason is a Principal Security Consultant and CIO at Secure Ideas, a boutique information security consultancy that focuses on penetration testing and training, where he leverages his software design, architecture, and security testing experience. He is also the author of many extensions for Burp Suite and is a contributor to several other projects including SamuraiWTF, MobiSec, and Laudanum.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as BSides and ISSA Charlotte
  • Former Lead Security by Design Engineer at Bank of America
  • Former Software Engineer Team Lead at Vignette and Epicentric

Certifications & Credentials

  • BE, Engineering –Royal Military College of Canada
  • CISSP –(ISC)2

Hobbies & Fun Facts

In his free time, Jason enjoys running, homebrewing, and spending time with his wife and two kids.

Wolfgang Goerlich

IANS Faculty

Wolf is an Advisory CISO of Duo Security, the leading provider of unified access security and multi-factor authentication delivered through the cloud. He has held senior management roles in IT and IT security in the financial services and healthcare verticals. In addition, Wolf has held senior leadership roles in consulting firms specializing in identity and access management, governance risk and compliance, and security programs. Wolf advises clients primarily in risk management, incident response, business continuity, and secure development.

Achievements & Noteworthy Contributions

  • Former organizer of annual BSides and Converge conferences in Detroit
  • Former Senior VP of Strategic Security Programs at CBI, an information security solutions firm
  • Former VP of Consulting Services at VioPoint Inc., an information security consulting firm

Certifications & Credentials

  • CISSP - (ISC)2
  • Certified Information Systems Auditor (CISA) - ISACA

Marty Gomberg

IANS Faculty

Marty is a Senior Privacy Consultant at TrustArc, a privacy compliance and data protection software and services company. In this role, He helps clients across the US, Europe, and Asia conform to current and emerging privacy and cyber regulation. Marty is also a Consulting Product Advisory Board Member at TrustArc. He also serves clients via his independent information security advisory firm and consultancy, CYBERITE LLC, where he acts as an executive advisor for global data security, privacy, continuity and crisis management.

Achievements & Noteworthy Contributions

  • Author of CISO Redefined: Thoughts on Leadership, Business Protection, and the Chief Information Security Officer (2018)
  • Former SVP And Chief Information Officer at A+E Networks
  • Former SVP and Global Director of Governance, Security, and Business Protection at A+E Networks
  • Former VP Technical Strategies Global Corporate Finance at Chase
  • Former Vice Chair of U.S. State Department Overseas Security Advisory Council for the Media and Entertainment Industry
  • Founding Member of CIO Executive Council
  • Winner of the 2013 Member Appreciation Award from the CIO Executive Council for Outstanding Contribution to the Profession
  • International speaker on information security most recently featured in PRIVSEC in Dublin and New York City

Certifications & Credentials

  • MS; PhD ABD, Forensic Anthropology, Paleopathology, and BioBehavioral Sciences –University of Connecticut
  • BA, Physical Anthropology –SUNY Binghamton
  • CISSP – (ISC)2
  • CIPP/E –Institute of Applied Privacy Professionals

Hobbies & Fun Facts

In his free time, Marty enjoys collecting wine and spelunking in European caves to look at prehistoric paintings. To date, he has made 4 trips through northern Spain, Southern France, and the Pyrenees visiting approximately 27 caves.

Rebecca Herold

IANS Faculty

Rebecca is Founder, Owner, and CEO of Rebecca Herold, LLC aka The Privacy Professor®, an information security, privacy, IT, and compliance services firm. She also co-founded Privacy Security Brainiacs, a SaaS platform, early 2020 with her oldest son, Noah. Rebecca also serves as a Distinguished Ponemon Institute Fellow and as an Advisory Board Member for multiple technology businesses and startups. Additionally, Rebecca serves as an expert witness for diverse cases, is an advisor on multiple high school and college/university curriculum and program boards, and hosts a VoiceAmerica radio show called “Data Security & Privacy with the Privacy Professor.”

Achievements & Noteworthy Contributions

  • Top 3 finalist for the Cyber Security Woman of the Year 2020 in the Cybersecurity or Privacy Woman Law Professional category
  • Current SME on the NIST IoT Cybersecurity Development Team
  • SME on the NIST Privacy Framework Team (2018 – 2020)
  • Leader of the NIST Smart Grid CSWG Privacy Research Group (2009-16)
  • Member of the NIST Smart Grid CSWG Cyber Security Research Group (2009-16)
  • Founding Member of the IEEE P1912 Standard for Privacy and Security Architecture for Consumer Wireless Devices group
  • Member of ISACA’s International Privacy Task Force ((2012 – 2017)
  • Winner of Computerworld’s Best Privacy Advisers Award (2007, 2008, 2010)
  • Author of 20 published books and hundreds of articles and book chapters
  • Author of the “Governance” section of the ISACA CDPSE Certification Body of Knowledge Reference (publishing before the end of 2020)
  • Former Adjunct Professor at Norwich University’s MS in Information Security & Assurance program (2004-14)

Certifications & Credentials

  • MA, Computer Science & Education – University of Northern Iowa
  • BS, Mathematics & Computer Science – University of Central Missouri
  • CISSP – (ISC)2
  • CISA, CISM – ISACA
  • CIPP/US, CIPT, CIPM, FIP – IAPP
  • FLMI – Life Office Management Association

Hobbies & Fun Facts

In her free time, Rebecca enjoys renovating old houses, farming, gardening, writing, and traveling. She also enjoys watching Iowa State University football and basketball in addition to the Kansas City Chiefs and spending time with her Doberman, Jesse.

Chris Hetner

IANS Faculty

Chris Hetner is a Senior Executive, Board Director, and leader in Cybersecurity recognized for raising cyber risk to the Corporate Board level in order to protect industries, infrastructures, and economies. He creates operational resilience by aligning robust Cybersecurity strategies with business objectives. Mr. Hetner’s professional judgment combined with a public company perspective and SEC regulatory and investor oversight experience has led to his success in corporate and government roles. Currently, he is an Expert Advisor to the Institute for Defense Analyses (US Dept. of the Treasury), the Special Advisor for Cyber Risk for the NACD, and a National Board Member of the Society of Hispanic Professional Engineers. Identifying potential risks and initiating solutions that can be replicated across industries is a hallmark of his career.

Achievements & Noteworthy Contributions

  • Senior Cybersecurity Advisor, Chair of the US Securities and Exchange Commission (SEC)
  • Senior Member, US Department of Treasury Financial Banking Information Infrastructure Committee
  • United States Department of Homeland Security
  • Executive Vice President, Moody’s Cybersecurity Joint Venture
  • Managing Director, Marsh
  • Cybersecurity Practice Leader, EY Wealth and Asset Management and Private Equity
  • Global Chief Information Security Officer, GE Capital

Tanya Janca

IANS Faculty

Tanya Janca, also known as SheHacksPurple, is the author of ‘Alice and Bob Learn Application Security’. She is also the founder of We Hack Purple, an online learning academy, community and podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.

Achievements & Noteworthy Contributions

  • Founder: We Hack Purple (Academy, Community and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMonday
  • 2019 Hacker of the Year - CSWY Awards
  • CISO for 2015 Canadian General Election
  • 13.5 year’s service to the Canadian Public (Government)
  • Public Speaking Award - Algonquin College
  • Spoken and keynoted at security conferences, meetups and training events the world over
  • Currently authoring first book; Alice and Bob Learn Application Security

Hobbies & Fun Facts

Tanya is also a musician, has released 5 solo albums, plays guitar and drums and will sing karaoke any chance she gets.

Kevin Johnson

IANS Faculty

Kevin is the Founder, CEO, and Principal Security Consultant of Secure Ideas, an information security consulting company that focuses on penetration testing services and training. He is also a founder and contributor of many open source projects including the Samurai Web Testing Framework (SamuraiWTF), a web penetration testing and training environment, and the Basic Analysis and Security Engine (BASE) project, a web front-end for Snort Analysis

Achievements & Noteworthy Contributions

  • Presenter at information security conferences such as Black Hat, DEF CON, and ShmooCon in addition to organizations such as Infragard, ISACA, and ISSA
  • Former SANS Institute Senior Instructor (8 years)
  • Author of SANS Course, Security 542: Web Application Penetration Testing and Ethical Hacking
  • Former Senior Security Consultant for InGardians, an independent information security consultancy
  • Former Technical Architecture Engineer at Blue Cross Blue Shield of Florida
  • Former Programmer at ANC Rental Corp, Orlando.com, and eSiteCreation

Hobbies & Fun Facts

Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion, a Star Wars charity group.

Dave Kennedy

IANS Faculty

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Achievements & Noteworthy Contributions

  • Founding Member of the Penetration Testing Execution Standard (PTES)
  • Co-Author of Metasploit: The Penetration Testers Guide (2011)
  • Guest appearances on Fox News, CNN, CNBC, MSNBC, Huffington Post, Bloomberg, BBC, and other high-profile media outlets
  • Presenter at information security conferences such as Black Hat, RSA, DEF CON, ShmooCon, INFOSEC World, ISACA, ISSA, United Security Summit, INFOSEC Summit, Hack3rCon, BSides, and DerbyCon, which he co-created and expanded into DerbyCon Communities

Certifications & Credentials

  • BA, Business Management – Malone University
  • CISSP – (ISC)2
  • Qualified Security Assessor (QSA) – PCI Security Standards Council
  • ISO/IEC 27001 Certified – ISO
  • GSEC - GIAC
  • Certificate Professional (OSCP) & Certified Expert (OSCE) – Offensive Security
  • Global Information Assurance Gold Certification
  • Microsoft Certified Solutions Expert (MCSE) – Microsoft

John Korpal

IANS Faculty

John is an IT Security Engineer for Verizon Wireless and is a member of OWASP, ISC2, and ISSA. In his career, John has architected solutions that allowed companies to be PCI-DSS compliant, protected 100 million customers sensitive information and over 6 billion sensitive data elements, and created one of the first complete Enterprise Mobile Application Security policy for a major telecom company. He has also served by developing high-performance aircraft test systems for the US Department of Defense aircrafts such as B-1, B-2, and YF-22.

Achievements & Noteworthy Contributions

  • Former Enterprise Architect for Alltel Wireless, a wireless telecommunications provider
  • Former Senior Technical Lead for Computer Sciences Corporation, a multinational corporation that provided IT and professional services
  • Former Team Leader & System Analyst for ITT Inc., an American worldwide manufacturing company

Certifications & Credentials

  • MS, Computer Science –West Coast University
  • BS, Computer Science –California Polytechnic State University, San Luis Obispo
  • CISSP –(ISC)2
  • C|EH –EC-Council
  • CRISC –ISACA

Hobbies & Fun Facts

John holds an FCC amateur license and loves to build objects with his 3D printer.

Ondrej Krehel

IANS Faculty

Dr. Ondrej Krehel is the Founder, CEO, and Digital Forensics Lead of LIFARS LLC, an international cybersecurity and digital forensics firm. He is also the Co-Founder and an Advisory Board Member of QuBit Conference, an events and training company dedicated to connecting the information security community. Ondrej is an accomplished speaker having lectured for FBI Training Academy and the National Executive Institute. He also serves as a member of New York Metro Infragard, as the Chapter Leader of OWASP NYC, and as a Distinguished Fellow with the Ponemon Institute.

Achievements & Noteworthy Contributions

  • Featured in CNN, ABC TV, Reuters, The Wall Street Journal, and The New York Times
  • Author of “6 Skills Required for a Career in Digital Forensics” published by Forbes
  • Lecturer at FBI Training Academy, National Executive Institute
  • Expert Witness in Federal, State, and Local Courts for investigations such as UBS Tax Evasion, Madoff Investigation, and Chevron versus State of Ecuador.
  • Contribution to DoJ of Indictment of APT0, xDedic, SamSam from Iran, and Lazarus North Korea State Sponsored Hackers
  • Lecturer at Columbia University and New York University, Cyber Enterprise Risk Program
  • Guest Lecturer at New York University 
  • Certified Ethical Instructor for the US Airforce
  • Former Adjunct Professor at St. John’s University
  • Former CISO at Identity Theft 911, a premier identity theft recovery and data breach service
  • Former Digital Forensics Examiner at Stroz Friedberg, LLC
  • Former Technical Project Leader in Security at Loews Corporation

Certifications & Credentials

  • PhD, Digital Trace and Forensic Investigations – Police Academy in Bratislava
  • MS, Mathematical and Theoretical Physics – Univerzita Komenského v Bratislave
  • BS, Engineering – Technická Univerzita vo Zvolene
  • CISSP – (ISC)2
  • CEH, CEI – EC-Council
  • EnCE – Guidance Software

Hobbies & Fun Facts

In his free time, Ondrej is an Extreme Back Country Skiing Instructor. He lives his life with curiosity and a discipline for finishing whatever he starts.

Eric Kuehn

IANS Faculty

Eric is a Senior Security Consultant at Secure Ideas, an information security consulting company that focuses on security testing, assessments, and training. He has spent close to 20 years working with Microsoft infrastructures for large Fortune 100 companies. Since its release, his core focus has been Active Directory. He was the technical leader and responsible for the engineering and architecture of one of the most complex and largest AD infrastructures used by one of the world’s largest banks. This included ongoing maintenance and major enhancements of not only a highly secure authentication environment, but also of all the supporting tool sets required to monitor its health and integrity.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as BSides
  • Former Team Manager and Technical Lead of Active Directory Infrastructure Engineering at Bank of America

Certifications & Credentials

  • CISSP - (ISC)2
  • ITIL Foundation

Peter Kuper

IANS Faculty

Peter is the Managing Director at ClearSky Security, an information security solutions firm that focuses on threat intelligence services. He also serves as the Managing Partner at HypAdvisor Consulting, LLC, an advisory firm for technology companies. He is also an Advisor to the Pacific Northwest National Lab. Formerly, as the Lead Software Analyst for Morgan Stanley, he published industry-leading investment reports and led over 18 public transactions. In total, Peter was a Wall Street analyst for 15 years, which offered him the opportunity to work top executives in both public and private companies. As a visible voice for the software industry, Kuper is an active speaker to many professional and government groups.

Achievements & Noteworthy Contributions

  • Interviewed on CNBC and Bloomberg Television
  • Quoted in The Wall Street Journal, The Financial Times, and BusinessWeek
  • Speaker at information security conferences such as RSA
  • Published articles in IEEE Magazine
  • Former Partner at In-Q-Tel on their investments team

Certifications & Credentials

  • MBA – NYU Stern School of Business

Justin Leapline

IANS Faculty

Justin has over twenty years of experience in system administration, software development, and information security. His core skills include regulatory and contractual compliance, program management, payment card standards, and general governance practices and frameworks. He is the founder of episki, a cloud-based governance tool geared to help smaller organizations manage their security programs and serves as a Principal Consultant at TrustedSec.

Prior to his current roles, Justin consulted with Fortune 1000 companies in information systems, audit, governance and information security. He has led the governance and security practices for leading eCommerce and large financial services companies. Additionally, Justin has spoken at conferences concerning risk management, payment card industry (PCI), security leadership, and general information security practices.

Achievements & Noteworthy Contributions

  • Former Board Member of the Pittsburgh chapter of ISACA
  • Former Manager Security Governance & Compliance at Diebold
  • Former Director of Security at GiftCards.com
  • Former VP of Service Provider Management at BNY Mellon

Certifications & Credentials

  • CISSP – (ISC)2
  • Certified Information Systems Auditor (CISA) – ISACA
  • Certified Ethical Hacker (CEH) – EC Council
  • Certified ISO 27001 Auditor
  • PCI Qualified Security Assessor (QSA) – PCI Council

Hobbies & Fun Facts

In his free time, Justin enjoys spending time with his wife and 4 kids, dabbling at the piano, and is a tinkerer of projects.

Ryan Leirvik

IANS Faculty

Ryan is the CEO of GRIMM, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.

Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.

Achievements & Noteworthy Contributions

  • Presidential Management Follow
  • DEFCON 2014 Wireless Capture the Flag Competition winner
  • Office of the Secretary of Defense Medal for Exceptional Civilian Service

Certifications & Credentials

  • BS, Purdue University
  • MS, Virginia Tech
  • MBA, Case Western
  • Far too many SANS courses
  • CISO Cybersecurity, National Defense University
  • Overabundance of Data Warehouse Institute courses
  • Cybersecurity: The Intersection of Policy and Technology, Harvard Kennedy School

Hobbies & Fun Facts

  • Parenting — and all the humility that comes with it
  • Teacher in Finance for Junior Achievement

Dave Lewis

IANS Faculty

Dave is a Global Advisory CISO for Duo Security, a Cisco subsidiary. He has almost two decades of industry expertise with extensive experience in IT operations and management. Dave is the Founder of the security news site Liquidmatrix Security Digest and co-host of the Liquidmatrix podcast. He is also the Director & Co-Founder of OpenCERT Canada, Canada’s first open national Computer Emergency Response Team. Dave has worked finance, healthcare, entertainment, manufacturing, and critical infrastructure verticals. He also has experience consulting for federal organizations working as a Security Consultant and defense contractor to the FBI, US Navy, Social Security Administration, US Postal Service, and the US Department of Defense.

Achievements & Noteworthy Contributions

  • Member of the (ISC)2 Board of Directors
  • Writer for Decipher, PortSWigger Web Security, Forbes, and CSO Online
  • Speaker at information security conferences such as DEF CON and BSides
  • Director of BSides Las Vegas Chapter
  • Co-Founder of BSides Toronto
  • Advisor to Securosis, an information security research and advisory firm
  • Advisory Board Member for Sector Security Education Conference
  • Former Global Security Advocate at Akamai Technologies

Certifications & Credentials

  • MS, Computer & Information Systems Security/Information Assurance – Harvard University

Hobbies & Fun Facts

In his free time, Dave enjoys spending time with his family and playing bass guitar. Dave also ran as a torch bearer relay for the 2010 Winter Olympics.

Shannon Lietz

IANS Faculty

Shannon is Director of DevSecOps at Intuit and the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.

Achievements & Noteworthy Contributions

  • Winner of 2014 Scott Cook Innovation Award for developing and cultivating a world-class cloud security program for protecting sensitive data in AWS
  • Former CEO and Founder of Got Metrics, Inc. a boutique metrics company
  • Former Master Security Architect for Savvis Inc. a CenturyLink subsidiary

Certifications & Credentials

  • BS, Biomedical Science – Mount Saint Mary’s University
  • IDEO coursework – Insights for Innovation, Designing for Change, Leading for Creativity, Storytelling for Influence

Hobbies & Fun Facts

Shannon is the founder of DevOps Community, and dedicates her time towards improving and adapting security to meet the needs of innovation and agility. Inspiring the mission of uniting security with DevOps and Agile practices via experimentation and education within the security industry.

Chad Loder

IANS Faculty

Chad is Founder and CEO of Habitu8, an information security startup focused on building effective security awareness programs through training services. Prior to founding Habitu8, Chad co-founded Rapid7, a leading cyber-security company whose products are used today in over 120 countries. As VP of Engineering, Chad helped lead Rapid7 from a 3-person, privately backed startup to a successful $900MM IPO in 2015. With the combination of his technical and executive experience, Chad raises awareness authoring self-published, security-focused articles.

Achievements & Noteworthy Contributions

  • Former CISO of TrueCar, Inc.
  • Co-Founder & former VP of Security Solutions & Engineering at Rapid7
  • Co-inventor of 4 foundational patents in computer security
  • Former Open Source Developer at Open BSD

Certifications & Credentials

  • Certified Scrum Master – Scrum Alliance
  • Certified Trainer, Situational Leadership – Center for Leadership Studies

Nick Mankovich

IANS Faculty

Nick is the CEO of CyberRisk Consulting, providing risk management advisory services for corporate boards and executive leadership. Trained in biological science, Nick worked extensively in R&D and has a long history of transformational leadership in R&D, product security, enterprise security and privacy, culminating in executive CISO roles in two Fortune 500 companies.

Achievements & Noteworthy Contributions

  • Created hospital-wide networked digital radiology imaging systems (PACS)
  • Innovated in medical 3D printing for cranial implant surgery
  • Created one of the first global medical device product security programs
  • Led the Philips Healthcare Privacy Office for the first global corporation to adopt global binding corporate rules under the European Privacy Directive (EC 95/46 - predecessor to GDPR)
  • Core team leader in creating international standards for healthcare IT safety, security & risk management (ISO-IEC 81000 series)
  • Designed, created & operated two risk-based InfoSec organizations

Certifications & Credentials

  • MS & PhD Biological Sciences University of Illinois
  • BA Case Western Reserve University
  • CIPP – Certified Information Privacy Professional

Hobbies & Fun Facts

Nick enjoys woodworking, restoring historic homes, gardening and both mountain and road bicycling.

Joshua Marpet

IANS Faculty

Josh is Co-Founder and COO of Red Lion, an information security advisory and consultancy company. An internationally recognized digital forensics expert, Josh has strategized and performed on government corruption, bad compliance, protecting mission-critical data, and everything in between. Likewise, he has presented on topics ranging from Facial Recognition and National Security to audiences from government agencies, law enforcement, Fortune 5 companies, and many others.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as Black Hat, RSA, DEF CON, and BSides
  • Board member of BSides DC and BSides DE
  • Honored as one of the Top 10 Most Influential People in the BSides Movement
  • Author of a pending patent on a Blockchain based system to store forensic data with a perfect chain of custody
  • Former SVP of Compliance and Managed Services for CyberGRC, a risk management platform
  • Former Founder and CEO of BiJoTi, a security performance monitoring service
  • Former CTO of Air CommNetworks, a wireless communications and solutions provider
  • Former Senior Information Security Risk Analyst at Federal Reserve Bank of Philadelphia
  • Former Engineer at Net@Work, Yoh IT, DVTel, Inc., and Exigent Technologies
  • Testified in front of the Turkish Supreme Court on Digital Forensic Matters

Certifications & Credentials

  • BA, Psychology, Psychopharmacology, Statistics – Fairleigh Dickinson University
  • AA, Liberal Arts – Community College of Morris
  • Certified Ethical Hacker (CEH) - EC-Council
  • AccessData Certified Examiner (ACE) - AccessData

Hobbies & Fun Facts

In his free time, Josh enjoys target shooting, blacksmithing, blade making and other crafts. He has also practiced horse dentistry, broom making and historic preservation. As a former police officer and firefighter, Josh worked in the former NYC Twin Towers and in Louisiana during Hurricane Katrina. He also helped his family in New Jersey during Hurricane Sandy.

Raffael Marty

IANS Faculty

Raffy is VP of Research and Intelligence at Forcepoint where he leads Forcepoint X-Labs, a specialized group dedicated to behavior-based security research and development of predictive intelligence to Forcepoint's human-centric product portfolio. Bringing more than 20 years of cybersecurity experience across engineering, analytics, research, and strategy, Raffy is one of the industry's most respected authorities on security data analytics, big data, and visualization. As such, he serves as an advisor to many technology startups. He is the author of Applied Security Visualization and is a frequent speaker at global academic and industry events. Additionally, Raffy has held key roles at IBM Research, ArcSight, and Splunk.

Achievements & Noteworthy Contributions

  • Author of Applied Security Visualization (2008)
  • Frequent speaker at global academic and industry events
  • Former VP of Security Analytics at Sophos, a leading endpoint and network security company
  • Former Founder of Pixicloud, a visual analytics platform
  • Former Founder of Loggly, a cloud-based log management solution

Certifications & Credentials

  • MS, Computer Science - ETH Zurich

Hobbies & Fun Facts

In his free time, Raffy practices Japanese traditional Zen Buddhism through Kōan study and meditation.

Gary McAlum

IANS Faculty

Gary recently retired from USAA as their first Chief Security Officer where he was responsible for building out a holistic security program spanning Information Security, Fraud Operations, Privacy, Business Continuation, Physical Security, and Corporate Investigations.  Currently Gary provides consulting services, start-up advising, and serves on two non-profit Boards.   Prior to USAA, Gary spent a short time with Deloitte in their federal practice after an Air Force career where he served in a variety of leadership and staff positions within the information technology career field including: telecommunications, satellite communications, deployed network operations, and cybersecurity.  Most notably, Gary was on the front line of cyberspace operations for the Department of Defense where he supported the establishment and evolution of the Joint Task Force Global Network Operations, the organization that was the focal point for the operation and security of DoD information systems and networks, and pre-cursor testablishment of the US Cyber Command. 

Achievements & Noteworthy Contributions

  • Successful 25-year Air Force career in the IT/cyber career field, retiring at rank of Colonel
  • Former Chief Security Officer for USAA, a financial services company focused on military community
  • Former Chairman, Internet Security Alliance (ISA) Board of Directors and key contributor to multiple editions of NACD Handbook “Cyber Risk Oversight” authored by ISA
  • Air Force Cyberspace Operations Hall of Fame, inducted 2016
  • Regular contributor and speaker in a variety of forums, security podcasts, and media publications.
  • Board member for two non-profits:  Fisher House Inc. and National Cybersecurity Center (NCC)
  • Military Transition Mentor with American Corporate Partners (ACP)

Certifications & Credentials

  • BA, Mathematics – The Citadel
  • MS, Management Information Systems – University of Arizona
  • MS, National Resourcing Strategy – National Defense University
  • Certified Information Systems Security Professional (CISSP) – (ISC)2
  • Certified Fraud Examiner (CFE) – ACFE
  • Cybersecurity Risk Oversight Certificate - NACD
  • FBI Chief Information Security Officer (CISO) Academy
  • Executive Development Program for Security Executives – Wharton School of Business

Hobbies & Fun Facts

Besides church and hospice volunteer activities, Gary is an avid BMW motorcycle rider who enjoys long rides that end up on twisty mountain roads.

Kevin McDonald

IANS Faculty

Kevin is a Healthcare Cybersecurity Consultant working with companies such as MedSec, LogRhythm and individual healthcare providers. Kevin has over 40 years’ experience in healthcare in roles from direct patient care as a registered nurse to a Director of Information Security at Mayo Clinic. He assisted in developing the cybersecurity program at the Mayo Clinic and designed their medical device cybersecurity program.

Achievements & Noteworthy Contributions

  • Frequent presenter at the FDA, HIMSS, Gartner, RSNA American Associations of Physicists in Medicine and the American Hospital Association
  • Development of Mayo Clinic Medical Device Cybersecurity program
  • Co-Chair HSCC Joint Security Plan for Medical Devices

Certifications & Credentials

  • Bachelors in Nursing from Norther Illinois University
  • Master’s in Education from University of Wisconsin LaCrosse
  • Graduate Certification in Information Systems – City University Seattle
  • CISSP

Hobbies & Fun Facts

Kevin retired from Mayo Clinic in 2019 and enjoys camping and trout fishing “out west”.

Stephen McHenry

IANS Faculty

Stephen serves as an independent Security Consultant performing security assessments, developing information security programs and strategies, and creating remediation plans for select clients. He is also Co-Founder of Community of Practice, a Silicon-Valley-based membership organization for Engineering VPs and CTOs. Stephen has experience including building and leading worldwide teams and designing some of the world's largest Internet services.

Achievements & Noteworthy Contributions

  • Former Senior VP of Engineering at Symantec where he created their first cloud platform, a new secure cloud platform that acted as the foundation for SaaS security offerings, and a big data analytics platform
  • Former Director of Security Engineering at Google
  • Former Site Reliability Engineering Chancellor at Google managing a global team and supporting Maps, YouTube, Indexing, and Logging
  • Former Chief Architect for Netflix
  • Former VP of Engineering at Emasys, a semiconductor management software company
  • Former VP of Engineering & CTO for Fort Hill Systems, an internet content distribution company
  • Former VP of Engineering, VP of Professional Services, and CTO for Advanced Software Technologies

Certifications & Credentials

  • Strategic Negotiation Coursework – Harvard Business School
  • MS, Information and Computer Science – University of California, Irvine
  • BS, Physics & Geology – Chapman University

Tim Medin

IANS Faculty

Tim is A Principal Consultant and Founder at Red Siege, an information security company focused on adversary emulation and penetration testing. He also serves as the MSISE Program Director, Course Author, and Principal Instructor at the SANS Institute.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as BSides, Wild West Hacking Fest, DerbyCon, and ShmooCon
  • Creator of Kerberoasting, a technique to extract Kerberos tickets in order to offline attack the password of enterprise service accounts
  • Former Senior Security Consultant at FishNet Security (now Optiv)
  • Former Senior Technical Analyst at AgStar Financial Services (now Compeer) and Counter Hack
  • Former Network Engineer at LeTourneau University
  • Former Software Engineer at Tegron

Certifications & Credentials

  • MBA – University of Texas, Tyler
  • BS, Electrical Engineering – LeTourneau University
  • GWAPT, GPEN, GMOB, GCED, GCIH – GIAC

Hobbies & Fun Facts

In his free time, Tim enjoys traveling and watching football.

Jennifer Minella

IANS Faculty

Jennifer (JJ) Minella is an internationally-recognized authority on network and wireless security, an author and public speaker. A network architect turned advisory CISO and infosec leader, in the past ~15 years she's worked with organizations up to Fortune 50 on strategies ranging from network security to leadership. She is also the creator of the Mindfulness-Based Leadership for Infosec workshop series. Jennifer is the founder and principal advisor of Viszen Security, offering technical strategy and coaching solutions to CXOs and practitioner.

Achievements & Noteworthy Contributions

  • Author including co-author of “Low Tech Hacking” and various CISSP courseware versions
  • International speaker including NSA Trusted Computing, RSA Conference, INFOSEC World, BruCon, Sector, Wireless Technology Forum, DeepSec, (ISC)2 Security Summit Hong Kong, Interop, Techno Security, (ISC)2 Security Congress, BSides, various local, state gov, education and healthcare conferences, various events for FBI and US Secret Service ECTF
  • Contributor to community efforts including biomedical device security task force in healthcare and security, wireless and secure networking in other vertical task forces
  • Program committee member for RSAC USA, Executive Women’s Forum (EWF) and others
  • Published writer in Dark Reading, Information Security Magazine, Network Computing and others
  • Creator of Mindfulness-Based Leadership for Infosec workshops
  • Former (ISC)2 chairperson and board member
  • Former SC Magazine Top 10 Power Players
  • Former VP of Engineering & Security for Carolina Advanced Digital, Inc.
  • Invited VIP/technical ambassador for multiple technology manufacturers including Juniper and HPE
  • Former member National Speakers Association (NSA)
  • Cyberpatriot mentor for Cyber Security in high schools
  • #4 Global Security Thought Leadership
  • Author of award-winning Security Uncorked blog

Certifications & Credentials

  • (ISC)2 CISSP
  • Google's Search Inside Yourself Leadership Training
  • Certified Wireless IoT Solutions Administrator (CWISA)
  • Numerous technical certifications around WiFi, IoT, switch/route, security, AI and AIOps

Hobbies & Fun Facts

In her spare time aside from cyber security mentorship and volunteering, Jen gets in to all kinds of things. She's a World Record powerlifter and former competitive ballroom dancer who loves reading and the outdoors. She's traded in her Ducati for a kayak and still enjoys Figment the Imagination Dragon. She can usually be lured anywhere with promises of rye whisky.

Rich Mogull

IANS Faculty

Rich is CEO and Analyst for Securosis, an information security research and advisory firm, in addition to Founder and Vice President of Product at DisruptOPS, a cloud environment monitoring platform. Prior to founding Securosis, he was Research Vice President for Gartner’s security team where he also served as Research Co-Chair for the Gartner Security Summit. Additionally,Rich has served as an independent consultant, web application developer, software development manager, and a systems and network administrator.

Achievements & Noteworthy Contributions

  • Primary Author of the Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing
  • Principle course designer for the Cloud Security Alliance CCSK training
  • Security Editor of the online media platform, TidBITS
  • Published writer in Dark Reading, Information Security Magazine, and Macworld
  • Presenter at information security conferences such as RSA and DEF CON
  • Paramedic First Responder for US Department of Health and Human Services

Certifications & Credentials

  • BA, History –University of Colorado
  • CISSP –(ISC)2

Hobbies & Fun Facts

In his free time, Rich enjoys cycling and most outdoor sports capable of causing serious bodily injury. He is also a member of the 501st Legion (a Star Wars charity group).

Josh More

IANS Faculty

Josh is the Owner and President of Eyra Security, an information security and business improvement consulting firm that specializes in helping startups and organizations in transition take advantage of lean and agile methods, open source technology, and varied frameworks used for security, risk management, and compliance. He also serves on the GIAC Advisory Board. Additionally, as an active member in the information security community, Josh is a member of ISSA, Agile Iowa, OWASP, DC612, Central Iowa Area Linux Users Group and Infragard.

Achievements & Noteworthy Contributions

  • President Emeritus of Central Iowa Area Linux Users Group
  • President Emeritus of Iowa Cyber sector of Infragard
  • Co-Author of Breaking into Information Security: Crafting a Custom Career Path to Get the Job You Really Want (2016)
  • Author of Job Reconnaissance: Using Hacking Skills to Win the Job Hunt (2013)
  • Author of Assessing Vendors: A Hands-On Guide to Assessing Infosec and IT Vendors (2013)
  • Co-Author of UTM Security with Fortinet: Mastering FortiOS (2012)
  • Former Senior Security Consultant at RJS Smart Security and Alliance Technologies

Certifications & Credentials

  • BA, Physics – Grinnell College
  • CISSP – (ISC)2
  • GSLC, GCIH – GIAC
  • Novell Certified Linux Professional (NCLP)
  • Red Hat Certified Engineer (RHCE)

Hobbies & Fun Facts

In his free time, Josh enjoys reading books from various genres including business, photography, mythology, mythic fiction and natural history. He also enjoys practicing photography, cooking, and other artistic sciences.

Shamla Naidoo

IANS Faculty

Shamla is the Head of Cloud Strategy and Innovation at Netskope and a former Managing Partner and Global CISO at IBM. She is a Board Director at both QBE and Stonebridge Acquisition Capital and a Board Member at ReferencePoint. Shamla’s experience spans 38+ years in a variety of sectors and 6 continents, making her an expert in cross-cultural collaboration and working across industries. She is recognized as a leader in applying security to enable priorities of the business. Her background also includes authoring and teaching several courses for the University of Illinois Chicago School of Law in technology, security, and privacy law. Shamla coaches professionals on leadership, board communication and how to align security with strategic business initiatives. 

Achievements & Noteworthy Contributions

  • Presenter at WCD, NACD, American Bar Association, several federal agencies, and many conferences
  • Interviewed by Forbes, New York Times, and Wall Street Journal
  • Member of the Security 50, a community of World 50, NACD (National Association of Corporate Directors), and WCD (Women's Corporate Directors)

Certifications & Credentials

  • JD -- University of Illinois Chicago School of Law
  • Bachelor’s degree, Information Systems and Economics – University of South Africa 
  • Diploma in MIS from South African Institute of Management

Chris Nickerson

IANS Faculty

Chris is the Co-Founder and CEO of LARES Consulting, an information security consulting firm that leverages a blend of assessment, testing, and coaching. He also serves on the Board of Directors at CREST, an international not-for-profit accreditation and certification body that represents and supports the technical information security market.

Achievements & Noteworthy Contributions

  • Appeared on Tiger Team on TruTV
  • TEDx Presenter, Hackers are all about curiosity, and security is just a feeling
  • Founding member of the Penetration Testing Execution Standard (PTES)
  • Co-founder of the BSides security conferences
  • Speaker at information security conferences such as DEFCON, CyberWeek, and BlackHat
  • Author of Red Team Testing: Offensive Security Techniques for Network Defense (2016)
  • Collaborator with the Red Team Alliance Training Collective
  • Former Senior Information Security Compliance Manager at Sprint

Certifications & Credentials

  • IEM, IAM –National Security Agency(NSA)
  • CISA – ISACA
  • CISSP – (ISC)2
  • BS7799

Hobbies & Fun Facts

In his free time, Chris can be found out on the ski slopes or playing with his dogs.

Davi Ottenheimer

IANS Faculty

Davi is Security Architect at Inrupt, Inc., a company that supports Solid, a web decentralization project founded by the inventor of the World Wide Web, Tim Berners-Lee. He is also the Founder and President of flying penguin LLC, an information security consulting firm that focuses on risk mitigation and incident response solutions. Additionally, he serves as a Visiting Lecturer at St Pölten University of Applied Sciences (Fachhochschule St Pölten) in Austria, an Affiliate for the Policy Innovation Lab of Tomorrow (PILOT) at Penn State University, as well as an Advisory Board Member at Cyral, Anjuana Security, and Accenture. Davi has helped serve customer data protection needs across many industries including data storage and management, software, investment, banking, international retail, as well as higher education, healthcare and aerospace.

Achievements & Noteworthy Contributions

  • Author of Realities of Securing Big Data(2020)
  • Co-author of Securing the Virtual Environment: How to Defend the Enterprise Against Attack(2012)
  • Established the RSA Conference Excellence in Humanitarian Service Award
  • Former Board Member for the Payment Card Industry Security Alliance and the Silicon Valley chapters of ISACA and OWASP
  • Former VP of Trust and Digital Ethics at MongoDB, a database for cloud-based application development
  • Former Global Manager of Communications Security at Barclays Global Investors (now Black Rock)
  • Former Senior Director of Trust at EMC
  • Led the redesign and launch of http://security.yahoo.comwhile serving as Dedicated Paranoid
  • Founder and Chairman of the Board at poetry.org

Certifications & Credentials

  • MSc, International History –The London School of Economics and Political Science
  • BA, Philosophy & Political Science –Macalester College
  • CISSP – (ISC)2
  • CISM – ISACA
  • PA-QSA, QSA – PCI SSC

Carlos Perez

IANS Faculty

Carlos is a Principal Consultant and Research Team Team Lead for TrustedSec, an information security consulting company. Carlos was the Director of Reverse Engineering and Integrations for a major Vulnerability Management company where he lead the team efforts in reversing protocols and vulnerabilities for the expansion of vulnerability scanning products, he also lead the team search and reporting of zero-day vulnerabilities on multiple consumer and enterprise products. Carlos is also an independent trainer having trained both offense and defensive principals to private and government customer.

Achievements & Noteworthy Contributions

  • Microsoft MVP (Most Valuable Professional)
  • Metasploit Developer for multiple years
  • Founding member of the "Penetration Testing Execution Standard" (PTES)
  • Board member of multiple non-profit organizations on STEM
  • Trained multiple units of the Marine Corp Cyberspace Command

Michael Pinch

IANS Faculty

Mike is the director at Security Risk Advisors, an information security advisory and solutions firm. As an experienced healthcare and education technology executive, Mike has overseen and managed software development and innovation groups in the information security realm. He has had the unique experience of fulfilling CISO and CTO roles in the healthcare payer, provider, and medical device manufacturer spaces.

Achievements & Noteworthy Contributions

  • Former CISO and CTO at University of Rochester
  • Former CISO at University of Rochester Medical Center
  • Former Adjunct Professor at Rochester Institute of Technology
  • Former CTO at Palladian Health

Certifications & Credentials

  • MS, Computing Security & Information Assurance –Rochester Institute of Technology
  • MBA, Technology Management & Management Information Systems –Rochester Institute of Technology
  • BS, Computer Science –Union College

Hobbies & Fun Facts

In his free time, you can find Mike snowboarding, mountain biking, or training and competing in triathlons.

Chris Poulin

IANS Faculty

Chris is a Principal Consulting Engineer at BitSight Technologies, an information security risk management company that created the security ratings platform market. He has 35 years in information security and served in a variety of technical and management roles ranging from a programmer for the US intelligence community to founder and CEO of his own consultancy. Chris’s experience has spanned many industries working in organizations as large as IBM in addition to small startups. Although he spent almost a decade building the IoT security practice at IBM and running an Industrial Control and automotive security practice at Booz Allen, his current focus has shifted to enterprise risk. Bringing his broad experience in information security, Chris also serves as a mentor and advisor to science and technology organizations.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences and private events
  • Contributing engineer to IBM’s Cyber Watson prototype
  • Former Principal and Director of IoT at Booz Allen Hamilton
  • Former Security Research Strategist (X-Force) at IBM
  • Former CSO at Q1 Labs (IBM Security)
  • Former Owner, Founder, & CEO of FireTower, Inc., a boutique information security consultancy

Hobbies & Fun Facts

In his free time, Chris is making or breaking new technology, hiking, rock climbing, or appreciating fine wine and craft brews. Having grown up in India and Africa, as a son of an international economist, Chris speaks French and enjoys traveling—especially to tropical locales.

Teri Radichel

IANS Faculty

Teri Radichel is the CEO of 2nd Sight Lab, a cloud security company that offers cloud security training, penetration tests, and cloud security assessments to organizations worldwide. She is the author of the book Cybersecurity for Executives in the Age of Cloud, an AWS Hero and meetup organizer, a member of the IANS Faculty and Infragard, and received the SANS 2017 Difference Makers Award for security innovation. Teri holds numerous cloud security certifications, including the GSE, which many regard as one of the most challenging certifications to obtain in cybersecurity. She was a member of the original Capital One cloud team and has worked as Cloud Architect, Director of SAAS Engineering, and now CEO, helping companies secure their clouds. Teri has spoken at numerous conferences worldwide including AWS re:Invent, re:Inforce, RSA, OWASP AppSec Day, and Serverless Days, to name a few.

Achievements & Noteworthy Contributions

  • Winner of the SANS Differences Makers Award in 2017
  • Organizer of Seattle AWS meetup which has almost 3,000 members
  • Presenter at information security conferences such as RSA, AWS re:Invent, Microsoft Build, ISACA Congress, OWASP AppSec Day, ServerlessDays London, and BSides
  • Published writer in Dark Reading, Infosecurity Magazine, Secplicity.com, and her own cloud security blog (https://medium.com/cloud-security)
  • Founding member of SANS Cloud Security Curriculum Advisory Board
  • Former Instructor at the SANS Institute
  • Author of widely referenced papers in the SANS Institute reading room

Certifications & Credentials

  • BA, Business – University of Washington
  • MA, Software Engineering – Seattle University
  • MA, Information Security Engineering – SANS Technology Institute
  • AWS Hero – Amazon
  • GSE, GSEC, GCIH, GCIA, GCPM, GCCC, GREM, GPEN, GXPN – GIAC

Hobbies & Fun Facts

Teri is an avid traveler and has visited all 50 states in the US. She also taught herself to program TI Basic in grade school.

Marcus Ranum

IANS Faculty

Marcus is a semi-retired independent consultant and technology advisor to start-ups and large enterprises. He is recognized as an innovator in firewall technology and the implementer of the first commercial firewall product. Marcus’s work has been cited in at least 15 published U.S. patents in addition to computer and network security articles and books.

Achievements & Noteworthy Contributions

  • Designer of firewall products such as DEC SEAL, TIS firewall toolkit, Gauntlet firewall, and NFR's Network Flight intrusion detection system
  • Builder of the first internet email service for the whitehouse.gov domain
  • Winner of the ISSA Fellowship and inducted into ISSA’s all of fame
  • Winner of the Techno-Security Professional of the Year award
  • Co-Author of Host Intrusion Monitoring Using Osiris and Samhain (2005)
  • Author of The Myth of Homeland Security (2003)
  • Co-Author of Web Security Sourcebook (1997)
  • Former Instructor for SANS Institute
  • Former CSO at Tenable Network Security, an information security monitoring company
  • Former Founder, CEO, and CTO of Network Flight Recorder
  • Former Chief Scientist at Trusted Information Systems and V-One

Certifications & Credentials

  • BA, Psychology –Johns Hopkins University

Hobbies & Fun Facts

In his spare time, Marcus likes playing strategy games, taking photos, making soap, woodworking, or forging swords.

Ron Ritchey

IANS Faculty

Ron is a seasoned technologist specializing in cyber security with over 30 years of experience in the IT industry. Currently, he is the global lead for Cyber Architecture at JP Morgan Chase. His group is responsible for designing secure solutions to support their clients and employees. He is also an active researcher and speaker in the Information Assurance (IA) field and is widely published on network security topics including co-authoring books on Software Assurance and Insider Threats.

Achievements & Noteworthy Contributions

  • Former Chief Scientist for Information Security at Bank of America
  • Former Faculty at The SANS Institute and George Mason University
  • Former Industrial Advisory Board Member at George Mason University’s Volgenau School of Engineering
  • Former Principal at Booz Allen Hamilton, a technology-focused management consulting company
  • Holder of many US Patent and Trademark Office granted patents on cyber security related innovations
  • Co-Author of Inside Network Perimeter Security (2002, 2005)
  • Co-Author of Guide to IPSEC VPNs (2005)

Certifications & Credentials

  • PhD, Information Technology – George Mason University
  • MS, Computer Science – George Mason University
  • Graduate Certificate, Software Engineering – George Mason University
  • BS, Computer Science – George Mason University
  • CISSP – (ISC)2

Hobbies & Fun Facts

Not only is Ron an IoT hacker, he is also a pilot and amateur barista.

Katrina Rodzon

IANS Faculty

Kati is a Product Manager at a pharmaceutical company in Salt Lake City and an independent Behavior Design, Methodology, and Analytics Expert. She has applied her diverse set of skills to creating, implementing and evaluating innovative security awareness programs for Fortune 100 companies. Likewise, she has assisted in creating effective social engineering tools and testing scenarios for penetration testing teams. Kati also has experience managing curriculum strategy and content development in psychology to information technology for both online and live instruction.

Achievements & Noteworthy Contributions

  • Former Security Program Manager & Product Manager of Bugcrowd Inc., a crowdsourced security platform

Certifications & Credentials

  • ABD-Ph.D., Cognitive Psychology and Behavior Analysis – Utah State University
  • MA, Research and Experimental Psychology – San Francisco State University
  • BA, Psychology – California State University, Bakersfield

Hobbies & Fun Facts

In her free time, Kati works as a professional solo and duo aerialist performer and teacher. She also takes full advantage of the SLC outdoor fun of through rock climbing, hiking, skiing, and mountain biking.

Mike Rothman

IANS Faculty

Mike is the President of Securosis, an information security research and advisory firm, as well as Co-Founder and President of DisruptOps, a cloud detection and response company. His breadth of experience in the information security space and bold perspectives are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike started practicing and advising on security topics over 25 years ago, and he’s been trying to get out of the business ever since…to no avail.

Achievements & Noteworthy Contributions

  • Author of The Pragmatic CSO, which details how technical security practitioners can thrive as a CISO
  • Spearheaded META Group’s initial foray into information security research
  • Founded and acted as President of Security Incite, an information security analyst firm
  • Founded SHYM Technology, a pioneer in the PKI software market
  • Held Marketing and Strategy positions at CipherTrust, TruSecure, and eIQ Networks

Certifications & Credentials

  • BS, Operations Research and Industrial Engineering – Cornell University

Hobbies & Fun Facts

Mike has been to 23 of the past 24 RSA Conferences. Of the 1000+ talks Mike has given over the years, he is most proud of the mindfulness talk he gave at RSA in 2014 (Google "Rothman RSA Neurohacking”).

Adrian Sanabria

IANS Faculty

Adrian is an Advocate at Thinkst Applied Research and also serves as an information security Advisor. He has spent his career exploring many aspects of the industry, from the enterprise side to the vendor side. From consulting and industry analysis to entrepreneurship, mentoring and building local communities.

Adrian is an optimist, a compulsive researcher and seeks out patterns in all things. He is always trying to see the big picture; how things fit. His most recent research takes both a deep and high-level look at the core reasons why security defenses continue to fail in many organizations.

Achievements & Noteworthy Contributions

  • Author and Presenter on topics that challenge conventional wisdom in the information security space
  • Founder of BSides Knoxville, East Tennessee's premier cybersecurity event
  • Founder of DC865, Knoxville's area DEFCON group
  • Contributor to the Penetration Testing Execution Standard (PTES)
  • Frequent volunteer to community efforts including the Cavalry, BioHacking DEFCON Village, Medical Device DEFCON Village, the National Board of InfoSec Examiners (NBISE), open-source data-loss prevention tools and several CIS benchmarks
  • Discovers and reports many critical vulnerabilities in commercial products

Mike Saurbaugh

IANS Faculty

Mike is the director of technical alliances with Cofense (formerly PhishMe), a phishing defense solutions organization, as well as the founder and principal consultant of First Security Alliance LLC, an independent information security advisory and assessment consultancy. He also serves as a mentor with Queen City Fintech in Charlotte, NC and was a Stars Mentor with MACH37 Cyber Accelerator. Likewise, Mike has served on the Cybersecurity Curriculum Advisory Committee at Alfred State College and Corning Community College in addition to regularly volunteer teaching high school students in cybersecurity fundamentals.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as InfoSec World, (ISC)2, SecTor, ISACA, and Evanta
  • Journal Author for ISACA
  • Former Research Director at SecurityCurrent an online, security-focused publication
  • Former Head of Information Security and Technology Services at Corning Credit Union

Certifications & Credentials

  • MS, Information Assurance – Walsh College
  • BSE, Education – State University of New York College at Cortland
  • Certificateof Study–Rochester Institute of Technology
  • CISSP – (ISC)2
  • CISM, CRISC – ISACA

Hobbies & Fun Facts

In his free time, he loves to spend time with his wife and two daughters, work out, drive his Jeep Wrangler, and cook.

Justin Searle

IANS Faculty

Justin is the Director of ICS Security at InGuardians, specializing in Industrial Control Systems (ICS) security architecture design and penetration testing. He also led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and has played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has authored and taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences.

Achievements & Noteworthy Contributions

  • Senior Instructor at SANS Institute (9+ years) teaching courses on Advanced Web Penetration Testing and ICS Security Essentials
  • Instructor at Black Hat (10+ years) teaching “Assessing and Exploiting” series of courses for ICS and Web Applications
  • Creator and maintainer of The Control Things Platform open source project
  • Co-leader of Samurai Web Testing Framework (SamuraiWTF) and Samurai Security Testing Framework for Utilities (SamuraiSTFU) open source projects
  • Presenter at information security conferences such as Black Hat, DEFCON, OWASP, Toorcon, Brucon, Nullcon, and AusCERT
  • Former Owner and CEO of UtiliSec, an information security consultancy focused on ICS services
  • Former IT Security Architect at JetBlue Airways
  • Former Professor at ITT Technical Institute

Certifications & Credentials

  • MBA, International Technology –American InterContinental University
  • BS, Technology Education (Computer Science & Electrical Engineering) –Brigham Young University
  • CISSP – (ISC)2
  • GCIH, GCIA, GWAPT, GICSP – GIAC

Hobbies & Fun Facts

Justin is a SCUBA dive master, private pilot, and licensed Master Class falconer. Justin and his wife own a small ranch in Utah where they breed and train Andalusian horses for use in Dressage and Working Equitation.

Richard Seiersen

IANS Faculty

Richard is the Co-Founder and CEO of Soluble, an early-stage information security startup that helps their clients discover, manage, and remediate cloud risks in one platform. He also serves as an advisor to security and technology startups including Wallarm, Respond Software Inc., RiskRecon, AnChain.ai Inc, and Uptycs. In addition to publishing security-focused books with Wiley, Richard focuses on developing quantitatively informed strategies, building agile teams that scale,and making digital risk measurable.

Achievements & Noteworthy Contributions

  • Author of The Metrics Manifesto: Confronting Security with Data (2020)
  • Co-Author of How to Measure Anything in Cybersecurity Risk (2016)
  • Speaker at information security conferences such as RSA and Black Hat
  • Former Adjunct Faculty at Carnegie Mellon Universityin their DoD CISO program
  • Former CISO & SVP at LendingClub, a peer-to-peer lending company
  • Former CISO & VP of Trust at Twilio Inc., a cloud communications platform SaaS company
  • Former VP & General Manager of Cyber Security and Privacy at GE Healthcare
  • Former Director of Cyber Security at Kaiser Permanente

Certifications & Credentials

  • Graduate Coursework, Predictive Analytics – Northwestern University
  • MA, Counseling: Emphasis Decision Analysis - John F. Kennedy University
  • BM, Classical Guitar Performance – California State University, Northridge
  • CISSP – (ISC)2
  • CREA – Information Assurance Certification Review Board (IACRB)
  • GIAC Systems and Network Auditor – GIAC

Dave Shackleford

IANS Faculty

Dave is the Founder and Principal Consultant with Voodoo Security, an information security consulting firm with broad expertise. He is also a Senior Instructor, Analyst, and Course Author for the SANS Institute and a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. In addition, Dave has served as Co-Chair of the Cloud Security Alliance (CSA) Top Threats Working Group and founded the CSA Atlanta Chapter. Dave has consulted with hundreds of organizations in the areas of security, regulatory compliance, network architecture, and engineering. He has also worked as a security architect, analyst, and manager for several Fortune 500 companies.

Achievements & Noteworthy Contributions

  • Former CSO for Configuresoft
  • Former CTO for the Center for Internet Security
  • Speaker at information security conferences such as RSA, DEF CON, and BSides
  • Author of Virtualization Security: Protecting Virtualized Environments (2012)

Certifications & Credentials

  • MBA – Georgia State University
  • BS, Computer Information Systems – Kennesaw State University
  • BS, Psychology & Microbiology – Georgia State University
  • CISSP – (ISC)2

Hobbies & Fun Facts

In his free time, Dave enjoys running, camping, cooking and playing music (piano, guitar and DJing).

Tyler Shields

IANS Faculty

Tyler is Vice President of Strategy for Sonatype, a security and DevOps software vendor, headquartered in Fulton, Maryland. His previous roles include starting, leading, and growing security technology companies including CA Technologies, Signal Sciences, Veracode, Symantec, LURHQ, and @Stake. Tyler is an active investor, board member, and advisor to numerous young cyber security firms.

Achievements & Noteworthy Contributions

  • Authored and published research papers on the detection of rootkit and anti-debugging technology with static analysis techniques
  • Authored the world’s first mobile spyware system targeting Blackberry phones
  • Expert commentator featured in Rolling Stone, Bloomberg, Forbes, Reuters, and the LA Times
  • Contributor to multiple television and radio interviews for both National Public Radio and the BBC

Certifications & Credentials

  • MBA - University of North Carolina, Chapel Hill
  • MS, Computer Science - James Madison University
  • BS, Information Technology - Rochester Institute of Technology

Idan Shoham

IANS Faculty

Idan is the founder of M-Tech Innovations, Inc., (acquired in 2008 and renamed Hitachi) an angel investment firm specializing in Canadian B2B technology startups. Idan led the product development and roadmap strategy and was responsible for customer services at M-Tech and subsequently Hitachi ID for 28 years. During his tenure, the company released password management automation software in 1996, user provisioning/IAM in 2002 and PAM in 2007. Idan has worked with many corporate, government and higher education customers world-wide to implement process automation including IAM and PAM controls across their on-premises and cloud-hosted systems and applications.

Prior to founding Hitachi ID Systems in 1992, Idan provided network security consulting services to large organizations such as Shell, Amoco, BP Canada and Talisman Energy.

Achievements & Noteworthy Contributions

  • Founder of an IAM/PAM software vendor
  • A member of corporate and advisory boards.
  • An angel investor in Canadian B2B technology startups

Certifications & Credentials

M.Sc. in Electrical Engineering with Computer Minor – University of Calgary.

Hobbies & Fun Facts

Idan is an avid skier, hiker, road cyclist and mountain biker who enjoys spending as much time as possible outdoors.

Adam Shostack

IANS Faculty

Adam is a leading expert on threat modeling, and a consultant, entrepreneur, technologist, author and game designer. He currently helps organizations improve their security via his independent information security solutions firm, Shostack & Associates, focused on delivering high-impact training and consulting in threat modeling, secure development, and DevSecOps. He also serves as a MACH37™ Stars Network Mentor and an advisor to many startups including NTrepid, Continuum, and Judo Security. Previously, he worked at Microsoft where he drove the Autorun fix into Windows Update, was the lead designer of the SDL Threat Modeling Tool v3 and creator of the "Elevation of Privilege" game.

Achievements & Noteworthy Contributions

  • Member of the Blackhat Review Board
  • Co-created the Common Vulnerabilities and Exposures (CVE®)
  • Lead designer of Microsoft SDL Threat Modeling Tool
  • Author of Threat Modeling: Designing for Security (2014)
  • Co-author of The New School of Information Security (2008)
  • Creator of Elevation of Privilege: The Threat Modeling Game

Gal Shpantzer

IANS Faculty

Gal Shpantzer has been a full-time security consultant since the year 2000, providing (mostly good) advice to early-stage tech startups, security vendors, Ivy League universities, non-profits, and Fortune 50 clients. Gal owns and operates a boutique consultancy focused on vCISO and Observability Pipeline services that enable modern, scalable, user-friendly, auditable, and forensically ready security programs. Gal leads security programs and projects that empower business and technical leadership to prevent, detect and respond to security incidents, including threats to confidentiality (sophisticated IP theft) and availability (DDoS, ransomware).

Achievements & Noteworthy Contributions

  • Contributed to global security/privacy standards in the energy sector (NIST 7628, ES-C2M2)
  • Architected and deployed a high-speed streaming analytics data pipeline and multi-petabyte data lake for a Fortune 100 megaglobocorp, enabling drastically reduced MTTD. Provided flexible, real-time, ultra-scale observability to CISO and CIO orgs in on-prem and multi-cloud endpoint/network/server workloads and applications. Project included the largest supported MiNiFi deployment in the world.
  • Expert witness for a billion-dollar GSA protest relating to managed security services
  • SANS Newsbites co-editor since 2002. Quoted in Scientific American, eWeek, Dark Reading, Governing.com and others.

Hobbies & Fun Facts

Wildlife photography, anything on/under the water (SCUBA diving/snorkeling/swimming/kayaking), winter camping/snowshoeing, emergency first aid. Gal enjoys desert and frozen landscapes, and spoofing song lyrics with infosec themes.

Caleb Sima

IANS Faculty

Caleb is the VP of Security at Databricks, a Unified Data Analytics Platform. Previously, he served as the Managing Vice President of Cyber Security at CapitalOne. Caleb has held many executive-level positions at information technology and security companies in addition to starting and running his own companies. Currently, he also serves as an Investor & Advisor to Pindrop Security.

Achievements & Noteworthy Contributions

  • Co-Author of Hacking Exposed Web Applications (2006, 2010)
  • Former CEO & Co-Founder of BlueBox Security (acquired by Lookout)
  • Former CEO of Armorize Technologies (acquired by Proofpoint), aa SaaS based malware monitoring and code security analysis firm
  • Former CTO of HP’s Application Security Center
  • Former CTO & Founder of SPI Dynamics (acquired by HP)
  • Former Senior Security Consultant and X-Force Researcher at Internet Security Systems (acquired by IBM)

Certifications & Credentials

  • Executive Education – Harvard Business School

Hobbies & Fun Facts

In his free time, Caleb enjoys poker, car racing, and motorcycles.

Anand Singh

IANS Faculty

Anand is a seasoned Information Security practitioner with domain expertise of healthcare, retail, ecommerce, and finance. His CISO roles span the spectrum of Fortune 100 to early stage companies. Anand’s personal mission is to drive solutioning of complexities and challenges in the Information Security space such as Cloud security, board oversight of cybersecurity programs, cybersecurity talent grooming and advancement, and emerging threats. Anand also serves as an adjunct faculty at Mitchell Hamline School of Law teaching Incident Management and Response.

Achievements & Noteworthy Contributions

  • Keynotes at HIMSS, ACM etc.
  • Advisor to startups
  • Articles in ACM, Attorney at Law Magazine, and ISACA Journal

Certifications & Credentials

  • PhD, Computer Science from University of Minnesota
  • MS, Computers Science from Purdue University
  • CISM and CISSP certifications

Hobbies & Fun Facts

Anand is a voracious reader and a twitter geek. He loves to work with tools in his spare time as well as watch (and re-watch) anything Star Wars related.

John Strand

IANS Faculty

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Achievements & Noteworthy Contributions

  • Co-author of Offensive Countermeasures: The Art of Active Defense (2013)
  • Contributor to the Penetration Testing Execution Standard (PTES)
  • Contributor to the 20 Critical Controls frameworks
  • Former co-host of Hack Naked TV and Security Weekly podcasts
  • Presenter at information security conferences such as RSA and Black Hat
  • Author of Black Hat’s "Active Defense, Offensive Countermeasures, and Hacking Back" course
  • Author of SANS Institute’s "Hacker Tools, Techniques, Exploits and Incident Handling" course
  • Former Information Assurance lead at Northrop Grumman and Accenture Certifications & Credentials

Certifications & Credentials

  • CISSP – (ISC)2
  • GCIH – GIAC

Hobbies & Fun Facts

In his free time, John enjoys mountain biking, AT Skinning (or Ski Touring) and ranching.

James Tarala

IANS Faculty

James is Principal Consultant, Co-Founder, and President of Enclave Security, an information security consulting firm specializing in governance that is based in Venice Florida. As a consultant, he has focused on architecting and assessing large enterprise IT security and infrastructure architectures. He has also assisted organizations in security management, operational practices, and regulatory compliance issues. He often performs independent security audits and assists internal audit groups in developing their internal audit programs. James also serves as a Senior Instructor, Course Author, editor, and regular speaker with the SANS Institute.

Achievements & Noteworthy Contributions

  • Speaker at information security conferences such as RSA
  • Lead Technical Editor of the Center for Internet Security’s Critical Security Controls
  • Author of the Open Threat Taxonomy open source project
  • Creator of tools at AuditScripts.com

Certifications & Credentials

  • MA, Information Security Engineering – SANS Technology Institute
  • Master’s Certificate, Information Assurance – University of Maryland Global Campus
  • BS, Linguistics - Cairn University (Formerly Philadelphia Biblical University)

Hobbies & Fun Facts

In his free time, James enjoys the Florida sunshine, spending time outdoors (away from computer screens), running, and exercising.

Kelli Tarala

IANS Faculty

Kelli is a Principal Consultant and Co-Founder of Enclave Security, an information security consulting firm specializing in governance. As a security architect and project manager, she specializes in IT audit, governance, policy library development, and information assurance strategies. She is a courseware author for the SANS Institute as well as one of the lead technical editors for the Center for Internet Security’s Critical Security Controls. She is also the lead author for many of the governance resources and creator of tools and policies at AuditScripts.com. You can follow her on Twitter @KelliTarala

Achievements & Noteworthy Contributions

  • Former Senior Enterprise Security Engineer for WPS Health Insurance
  • Former IT Project Manager for Kerry Group
  • Former Senior Network Architect for Integrated Information Systems Inc

Certifications & Credentials

  • Master’s Certificate, Information Technology Project Management – University of Wisconsin, Madison
  • BFA, English Language and Literature – University of Wisconsin, Eau Claire
  • BA, English – Technical Writing – University of Wisconsin, Eau Claire
  • Project Management Professional (PMP)
  • CISSP, HCISSP – (ISC)2
  • CISA, CGEIT – ISACA
  • GCCC, GSEC – GIAC

Hobbies & Fun Facts

Kelli enjoys the Florida lifestyle including kayaking, paddle boarding, and snorkeling. She also likes to run and read mysteries and science fiction.

Joff Thyer

IANS Faculty

Joff is a Security Analyst and Penetration Testerat Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis, and exploit research. He is also an Instructor at the SANS Institute where he primarily teaches the use of Python for information security purposes.

Achievements & Noteworthy Contributions

  • Co-host on the Security Weekly podcast
  • Speaker at information security conferences such as DerbyCon
  • Former Senior Security Consultant at NWN Corporation, a security innovation SaaS platform
  • Former Senior Network Security Architect & Pen Tester at University of North Carolina, Greensboro

Certifications & Credentials

  • MS, Computer Science – University of North Carolina, Greensboro
  • BS, Mathematics – University of North Carolina, Greensboro
  • GPEN, GWAPT, GXPN, GCIA, GCIA Gold–GIAC

Hobbies & Fun Facts

When Joff isn’t working or co-hosting the Security Weekly podcast, he enjoys making music and woodworking.

Jonathan Trull

IANS Faculty

Jonathan is the Global Director for the Microsoft Enterprise Cybersecurity Group. In this role, he leads a team of security advisors who provide strategic direction on the development of Microsoft security products and services. He also serves as a member of Microsoft’s Internal Risk Management Committee and is a principle author of the Microsoft Security Intelligence Report. Jonathan also serves as an Affiliate Faculty member in Research Assurance at Regis University and serves as an advisor to security startups and venture capital firms.

Achievements & Noteworthy Contributions

  • Recognized as one of the "People Who Made a Difference in Cybersecurity” by the SANS Institute
  • Participant in the Cloud Security Alliance Top Threats Working Group
  • Presenter at security conferences such as RSA, Black Hat, and CSO50
  • Principal author of the Center for Internet Security Azure Security Foundations Benchmark
  • Former VP and CISO at Optiv Inc., a pure-play cyber security solutions provider
  • Former CISO at Qualys, a cloud security and compliance solutions provider
  • Former CISO for the State of Colorado where he established Colorado’s first Cyber Crime Task Force
  • Former LCDR – Intelligence Officer for the US Navy Reserve

Certifications & Credentials

  • CISO Executive Certification – Carnegie Mellon University
  • MA, Public Administration – University of North Texas
  • BS, Criminal Justice - Metropolitan State University of Denver
  • Certified Cloud Security Professional (CCSP) – ISC2
  • Certified Information Security Professional (CISSP) – ISC2
  • Certified Information Systems Auditor (CISA) – ISACA
  • Offensive Security Certified Professional (OSCP) – Offensive Security

Hobbies & Fun Facts

If he wasn't a CISO, Trull suspects that he would work for a non-profit organization, perhaps as an international health aid worker.

Aaron Turner

IANS Faculty

Aaron Turner is the Founder & CEO of Siriux Security, a SaaS posture management company which partners with IANS on M365 security consulting projects. He is also a member of the board and security advisor to HighSide and CTO of Integricell. Aaron is a long-serving member of the RSA Conference Program Committee, helping select educational content presented at the annual RSA Conference.

Achievements & Noteworthy Contributions

  • Congressional witness to help set policy for US critical infrastructure protection
  • Winner of SC Media's 2019 Top Executive Leaders of the Last 30 Years award
  • Information security leader for the Government of Luxemborg’s Technoport® business incubation program
  • Testified before the US House of Representatives to help shape national critical infrastructure protection strategy in 2007
  • Interviewed for NBC Washington News and AP News on cellular network vulnerabilities
  • VP of Security Research and Development at Verifone after 2015 Terreo acquisition
  • Former Co-Founder and CEO of Terreo, an IoT security company focused on credit card skimming detection
  • Former Co-Founder and CEO of RFinity, a mobile payment technology company that was eventually sold to a global mobile network operator in 2010
  • Former Security Strategist at the Department of Energy’s Idaho National Laboratory investigating the impact of system vulnerabilities in commodity software on public utilities funded by the DHS, DOE, and DOD. He was on the team which conducted the ‘Aurora’ attack against a simulated power grid.
  • Founding Member of many Microsoft information security teams (1999-2006) and coordinated field security testing of Microsoft technologies such as Active Directory, SQL Server, Exchange Server, BitLocker, Windows Update, and Windows Firewall.
  • Recognized by Bill Gates for technical excellence and leadership during security incidents involving Microsoft technologies in 2000 and 2003

Certifications & Credentials

  • JD Candidate – Dedman School of Law, Southern Methodist University
  • BA, Spanish Linguistics – Brigham Young University

Hobbies & Fun Facts

In his free time, Aaron enjoys restoring 1960's split-window VW buses and arranging and recording vocal music with his brothers and daughters. He has completed several Cordon Bleu culinary education programs and volunteers as a Spanish translator for immigration court proceedings. He is an avid traveler, having visited over 80 countries around the world.

John Visneski

IANS Faculty

John is the Director of Information Security and Data Protection Officer at The Pokémon Company International where he has built their security team and achieved GDPR Compliance. Before joining Pokémon, he served as a Cyberspace Operations Officer for the US Air Force where he supported operations in Iraq and Afghanistan. John also served as Chief of Executive Communications for the Chief of Staff and Secretary of the US Air Force supporting intelligence operations that shaped policy at the Pentagon.

Achievements & Noteworthy Contributions

  • Featured in the Wall Street Journal, Computerworld.com, and SiliconAngle.com
  • Featured on the Master of Data and Serverless Smarts podcasts
  • Interviewed for CloudAcademy.com and CIO Dive
  • Former Cyberspace Operations Officer at the US Air Force

Certifications & Credentials

  • BS, Computer Science – Seattle University
  • CISSP – (ISC)2

Hobbies & Fun Facts

John is a Seattle sports fan and enjoys running in his free time.

Ismael Valenzuela

IANS Faculty

Ismael Valenzuela is coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering, and a Senior Principal Engineer at McAfee, where he leads research on threat hunting using machine-learning and expert-system driven investigations. Prior to his current role at McAfee, Ismael led the delivery of SOC, IR & Forensics services for the Foundstone Services team within Intel globally. Previously, Ismael worked as Global IT Security Manager for iSOFT Group Ltd. and founded one of the first security consultancies in Spain in 2000.

Achievements & Noteworthy Contributions

  • 22 yrs. blending highly technical skills with business acumen.
  • Recognized as industry leader by public and private organizations.
  • Regular advisor to top 50 Fortune companies worldwide.
  • Top-rated author & instructor for SANS, reaching over 165,000 professionals globally.
  • 60+ publications & talks published in the last 4 years.
  • Author of rastrea2r tool presented at BlackHat USA in ‘16 & ‘18.
  • 15 active certifications, including highly prestigious GSE #132.
  • Featured in best selling book ‘Tribe of Hackers: BlueTeam edition.

Certifications & Credentials

  • CISM, CISSP, GSE, GCIH, GCIA, GPEN, GCUX, GCWN, GCFA, GMON, GREM, GSNA, GWAPT
  • ITIL Service Management Foundation Certification
  • IRCA ISO 270001 Lead Auditor, Bureau Veritas UK

Kenneth van Wyk

IANS Faculty

Ken is the President and Principal Consultant of KRvW Associates, LLC, an independent information security consulting company, and a Visiting Scientist at Carnegie Mellon University. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. Ken is a frequent speaker at technical conferences, and has presented papers and training for CSI, ISF, USENIX, FIRST, CERT, among others.

Achievements & Noteworthy Contributions

  • Former Steering Committee and Board of Directors Member for the Forum of Incident Response and Security Teams (FIRST)
  • Co-founder of Carnegie Mellon University’s Computer Emergency Response Team (CERT®)
  • Project Leader of Open Web Application Security Project’s (OWASP) iGoat project
  • Former Member on the Board of Directors for SecAppDev.org
  • Former Monthly Columnist for Computerworld.com
  • Lead author of Enterprise Software Security: A Confluence of Disciplines (2014)
  • Co-author of Rugged Handbook (2012)
  • Co-author of Secure Coding (2003)
  • Co-author of Incident Response (2001)

Certifications & Credentials

  • Graduate Coursework,Software Engineering – Carnegie Mellon University
  • Graduate Coursework, Computer Science – Lehigh University
  • BSME –Lehigh University

Hobbies & Fun Facts

Ken is a dual citizen of the EU (England) and the USA and holds a current U.S. Department of Defense TOP SECRET clearance. In his free time, Ken enjoys travel, cooking, Saints football, and spoiling a couple of basset hounds. He also volunteers his time teaching firearms safety as an NRA certified instructor.

Mike Webber

IANS Faculty

Currently consulting, Mike was the head of cyber security at 2 of Canada's iconic companies, and also served as CIO at one of them. Mike's scope included security of application development, of IT systems, and of global cloud services, as well as compliance for the corporation and customer services.

Achievements & Noteworthy Contributions

  • Former CIO & CISO for BlackBerry, developer of secure smartphones, and security software and services.
  • Led a secure IT business transformation from a hardware company to a security software and services company.
  • Recruited, developed, and retained, excellent security teams.
  • Led the architecture development for a huge and successful global telco network. 
  • Speaker at global security conferences such as AISA Cyber Con and Siberx. 
  • Achieved FedRAMP certification for a customer service offering.
  • Trustee Director of the Board for AT&T Pensions UK 

Certifications & Credentials

  • MBCS CITP
  • BSc Geology & Chemistry - University of Reading

Hobbies & Fun Facts

He enjoys kayaking, dog walks, MMO gaming, and good food and wine.

Justin Wilder

IANS Faculty

Justin is a Vice President at In-Q-Tel, a non-profit strategic investor serving the Intelligence Community, where he oversees a portfolio of innovative cybersecurity companies solving complex challenges at the intersection of National Security and Commercial Industry. He has also led research and technical diligence exploration for developmental investments that shape Digital Forensics, Behavioral Analytics, Endpoint Protection, Orchestration and Automation, and Software Assurance early-stage startups.

Achievements & Noteworthy Contributions

  • Former Operations Director and Principal Scientist at Siege Technologies, LLC
  • Former Principal Engineer at System Planning Cooperation supporting DARPA’s Information Operations Research and Development Programs
  • Former Information Assurance/Computer Network Defense, a global security and aerospace company
  • Former Project Manager and Security Engineer for Telos Corporation, an Intelligence-focused information security company

Certifications & Credentials

  • MS, Computer Science (Computer & Network Security) – George Washington University
  • BS, Electrical Engineering – University of Maryland

Jake Williams

IANS Faculty

Jake Williams, the CTO and Co-Founder of BreachQuest and Rendition Infosec, has two decades of experience in secure network design, penetration testing, incident response, forensics and malware reverse engineering. Prior to founding BreachQuest and Rendition Infosec, Williams worked with various government agencies in information security. Williams is an IANS Faculty Member and works as a SANS Analyst. He is a prolific speaker on topics in information security and has trained thousands of people on incident response, red team operations, reverse engineering, cyber threat intelligence, and other information security topics. Jake is the two time winner of the DC3 Digital Forensics Challenge, a recipient of the DoD Exceptional Civilian Service Award, and is one of only a handful of people to ever be certified as Master Network Exploitation Operator by the US Government.

Achievements & Noteworthy Contributions

  • Two-Time Winner of the Annual DC3 Forensics Challenge
  • Speaker at information security conferences such as Black Hat, DEF CON, ShmooCon, RSA, and DC3
  • Designated a Master Computer Network Exploitation (CNE) Operator by the NSA
  • Former Vulnerability Analyst at US Department of Defense
  • Former Senior Systems Engineer at Dell Services

Certifications & Credentials

  • MSIA, Information Assurance –Capitol College
  • GSE, GSNA, GCFE, GREM, GCWN, GCIA, GCIH, GPEN, GCFA, GXPN, GSEC –GIAC

Jason Witty

IANS Faculty

Jason is the Chief Security Officer at USAA and former Global Chief Information Security Officer and CIO of the Cybersecurity & Technology Controls division at JPMorgan Chase. He is an experienced leader with both strong technical skills and wide-ranging risk management experience. Jason served as CISO at US Bancorp where he was responsible for enterprise-wide customer authentication products and provided accountability for all information security controls in the company. Prior to his role at US Bancorp, Jason was the Senior Vice President and Cyber Threat Prevention Services Executive at Bank of America and led a team who provided global information security risk prevention and deterrence services.

Achievements & Noteworthy Contributions

  • Vice-Chair of the Analysis & Resilience Center for Systemic Risk (the ARC)
  • Vice-Chair of the National Technology Security Coalition (NTSC)
  • Member of Security 50
  • Chair of Financial Services Information Sharing and Analysis Center (FS-ISAC) from 2014-2019
  • Sector Chief for Financial Services in FBI Chicago’s Infragard program

Certifications & Credentials

  • Certified Information Systems Security Management Professional (ISSMP)
  • Bachelors degree in Electrical Engineering Technology - Old Dominion University

Hobbies & Fun Facts

Jason is married with three children; a martial artist with a 3rd Degree Black Belt in Wol Ge Kwan Hapkido; and also studies Ryushin Shouchi Ryu Iaido (Japanese Sword.)

Philip Young

IANS Faculty

Philip is senior vice president of an offensive security research group at a multinational, Fortune 500 financial services company. He is a leading expert and thought leader in mainframe cyber security with a special focus on the z/OS platform. Philip has built mainframe security programs for multiple Fortune 100 organizations using both vendor and public toolsets. Philip also develops information security coursework to educate the next generation of practitioners, raises awareness about mainframe security, and encourages more organizations to effectively prioritize their risk profiles.

Achievements & Noteworthy Contributions

  • Keynote speaker at SHARE and GSE on mainframe penetration testing
  • Speaker at information security conferences such as Black Hat, RSA, DEF CON, ShmooCon, and BSides
  • Contributor to Nmap and Metasploit open source projects
  • Former Information Security Specialist at Visa
  • Former IT Audit Security Professional at Grant Thornton, an accounting and advisory organization
  • Former Senior IT Auditor at Ernst & Young

Certifications & Credentials

  • BS, Computer Science – Wilfrid Laurier University
  • CISSP – (ISC)2
  • CISA – ISACA
  • Offensive Security Certified Professional (OSCP) – Offensive Security
  • Microsoft Certified Solutions Expert (MISE) – Microsoft
  • Security+ – CompTIA

Hobbies & Fun Facts

In his free time, Philip enjoys retro art, computing, gaming, and swimming with his two boys.

Sounil Yu

IANS Faculty

Sounil Yu has over 30 years of hands-on experience creating, breaking and fixing computer and network systems. He is the creator of the Cyber Defense Matrix and the DIE Resiliency Framework, teaches Cybersecurity Technologies as an adjunct professor, co-chairs Art into Science: A Conference on Defense, and advises many security startups. His specialties include leading innovation programs, intern programs, and a thriving startup culture to meet emerging cybersecurity needs. He often serves as a challenge function and change agent to drive unconventional thinking and alternative approaches to hard problems in security.

Achievements & Noteworthy Contributions

  • Board Member of SCVX
  • Board Member of FAIR Institute
  • Fellow at the National Security Institute
  • Former Chief Security Scientist at Bank of America
  • Frequent speaker at several information security conferences

Certifications & Credentials

  • MS, Electrical Engineering - Virginia Tech
  • BS, Electrical Engineering - Duke University
  • BA, Economics - Duke University
  • GIAC Certified Penetration Tester
  • GIAC Certified Forensic Analyst

Hobbies & Fun Facts

In his non-existent, imaginary free time, Sounil tries to beat his oldest son in Starcraft and Clash of Clans.

How can you engage with our Faculty?

We deliver what CISOs and their teams need most: unbiased, practical advice; the ability to speak with professionals who understand their challenges; and peer interaction to keep their knowledge and skills fresh and up-to-date.

Decision Support

End-User Decision Support is our flagship offering delivered through an annual subscription service designed for CISOs and their teams. IANS connects you with independent experts and practitioners who have 'been there, seen it, and done it,' enabling you to accelerate your capabilities and make informed decisions.

Learn More

Consulting

We work with you to shape engagements and provision them with the right IANS Faculty experts. Your project will never be staffed with junior level consultants. Our expertise is built from hands-on experience. We staff your project with doers who recommend actions, and then help you take them.

Learn More

Events

Our events feature IANS Faculty members who offer a breadth of in-the-weeds advice and high-level guidance for the entire security team. Designed for you to engage with like-minded security professionals in a supportive environment, you’ll learn from a variety of industry approaches and use cases.

Learn More
  
 

Want to know more? Let us know how we can help you.

Success! Thanks for filling out our form! Loading animation

* Required Fields