Faculty Directory

Alexis is a Principal at AG Partner, a cybersecurity solutions firm specializing in security architecture, evaluating and implementing cybersecurity programs, and advising organizations of all sizes across security domains. Previously, she was the Chief Security Architect and Merchant Technology Change Executive at Bank of America; she has also spent considerable time with the federal civilian cybersecurity organizations on policy and technical programs. 

Justin has over twenty years of experience in system administration, software development, and information security. His core skills include regulatory and contractual compliance, program management, payment card standards, general governance, privacy practices and frameworks. He founded episki, a cloud-based governance tool geared toward helping mid-market organizations manage their security programs. Justin also performs fractional CISO and security consulting services for various clients in multiple industries, including areas involving GRC, DevSecOps, Privacy, and other matters. Before his current roles, Justin consulted with Fortune 1000 companies in information systems, audit, governance, and cybersecurity. He has led the governance and security practices for leading eCommerce and large financial services companies. Additionally, Justin has spoken at conferences concerning risk management, the payment card industry (PCI), security leadership, and general information security practices. Justin is one of the hosts of the monthly podcast, Distilled Security Podcast. 

Dustin is the Co-founder and Chief Product and Technology Officer at Katilyst, which enhances corporate security culture through engaging security champion programs. Previously, Dustin spent over a decade in technical roles as a software engineer and application architect in retail, US Department of Defense (DoD), and video game industries before moving into cybersecurity executive leadership and successfully implementing cybersecurity, application security, and security culture programs at large and small companies.

Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.

Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.

Dave has 30 years of industry experience. He has extensive experience in IT security operations and management. Dave is the Global Advisory CISO and Head of the Special Operations & Engagements team for 1Password. He is the founder of the security site Liquidmatrix Security Digest & podcast. He is currently a member of the board of directors for BSides Las Vegas. Dave has previously worked in critical infrastructure for 9 years as well as for companies such as Duo Security, Akamai, Cisco, AMD and IBM. Previously he served on the board of directors for (ISC)2 as well as being a founder of the BSides Toronto conference. Dave was a DEF CON speaker operations goon for 13 years. Lewis also serves on the advisory board for the Black Hat Sector Security Conference in Canada and the CFP review board for 44CON in the UK. Dave has previously written columns for Forbes, CSO Online, Huffington Post, The Daily Swig and others. 

Shannon is the Founder and CEO of ThirdScore. This followed her role as VP, Security at Adobe, where she led Product and Software Security. Shannon is also the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.

Anna is the Vice President Risk Officer Digital at the Navy Federal Credit Union. She returned to Navy Federal in 2023 from her previous time here from 2019 to 2021, when she was as Vice President of Vulnerability, Risk and Enterprise Security Services. Prior to her current role, Anna was the Senior Vice President Advance Cyber Defense and Digital Forensics and Incident Report teams at Booz Allen Hamilton Commercial sector. Before her time with NFCU and Booz Allen, Anna managed Global Information Security Engineering and Operations for Marriott International. In her earlier career days, Anna held various positions in the security field with Accenture and Sun Microsystems/Oracle.  As a technology executive, Anna is focusing on empowering innovation, fostering collaboration, and promoting risk-based approach to security. Her mission is to protect and enable the business by transforming the culture from “No” to “KNOW”. 

Josh is executive director of GuardedRisk, a firm devoted to the security and compliance of law firms, insurance companies, data processors and their clients. An internationally recognized digital forensics expert, Josh has strategized and performed on government corruption, bad compliance, protecting mission-critical data, and everything in between. Likewise, he has presented on topics ranging from Facial Recognition and National Security to audiences from government agencies, law enforcement, Fortune 5 companies, and many others.

Steve is a partner in Artico Search’s cybersecurity practice. He is an expert in security executive recruiting and compensation focused on recruiting best-in-class CISOs and their teams across various industries. He leads strategic partnerships and initiatives including Artico’s annual CISO compensation & budget survey conducted in collaboration with IANS.

Prior to Artico, Steve served in Caldwell Partner's cybersecurity practice and at Russell Reynolds associates.

Raffy is VP of Research and Intelligence at Forcepoint where he leads Forcepoint X-Labs, a specialized group dedicated to behavior-based security research and development of predictive intelligence to Forcepoint's human-centric product portfolio. Bringing more than 20 years of cybersecurity experience across engineering, analytics, research, and strategy, Raffy is one of the industry's most respected authorities on security data analytics, big data, and visualization. As such, he serves as an advisor to many technology startups. He is the author of Applied Security Visualization and is a frequent speaker at global academic and industry events. Additionally, Raffy has held key roles at IBM Research, ArcSight, and Splunk.

Gary recently retired from AIG as their Chief Information Security Officer where he led the global cybersecurity risk management program while working closely the Executive Leadership Team to drive information security strategy for the company.  In addition to his IANS Faculty work, Gary currently provides CISO advisory support to HiddenLayer, a cybersecurity company that specializes in security for artificial intelligence and machine learning systems.  Prior to AIG, Gary served as Senior Vice President at USAA and was their first Chief Security Officer where he was responsible for building out a holistic security program spanning Information Security, Fraud Operations, Privacy, Business Continuation, Physical Security, and Corporate Investigations. Gary spent a short time with Deloitte in their federal practice after a 25-year career as an Air Force officer where he served in a variety of leadership and staff positions within the information technology career field including: telecommunications, satellite communications, deployed network operations, and cybersecurity.  Most notably, Gary was on the front line of cyberspace operations for the Department of Defense where he supported the establishment and evolution of the Joint Task Force Global Network Operations, the organization that was the focal point for the operation and security of DoD information systems and networks, and pre-cursor to establishment of the US Cyber Command.

Stephen serves as an independent Security Consultant performing security assessments, developing information security programs and strategies, and creating remediation plans for select clients. He is also Co-Founder of Community of Practice, a Silicon-Valley-based membership organization for Engineering VPs and CTOs. Stephen has experience including building and leading worldwide teams and designing some of the world's largest Internet services.

Tim is a Principal Consultant and Founder at Red Siege, an information security company focused on adversary emulation and penetration testing. He also serves as the MSISE Program Director, Course Author, and Principal Instructor at the SANS Institute.

Author of “Wireless Security Architecture”, “Low Tech Hacking” and other titles, Jennifer (JJ) Minella has been named as a Top 10 Power Player in cyber security by SC Magazine. As an advisor to more than 50 Fortune-rated companies and hundreds of others, JJ brings a uniquely energetic approach to cyber security, blending deep technical experience with strategic guidance. Her ability to connect with audiences and articulate technical concepts in simple terms has taken her all over the world. She is also the creator of the Mindfulness-Based Leadership for Infosec workshop series. Jennifer is the founder and principal advisor of Viszen Security, offering technical strategy and coaching solutions to CXOs and practitioners.

Rich is CEO and Analyst for Securosis, an information security research and advisory firm, in addition to Founder and Vice President of Product at DisruptOPS, a cloud environment monitoring platform. Prior to founding Securosis, he was Research Vice President for Gartner’s security team where he also served as Research Co-Chair for the Gartner Security Summit. Additionally, Rich has served as an independent consultant, web application developer, software development manager, and a systems and network administrator.