Senior Project Lead, Trend Micro
Vic Hargrave is a software architect at Trend Micro where he develops data analytics systems using Elasticsearch and other big data technologies for Internet security and threat research. Vic is active on the OSSEC project and a regular contributor to Trend Micro’s Simply Security and Security Intelligence blogs. When he’s not slaving away over a hot keyboard, Vic enjoys spending time with friends over a good cup of coffee.
Dick Hacking has a rich background in Operating System development and support roles. His first encounter with the nefarious side of hacking was when a vendor brought two supposedly identical new 3.5” diskettes containing a new driver which, when scanned before installation, had two different viruses on them. Since then Unisys, HP, and NetApp have benefitted from his experience in addressing product security issues. At NetApp Mr Hacking put together an organization to meet the ISO requirements that are the subject of his talk even before he knew of the existence of the draft standards. Currently unaffiliated, Mr Hacking is seeking his next position.
With over 20 years of experience heading up major initiatives for leading organizations around the globe, Rob’s knowledge and understanding of business development, information security and global product and service launches is extensive. Prior to founding BEW Global, Robert Eggebrecht was an integral part of several high-technology businesses offering solutions including enterprise business applications, communications and information security. He held positions with TicketMaster, Qwest, Level 3 Communications, Gemplex and Virtela, working domestically throughout the US as well as internationally on assignments in Tokyo, London and Denmark. In these positions Rob was primarily focused on corporate finance, product management, business development and technology based service delivery. He holds a degree in International Business from the University of Denver and management certificates from Georgetown and Stanford University. Rob is an active member in the ISO 27000 community and successfully completed the ISO 27001 Lead Auditor Course and exam.
Director of Professional Services, AlienVault
Santiago Bassett is a central member of the AlienVault team since the earliest days of the Open Source SIEM (OSSIM) project. With over 10 years of IT Security experience, covering advanced network security implementation with Open Source technologies, he has led large enterprise projects in Europe and the US. His solid technical knowledge of intrusion detection and security management systems correlates with an intrinsic ability to design, develop and implement security software. Santiago is also a core team member of the OSSEC (Open Source HIDS) project, collaborating as developer and integrator. He has been a speaker in other Security conferences such as RootedCon, Campus Party, OSSECCon and previous editions of Cornerstones of Trust.
Director, AlienVault Labs
Jaime Blasco is a Security Researcher with broad experience in network security and malware analysis. At AlienVault, Jaime manages the Lab and runs the Vulnerability Research Team in charge of researching and integrating threat intelligence into detection mechanisms. Prior to working in AlienVault he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. He is based in San Francisco. Jaime's work in emerging threats and targeted attacks is frequently cited in international publications such as New York Times, BBC, Washington Post and Al Jazeera.
Intelligence Director, Palo Alto Networks
Ryan is the director of the Palo Alto Networks threat intelligence team, responsible for collection, analysis and production of intelligence on adversaries targeting organizations around the world. Prior to joining Palo Alto Networks Ryan served as Senior Manager in Verisign’s iDefense Threat Intelligence service. His area of expertise is detecting and identifying actors and groups conducting cyber-crime and cyber-espionage operations. Ryan is a contributing author to the book Cyber Fraud: Tactics, Techniques and Procedures, and primary author of Cyber Security Essentials. He holds a Bachelor of Science degree in management information systems from Iowa State University, and a Master of Science degree in security informatics from The Johns Hopkins University.
Co-Founder and CEO, ObjectSecurity
Dr. Ulrich Lang is co-inventor, co-founder and CEO of ObjectSecurity, a highly innovative cyber security company with many high-profile customers. Dr. Lang serves as a technical expert on copyright infringement litigation, patent litigation, software business fraud etc. Letters of recommendation for all of Dr. Lang's previous cases are available upon request. He is also a frequent public speaker and educator on cyber security (for paid commercial workshops, university lectures, and conferences). He was previously a PhD researcher (1998-2003) at the Computer Laboratory (Security Group) at University of Cambridge, one of the top universities in the world. His PhD research on access policies for software applications was funded by the UK Ministry of Defence (DERA). Dr. Lang has over 17 years of experience in cyber security, over 23 years of experience in software and computer science, and over 12 years of experience as a high-tech entrepreneur. Dr. Lang's expertise includes most areas of cyber security, especially software security, middleware technologies, internet technologies, and model-driven concepts. Thanks to spending over 12 years as a software entrepreneur, he is also an experienced expert for software business fraud cases. For example, Dr. Lang has worked on an extensive technical expert report for the plaintiff side on a copyright infringement case, and on a software business fraud case, verifying validity and infringement. Dr. Lang is available for all other software and cyber security technical expert plaintiff and defense cases. Dr. Lang is also well-suited for cyber security patent cases and Markman presentations, because he co-invented and co-authored several extensive, highly technical cyber security patent applications. Dr. Lang also completed a Master's Degree (M. Sc.) in Information Security with distinction from Royal Holloway College (University of London) in 1997.
Mr. Mullen's background includes Software Systems Engineering with concentration in security, object technology and networking for commercial and government customers. He is the President & CEO of Promia, supporting a global grid of interconnected network appliances for asset state monitoring, security event monitoring, enterprise network mapping and cyber leak defense for the US Navy. His teams have delivered commercial products and global IT systems for military, government and commercial customers in oil, banking, telecommunications and energy.
Director, Customer Success, NuData Security
Ryan Wilk is the Director – Customer Success at NuData Security. In his role at NuData, Ryan is responsible for ensuring the success of every NuData customer during the lifetime of the partnership. This includes guiding customers through the implementation process in addition to managing the post-implementation relationship. In his previous role Ryan was the Manager, Trust and Safety at StubHub, an ebay company. In his role at StubHub Ryan managed the order review team and was responsible for the operation and optimization of StubHub’s fraud management tools. Prior to joining StubHub Ryan spent 8 years with Universal Parks & Resorts (UPR). During his tenure at UPR Ryan established and implemented the eCommerce Loss Prevention teams at both Universal Orlando Resort and Universal Studios Hollywood. Ryan has also been active in the industry at large founding and chairing the MRC’s Ticket Affinity Group as well as creating the Theme Park Round Table. Previous speaking engagements include: -Mobile Commerce and Payment Innovation Summit 2014 -CNP Expo 2014 -MRC Conference 2014 -Accertify User Group Conference 2014 -ThreatMetrix User Group Conference 2013 -MasterCard Academy of Risk 2013
CEO, Proficiency Labs International
Dr. Tyrone W A Grandison is the CEO of Proficiency Labs International, which specializes in supporting organizations design, build and evaluate privacy and security solutions for their systems. He is one of the managing partners of METIS, Inc. - a services company that specializes in solving organizational problems. He co-founded woyhd.org, a service to help consumers to determine the privacy awareness of mobile healthcare apps. He is the co-founder of Hipaantrepeneurs, a service to help healthcare professionals with compliance with healthcare law. He is one of the founding chairs of the Diversity in Privacy and Security Seminar (Di-PaSS) series, which seeks to increase the number of minority professionals and researchers in the privacy and security space. He is a founding partner of Wonder Women Hacks, which is a hackathon dedicated to increasing the number of women in tech, providing a support system for female technologists and helping to solve issues relevant to women. He is a founding partner of Hacks for Humanity (a collaboration with Arizona State University's Project Humanities), which seeks to develop technology to reconnect people to their humanity. He is also an Adjunct Professor at the University of Technology in Kingston, Jamaica. Dr. Grandison was the CTO/co-founder of EqualityTV, where he lead the platform and technical strategy initiatives. More at http://www.tyronegrandison.org/bio.html
CEO, Unified Compliance
Craig Isaacs is CEO of Unified Compliance, a company focused on the science of compliance, including harmonization methods, metrics, systems continuity, and governance. Craig is responsible for making the company’s flagship product, the Unified Compliance Framework® (UCF), the cornerstone of IT compliance. The UCF reduces expenses, limits liability, and leverages the value of compliance-related technologies and services across the enterprise. Prior to joining Unified Compliance, Craig was president of Neon Software through their acquisition by SolarWinds. Craig was responsible for shepherding Neon's award-winning LANsurveyor software into the market and securing its place as the number one selling automated network documentation tool with Microsoft's release of LANsurveyor for Microsoft Office Visio. Prior to Neon Software, Isaacs spent 10 years as vice president, sales and marketing, for Dantz Development Corporation, which was acquired by EMC. During his tenure at Dantz, the organization achieved greater than 90% market share for Retrospect in the Macintosh market and released Retrospect for Windows with OEM agreements from key hardware vendors, including Sony and Maxtor. Craig has also held international sales, strategic marketing, and product management positions at a number of other technology companies, including UNIX 4GL/RDBMS vendor Unify Corporation. Craig has spoken at many conferences, seminars, and trainings such as MacWorld Expo where he had more than 5,000 attendees, Mactivity, Shared Assessments seminar, PacificIT Pros seminar, BMUG, Curated Content webinar, and “An Evening of Champions” conferences with Oakland Athletics announcer Dick Callahan and KNBR Radios, Gary Radnich. He has also been either a guest or host for hundreds of webinars.
Manager, Systems Operations, Fiserv
• Professional with 18 years of experience in Information Technology including Development, Architecture, System Operations, Information Security and Compliance • Current work domains: For the past 7 years, I have been working in Systems Operations, Security Infrastructure, IT Governance, Audits and Compliance • Current Employment: Working as Manager, Systems Operations at Fiserv • Previous Employments: Worked for multinational companies including Oracle, Fujitsu/Rapidigm and Tata Consultancy Services • Professional Certifications: CISSP, CISM, CISA • President for (ISC)2 Silicon Valley Chapter for 2013 and current Advisor for the board
Manager of Cloud Security and Compliance, Autodesk
Anmol Misra is an author and a security professional with a wide range of experience in the field of information security. His expertise includes mobile and application security, vulnerability management, application and infrastructure security assessments, and security code reviews. He is Manager of Cloud Security and Compliance at Autodesk. Prior to joining Autodesk, he was program manager in Cisco's Information Security Group. At Cisco he was responsible for developing and implementing security strategy and programs to drive security into all aspects of Cisco's hosted products. Prior to joining Cisco, Anmol was a senior consultant with Ernst & Young LLP. In his role, he advised Fortune 500 clients on defining and improving information security programs and practices. He helped corporations to reduce security risk and achieve regulatory compliance by improving their security posture. Anmol is co-author of Android Security: Attacks and Defenses, Core Software Security: Security at the Source and is a contributing author of Defending the Cloud: Waging War in Cyberspace. He holds a master's degree in Information Networking from Carnegie Mellon University and a Bachelor of Engineering degree in Computer Engineering. He is based out of San Francisco, California.
CISO at Informatica
Bill Burns is the Chief Information Security Officer for Informatica, where his teams are responsible for the security and compliance of Informatica’s corporate ecosystem and cloud services. Previously Bill worked at Scale Venture Partners to define their information security investment strategy, resulting in their first Infosec investment in several years. As Director of Information Security at Netflix, Bill's teams helped transitioned their corporate and production systems to be all-cloud and supported Netflix's expansion from a US company to 41-country international business, with 2x revenue and subscriber growth. They helped Netflix take smart risks by emphasizing automation, technical innovation and building strong internal and vendor partnerships. His teams designed and ran virtualized PCI infrastructure before "virtualization" was a word in PCI-DSS, developed the first Amazon's CloudHSM to protect sensitive keys in IaaS, and deployed one of the largest hybrid cloud WAF networks. Bill's been granted one computer security patent, with another pending. He is an active advisor to several security startups, and is member of the RSA Conference Program Committee, ISSA CISO Forum Advisory Committee and ISSA CISO Career Lifecycle Committees. Bill has 20 years of experience in security, specializing in cryptography and communications, and graduated from Michigan Technological University with electrical engineering and business degrees. Bill's teams have designed and deployed publicly-trusted, WebTrust-certified Root CAs; piloted NFC-powered physical access control systems, automated 3rd-party partner risk assessments, measurably reduced employee phishing susceptibility, built and ran numerous other impactful security & risk-reduction programs.
Principal Scientist, SRI International
Peter G. Neumann has doctorates from Harvard and Darmstadt. After 10 years at Bell Labs in Murray Hill, New Jersey, in the 1960s, during which he was heavily involved in the Multics development jointly with MIT and Honeywell, he has been in SRI's Computer Science Lab since September 1971 -- where he is a Senior Principal Scientist. He is concerned with computer systems and networks, trustworthiness/dependability, high assurance, security, reliability, survivability, safety, and many risks-related issues such as election-system integrity, crypto applications and policies, health care, social implications, and human needs -- especially those including privacy. He is currently PI on two DARPA projects: clean-slate trustworthy hosts for the CRASH program with new hardware and new software, and clean-slate networking for the Mission-oriented Resilient Clouds program. He moderates the ACM Risks Forum (http://www.risks.org), has been reponsible for CACM's Inside Risks columns monthly from 1990 to 2007, tri-annually since then, chairs the ACM Committee on Computers and Public Policy. He created ACM SIGSOFT's Software Engineering Notes in 1976, was its editor for 19 years, and still contributes the RISKS section. He was on the editorial board of IEEE Security and Privacy until February 2014, and is taking a break from that, as just one volunteer obligation too many. He has participated in four studies for the National Academies of Science: Multilevel Data Management Security (1982), Computers at Risk (1991), Cryptography's Role in Securing the Information Society (1996), and Improving Cybersecurity for the 21st Century: Rationalizing the Agenda (2007). His 1995 book, Computer-Related Risks, is still timely. He is a Fellow of the ACM, IEEE, and AAAS, and is also an SRI Fellow.
Gordon Shevlin brings more than 25 years of technical, sales, marketing and management experience in the technology sector. Gordon is currently Chief Executive Officer and partial owner of Allgress, Inc. His previous position as Executive Vice President of FishNet Security resulted from his partial ownership and position as EVP of Sales with Siegeworks. During his tenure at SiegeWorks, he grew the company from 3 employees to 120 employees, with a West Coast and International presence and led its successful acquisition by FishNet. Previously Gordon has held positions with both Nokia and ODS. Additionally, Gordon has served multiple roles with ISSA including President and Vice President of Silicon Valley Chapter as well as CFO of ISSA International. He has held board positions for 3 consecutive terms. With his breadth of knowledge of the security industry, Gordon has been invited to serve on the advisory boards of 12 of the leading information security companies.
ISO, County of San Mateo
Under the general direction of the CIO, Stormy is responsible for the development and delivery of a comprehensive information security program for the County. She acts as a focus and resource for information security matters, and coordinates the development of information security policies, standards and procedures. Additionally, she investigates and recommends appropriate corrective actions for IT security incidents, and coordinates the development and delivery of IT security education and training information. Stormy also serves as the County's HIPAA Security Officer, and as the current Vice-Chair of the CCISDA Information Security Forum.
DISO, Contra Costa County Health Services
Patrick Wilson has served the Contra Costa County for over ten years, currently as the Department Information Security Officer for the 3500 employee Health Services department. Patrick has worked in technology for the better part of two decades, also serving as the CTO of IT Surgeons and the Director of IT for Finisar.
Joan Pepin is VP of Security/CISO at Sumo Logic, the next generation machine data intelligence company. Joan has more than 17 years experience in information security in a variety of industries, including healthcare, manufacturing, defense, ISPs and MSSPs. Her experience spans technical, operational and management level of security, allowing her to bring highly technical research expertise to her role in security management, marketing and strategy. A recognized expert in security policy and lifecycle management, Joan is the inventor of SecureWorks’ Anomaly Detection Engine and Event Linking technologies. She was a keynote speaker at 2008 Forrester Security Summit and presenter at 2008 Gartner Security Summit CSO Series.