LTC Ernest Wong
Chief of Staff
Army Cyber Institute (ACI)
Lieutenant Colonel Ernest Y. Wong is a Military Intelligence Officer in the U.S. Army who is the Chief of Staff at the Army Cyber Institute and as an Assistant Professor with the Department of Systems Engineering at West Point. He graduated from the United States Military Academy with a B.S. in economics, and he holds a M.S. in management science and engineering from Stanford University, a M.A. in education from Stanford University, and a Master of Military Science from the Mubarak al-Abdullah Joint Command and Staff College in Kuwait. He had the opportunity to work as a NASA Summer Faculty Fellow and has served in overseas deployments to Iraq, Kuwait, and the Republic of Korea. His research interests include disruptive innovations, cyber resiliency, and the application of systems engineering tools for resolving complex real-world problems.
Principal Information Security Officer, Community Brands
Since 1994, Joshua Hiller has been a professional software developer and security analyst, working as a private contractor, team member, and team leader. Specializing in automation, integration, penetration auditing and forensics, Josh has over 15 years of experience working in the non-profit industry in roles such as application developer, department director, and vice president.
A married father of three girls, Josh’s interests include; art, comic books, fantasy, science (and science fiction), application and network security, software development and tropical fish. If left alone for long periods of time around new software or technology, Josh is highly likely to take it apart to try and figure out how it works. At random, infrequent intervals, Josh likes to create games out of interesting puzzles he’s encountered.
Shevirah founder and CTO Georgia Weidman is a serial entrepreneur, penetration tester, security researcher, speaker, trainer, and author. She holds a MS in computer science as well as holding CISSP, CEH, and OSCP certifications. Her work in the field of smartphone exploitation has been featured internationally in print and on television. She has presented or conducted training around the world including venues such as NSA, West Point, and Black Hat. Georgia founded Bulb Security LLC, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security culminating in the release of the open source project the Smartphone Pentest Framework (SPF). She founded Shevirah Inc. to create product solutions for assessing and managing the risk of mobile devices in the enterprise and testing the effectiveness of enterprise mobility management solutions and is a graduate of the Mach37 cybersecurity accelerator. She is the author of Penetration Testing: A Hands-On Introduction to Hacking from No Starch Press. She was the recipient of the 2015 Women’s Society of CyberJutsu Pentest Ninja award. She is on the board of advisors of the angel backed security training startup Cybrary and the nonprofit Digital Citizens Alliance and is a member of the CyberWatch Center’s National Visiting Committee.
Master of Science in Cybersecurity Intelligence & Forensics Investigation (UTICA College), CISSP, E|CEH, E|CSA, CompTIA CSA+, CASP, CyberSec First Responder, CompTIA Security+, CompTIA Cloud Essentials Certified, CompTIA Network+, CompTIA Mobility+, MCSE, MCTS and MBA. Currently Yuri works for Microsoft as Senior Content Developer for the Enterprise Mobility and Azure Security Team. Yuri is also a Professor for the Master of Security Science course at EC-Council University. Yuri is co-author of more than ten books published by Microsoft Press, Syngress, and Novaterra (in Brazil). Yuri is an ISSA Senior Member (Fort Worth, TX Chapter) and writer for the ISSA Journal. You can follow Yuri on Twitter @yuridiogenes.
Founder & CEO, PeopleSec
Joshua is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better “human solution” — This led him identify key mistakes commonly made in security awareness training programs and answer the question of how “patch stupid.”
Founder, The Security Awareness Company.
Winn Schwartau thinks asymmetrically and has been “Security” for almost 30 years. As he puts it, “I’ve been in security for about 30 years and I think, maybe, I’m just starting to understand it.” If you want originality in thought, writing, presentations or any aspect of Security, call Winn. In addition to being called, “The Civilian Architect of Information Warfare,” he is one of the country’s most sought after experts on information security, infrastructure protection and electronic privacy
Regarded as one of the world’s foremost experts on counter threat intelligence within the Information security industry, Chris Roberts constructs and directs a portfolio of defense services designed to improve the physical and digital security posture of both enterprise and government clients. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data and other protected information from attack.
Aamir Lakhani is a leading security architect and runs the popular security blog Dr. Chaos at www.DrChaos.com. He is responsible to provide IT security solutions to major commercial and federal enterprise organizations. Lakhani has designed offensive counter defense measures for defense and intelligence agencies, and has assisted organizations in defending themselves from active strike back attacks perpetrated by underground cyber groups. Lakhani is considered an industry leader in support of detailed architectural engagements and projects on topics related to cyber defense, mobile application threats, malware and Advanced Persistent Threat (APT) research, and Dark Security.
CISSP-ISSMP, GSNA, GCIH
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe is an Enterprise Security Consultant at Sword and Shield Enterprise Security in Knoxville, TN. Joe also maintains his own Blog and Podcast called Advanced Persistent Security. In his spare time, Joe enjoys reading news relevant to information security, attending information security conferences, contributing blogs to various outlets, bass fishing, and flying his drone.
Research Lead (IoT) for Rapid7
Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
Senior Security Researcher, Malware Reverse Engineering Trainer at Fortinet
He is a Senior Security Researcher/Team Lead at Fortinet. He is also the Lead Trainer responsible for training the junior AV/IPS analysts in malware analysis and reverse engineering.
He has presented in different conferences like BSidesVancouver, BSidesCapeBreton, OAS-First, BSidesOttawa, SecTor, DefCamp, BCAware, AtlSecCon, BSidesCalgary, TakeDownCon, MISABC, InsomniHack, ShowMeCon, CircleCityCon, and HackInParis. He is a regular contributor to the Fortinet blog and Virus Bulletin publication, where he has published 22 articles.
Dr. Catherine J. Ullman
Senior Information Security Analyst, University at Buffalo
Dr. Catherine J. Ullman began her IT career nearly 20 years ago as a Technical Support Specialist for Corel Word Perfect. After gaining valuable experience, as well as several technical certifications while working for Ingram Micro and subsequently Amherst Systems, she was offered and accepted a position at UB as a Systems Administrator in 2000 in which she provided both server and workstation support for several departments within Undergraduate Education. While she enjoyed her support role, she began to specialize in computer security and computer forensics. As a result, Cathy was often utilized by the Information Security Office to assist in the investigation of security breaches. Ultimately, she was asked to join the Information Security Office full time in 2009. In her current role as a Senior Information Security Analyst, Cathy is responsible for performing computer forensic investigative services for compliance on potentially compromised machines as well as for personnel issues. She also assists with incident management involving intrusion detection and analysis and provides security awareness training to departments on campus upon request. In her (minimal) spare time, she enjoys researching death and the dead, and learning more about hacking things.
Michael J. Masucci
Michael J. Masucci is an award winning producer, video-artist, writer, musician, curator and mediator. He also currently serves as an Arts Commissioner for the City of Santa Monica, where he chairs the Public Art Committee.
Masucci’s collaborations have been exhibited internationally, at venues such as the Museum of Modern Art (New York), the Institute of Contemporary Art (London), the American Film Institute (Los Angeles), the Autry National Center, on commercial television, as well as in festivals, galleries conferences and universities.
He is co-founder of Los Angeles’ seminal video art group EZTV ( www.eztvmedia.com ) which has received retrospectives by the American Film Institute, the University of Southern California and was included in the Getty Museum’s Pacific Standard Time. Additionally, he co-founded CyberSpace Gallery, one of the world’s first art galleries dedicated to digital art. He has presented talks at conferences whose topics range from entertainment, transhumanism, cyber-security, and technology.
His work has been profiled in a variety of media, including PBS, the Discovery Channel, the Los Angeles Times, Variety, Artweek and the Hollywood Reporter. His writings have appeared in the SIGGRAPH Journal, the Independent Film & Video Monthly, and in several books, including “CyberArts-Exploring Art & Technology” (edited by Linda Jacobsen).
Masucci has taught at the Otis College of Art & Design and has done guest lectures at a number of institutions, including Changchun Film Studios (China) UCLA, USC, CalTech, Claremont College, the University of Helsinki, San Francisco Art Institute, American Film Institute, ICA (London), Long Beach Museum of Art, the School of Visual Arts (NYC) and New School/ Parsons.
Masucci has a law degree and completed graduate level training in mediation and conflict resolution and holds certificates in film, music and graphic design.
Laura Samsó Pericón
Executive Vice President, Centurion Technologies Consulting LLC
Laura Samsó Pericón is a subject matter expert with 15+ years of civil-military international experience focused in R&D, project management, proposals preparation and business development in the Earth Observation area in concrete in the fields of Unmanned Aerial Systems (UAS) – Remote Piloted Aircrafts (RPAs), Satellite Systems, Global Navigation Satellite Systems (GNSS), Inertial Navigation Systems (INS). Her interests also range from geopolitics to intelligence technologies.
Over her career, Ms. Samsó Pericón has worked in international projects dealing with the European Space Agency (ESA), the Spanish Space Center (INTA), the Centre for Development and Industrial Technology (CDTI) between other international organizations/companies. She held different positions ranging from Researcher Assistant at the Institute of Geomatics, Systems Engineer and Technical Support Coordinator at Indra Espacio Barcelona (Spain), Senior Project Engineer, Sales Manager and Assistant to the Corporate Director at the Software & Technologies Division of Elecnor Deimos Satellite Systems (DCM)/Imaging. Since February 2017 she is also engaged with HEMAV in Spain.
She is involved in the Spanish entrepreneur environment delivering conferences and training sessions about drones in universities.
DrPH Gregory Carpenter
COO of Pragmatick IO, Inc.
Mr. Carpenter is the owner of GCE, LLC, COO of Pragmatik IO, INC., the National Security and Cyber Security Contributor at Newsl.org, on the Board of Directors of ATNA Systems, International Board of Advisors of the MacKenzie Institute and has his own radio show based on his book, Reverse Deception which is a popular curriculum book in IT and psychology departments nationwide which has been translated into four languages; Cyrillic, Arabic, Russian and Chinese. He is an adjunct professor and has been a frequent guest on Fox News, ABC and SiriusXM and travels globally to speak on his doctoral research involving in vivo bio-nanorobotic security and other technologies.
In his over 30 years of military and civil service he served in several capacities in the Infantry, Logistics, Medical Service and Military Intelligence branches. His assignments included US Strategic Command, the National Security Agency and numerous army and joint facilities.
Mr Carpenter holds a MS from Seton Hall University and a BS from Colorado Christian University and is a doctoral candidate studying bionanotechnology. He is a Certified Information Security Manager (CISM) a LEAN 6 Sigma professional, a licensed ISO 9000 Lead Auditor and has received numerous professional awards, including the prestigious National Security Agency Military Performer of the Year in 2007.
Executive Director of MINIS LLC
James Tubberville has held a number of technical positions and management roles over a 17 year career focused on system, network, application and information security. James is a former member and lead for a NSA certified Red Team and has conducted threat computer network operations, red teaming, penetration testing, and physical security assessments for a variety of commercial and government customers . He is currently Executive Director of MINIS LLC, a Cyber and Information Security consulting company specializing in red teaming, cyber threat analysis, and threat mitigation. As a security professional, James has achieved numerous information technology and security related certifications and awards.
Executive Director, The Cyber Discovery Group “Cyber Starts Here” A Charity In Cyber Education
Jon Creekmore is the Principal and Co-Founder of Veteran Cyber Solutions. Jon’s roles place him overseeing the supervision and conduct of unique security projects and initiatives which support operations benefiting both public and private organizations, as well as a safer cyberspace. Currently Jon is part of a sponsored research program for establishing a global standard for Counter Cyberintelligence (CCI) as well as CCI strategies for private organizations.
Jon’s previous roles in the public sector as part of national security and homeland defense have provided him with great opportunities to give back to the private sector as well as the profession. His security background started as a kid providing pro-bono IT and Digital Forensics support for local organizations and has covered many domains in the field over the last 15 years. Jon holds numerous industry certifications, has served as an officer for many professional organizations, and an advisor to public and private senior leadership.
Outside of work, Jon has helped to establish and improve several security conferences, big and small, and often works to find ways to bring more to the community. Jon is currently the Principal and Co-Founder of a veteran owned cybersecurity solutions company and leads up initiatives in veteran employment and professional development opportunities while also personally finishing his PhD in Information Security.
Dr. Fred Cohen
CEO of Fred Cohen & Associates
Fred Cohen is best known as the person who defined the term “computer virus” and the inventor of most of the widely used computer virus defense techniques, the principal investigator whose team defined the information assurance problem as it relates to critical infrastructure protection, as a seminal researcher in the use of deception for information protection, as a leader in advancing the science of digital forensic evidence examination, and as a top flight information protection consultant and industry analyst. But his work on information protection extends far beyond these areas.
In the 1970s he designed network protocols for secure digital networks carrying voice, video, and data; and he helped develop and prototype the electronic cashwatch for implementing personal digital money systems. In the 1980s, he developed integrity mechanisms for secure operating systems, consulted for many major corporations, taught short courses in information protection to over 10,000 students worldwide, and in 1989, he won the prestigious international Information Technology Award for his work on integrity protection. As a businessman, he was co-founder of The Radon Project, a laboratory that measured air and water samples for contaminants, and which he grew as President from 8 to 250 employees in a period of less than 2 years. In the 1990s, he developed protection testing and audit techniques and systems, secure Internet servers and systems, defensive information warfare techniques and systems, early systems using deception for information protection, and bootable CDs designed for forensics and secure server applications. All told, the protection techniques he pioneered now help to defend more than three quarters of all the computers in the world, including the core technologies used in antivirus mechanisms and trusted platform modules.
Fred has authored more than 200 invited, refereed, and other scientific and management research articles, wrote a monthly column for Network Security magazine on managing network security for 6 years starting in 1995 and continues as an Internet-based series through today nearly 20 years later, and has written several widely read books on information protection. His series of “Infosec Baseline” studies have been widely used by the research community as stepping off points for further research, his “50 Ways” series is very popular among practitioners looking for issues to be addressed, and his “Deception for Protection” series of papers is widely cited. His “Chief Information Security Officers ToolKit” series of books and booklets have been used by leading security practitioners around the globe, while his “Frauds Spies and Lies and How to Defeat Them” book has been the subject of radio talk shows, and his “World War 3 … Information Warfare Basics” was highly regarded among the thinkers in this arena. His most recent books have focused on “Enterprise Information Protection Architecture”, “Challenges to Digital Forensic Evidence”, and “Digital Forensic Evidence Examination” and are used in graduate classes and other venues around the globe.
As a corporate consultant and industry analyst Fred has helped advise hundreds of the world’s largest enterprises on security and risk management strategy and their information protection programs. As a consultant to and researcher for the U.S. government he was the principal investigator on seminal studies in defensive information operations, he was the principal investigator on the national information security technical baseline series of reports, founded the College Cyber Defenders program at Sandia National Laboratories that ultimately led to the formation of the CyberCorps program, and led projects ranging from ‘Resilience’ to ‘The Invisible Router’. He has also worked in critical infrastructure protection, with law enforcement, and with the intelligence community to help improve their ability to deal with computer related crime and emerging threats to national security. He has worked on issues of digital forensics, including work for many large corporations, testimony in federal and state criminal and civil matters, and pro bono and state-funded work for indigent defendants, and in 2002, he won the “Techno-Security Industry Professional of the Year” Award. In 2009, he was named the “most famous hacker” of all time by ABC news, although they associated his work with some of the more infamous computer attackers, and failed to notice the difference between security expertise and people who commit computer crimes.
Fred has participated in and created numerous strategic scenario games. He devised and ran the first Internet-based strategic information warfare wargame and held several initial trial Internet-based games involving national defense and corporate personnel. In 1998, he introduced the Internet Game for information security policy development, training, and awareness in corporate, educational, and government environments, and followed this up with the Sexual Harassment Game which helps train employees on sexual harassment policies and processes. His introduction of several security games and simulations to the Internet are excellent examples of the work he has done in this area. He has also developed several strategic scenarios for government and private use and operated strategic scenarios in university classes as a fun path to better understanding. Another area where Dr. Cohen is well known is in his use of magic tricks during presentations and in classes, particularly in deception and counter-deception classes, where these tricks are used to demonstrate cognitive errors at the heart of deception.
Patented and copyrighted technologies Dr. Cohen has produced include D-Wall, Responder and related deception technologies; the White Glove bootable linux distributions; Influence and Decider technologies for improving human decision making and justification; JDM, Security Metrics, and related tools supporting improved support for protection processes and practices; Standards of Practice for information protection, ForensiX and Forensic Fonts digital forensic evidence examination systems, the CID analysis and simulation platform for information attack and defense, the THTTPD mathematically proven secure Web server, and Advanced System Protection and Integrity Toolkit integrity protection systems.
Over the past 40 years, Fred has managed organizations and projects with as many as 250 employees. Several projects he led have resulted in new business in excess of $10 million, and one project led to a 5-year government contract with a ceiling of over $1.7 billion. He led a 35-person research team at Sandia National Laboratories for almost 5 years and produced several patents, copyrighted software programs, and publications in the process. He also, along with Tom Johnson, founded California Sciences Institute, a graduate non-profit educational institution with Masters programs in National Security and Advanced Investigations and Ph.D. programs in National Security and Digital Forensics, which has since become part of Webster University.
Today, Dr. Cohen is CEO of Fred Cohen & Associates, a firm that does research and advisory services exclusively for the US government, CEO of Management Analytics, a firm specializing in research and advisory services and litigation support for non-Federal customers, and a Senior Partner at Fearless Security, LLC, a firm specializing in examination and specification of information protection. He is also acting director of the Webster University CyberLab.
His combination of management, technical, and communication skills, allows him to effectively bridge the gap between decision makers and implementers. His involvement in and understanding of corporate, national, and global issues, provides a context that allows him to meet challenges of unlimited size and scope. With almost 40 years of experience and a global reputation for integrity, accuracy, and innovation, Fred Cohen is widely considered one of the world’s leading authorities in information protection.
CISSP, CPP, SSCP
Spencer Wilcox is the Director of Operational Technology CyberSecurity at Exelon Corporation, where he is responsible for the protection of his company’s most critical assets. He has previously been responsible for the business operations of security, including cyber and physical security risk, governance, awareness, projects, portfolio and physical and cyber strategy. After leaving law enforcement, Spencer started his career with Exelon as a forensic analyst in Constellation Energy Group in 2004, and has progressed through the security organization in a variety of positions, specializing in the last line of his job description, “Other duties as assigned.”
Spencer holds certifications in cyber and physical security from (ISC)2, ISACA, ASIS and is a former C|CISO. He proudly serves on the boards of the Cybersecurity Association of Maryland, Inc., and the Fort Meade Alliance, in addition to volunteering as a speaker on cybersecurity, telecommunications security, and crime prevention in many venues.
Security researcher, Kaspersky Lab
In Kaspersky Lab Denis Legezo are working as Security Researcher with Global Research and Analysis Team and specialized on targeted attacks research. He got his degree at cybernetics and applied mathematics facility of Moscow State University in 2002. His diploma topic was directly related to information security. Then he started his career as a programmer in different public and commercial companies. Before joining Kaspersky Lab in the beginning of 2014, he worked as a technical expert for one of the Russian system integrators. He presented his researches at RSA Conference, ATEA, MBLT Dev.
Founder and CEO CyberSN
Deidre Diamond is the Founder and CEO of the national cyber security staffing company CyberSN, and the not-for-profit organization #brainbabe (brainbabe.org), as well as a Strategic Board Member of ICMCP. Prior to founding CyberSN.com and #brainbabe, she was the CEO of Percussion Software, the first VP of Sales at Rapid7 (NYSE:RPD) and the VP of Staffing and Recruiting for the national technical staffing company Motion Recruitment. Because Diamond herself was hired as an entry-level college graduate and trained to lead technology service organizations and cyber security organizations, she believes the tech community needs to expand its awareness of what it means “to be in tech” and what it means “to be in cyber security.” Diamond desires to achieve a new way of hiring and retaining women in cyber security.
Chief Security Evangelist at Verizon
A former US. Justice Department prosecutor, Mark Rasch’s career spans more than 30 years of white collar crime and corporate and government cybersecurity, computer privacy, regulatory compliance, computer forensics and incident response. He is trained as a lawyer and, prior to joining a recognized author of more than 1,200 security- and privacy-related articles and books. He has taught courses in cybersecurity, law, policy and technology at various colleges and Universities including the University of Maryland, George Mason University, Georgetown University, and the American University School of Law and has lectured at Harvard University, Harvard Law School, Stanford Law School, UMBC, Georgetown Law School and has been active with the American Bar Association’s Privacy and Cybersecurity Committees and the Computers, Freedom and Privacy Conference.
Earlier in his career, Rasch was with the U.S. Department of Justice where he led the department’s efforts to investigate and prosecute cyber and high-technology crime, starting the computer crime unit within the Criminal Division’s Fraud Section, efforts which eventually led to the creation of the Computer Crime and Intellectual Property Section of the Criminal Division. He was responsible for various high-profile computer crime investigations and prosecutions, including Kevin Mitnick, Kevin Poulsen and Robert Tappan Morris. He helped develop the computer crime units for both the FBI and the US Secret Service, and has lectured on cybercrime at the FBI Academy at Quantico and the Federal Law Enforcement Training Center (FLETC) in Glynn County, Georgia and has testified before various Congressional committees on these issues. He is a graduate of the Baldy Center for Law and Public Policy at the State University of New York in Albany, with a J.D. degree and Ph.D. studies in Public Policy.
Mark has been a frequent commentator in the media on issues related to information security, appearing on BBC, CBC, Fox News, CNN, NBC News, ABC News, the New York Times, the Wall Street Journal and many other outlets. He currently works for a telecommunications provider, but his comments in no way reflect the opinions of his current employer which is not responsible in any way for his comments or remarks.