Program Committee

Jeff Bardin has worked in leadership positions at organizations such as EMC, Investors Bank & Trust, Hanover Insurance Group, General Electric, Lockheed Martin, and Marriott International. Bardin is currently the Chief Security Strategist for XA Systems. He recently published his first book entitled "The Illusion of Due Diligence" and has published several articles and blogs on cyber security and cyber jihad. In 2007 Bardin received the Conference award for Excellence in the Field of Security Practices and his team won the 2007 SC Magazine Award - Best Security Team award. He has BA in Special Studies Middle East Studies & Arabic Language from Trinity College as well as a MS in Information Assurance from Norwich University. He also holds the CISSP, CISM and NSAIAM certifications.

Bill Burns is currently the Manager of Information Security and a Security Architect for Netflix Inc., where he oversees compliance and security operations for Netflix's global entertainment service. He established Netflix's Security Incident Response program, implemented a PCI controls framework, and is currently researching trusted infrastructure in the public Cloud. He has 18 years of industry experience within security and IT operations; specializing in cryptography and public key infrastructure. He serves as a member of the RSA Security Conference Program Committee and CISO Executive Forum, and has advised several security startups. Burns also volunteers with Santa Clara County Office of Emergency Services where he trains responders to provide coordinated emergency communications during events and natural disasters. He is a graduate of Michigan Technological University, with Electrical Engineering and Business degrees.

Vanessa Candela is Senior Corporate Counsel for EMC Corporation, with a primary focus on mergers & acquisitions, strategic investments and other corporate transactions. Since joining EMC in 2007, Candela has been lead counsel for EMC on more than $1 billion in acquisitions and strategic investments and has counseled EMC in a variety of other business matters. More recently, Candela has focused her time on supporting RSA, The Security Division of EMC, as senior counsel on various strategic transactions and general corporate matters. Before joining EMC, Candela was a senior associate at Foley Hoag LLP in Boston where she counseled a variety of public and private clients on a broad range of transactions including mergers and acquisitions, financings and strategic investments and other general business matters. Candela is a graduate of Boston College and Northeastern University School of Law.

Rich Canning has been the Android Security Lead at Google since 2007. His research and professional experience includes mobile and web security, with a special interest in mobile malware analysis. He co-authored Hacking Exposed: Web 2.0 Security Secrets and Solutions.

Dawn Cappelli, CISSP, is Technical Manager of CERT´s Enterprise Threat & Vulnerability Management team and the Insider Threat Center at CERT, in Carnegie Mellon´s Software Engineering Institute. Her team assists organizations in improving their security posture and incident response capability by researching threat areas; developing assessment methods; and providing information for preventing, detecting, and responding to illicit activity. Cappelli focus has been insider threats since 2001, including threat analysis and modeling; assessments; and insider threat workshops. She has 30 years´ experience in software engineering, technical project management, and information security. Before joining CMU in 1988 she worked for Westinghouse as a software engineer developing nuclear power systems.

Asheem Chandra has helped create and grow multiple technology businesses and product lines to market-leading positions - both as a former operating executive and as a venture capitalist at Greylock. As a company board director, he works closely and supportively with founders and management teams to help create and grow "category-leading" companies that provide customers with highly-differentiated product capabilities and superior business value.

Chandra joined Greylock from Check Point Software, where he was vice-president of business development and product management. During his 6+ year tenure, Check Point grew from $10M to $500M+ in annual revenues. Chandra founded the business development and product management organizations, led corporate marketing during high growth years and directed Check Point's product/business strategy, product management and industry partnerships. Chandra is also credited with creating, growing and leading Check Point's OPSEC Alliance into the largest and most successful security partner program in the IT industry. Prior to Check Point, Chandra was vice-president of marketing with CoroNet Systems (a venture-backed startup acquired by Compuware), where he helped create and define a new product category for application-aware network monitoring. Previously, Chandra held strategic marketing and product line positions with SynOptics/Bay Networks and AT&T Bell Laboratories. During his 3+ year tenure at SynOptics/Bay, the company grew from $175M to $900M+ in annual revenues. At AT&T Bell Labs, he represented AT&T at IETF standards committees for TCP/IP management protocols.

Chandra is a charter member of TiE Silicon Valley. He is on the panel of judges for the Wall Street Journal Global Technology Innovation Awards, is on the advisory board and program committee for RSA Conference and is part of the VC program at DeVenCI (Defense Venture Capital Initiative).

Born and raised in India, Chandra holds B.S. and M.S. degrees in electrical and computer engineering from Case Western Reserve University.

Blog/Twitter:

• http://twitter.com/#!/chandna

Sam Curry is Chief Technology Officer, for the IMP Business Unit at RSA. He has more than 19 years of experience in security. He has also been a cryptographer and researcher and is regularly published in security. Prior to his current role, he was VP of Product Management where he led the strategic direction for all RSA solutions. Prior to joining RSA, Curry was VP of Product Management and Marketing for a broad information security management portfolio at CA. Previously, He was also Chief Security Architect and led Product Marketing and Product Management at McAfee. Earlier, he was a founder of one and a first employee in another successful technology company. Curry holds degrees in English from the University of Massachusetts and Physics from Mount Allison University.

Denny Dean directs Corporate Information Security Services at The Hanover Insurance Group. He has over 20 years´ experience facing the challenges of IT governance and delivering information security solutions to industry leading entities including the United States Air Force, Harvard University, Lucent Technologies, AON, Bank of America, and Staples. Dean is a co-recipient of the "Security Team of the Year" award issued by SC Magazine. His credentials include the CISM, CISSP, CISA and ITIL/F certifications.

Mike is the Founder & CEO of Delphiis, located in San Clemente California. He has worked with countless leading public, private, and government organizations around the world in the domain of information security and technology. He is a co-author of The CISO Handbook: A Practical Guide To Securing Your Company and CISO Soft Skills: Securing Organizations Impaired by Employee Politics, Apathy, and Intolerant Perspectives.

Dan Houser is the Security & Identity Architect for Cardinal Health, a $100Billion healthcare firm. Houser provides enterprise security & identity strategy development, project & program guidance, and leads various strategic initiatives. His direct experience in the world of security and identity includes principle security architect for both the first commercial SAML federation implementation and first 3-way SAML federation in the world. He has lead myriad core security services and identity projects in Fortune 500 healthcare, banking, higher education and finance organizations. Houser holds the CISSP-ISSAP, CISM, CISA, CGEIT and DTM designations. Houser is a published author, internationally-known speaker and Board member of the (ISC)².

Todd Inskeep has more than 20 years of experience in information security and Internet customer experience ranging from secure radio and desktop systems to security architecture and eCommerce strategy at Bank of America. He has filed multiple patent applications, and spent time as an Executive-in-Residence at the MIT Media Lab's Center for Future Banking under Bank of America's sponsorship. Before joining Bank of America, Inskeep spent several years on radio and desktop security systems in the Information Security group of the National Security Agency (NSA) in Fort Meade, Maryland.

Active in the information security community, Inskeep taught security and risk management classes at the University of North Carolina at Charlotte's NSA-Designated Center of Excellence in Information Assurance from 2003 to 2009. He is a Certified Information Systems Security Professional from the International Information Systems Security Certification Consortium, Inc. (ISC) and is a member of the Institute of Electronic and Electrical Engineers (IEEE). He has served on the annual RSA Information Security Conference Program Committee since 2002.

Inskeep earned a Bachelor of Science degree in electrical engineering from West Virginia University in Morgantown, WV. He also earned a master's degree in strategic intelligence/signals intelligence from the Joint Military Intelligence College in Washington, D.C.

Blog/Twitter:

• http://twitter.com/#!/Todd_Inskeep

As Chief Information Security Officer for the State of Nevada, Christopher Ipsen is responsible for the security oversight of the state´s enterprise data and network infrastructure. Ipsen chairs the Nevada State IT Security Committee, is a technical representative for the Nevada State Fusion Center, and is a member of both the Nevada Technological Crime Advisory Board and the Multi State Information Sharing Advisory Council (MS-ISAC). As a member of the National Association of State Chief Information Officers (NASCIO) Security and Privacy Committee, Ipsen has contributed to numerous white papers on data security, data governance and government transformation.

Andrew Jaquith brings 20 years of IT and information security experience to Perimeter, most recently as a senior analyst with Forrester Research. At Forrester, Jaquith led team coverage for data, endpoint and mobile security topics. He wrote 20 popular reports on data leak prevention, encryption, endpoint security, mobile security and vendor M&A. He consulted with and assisted 300 enterprise and vendor customers annually with vendor selection, compliance, strategy and effective practices.
Prior to Forrester, he was program manager in Yankee Group's enabling technologies enterprise group. Before joining Yankee Group, he cofounded @stake, a security consulting pioneer, which Symantec acquired in 2004.

Jeff Jones is a 24-year security industry professional that has spent the last several years at Microsoft helping drive security and privacy progress as part of the Trustworthy Computing group. In this role, Jones draws upon his security experience to work with enterprise CSOs and Microsoft's internal security teams to drive practical and measurable security improvements into Microsoft process and products. Prior to Microsoft, Jones was the Vice President of Product Management for security products at Network Associates where his responsibilities included PGP, Gauntlet and Cybercop products, and several improvements in the McAfee product line. These latest positions cap a career focused on security, managing risk, building custom firewalls and being involved in Darpa security research projects while part of Trusted Information Systems. Jones is a frequent global speaker and writer on security topics ranging from the very technical to more high level, CxO-focused topics such as Security TCO and metrics. Jones is also a contributor the Microsoft Security Blog (http://blogs.technet.com/security) and writes on a wide range of personal interests (e.g. books, poker, gaming) at http://securityjones.com.

Benjamin Jun oversees the technology and services groups at Cryptography Research. He has developed many widely deployed systems for the protection of financial transactions, pay television, and consumer products. Jun specializes in secure commercial systems, concentrating in technologies for tamper resistance, transaction security, content protection, and anti-cloning.

Jun's engineering efforts have enabled recovery from sophisticated piracy and fraud attacks. He has worked on teams that discovered Differential Power Analysis, fielded the DES Keysearch Machine, and developed technologies deployed in billions of devices worldwide. His team bridges the gap between cutting-edge security research and fielded commercial products, and Jun regularly speaks on tamper resistance and other security topics.

Jun currently serves on the Board of Advisors of the RSA Conference. Before joining Cryptography Research, Jun worked at IDEO Product Development, Bain & Company, and the Institute for Defense Analysis. He holds a bachelor's and a master's degree in electrical engineering from Stanford University where he was an NSF Graduate Fellow and a Mayfield Entrepreneurship Fellow.

As the Information Security Officer for Interest Rate Derivatives & Principal Investments Group, Mike Kearn is responsible for proactively managing risk as it pertains to reputation, regulatory, and overall operational risk. He is also accountable for the management of privacy risk as it relates to technology. Kearn brings more than eleven years of varied experience in Information Technology to his current role. Prior to joining the firm in 2005, he held several other positions with Wells Fargo & Company, including roles as an IT Auditor, Application Developer and Application Architect. Prior to joining Wells Fargo & Company in 2002, Kearn held various roles with US Bancorp Institutional Trust Operations.

Kearn graduated from Hamline University in St. Paul, Minn. with a bachelor´s degree in International Economics. He is a Certified Information Systems Security Professional (CISSP) and holds the Information Assessment Methodology (IAM) certification issued by the United States Department of Defense National Security Agency (NSA).

Kearn has been a featured panelist at events such as the CIO Finance Summit, CSO Magazine events, and the Minneapolis CISO Executive Summit. He has also provided keynote presentations for events such as the SC Magazine eSymposium on Mobile Device Security. In addition, he has been a featured speaker for the Institute for Applied Network Security (IANS) conferences and is a former member of their Technology Advisory Council (TAC). Kearn is an active member of the Minneapolis chapter of InfraGard and is also the Chairman and the Cyber Security lead for the group´s Intelligence Committee. He is also a graduate of the FBI Citizens' Academy and is an active member in the FBI Citizens' Academy Alumni Association.
Finally, Kearn has been a featured speaker to government agencies, including law enforcement and military personnel, on various information security topics.

Shannon Kellogg is Senior Director, Government Affairs and Public Policy at EMC Corporation, a global leader in enabling businesses and service providers to transform their operations and deliver IT as a service. In this role, Kellogg serves as head of EMC’s Washington, DC government affairs office and as the company’s public policy lead on cloud computing, cyber security, federal procurement, and tax issues. Prior to EMC's September 2006 acquisition of RSA Security, he was Director of Government & Industry Affairs at RSA. Before joining EMC and RSA, Kellogg served as Vice President at the Information Technology Association of America and as Executive Director of the Global Internet Project as well as Director of Global Security Policy at the Business Software Alliance. From February 2004 to February 2011, Kellogg served as a founding Member of the Board of Directors of the National Cyber Security Alliance (www.staysafeonline.org), a national public-private partnership to educate users on information security practices, including as Board Chairman in 2010. He also served as a Commissioner on the CSIS Commission for Cyber Security in the 44th Presidency which issued its recommendations in December 2008 (http://csis.org/program/commission-cybersecurity-44th-presidency). Kellogg received his M.A. from George Mason University -- School of Public Policy, in Fairfax, Virginia.

James Andrew Lewis is a senior fellow and Program Director at the Center for Strategic and International Studies, where he writes on technology, security and the international economy. Before joining CSIS, he served at the Departments of State and Commerce as a Foreign Service Officer and as a member of the Senior Executive Service. Lewis has authored more than seventy publications since coming to CSIS and was the Director of CSIS´s Commission on Cybersecurity for the 44th Presidency, whose report has been downloaded more than 50,000 times. Lewis was also the Rapporteur for the UN's 2010 Group of Government Experts on Information Security. Lewis received a Ph.D. from the University of Chicago; his current research involves the internet, innovation; and strategic competition.

Gary McGraw is the CTO of software security firm Cigital. He is a world authority on software security and the author of best-selling books, including Java Security, Software Security, and Exploiting Online Games. McGraw has also written over 100 peer-reviewed scientific papers, authors a column for informIT, and produces the Silver Bullet Security Podcast for IEEE S&P magazine.

Charlie Miller is Principal Research Consultant at Accuvant Labs. He was the first with a public remote exploit for both the iPhone and the G1 Android phone. He won the CanSecWest Pwn2Own competition for the last four years. Miller has authored two information security books and holds a PhD from the University of Notre Dame.

Andrew Nash is Director of Identity Products at Google and a board member of the Open Identity Exchange. Formerly he was Director of Identity Services at PayPal and was CTO at Sonoa Systems and Reactivity working on XML and Web Services appliances. As Director of Technologies at RSA Security, Nash worked on a wide range of identity systems. He is a known leader in PKI and Web-Services markets, has co-authored numerous Web Services security specifications and is author of a book on Public Key Infrastructure.

Lee Parrish is the VP & CISO for Parsons Corporation. Mr. Parrish possesses more than 20 years of experience in both physical and information security. He is board certified in information security as a CISSP, CISM and holds the GISP and ITIL certifications. He has published multiple articles in recognized, international information security professional journals and has spoken at industry events such as RSA Conference 2010, RSA Conference 2011, and the 2008 USMC Information Assurance Conference. Mr. Parrish´s academic credentials include a master´s of business administration from the University of Arkansas, as well as a master´s of science in information assurance from Norwich University.

Justin Peavey is the Chief Information Security Officer for Omgeo LLC, a market leader providing technology services helping the global financial community mitigate operational and counterparty risk. Prior to joining Omgeo, Peavey was a VP at State Street Bank leading initiatives on security architecture, enterprise security program development and application security. Peavey has been working in the information security field for nearly 20 years for the finance and defense industries with such companies as Lockheed Martin, Pratt & Whitney, Fidelity Investments, John Hancock, Rational Software, IBM and RSA Security. Peavey background is in security program development, security architecture, software development, identity management, and service delivery management.

Jonathan Penn is responsible for spurring growth and adoption at AVAST by guiding the technology evolution of the company, including market opportunity assessment, partner strategy development, partnership or acquisition target selection as well as outreach to the media, analysts, and the user community. Formerly he was Vice President and Principal Analyst at Forrester Research, covering the IT security market. Over the past fifteen years, he has written and spoken extensively on security in many business and IT venues, focusing on trends, innovations, and challenges in security solutions and practices.

Nils Puhlmann leads Zynga's converged security department, managing all security risks for the company and chairing the Security Risk Committee. He oversees the company's security disciplines of product & application security, security engineering & architecture, investigations & incident response, security intelligence & threat assessments, physical security, security compliance & audit.

Nils is also a Co-Founder and member of the Board of the Cloud Security Alliance, a community of over 14,000 security professionals with the goal to promote the use of best practices for providing security assurance within Cloud Computing. The Alliance also educates on the uses of Cloud Computing to help secure all other forms of computing.

Randy V. Sabett, CISSP, is an attorney in the Washington, D.C. office of ZwillGen PLLC. Sabett counsels clients on data security, privacy, IT licensing, and patents, dealing with such issues as Public Key Infrastructure (PKI), electronic signatures, federated identity, state and federal data protection laws, identity theft and security breaches. He is a co-author of the 2010 Jurimetrics article "The Third-Party Assurance Model: A Legal Framework for Federated Identity Management." He served as a Commissioner for the Commission on Cyber Security for the 44th Presidency. He also helps companies develop strategies to protect their intellectual property, including drafting and negotiating a wide variety of technology transaction agreements.

As the Chief Security Officer of Heartland Payment Systems, John South leads the security programs of the corporation which encompass the protection of sensitive data through risk and threat modeling and compliance with internal as well as industry and regulatory requirements. South is Heartland´s liaison with security professionals in the Financial Services Information Security and Analysis Center (FS-ISAC), where he is also a member of the Threat Intelligence Committee and the Payments Processing Information Sharing Council (PPISC).

Prior to joining Heartland in September 2009, South held leadership roles in information security for Convergys (Intervoice) and Alcatel–Lucent. He spent several years in Belgium and Paris leading Alcatel´s European information security operations.

South is an adjunct professor at the University of Dallas where he teaches digital forensics. He co-founded with Dr. John Nugent the university´s Information Assurance Program – which focuses on corporate security and risk management. The program has been designated a National Security Agency Center of Excellence since its inception.

South has been an active participant with the United States Secret Service North Texas Electronic Crimes Task Force since its inception in 2003. In addition, he is the founding president of the Federal Bureau of Investigation´s North Texas InfraGard Program. South is also a member of the High Technology Crime Investigators Association, the Information Systems Security Association and the Information Systems Audit and Control Association. He holds the CISSP and CISA designations as well as being certified as an Information Technology Infrastructure Library (ITIL) Service Manager.

Jon Stanley is a graduate of University of Maine Law School as well as a graduate of the Strathclyde Law School, UK, where he received a Masters of Law in Information Technology and Telecommunications Law. He founded the Law Firm of Jon Stanley in 1997. His Masters Dissertation was on civil remedies and the United States Computer Fraud and Abuse Act. His practice focus includes, among other areas: regulatory concerns for business entities, information security, privacy, cybercrime, cyberspace insurance, and intellectual property, issues.

In the Program Committee role, Dr. Hugh Thompson is responsible for identifying domestic and global trends within the ever-changing security landscape to help set the agenda for both the Europe and U.S. Conferences. He also plays a direct role in the selection of session topics and speakers while looking at new ways to architect educational programming.

A world-renown application security expert, Thompson is also an Adjunct Professor of Computer Science at Columbia University; Graduate Faculty member in Applied Mathematics at Florida Institute of Technology; Advisory Board member for the Anti-Malware Testing Standards Organization; and Chief Security Strategist at People Security (www.peoplesecurity.com).