2009 Presentations
- Aaron Bedra - Auditing Code: Taking a Look at Taking a Look
- Angelo Mazzocco - Security at Progressive Medical, Inc.
- Ben Jun - Security at Attacking and Protecting Consumer Electronics
- Brent Huston - Corporate Honeypots: Hackers Can't Believe What They See!
- Clarke Cummings - - Securing Microsoft Office SharePoint Server
- Dwayne Edwards - Why Security Projects Fail
- Jill Knesek - Holistic Security Strategies
- Jill Knesek - Security Risk Management
- Kathleen Kiernan - "See" What is Invisible to the Untrained Eye
- Kent King - Policy as a Resource or "How You Can Get Rid of Several Binders"
- Kim Jones - The 21st Century CISO
- Rebecca Herold - Information Security, Privacy and Compliance Convergence
- Rick Howard - 2009 Cyber Threats and Trends
Speaker Information
The Central Ohio InfoSec Summit is proud to present the following lineup of speakers and topics- Aaron Bedra
- Clarke Cummings
- Whit Diffie
- Dwayne Edwards
- Patrick Gray
- Rebecca Herold
- Brent Huston
- Kim Jones
- Ben Jun
- Dr. Kathleen Kiernan
- Kent King
- Jill Knesek
- Angelo Mazzocco
- Howard Schmidt
Aaron Bedra
Aaron Bedra is a programmer for Relevance, Inc. (http://thinkrelevance.com) in Chapel Hill North Carolina. He is a member of Relevance's audit team as well as serving as a full time project developer. Aaron has worked on large and small software systems utilizing almost every major language and platform. Aaron also contributes heavily to the open source community releasing tools such as Tarantula (http://github.com/relevance/tarantula), a sql injection, xss, and fuzz testing tool, and Castronaut (http://github.com/relevance/castronaut) an implementation of the CAS single sign on and central authentication server.
Back to top
Clarke Cummings
Back to top
Whitfield Diffie
Chief Security Officer of Sun Microsystems
Whitfield Diffie, Chief Security Officer of Sun Microsystems, is Vice President and Sun Fellow and has been at Sun since 1991. As Chief Security Officer, Diffie is the chief exponent of Sun's security vision and responsible for developing Sun's strategy to achieve that vision.
Best known for his 1975 discovery of the concept of public key cryptography, Diffie spent the 1990s working primarily on the public policy aspects of cryptography and has testified several times in the Senate and House of Representatives. His position - in opposition to limitations on the business and personal use of cryptography - is the subject of the book, _Crypto_, by Steven Levy of Newsweek. Diffie and Susan Landau are joint authors of the book Privacy on the Line, which examines the politics of wiretapping and encryption and won the Donald McGannon Award for Social and Ethical Relevance in Communications Policy Research and the IEEE-USA award for Distinguished Literary Contributions Furthering Public Understanding of the Profession.
Diffie is a fellow of the Marconi Foundation and is the recipient of awards from a number of organizations, including IEEE, The Electronic Frontiers Foundation, NIST, NSA, the Franklin Institute and ACM.
Prior to assuming his present position in 1991, Diffie was Manager of Secure Systems Research for Northern Telecom, where he designed the key management architecture for NT's PDSO security system for X.25 packet networks.
Diffie received a Bachelor of Science degree in mathematics from the Massachusetts Institute of Technology in 1965, and was awarded a Doctorate in Technical Sciences (Honoris Causa) by the Swiss Federal Institute of Technology in 1992.
Back to top
Dwayne Edwards
Dwayne Edwards has 18 years of experience in the IT industry as a software developer, network administrator, engineer and security consultant. In his current position, Dwayne speaks extensively on security and works closely with the issues and problems facing security professionals. In pursuit of community education, Dwayne and Mike Radigan created Dwayne’s World to educate and entertain on business issues surrounding security. DW produced the PCI Ultimatum – Security Data Thriller in 2007. Dwayne has a B.S in Computer Science from Kent State University, holds various security certifications and clearances and is currently working on his Masters Degree in Information Security EngineeringBack to top
Patrick Gray
Patrick Gray joined Cisco Systems as its Senior Security Strategist after serving as the Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also comes to Cisco Systems after twenty years of service with the Federal Bureau of Investigation. Upon his retirement from the FBI in November 2001, he joined Internet Security Systems and created the X-Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X-Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first-hand knowledge of the hacking community, its aims and methodologies as they attack government, ecommerce, energy and financial entities relentlessly.
Prior to joining Internet Security Systems, Gray served as a Special Agent with the Federal Bureau of Investigation for twenty years and has served in Baltimore, Maryland, Daytona Beach, Florida, Washington, D.C. and Atlanta, Georgia. Gray was also assigned as a Supervisory Special Agent at FBI Headquarters, Washington, D.C. in the Intelligence Division where he was responsible for global counterintelligence investigations. While serving in the Washington, D.C. area, Gray was seconded to the National Security Agency where he was responsible for an FBI group that provided operational support to the Intelligence Community.
He was transferred to Atlanta in 1988 to assume Supervisory Duties for the FBI’s Drug and Violent Gang Program in Georgia. In 1994, he assumed the duties as the Supervisor of the Technical Services Squad and served as the Acting Assistant Special Agent in Charge of the FBI in Georgia in 1996 and 1997 during the time of the spree of terrorist bombings at Centennial Olympic Park and two subsequent bombings at two women’s clinics in Alabama and Georgia.
Gray was assigned as Supervisor of the Special Operations Group in 1994 which ultimately morphed into one of the FBI’s first regional Cyber Crime Squads; and was a member of the FBI’s elite Computer Assistance Response Team as a Forensic Examiner. He has investigated cases involving financial institutions, government agencies, commercial businesses and colleges and universities. He was also assigned to the investigation of the September 11 attacks. He was the Coordinator of the Atlanta Chapter of InfraGard, an alliance between the public and private sectors for the sharing of information regarding technology security issues. He grew the Atlanta Chapter of InfraGard into the largest chapter nationally. He continues to work closely with the FBI, other U.S. Government agencies, the Department of Homeland Security and the White House.
Gray is also a board certified Homeland Security professional by the American College of Forensic Examiners International; is a member of the Association of Certified Fraud Examiners; the Information Systems Audit and Control Association; InfraGard Atlanta; the Atlanta Chapter of the Information Systems Security Association, and the International Information Systems Forensic Association. He has lectured at Colleges and Universities around the country. He has spoken at numerous technology events around the world to include Gartner Sector 5, Networld Interop, the IT World Congress, CIO Summit, GE Access, Forbes and others. He has been quoted in numerous newspapers, magazine articles and periodicals and makes regular cable television appearances.
Gray is a former Marine having served in Vietnam.
Back to top
Rebecca Herold
Rebecca Herold, CIPP, CISSP, CISM, CISA, FLMI, is an information privacy, security and compliance consultant, author and instructor who has provided assistance, advice, services, tools and products to organizations in a wide range of industries during the past two decades.
Rebecca was named one of the “Best Privacy Advisers” in two of three categories by Computerworld magazine in 2007 and 2008. In 2008 Rebecca’s blog was named one of the “Top 50 Internet Security Blogs” by the Daily Netizen. Rebecca was also named one of the "Top 59 Influencers in IT Security" for 2007 by IT Security magazine. The information security program Rebecca created for Principal Financial Group, where she worked for 12 years, received the 1998 CSI Information Security Program of the Year Award.
Rebecca assists organizations of all sizes and industries throughout the world with their information privacy, security and regulatory compliance programs, content development, and strategy development and implementation through a large variety of products, tools and services. She offers a range of standard and customized one and two-day workshops including one addressing how individuals across disciplines can work together to most effectively assure privacy and regulatory compliance while efficiently implementing security controls.
Rebecca is working on her 12th book, has written dozens of book chapters and over 200 published articles, and writes multiple monthly columns. Rebecca has been invited to speak any multiple seminars and conferences since the early 1990’s and consistently receives highest ratings. She also serves as an Adjunct Professor for the Norwich University Master of Science in Information Assurance (MSIA) program.
Back to top
Brent Huston
Brent Huston is the Security Evangelist and CEO of MicroSolved, Inc. MSI is a leading provider of application security assessments and penetration testing. Since 1992, they have been providing security services to organizations ranging from small businesses, financial institutions, e-commerce/telecommunications, manufacturing, education and government agencies, as well as international corporations.
Mr. Huston is an accomplished international speaker, a regularly quoted information security visionary and the author of various security tools, books and articles published around the world. Brent and the MSI team present a “State of the Threat” seminar through Platform Lab and webinars discussing current and emerging security threats all over the United States.
Back to top
Kim Jones, CSO/CISO, eTelecare
Before joining eTelecare, Kim Jones served as Global CSO and CISO of eFunds Corporation (a financial technologies firm based in Scottsdale, Arizona). Mr. Jones has over 20 years of experience as a security professional and has developed and implemented global security practices for companies in many different industries. Jones's previous experience includes positions within Cap Gemini Ernst & Young's Security Solutions Group; Computer Sciences Corporation's Common Criteria Testing Lab; and the U.S. Army. Mr. Jones holds a Bachelors Degree in Computer Science from the U.S. Military Academy (West Point), as well as Masters Degree in Information Assurance from Norwich University. In addition, he holds the following professional certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
Back to top
Ben Jun
Benjamin Jun oversees the technology and services groups at Cryptography Research. He has developed many widely deployed systems for the protection of financial transactions, pay television, and consumer products. Ben specializes in secure commercial systems, concentrating in technologies for tamper resistance, transaction security, content protection, and anti-cloning.
Ben's engineering efforts have enabled recovery from sophisticated piracy and fraud attacks. He has worked on teams that discovered Differential Power Analysis, fielded the DES Keysearch Machine, and developed technologies deployed in billions of devices worldwide. Ben currently serves on the Board of Advisors of the RSA Conference. He holds a bachelor's and a master's degree in electrical engineering from Stanford University where he was an NSF Graduate Fellow and a Mayfield Entrepreneurship Fellow.
Back to top
Kathleen Kiernan
CEO, The Kiernan Group
Dr. Kathleen L. Kiernan is a 29-year veteran of Federal Law Enforcement and is the CEO of Kiernan Group, an international consulting firm which supports federal and civil clients. She previously served as the Assistant Director for the Office of Strategic Intelligence and Information for the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) where she was responsible for the design and implementation of an intelligence-led organizational strategy to mine and disseminate data related to explosives, firearms and illegal tobacco diversion, the traditional and non-traditional tools of terrorism.
Dr. Kiernan has a Doctorate in Education from Northern Illinois University (with highest honors) and a Masters of Science degree in Strategic Intelligence from the Joint Military Intelligence College in Washington, D.C. She also holds a Masters of Arts degree in International Transactions from George Mason University in Virginia. In 2001, Dr. Kiernan was recognized as an outstanding scholar by Northern Illinois University and as an outstanding alumni in 2005. She is a Senior Fellow for the George Washington University Homeland Security Policy Institute, and a faculty member at Johns Hopkins University. Dr. Kiernan is a member of the Army Science Board where she led a panel exploring the transition of law enforcement training and technology to the warfighter.
Dr. Kiernan has been involved with the Intelligence Community for over a decade, and served as the ATF representative to the Counterterrorism Center (CTC) at CIA during 1993-1995. She is a Council Vice President for ASIS International with oversight of the Critical Infrastructure Working Group (CIWG); she chairs the Domestic Intelligence Council for the Intelligence and National Security Alliance (INSA) and she is the former Chair of the DCI’s Law Enforcement Working Group (LEWG), an initiative designed to bridge the communities of intelligence and law enforcement. Dr. Kiernan is a member on the International Association of Chiefs of Police (IACP) Terrorism subcommittee, an Intelligence Fellow (2001), and graduate of the FBI’s National Executive Institute (Class 26), Member of the Board of Reagents of the Potomac Institute, the DNI’s SHARP Program (2006/7), and Chairman for 2008 of the National InfraGard Program, an FBI affiliated public private-partnership with over 29,000 volunteer members. She has presented training on Critical Incident Management and explosives response protocol on a worldwide basis and currently serves as a special advisor to the Director of the Rapid Reaction Technology Office (RRTO) for the Department of Defense.
Dr. Kiernan led a nationwide Intelligence Community project involving the active interdiction of Weapons of Mass Destruction (WMD) throughout the law enforcement and public safety communities, and led a team in the Quadrennial Intelligence Community Review. Dr. Kiernan is a Special Advisor to the Director of the Combating Terrorism Task Force in the Department of Defense.
Back to top
Kent King, CISSP, CISM, CISA
Kent is a 1983 graduate of The Ohio State University (BSCIS) and began his career as a software developer at CompuServe. Kent has been working in information security and risk management for over 15 years. He has worked in the telecommunications, energy and insurance sectors and is now the Manager, Global Security for Sterling Commerce. In addition to his career, he is an avid collector of antique radio equipment and together with his wife, also operates an 11 acre alpaca farm in Delaware County.
Back to top
Jill Knesek
Chief Security Officer, BT Americas -- CISSP, CISM
As Chief Security Officer, Jill Knesek is responsible for all BT security matters in North America, including security policy and compliance, business continuity management, incident management, physical security and network and systems security.
Knesek has an extensive background in cyber security. She served as a Special Agent for the FBI, assigned to the Computer Crime Squad in the Los Angeles field office and was involved in several high-profile cases, including the infamous Kevin Mitnick and Mafiaboy trials. Knesek also was the case agent for the first FBI undercover operation that infiltrated the hacker community, which was instrumental in providing support to the National Infrastructure and Protection Center during the Kosavo bombings.
Jill has a Bachelor of Science degree in Computer Science from Texas A & M University and has spent 15+ years working in the computer and security field. She also has her CISSP (Certified Information Systems Security Professional) certification as well as a CISM (Certified Information Security Manager).
Back to top
Angelo Mazzocco
Angelo Mazzocco is the Chief Information Officer of Progressive Medical, Inc. Progressive Medical, Inc. is a nationwide, managed care and health care cost containment company. It coordinates care for workers' compensation, auto-no-fault and personal injury protection cases. Progressive Medical, Inc. provides medical equipment, medical supplies, pharmacy management, health services and ancillary services, such as outpatient rehabilitation, transportation, translation and radiology. Its nationwide network of pharmacies and equipment providers offer prompt service, detailed follow-up and cost containment reports to insurers, employers and third party administrators. Prior to coming to Progressive in January 2006, Angelo was the Vice President and Chief Information Officer of The Dispatch Printing Company and Affiliates. The Dispatch Printing Company and Affiliates include 16 privately held companies. Angelo’s career has also included employers NC Group, CompuCom, Accenture, Nationwide Insurance, and NCR.
He has served as an adjunct faculty member of the Ohio State University and Otterbein College since 1991.
An active leader in the Columbus and Ohio community, Angelo co-founded the CIO Forum and CIOhio CIO Symposium events. Angelo is a past recipient of the 2003 TechColumbus President's Top Contributor to the Advancement of Technology (TopCAT) award, 2005 TopCAT Executive of the Year, 2005 TopCAT Large Technology Team Leader, 2006 TopCAT finalist, 2007 TopCAT Large Technology Service Provider, 2008 TopCAT Large Technology Team, and the 2005 Volunteer of the Year for GroundWork Group which is an annual award bestowed upon an individual with exceptional leadership and personal commitment to the Central Ohio community. He is a member of the Board of directors of GroundWork Group, Gladden Community House, Navigator Management Partners, LLC., ZebraMobile, Inc., Quick Solutions, Inc., TechColumbus Membership, and the Ohio State University Digital Union.
Back to top
Prof. Howard A. Schmidt, CISSP, CISM (Hon)
President & CEO
Information Security Forum Ltd
http://www.securityforum.org
Howard A. Schmidt has had a long distinguished career in defense, law enforcement and corporate security spanning almost 40 years. Schmidt has served as Vice President and Chief Information Security Officer and Chief Security Strategist for online auction giant eBay. Howard Schmidt most recently served in the position of Chief Security Strategist for the US CERT Partners Program for the National Cyber Security Division, Department of Homeland Security.
Howard Schmidt retired from the White House after 31 years of public service in local and federal government. He was appointed by President Bush as the Vice Chair of the President's Critical Infrastructure Protection Board and as the Special Adviser for Cyberspace Security for the White House in December 2001. He assumed the role as the Chair in January 2003 until his retirement in May 2003.
Prior to the White House, Howard Schmidt was chief security officer for Microsoft Corp., where his duties included CISO, CSO and forming and directing the Trustworthy Computing Security Strategies Group.
Before Microsoft, Mr. Howard Schmidt was a supervisory special agent and director of the Air Force Office of Special Investigations (AFOSI) Computer Forensic Lab and Computer Crime and Information Warfare Division. While there, he established the first dedicated computer forensic lab in the government.
Before AFOSI, Mr. Howard Schmidt was with the FBI at the National Drug Intelligence Center, where he headed the Computer Exploitation Team. He is recognized as one of the pioneers in the field of computer forensics and computer evidence collection. Before working at the FBI, Mr. Howard Schmidt was a city police officer from 1983 to 1994 for the Chandler Police Department in Arizona.
Mr. Howard Schmidt served with the U.S. Air Force in various roles from 1967 to 1983, both in active duty and in the civil service. He had served in the Arizona Air National Guard from 1989 until 1998 when he transferred to the U.S. Army Reserves as a Special Agent, Criminal Investigation Division where he continues to serve. He has testified as an expert witness in federal and military courts in the areas of computer crime, computer forensics and Internet crime.
Mr. Howard Schmidt had also served as the international president of the Information Systems Security Association (ISSA) and the first president of the Information Technology Information Sharing and Analysis Center (IT-ISAC). He is a former executive board member of the International Organization of Computer Evidence, and served as the co-chairman of the Federal Computer Investigations Committee. He is a member of the American Academy of Forensic Scientists. He serves as an advisory board member for the Technical Research Institute of the National White Collar Crime Center, and was a distinguished special lecturer at the University of New Haven, Conn., teaching a graduate certificate course in forensic computing.
Howard Schmidt served as an augmented member to the President's Committee of Advisors on Science and Technology in the formation of an Institute for Information Infrastructure Protection. He has testified before congressional committees on computer security and cyber crime, and has been instrumental in the creation of public and private partnerships and information-sharing initiatives. He is regularly featured on CNN, CNBC, Fox TV as well as a number of local media outlets talking about cyber-security. He is a co-author of the Black Book on Corporate Security.
Mr. Howard Schmidt has been appointed to the Information Security Privacy Advisory Board (ISPAB) to advise the National Institute of Standards and Technology (NIST), the Secretary of Commerce and the Director of the Office of Management and Budget on information security and privacy issues pertaining to Federal Government information systems, including thorough review of proposed standards and guidelines developed by NIST.
Howard Schmidt holds board positions on a number of corporate boards in both an advisory and director positions and recently has assumed the role as Chairman of the Board for Electronics Lifestyle Integration (ELI).
Mr. Howard Schmidt holds a bachelor's degree in business administration (BSBA) and a master's degree in organizational management (MAOM) from the University of Phoenix. He also holds an Honorary Doctorate degree in Humane Letters. Howard Schmidt is an Adjunct Professor at GA Tech with the GTISC.
Back to top