Upon graduation from MIT, Paul A. Karger was commissioned in the U.S. Air Force. His Multics security work included a classic 1974 paper on penetration testing. He taught at the U.S. Air Force Academy before joining Digital Equipment Corporation, where he worked on multilevel secure systems.

He was able to transform requirements and formalisms into designs and implementations. Paul was the lead designer of the VAX VMM security kernel, which was successfully evaluated at TCSEC Class A1. This was a remarkable accomplishment: a product from a major corporation able to enforce mandatory access control policies with high assurance. Paul earned a Ph.D. from the University of Cambridge. He was security architect for the Open Software Foundation. He worked on telephone security at GTE Laboratories. Finally, on the staff of the Thomas J. Watson Research Center, Paul was a founding member of IBM’s ethical hacking consulting service. He continued to design commercial systems including a high assurance smart card operating system.

Paul was always generous with his time and encyclopedic knowledge of secure systems. His enthusiasm for high assurance development was contagious. Insight, clear thinking, and communication skills allowed him to be a leader in shaping our notions regarding highly trustworthy systems. He never tired of providing examples where security thinking during system design could make a difference. His 1995 paper on privacy threats to intelligent transport systems was a harbinger of dangers ahead if security for GPS and mobile devices was ignored.

Prior to his untimely death, Paul was the inventor or co-inventor on 14 U.S. patents and 19 non-U.S. patents. He wrote or co-authored more than 90 technical papers, greatly influencing the evolution of high assurance technology.

Professor Hoffman developed the nation’s first regularly offered university course on computer security and is the author or editor of five books that captured the state of cybersecurity and privacy at various times between 1973 and 1995. His 1999 study of encryption products explored the effect of the United States export control regime that he later presented before Congress.

His research has spanned multiple aspects of cybersecurity including cryptography policy, risk analysis, and statistical inference for data mining. His thought leadership included pioneering workshops on Internet voting, cybersecurity educational competitions, and workforce development; the institutionalizing of the ACM Conference on Computers, Freedom, and Privacy; and the development of courses that focused on e-commerce security, information policy, and cybersecurity and governance as the field broadened.

He initiated and still leads a CyberCorps scholarship program that has produced dozens of cybersecurity experts with degrees in at least ten majors who have gone on to work for dozens of different government agencies. Some later started their own cybersecurity companies.

With a major in Mathematics, Len got his start in computers with IBM in the Time Life building in NYC in 1960. He continued in this new field as an Army Lieutenant with the Army Security Agency Training Center and School at Fort Devens, Massachusetts from 1961 to 1963. There, he worked with an IBM 650 (1000 words of main memory!) and taught Fortran programming. After over 40 years with The MITRE Corporation, where he worked on numerous federal government contracts, Len retired in 2013. His principal efforts with MITRE supported various initiatives to improve computer and network security, ending with a project on cyber resiliency. In 1973, he co-authored with David Bell a pioneering paper on computer security, which came to be known as the “Bell-LaPadula Model”. This mathematical model became part of the computer science curriculum in many universities, influenced developments in computer systems, and contributed to the “Orange Book” series published by the National Security Agency. As a retiree, he enjoys quiet gardening.

William Hugh Murray began his security career at IBM in the late 1960s when he managed the development of the user access control subsystems for IBM’s ground breaking Advanced Administrative System (AAS), a model for later systems. In 1976, he authored the IBM publication Data Security Controls and Procedures, which remained in publication into the 90s. These two works began a career providing security leadership, innovation, guidance, and support to government, business, and academia and their requirements to IBM research and product development.

He is a founder of the Colloquium for Information System Security Education (CISSE). He led the ISSA committee that expressed the professional common body of knowledge which was used to develop the examination for certifying information security professionals and the (ISC)² committee that wrote the professional code of conduct and ethical guidance. He served for more than a decade on the Board of (ISC)2 seeing it from a volunteer effort to a self-supporting enterprise serving more than a hundred thousand professionals.

Dan Geer has ten years in clinical and research medical computing followed by five years running MIT's Project Athena. After a small stint in the Research Division of the then Digital Equipment Corporation, he became involved in a series of start-up endeavors, either as a founder outright or an officer of the company. Mr. Greer now finds himself in government service at In-Q-Tel, the investment arm of the US intelligence community. He is a frequent author, six times entrepreneur, and has spoken five times before Congress regarding cybersecurity initiatives.

Butler Lampson is a Technical Fellow at Microsoft Corporation and an Adjunct Professor of Computer Science and Electrical Engineering at MIT. He was on the faculty at Berkeley and then at the Computer Science Laboratory at Xerox PARC and at Digital's Systems Research Center. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WHSIWYG editors, and tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the Autonet LAN, the SDSI/SPKI system for network security, the Microsoft Tablet PC software, the Microsoft Palladium high-assurance stack, and several programming languages.

He received an AB from Harvard University, a PhD in EECS from the University of California at Berkeley, and honorary ScD's from the Eidgenössische Technische Hochschule, Zurich and the University of Bologna. He holds a number of patents on networks, security, raster printing, and transaction processing. He is a member of the National Academy of Sciences and the National Academy of Engineering and a Fellow of the Association for Computing Machinery and the American Academy of Arts and Sciences. He received the ACM Software Systems Award in 1984 for his work on the Alto, the IEEE Computer Pioneer award in 1996, the National Computer Systems Security Award in 1998, the IEEE von Neumann Medal in 2001, the Turing Award in 1992, and the National Academy of Engineering's Draper Prize in 2004.

At Microsoft, he has worked on anti-piracy, security, fault-tolerance, and user interfaces. He was one of the designers of Palladium, and spent two years as an architect in the Tablet PC group. Currently he is in Microsoft Research, working on security, privacy, and fault-tolerance, and kibitzing in systems, networking, and other areas.

Horst Feistel is one of the most important figures of modern cryptography. The ubiquitous DES cipher was primarily his invention, and the techniques he developed are still used in most modern block ciphers. Feistel was born in Berlin, Germany in 1915, and immigrated to the United States in 1934. Here, he earned a Bachelor's degree from MIT, and a Master's from Harvard, both in Physics. Despite this, his true calling was cryptography. Unfortunately, his German background aroused suspicion. He worked on crypto systems for the US Air Force and MITRE Corp, both of whom were pressured to halt his research. Eventually, he was able to find a research position at IBM's Thomas J. Watson Laboratory.

It was at IBM where Feistel developed the Lucifer cipher, in the early 1970s. The Lucifer algorithm he developed takes 64 bits of text and 64 bits of key material and produces 64 bits of cipher text. The cipher text and the key can be used to recover plaintext, making it a symmetric cipher. The specific method he used to scramble the data became known as a Feistel Network. Lucifer was widely considered to be one of the most secure crypto systems of its time. After a few tweaks mandated by the NSA, such as scaling back the key size to 56 bits, Lucifer was chosen as Data Encryption Standard (DES) for the United States. Feistel died in 1990.