FIAC 2008

• metro

• hotels

• floorplan

fiac committee

contact

home

VIEW PRESENTATIONS

Speakers

A.N. Ananth

CEO

Prism Microsystems

As the co-founder and CEO of Prism Microsystems, Ananth was one of the original architects of the EventTracker product offering, Prism's enterprise Security Information and Event Log Management (SIEM) solution. With an extensive background in product development and operations for telecom network management, he has consulted for many companies on their compliance strategy, audit policy and automated reporting processes. He is a leading expert in IT compliance with over 20 years experience in IT-control and operations and speaks frequently on these topics. Prior to founding Prism, he was involved in product development for various companies including Ciena, Westinghouse Wireless and Equatorial Communications. He holds an MSEE from the University of Texas and remains active in strategic product direction at Prism.

Sean Barnum

Principal Consultant

Cigital

Sean Barnum is a Principal Consultant at Cigital and is technical lead for their federal services practice. He has over 23 years of experience in the software industry in the areas of development, software quality assurance, quality management, process architecture & improvement, knowledge management and security. He is a frequent contributor, speaker and trainer for regional and national software security and software quality publications, conferences & events. He is very active in the software assurance community and is involved in numerous knowledge standards-defining efforts including the Common Weakness Enumeration (CWE), the Common Attack Pattern Enumeration and Classification (CAPEC), and other elements of the Software Assurance Programs of the Department of Homeland Security and the Department of Defense. He is coauthor of the book "Software Security Engineering: A Guide for Project Managers", recently published by Addison-Wesley. He is also the lead technical subject matter expert for the Air Force Application Software Assurance Center of Excellence.

John Benson

Deputy Director, Office of Information Systems Security

FAA

John Benson is the Deputy Director, Office of Information Systems Security, in the Federal Aviation Administration's (FAA) Washington Headquarters.

Benson served as Acting Program Director, Awareness, Training, and Evaluations Division and served as a Telecommunications Specialist in the Certification and Compliance Division prior to assuming his current responsibilities.

Before joining the FAA in March 2002, Benson was a project manager and network systems engineer with Lucent Technologies Worldwide Services in south Florida and also worked for the EMC Corporations Professional Services team in Boca Rotan, Florida.

Benson worked for 21 years in the U.S. Coast Guard, where he assumed positions of increasing responsibility, completing his career in telecommunications network system security as the Information Systems Security Officer for the Coast Guard's southeastern U.S. region, which included the Caribbean. Benson also served as a project officer with the Coast Guard Information Systems Command in Alexandria, Va, where he worked on certification and accreditation of network systems as well as served on the team that directed and guided to completion the Coast Guard Computer Incident Response Team.

Brad Botwin

Director, Industrial Base Studies, Office of Technology Evaluation

U.S. Department of Commerce

Brad I. Botwin currently serves as Director of Industrial Base Studies in the Department of Commerce's Bureau of Industry and Security. In this capacity, he is responsible for developing analyses and implementing programs designed to ensure a technologically superior and competitive defense industrial base capable of meeting U.S. economic and national security requirements.

Mr. Botwin's programmatic responsibilities include: Assessments of U.S. Industrial Capabilities and Critical Technologies; Section 232 Investigations of the Effect of Imports on National Security; Foreign Availability Assessments; and Short Supply Determinations.

In carrying out these responsibilities, Mr. Botwin maintains close contacts with the U.S. Government national security, research & development, and international trade communities and with a broad spectrum of critical industry representatives ranging from strategic materials producers to high-technology manufacturers.

Prior to assuming this position, Mr. Botwin served as Division Director/Program Manager for Industrial Capabilities in the Commerce Department's Strategic Analysis Division, with responsibility for directing production assessments of critical sectors affected by foreign competition; studies of foreign sourcing and dependency in U.S. weapon systems; assessments of offsets in defense trade; and reviews of the impact of foreign investment in the U.S. He also played a major role in developing a defense diversification program for small businesses, coordinating efforts with over 50 federal and state agencies.

Prior to joining the Department of Commerce in 1983, Mr. Botwin served as an international energy trade expert at the U.S. Department of Energy, where he specialized in U.S. - Latin American energy issues.

Mr. Botwin received his degree in international affairs and economics from the American University in 1979 and his MBA from the George Washington University with a concentration in international business and finance in 1983.

Mr. Botwin is married, has two children and lives in Rockville, Maryland.

Ouanessa Boubsil

Associate Researcher and Associate Professor

University of Maryland University College

Mrs. Ouanessa Boubsil is an Associate Researcher at the office of Evaluation and Assessment and Associate Professor at the University of Maryland University College (UMUC). Previously, she held the position of Interim executive director of the Security Studies Laboratory .For three years prior to that, she was the director of academic investments at the Security Studies Laboratory in charge of grants management and the management of the daily operations of the lab.

She also teaches at UMUC and brings 25 years of college level teaching experience in various disciplines including database systems, information systems, computer security, financial accounting and General and Engineering Management. Earlier in her career, she worked as an IT consultant in charge of projects ranging from office automation to corporate reorganizations.

She holds a BS from the University of Algiers and an MBA with a concentration in Accounting and Finance from Case Western Reserve University. Currently, she is in the process of finishing her dissertation for a PhD degree in Information Systems with a concentration in information assurance at Stevens Institute of Technology.

Presently, Mrs. Boubsil is conducting research on evaluation of education mediated by technology at UMUC and at other online education institutions. She is also completing her PhD dissertation research in Role Based Access Control (RBAC) in Database and Workflow Management environments.

Mrs. Boubsil presents regularly at distance education conferences and other Information Technology forums. The topics that she has published in include distance education theories and best practices, Homeland Security simulations, Network Security exercises, simulation evaluation metrics and online faculty recruitment, training and retention.

Jon-Michael C. Brook

Vice President, Security Solutions & Sales

Eruces, Inc.

Mr. Brook is the Vice President for Global Security Solutions and Sales at ERUCES, Inc., an encryption vendor headquartered in Lenexa, KS. He joined the company in 2006, with 10 years of information security experience. Prior to ERUCES, he previously worked as a Principal Engineer with Northrop Grumman's Information and Cyber warfare Technology Center, and a Sr. Engineer with Raytheon's Secure Networks group.

Mr. Brook graduated from the University of Florida with a Bachelor of Science degree in Computer Engineering, and the University of South Florida with a Master Degree in Business. His credentials include: Certified Information Systems Security Professional (CISSP), Cisco Certified Network Professional (CCNP), SANS Gold GIAC Certified Intrusion Analyst (GCIA), SANS Gold GIAC Security Essentials Certified, and 6s Greenbelt. Mr. Brook holds patents and trade secrets in intrusion detection, enterprise network controls, cross domain solutions, and semantic data redaction.

Steve Busch

Senior Managing Consultant for IBM Global Business Solutions

IBM/DoD, DIAP

Mr. Busch is a Senior Managing Consultant for IBM Global Business Solutions with over 30 years military and consulting experience in operations and management. His experience includes strategic level planning and implementation for information technology solutions including change management, organizational process improvement, operational planning, and system deployment support. He has specialized skills in personnel performance evaluation, retention, recruiting, placement, and software implementation management. He also has extensive instructor and training experience in recruiting management and leadership development and has taught university level courses. For the past five years, he has supported the Defense-wide Information Assurance Program (DIAP) office in the development and implementation of DoD IA Workforce Implementation Plan (IA WIP). The IA WIP is focused on improving DoD's information assurance workforce training, certification, and mangement policy, standards and processes. The ultimate objective is to develop and sustain an IA professional workforce with the knowledge, skills, and tools to effectively prevent, deter, and respond to threats against DoD information systems.

Manuel Cintron

SAIC

Over 10 years experience with providing technical analysis and engineering expertise associated with cryptographic and high-assurance computer security systems.

Defense Information Agency Field Security Operations

Eric Eifert

Executive Director, Cyber Defense Division

ManTech Security and Mission Assurance

Eric Eifert is an Executive Director with ManTech International in charge of their Cyber Defense Operations. His team provides Incident Response, Vulnerability Assessment/Penetration Testing services, Security Engineering support, Security Operations Center functions, and security training to both commercial and government clients. Prior to joining ManTech, Eric was an Active Duty Special Agent with the Air Force Office of Special Investigations where he led Computer Crime Investigations and Operations for the Air Force in Europe, Africa, and South West Asia. Eric is now a Reserve Special Agent and continues to support Air Force Cyber Investigations and Operations. Eric has his Masters of Information Systems and a BS in Criminology. He is a Certified Project Management Professional (PMP) and Certified Computer Crime Investigator.

Eran Feigenbaum

Director of Security

Google Apps

As the Director of Security for Google Apps, Eran defines and implements security strategy for Google's suite of solutions for enterprise customers.

Prior to joining Google in 2007, Eran was the US Chief Information Security Officer for PricewaterhouseCoopers(PwC). At PwC, he led a team responsible for all aspects of network, server, application, and desktop computer security, as well as security policies, architectures, standards and enforcement. Earlier, Eran spent several years designing and implementing high-performance cryptosystems for electronic commerce solutions for Fortune 1000 clients and government agencies.

Eran holds a bachelor's degree in electrical and computer engineering from the University of California at Irvine, and an MBA from Pepperdine University. In his spare time, he enjoys performing magic and mentalism and was featured on the NBC television show Phenomenon.

Bob Gourley

CTOvision.com

Bob Gourley is the founder of Crucial Point LLC, a technology research and advisory firm. He is a former CTO of the Defense Intelligence Agency (DIA) where he provided technical and operational advice and senior technical review regarding DIA and DoD IIS information architectures, data processing, IT systems, applications, networks and communications. A winner of InfoWorld's 2007 Top 25 CTO Awards, Mr. Gourley is a strong advocate for user-focused software and his contributions to the Google Gadget community have placed him on Google's list of the top 200 gadget programmers in the world. He holds three masters degrees including a master of science degree in scientific and technical intelligence from Naval Postgraduate School, a master of science degree in military science from USMC University, and a master of science degree in computer science from James Madison University.

Susan Hansche

Nortel Government Solutions / Department of State

Dennis Heretick

DeepWaterPoint

Dennis is a principal at DeepWaterPoint. He currently coordinates the Federal CISO Roundtable. Dennis is a former member of the Senior Executive Service, was the Chief Information Security Officer (CISO), Department of Justice, Washington, D.C. As the Justice CISO, Mr. Heretick developed and managed a Department-wide IT security program in support of the War on Terror. He lead the Justice Department in developing and enforcing IT security standards, and shaping the IT security planning process. He also lead in Department initiatives to leverage IT security technology to facilitate information sharing. A comprehensive performance measurement report card and its related processes that he developed have ensured Justice's security program and the efforts of its managers and technical staffs are performance oriented and based on desired customer outcomes.

In April 2005, Mr. Heretick was selected as the recipient of the Federal CIO Leadership Award. This award recognized his accomplishments in implementing a comprehensive Federal IT Security Program. Mr. Heretick was selected for the Federal 100 Award in 2006. Through his exemplary leadership in implementing innovative, enterprise-wide security solutions, the Department of Justice IT Security Council was selected for the SecurE-Biz 2005 Cyber Security Team Award.

Robert Jueneman

Chief Scientist

SPYRUS Inc.

Mr. Jueneman is the Chief Scientist at SPYRUS, Inc., a company based in San Jose, California, that specializes in developing cryptographic smart cards, USB tokens, HSMs, PKI systems, and cryptographic middleware for the government and high-security commercial market. As the security architect for the SPYRUS Cryptographic Modernization initiative, he has been intimately involved in the architecture and design of its advanced cryptographic developments, which culminated in SPYRUS being the first company to implement Suite B algorithms in its hardware and software cryptographic products. SPYRUS offers the only hardware-based DAR products included in the DAR Blanket Purchase Agreement.
Formerly with IBM, Satellite Business Systems, Computer Sciences Corp, GTE Laboratories, and Novell, Mr. Jueneman has over 30 years of experience in symmetric and public key cryptography in both hardware and software. He was instrumental in pioneering digital signature legislation in a number of states and foreign countries, and advancing the technical standards for encryption and PKI. He has been involved with communications security efforts ranging from telephony to cellular to high-speed satellite and fiber optics, and has consulted with the Department of Defense, the FBI, the Department of Commerce, the Department of State, the Royal Canadian Mounted Police, and several foreign governments.

Mitchell Komaroff

Director, Globalization Task Force

Office of the Assistant Secretary of Defense for Networks and Information Integration / Department of Defense Chief Information Officer, Department of Defense

Mitchell Komaroff serves as the Director, Globalization Task Force (GTF), for the Assistant Secretary of Defense for Networks and Information Integration / DoD Chief Information Officer (ASD(NII)/DoD CIO). He is primarily responsible for developing and implementing a strategy for mitigating national security risks to DoD arising from the increasing globalization of the information and communications technology (ICT) sector. The GTF is the ASD(NII)/DoD CIO focal point for: transactional risk management in Committee on Foreign Investment in the U.S. (CFIUS) and Federal Communications Commission Licensing matters; and policy development addressing global supply chain risk. Since coming to the Office of the ASD(NII)/DoD CIO, Mitchell Komaroff has worked to implement software and systems assurance across the Department of Defense.

Before coming to the Office of the DoD CIO, Mitchell Komaroff was a Computer Scientist with the Defense Information Systems Agency (DISA) and with industry, where he worked network quality of service (QoS), IA Architecture and Information Management issues.

Mitchell Komaroff holds a Masters of Science degree in Mathematics from George Mason University and a Juris Doctor degree from the University of Maryland, School of Law

Greg Kopchinski

Senior Product Manager

Bivio Network

Greg Kopchinski is Senior Product Manager at Bivio Networks where he has whole product responsibility for the company's industry-leading DPI network appliance platforms. Greg has a strong background in product management and marketing for embedded computer and networking technologies with several leading companies including Motorola, Force Computers, Captus Networks and Ziatech (acquired by Intel). He has spoken on product and market trends at industry events and has authored several articles that have appeared in various technical publications. Greg is a graduate of Cal Poly, San Luis Obispo with a BS degree in Electronic Engineering.

Sue Kreigline

Waylon Krush, CISSP, CISA

Co-Founder and CEO

Lunarline, Inc.

Waylon Krush manages Lunarline's overall business strategy. Waylon Krush has over ten years of excellence in Critical Infrastructure Protection (CIP), Information Operations (IO), Signals Intelligence, System and Telecommunication exploitation, and Certification and Accreditation (C&A).

Prior to becoming the CEO of Lunarline, Inc, Waylon was a senior InfoSec engineer in AT&T's Advanced Systems Division, and Chief of the Information Assurance (IA) group for GRC-TSC. Waylon Krush proudly served seven years in the United States Army in various intelligence/security related technical and leadership roles throughout the world.

Waylon holds a BS in Computer Information Science from University of Maryland University College, and is a Certified Information Systems Security Professional (CISSP) and Certified Information Security Auditor (CISA). Waylon is also a recipient of the Knowlton Award, United States Marine Corp Scholastic Leadership Award, Air Force Advanced Signals Award, 718th Soldier of the Year, NSA Professional of the Quarter, Voice of America Award, and American Legion Award (2 Years).

Mischel Kwon

Director, U.S. Computer Emergency Readiness Team (US-CERT)

National Cyber Security Division, U.S. Department of Homeland Security

Mischel Kwon, an IT professional with more than 26 years of experience, was named the Director for the United States Computer Emergency Readiness Team (US-CERT) in June 2008. As the Director for the US-CERT, Kwon is responsible for the operational mission of the US-CERT. US-CERT is responsible for analyzing and reducing cyber threats and vulnerabilities in Federal networks, disseminating cyber threat warning information, and coordinating incident response activities.

Kwon brings a unique blend of hands on experience, academic research and training, and a seasoned understanding of how to build operational organizations from inception. Among her successes at the United States Department of Justice (DOJ), where she was Deputy Director for IT Security Staff; she built and deployed the Justice Security Operations Center (JSOC) to monitor and defend the DOJ network against cyber threats. In addition, she served as the lead project manager for the Trusted Internet Connections (TIC) project at DOJ. The TIC project is a jointly lead project between OMB and DHS. This experience provides a unique perspective in her operational mission at DHS.

In addition to the operational role, Kwon lends her experience and drive for providing superior customer service to DHS. Kwon is leading the effort to enhance the US-CERT's ability to disseminate reasoned and actionable cyber security information to key stakeholders, including: federal agencies, industry, the research community, and state and local governments. In tandem with this effort, Mischel is in the process of building and enhancing US-CERT's capability to better protect our nation's Federal Internet infrastructure by coordinating actionable mitigation against and response to cyber attacks.

Ms. Kwon holds a Master of Science in Computer Science and a graduate certificate in Computer Security and Information Assurance. In addition, she serves as an adjunct professor at George Washington University in Washington, DC, where Ms. Kwon also runs the GW Cyber Defense Lab. Her interests branch out into cryptology, wireless networks, and antenna theory.

Todd Lefkowitz

Director, Education Services - Americas

Symantec

Todd Lefkowitz is responsible for managing Education Services in the Americas. His role entails delivery of Customer learning & training, virtual academy, eLearning, Sales and Field Readiness, as well as technical Sales and Support training.

Tim LeMaster

Director of Systems Engineering

Juniper Networks

Timothy LeMaster is Director of Systems Engineering at Juniper Networks, where he is responsible for driving product development efforts to meet the demands of public sector customers and for overseeing the activities of Juniper's public sector systems engineers.
A government IT industry veteran, Tim leverages his more than 15 years of experience in telecommunications and networking for the benefit of Juniper's public sector customers. Prior to Juniper, Tim spearheaded the development of applications aiding the government in the management of a very large SONET/IP network for IT solutions provider Veridian. Tim has also held several positions in the government, ranging from network operations and network modeling to engineering. Tim is a former U.S. Air Force officer.

Michael Markulec

Chief Operating Officer

Lumeta Corporation

Michael Markulec has over 20 years of experience in computer networking and software. Michael's experience is a combination of proven operational capabilities and the ability to plan and execute growth strategies resulting in significant returns.

At Lumeta, Michael is responsible for both operational and strategic leadership of Lumeta's Network Assurance solutions and the development of the IPsonar(r) product suite. Michael also leads Lumeta's marketing, product management and customer relations activities.

Michael is a sought after speaker and presenter on a variety of networking and security topics, most notably networking issues and mandates in the federal government, such as IPv6 transition and the Trusted Internet Connections initiative.

Michael serves on the NJ Innovation Partnership Institute advisory board, which develops information technology curriculum for high schools and colleges. Michael is an elected Committeeman in Hopewell Township, NJ where his general areas of responsibility include economic development.

Prior to joining Lumeta in 2001, Michael was the COO of nex-i.com, a data network service provider, where he played an instrumental role in that company's successful acquisition by Eureka Broadband. Michael has also held senior sales and operations positions AT&T's data network group, Niehoff of America, Pirelli Cable and served as a Captain in the U.S. Army. Michael holds a BS in mechanical engineering from Norwich University and an MBA from Duke University.

David McGuire

Senior Information Assurance Engineer

SRA

David McGuire is a Senior Information Assurance Engineer with SRA International where he manages technical, physical and policy security practices for the Department of Justice Integrated Wireless Network (IWN). He has nine years of experience in the field of information security and network operations experience with concentration in network exploitation and analysis, system security and wireless vulnerability assessments. Prior to joining SRA, David conducted network vulnerability assessments of large scale Department of Defense networks where he was considered a subject matter expert in wireless exploitation methodologies. He has also served as a Digital Network Intelligence team lead and an Information Systems Security Officer. David has a Bachelor's Degree in Computer Information Technology and is a Certified Information Systems Security Professional (CISSP) and Certified Ethical Hacker (CEH).

Lynn McNulty, CISSP

Director of Government Affairs

(ISC)2

Lynn McNulty, CISSP, Director of Government Affairs, (ISC)2 Lynn McNulty brings a wealth of information security management experience in government and private practice. During his 30-year career in the federal government, Lynn was Associate Director for Computer Security at the National Institute of Standards and Technology, the first Director of Information Systems Security at the State Department, and Security Program Manager at the Federal Aviation Administration. Lynn has been a consultant since 1995, providing government affairs, business development and information security policy consulting services to private and public sector clients and has served on the (ISC)2 Board of Directors for several years. He is a current member of the Information Security and Privacy Advisory Board established by the Federal Information Security Management Act, manages government affairs for (ISC)2 and is Co-Chair of the (ISC)2 Government Advisory Board for Cyber Security. Most recently, Lynn was awarded the 2007 Colloquium Industry Award by the Colloquium for Information Systems Security Education (CISSE) for his outstanding leadership in industry relations with information assurance education and later was named one of only three individuals to receive the exclusive Fellow of (ISC)2 designation, a distinguished honor granted by the (ISC)2 Board of Directors to those influential information security professionals who have made outstanding contributions throughout their careers to the information security profession.

Lynn is actively pursued by both national and local media outlets for comment as an expert source on U.S. federal government information security policy and related issues. He has been a guest on PBS's Jim Lehrer News Hour and has been featured in numerous federal IT publications such as Government Executive Magazine, Federal Computer Week, Government Computer News, Federal Times and SIGNAL Magazine.

William Miller

President

MaCT

Mr. Miller is President of Maximum Control Technologies (MaCT) a MILLER W J & ASSOCIATES Company with offices in the United States, Canada, and Hong Kong, PRC. He is a graduate of Pennsylvania State University with a degree in Electrical Engineering and Telecommunications with 30 years of experience. He is a participant in a number of security and wireless standardization efforts. He has contributed to secruity standardization for the US government including the Federal Information Security Management Act (FISMA) guidelines, review of NERC reliablity and security requirements versus NIST SP800-53, and recommendaitons for security of wireless systems in the NIST SP800-82 Guide to Industrial Control Systems (ICS) Security. NIST SP800-82 forms the basis of Part 4 of ISA99 Industrial Automation and Control System Security. He also is a member of the ISA100 Wireless Systems for Automation Security Task Group.

Paul Mockapetris

Nominum

Paul Mockapetris is an Internet advocate and investor, with interests ranging from high speed switching systems to applications. At present, he is Chairman and Chief Scientist for Nominum. In the past he was CTO at Urban Media, Siara, Fiberlane, Software.com and director of engineering at @Home. He has been IETF chair, program manager at ARPA, and did 15 years of research at the University of Southern California's Information Sciences Institute, and 10 years at UC Irvine with the DCS project.

He is best known as the creator of the Domain Name System (DNS), and wrote the first implementation of SMTP. He received his learner's permits in Physics and Electrical Engineering from the Massachusetts Institute of Technology in 1971, and his Ph.D. in Information and Computer Science from the University of California, Irvine, in 1982. He is the recipient of the IEEE 2003 Internet award and the ACM 2005 Sigcomm award, and a member of the National Academy of Engineering.

Scott Montgomery

Vice President of Product Management

Secure Computing

As vice president of product management at Secure Computing, Scott Montgomery is responsible for directing the tactical and strategic planning of Secure Computing's product lines, and cultivating technical and OEM partnerships. Scott has more than ten years of security engineering, deployment, and consulting experience, and frequently serves as a presenter and on panel discussions at security conferences. He also acts as an advisor to a number of Washington DC security consultancies, and is Secure Computing's representative to standards groups such as the Cyber Security Industry Alliance.

Rama Moorthy

Hatha Systems

Rama Moorthy has 20+ years of experience in the high-tech industry delivering products, services and strategies. She has driven corporate wide strategies in enterprise security, helped establish standards organizations, developed and introduced products and services into both commercial and defense market segments. She has extensive management experience in the building and redirection of organizations and their associated strategies. In addition, she has experience in new product and services development, product line management, business development and sales for multiple multi-national organizations (Booz Allen Hamilton, Sun Microsystems, Siemens/Infineon, Network Associates and AMD).

Ms. Moorthy, since late 2004 has been focused on the Government Sector developing and managing software assurance and assured software development services. At Hatha Systems, along with her role as CEO, she supports the Assistant Secretary of Defense of Network and Information Integration (ASD NII - DoD CIO) Globalization Task Force leadership on software assurance and supply chain risk management. She is a principal author of the NDIA Engineering for System Assurance Guidebook and is supporting the CIOs office in the development of supply chain risk management guidance. She is Hatha's representative to the Information Technology Sector Coordinating Council (ITSCC) for Infrastructure Protection and holds a board membership in the World Wide Consortium for the Grid (W2COG). Ms. Moorthy has earned a Bachelor of Science in Electrical Engineering from Purdue University and a Masters in Business Administration (Marketing and Finance) from Vanderbilt Universities' Owen Graduate School of Management.

Kim Mott

Privacy Officer

GSA

Ms. Mott is the Privacy Officer at the General Services Administration. She is a Certified Information Privacy Professional. As Privacy Officer she ensures that GSA is in compliance with the Privacy Act 1974, as amended (5 USC 552a). The Privacy Act establishes for individuals the right to privacy for records that Federal agencies collect, maintain, and use.

She is a graduate from Howard University with a degree in Communication Arts and Sciences (Public Relations). She has been with GSA for 3 years and has been their Privacy Officer for the last 1 ½ years.

Her goal is to educate people about their personal responsibility in the protection of Personally Identifiable Information (PII).

Earnest Neal

ASG

Drury Norris

Senior Manager

Raytheon Information Solutions

Drury (Dru) Norris is a Senior Manager for Information Technology (IT) Strategy and Planning with Raytheon Information Solutions (RIS). For the past five years, he has supported the National Nuclear Security Administration's (NNSA) Office of the Chief Information Officer (CIO), where he focuses on IT strategy, architecture and standards, enterprise management and technical issues. A major component of his work involves integrating cyber security and information assurance policies. He also drives controls, techniques and standards into the NNSA management and technical processes. This work involves collaboration with the NNSA's eight national laboratories, nuclear weapons production and refurbishment plants each of whom have their specific cyber and information assurance challenges. With more than 30 years of IT experience, he is an experienced Enterprise Architect having conducted enterprise architecture (EA) projects for major government agencies including Department of Housing and Urban Development (IT Standards Management), Department of Energy (enterprise EA to include business, data and technical reference models), and Department of Education (business process models and domain specific data models). He led the development of the 2000-2004 Strategic Plan for the CIO Council. During his career, he served as CIO for a $1B international finance organization, where he managed staff, cyber security, applications development and maintenance, and operations tasks. He has managed major application development projects for the World Bank, Inter American Development Bank and the UN. He served as technical lead for IT strategic planning studies (Flour Corp.), IT CONOPS (Ciba-Geigy), and organizational effectiveness assessments (state and local government).
He has a BA from Rice University and has attended many IT technical and management training courses to include CISSP and cyber security techniques.

Louis Numkin, CISM

Senior IT Security Specialist

Formerly with IRS

Louis Numkin retired from the Internal Revenue Service where he was an Information Technology Specialist (Security) in the FISMA Program Office of the Mission Assurance and Security Services organization. As Team Lead for the Security Awareness and Training Team, his duties related to security awareness, training, education, and the like.
-Prior to IRS, he provided many facets of computer security for the Nuclear Regulatory Commission (was part of the team which earned the first ever FISMA "A" grade in 2003) and the General Services Administration's FTS2000 before that.
-Numkin's Bachelor's Degree in Business Administration and Masters Degree in Technology of Management (majored in Management Information Systems and Computer Systems) are from the American University. He also maintains his Certified Information Security Manager (CISM) professional certification from ISACA.
-Louis provides computer security awareness sessions on request from various Federal Agencies and conferences, schools (elementary through high school), senior citizen centers, and social organizations. He is an avid blood donor who volunteers as a Red Cross Blood Donation Coordinator, Elections Judge, and an AARP Tax Counselor for the Elderly.
-Proud to have retired from the US Army Reserves as a Sergeant Major, he has also served as Worshipful Master of his Masonic Lodge, and a National Committee Chair as well as President of Walter Reed Chapter of the National Sojourners, Inc.
-After editing the Federal Information Systems Security Educators' Association (FISSEA) News and Views for several years he was elected Chair of the FISSEA Exec Board in 2004, 2005, and 2006. He has served as Conference Director for the 2008 FISSEA Annual Conference and invites all to the upcoming FISSEA Conference which will be on 24-26 March 2009 (Y'all Come!) for which he will again act as Conference Director. Of the awards he has received, Louis cherishes having been honored by FISSEA and his peers to be the recipient of the coveted FISSEA Educator of the Year Award in 1998.

Steve Ostrowski

CompTIA

John Padgette

Booz Allen Hamilton

John Padgette, an Associate with Booz Allen Hamilton, has over 17 years of Information Technology experience and has spent the last 5 years focused on wireless security challenges. His Bluetooth experience includes in-depth link security analysis of Bluetooth-enabled smart card readers and headsets for use with handheld devices and PCs.

John is co-author of the NIST Special Publication 800-121 Guide to Bluetooth Security as well as a contributor to the DoD Security Requirements for Bluetooth-enabled Smart Card Readers and Headsets. He is also currently Co-Chair of the Bluetooth SIG's Security Expert Group.

John holds Master's degrees in Computer Science and Mechanical & Aerospace Engineering. He is currently pursuing a PhD in Information Security at George Mason University. John also holds several professional certifications including CISSP, CWSP, CWNA, and CCNA.

Loyce Pailen

University of Maryland University College Director, Center for Support of Instruction

University of Maryland University College

Dr. Loyce Pailen is the Associate Provost, Office of Instructional Support and Services, University of Maryland University College (UMUC). The OISS is responsible for online Course Development and the Center for Support of Instruction (CSI) who work with faculty to assist with classroom setup, course design, quality assurance, virtual labs and the introduction of new technologies. Previously, she was the Assistant Academic Director for the Information Systems Management (IFSM) discipline responsible for the undergraduate Information Assurance curriculum. She has experience in supporting students, faculty, and staff; developing courses, coordinating course design and implementing instructional technology with specific emphasis on distance education and virtual labs.

Dr. Pailen came to UMUC in 2002 after working at The Washington Post Company for over 20 years in various programming, management and directorial positions in newspaper and corporate information technology where her duties included responsibilities for selecting and implementing enterprise-wide hardware, software, business applications and telecommunications services and disaster recovery analysis and planning. She has studied at UMUC at the undergraduate and graduate levels and earned a Doctor of Management where she was also an Orkand Fellow.

Dr. Pailen holds certifications for Certified Information Systems Security Professional (CISSP); Citrix Certified Administrator; CompTIA Network+; JAVA Development Certified Professional; Microsoft MOUS; and Certified NetWare Administrator.

Scott Paisley

Principal Security Architect

IBM Internet Security Systems

Scott Paisley serves as a Principal Security Architect for IBM Internet Security Systems. With more than 20 years of systems integration, networking and security expertise, Paisley is responsible for architecting business security solutions to defend and protect against IT threats.

Prior to joining IBM Internet Security Systems, Paisley held technical and management positions at the National Institute of Standards and Technology. There he worked on systems integration products, web design, systems administration and Internet technologies.

Paisley is a frequent speaker at leading industry events, such as Forbes CIO Forum, Forbes Risk Management, Interop New York, and InfoSecurity New York.

Paisley holds a bachelor's degree in computer science from the University of Maryland in Baltimore.

Nick Piazzola

Vice President, Government Programs

VeriSign, Inc.

Mr. Piazzola is Vice-President of Government Programs at VeriSign, Inc, where he is responsible for the certification of VeriSign's Public Sector products and services. He successfully led VeriSign efforts for cross-certification with the Federal Bridge, certification as an External Certificate Authority by the Dept. of Defense, and FIPS 201 certification of VeriSign's Shared Service Provider PKI and Card Management System offerings.

Mr. Piazzola joined VeriSign in December 1996 and started VeriSign's Federal government business unit and established VeriSign as a leading provider of managed PKI services for Federal departments and agencies. Prior to joining VeriSign, he was with the National Security Agency for over 28 years. While at the NSA, he held a variety of positions in research and development of information security products and services including Chief of the Network Security Group with responsibility for NSA's data security products, and Chief of the INFOSEC Research and Technology Group. He also led NSA's highly successful STU-III initiative, which delivered the current US Government secure telephone capability.

Mr. Piazzola is a graduate of Villanova University and has a Masters degree in electrical engineering from the University of Maryland. He is also a graduate of the Senior Seminar at the State Department Foreign Service Institute. Mr. Piazzola is a recipient of the National Intelligence Distinguished Service Medal, the Presidential Meritorious Executive Award, the Presidential Federal Design Achievement Award, and the AFCEA Gold Medal for Engineering.

Sydney Pope

Office of the Deputy Under Secretary of Defense (Industrial Policy)

Sydney Pope joined the Office of the Deputy Under Secretary of Defense for Industrial Policy in September 2005 as a technical and business expert in industrial affairs. He is lead analyst for land systems including vehicles and soldier equipment, and is the Industrial Policy advocate for maintaining access to trustworthy, reliable and sustainable electronic systems and information technologies. He is also program manager for the Department's Defense Priorities and Allocation System.
Prior to his current assignment, Mr. Pope was with the Defense Contract Management Agency were he held numerous management and supervisory positions over fourteen-years including as the Headquarters Director of Contract Technical Operations and as the Deputy Commander for the largest contract management field office in the Agency.
Before 1991, Mr. Pope held assorted program management, contracting, and engineering assignments with the Air Force, Navy and Defense Logistics Agency. He entered federal service in 1977.
Among his academic achievements, he has a Bachelor in Engineering degree from the University of Buffalo, a Masters in Management from Salve Regina University, a Diploma in International Security and Strategic Studies from the U.S. Naval War College, and is a Certified Professional Contracts Manager.

Terry Poulias

Technical Account Manager for the DoD

Research In Motion (RIM)

Andy Purdy

Andy Purdy was a member of the White House staff team that helped to draft the U.S.
National Strategy to Secure Cyberspace (2003). Shortly after its release by President
Bush in February 2003, Mr. Purdy went to the Department of Homeland Security to serve
on the tiger team that helped to form the National Cyber Security Division (NCSD) and
the U.S. Computer Emergency Readiness Team (US-CERT). Mr. Purdy worked at DHS
for three and a half years, the last two heading the NCSD and US-CERT, in a capacity
that has been referred to as the "Cyber Czar" of the United States. In 2006, he completed
service as a Special Government Employee on the Defense Science Board Task Force on
the Mission Impact of Foreign Influence on DoD Software.

Mr. Purdy, an attorney and Certified Information Systems Security Professional, is on the
Executive Advisory Board of BigFix, Inc., and is President of DRA Enterprises, Inc.
(www.andypurdy.com), specializing in IT consulting, business development, and
government relations. DRA Enterprises, Inc. is partnered with CyberPack Ventures, Inc.
and Secure Anchor Consulting for cyber risk assessment and mitigation, and Echelon
One for security intelligence research. He is also a partner with the law firm of
Allenbaugh Samini, LLP (www.alsalaw.com), with offices in Newport Beach, California
and Washington, DC.

Before joining the White House staff, Mr. Purdy served as Acting General Counsel, and
long-time Chief Deputy General Counsel at the U.S. Sentencing Commission. Mr. Purdy
served as an Assistant U.S. Attorney in the Eastern District of Pennsylvania, Senior Staff
Counsel of the House Select Committee on Assassinations, Special Counsel to the House
Committee on Standards of Official Conduct (Ethics), and Counsel to the Senate
Impeachment Trial Committee (on the articles against Judge Walter Nixon). He also
served for five years in network television news as an Associate Producer for NBC News
magazines, and Producer for the CBS News broadcast NIGHTWATCH in Washington,
D.C.

Mr. Purdy is co-Director of the International Cyber Center being formed at George
Mason University to promote strategic collaboration and information sharing to address
major cyber issues such as CERT capacity building in the developing world, coordination
of global cyber R&D efforts, and facilitating a global approach to cyber crime and other
malicious activity (http://cs.gmu.edu/~lics).

Mr. Purdy speaks widely at conferences across the United States and internationally on
cyber/information security and assurance, and corporate compliance.

Jim Richberg

Chief of Staff

Joint Interagency Cyber Task Force

Mr. Richberg serves as Chief of Staff on the Joint Interagency Cyber Task Force charged by the Director of National Intelligence (DNI) with monitoring and overseeing implementation of the Comprehensive National Cybersecurity Initiative (CNCI) at the direction of the President. The CNCI is designed to improve the ability of the United States to secure and defend its vital cyber infrastructure and the data it contains. Mr. Richberg was one of the architects of the Initiative, and led the working group tasked with documenting the economic, technological, diplomatic, and military impact on the U.S. of the failure to address cyber security in a holistic and integrated fashion. Prior to his work on the Cyber Initiative, Mr. Richberg held a variety of senior leadership positions in the Office of the National Counterintelligence Executive and also spent 20 years as a CIA officer performing and managing a wide spectrum of intelligence activities.

Janet Rusterucci

ISACA

Janet Rusterucci is currently President, of the National Capital Area Chapter (NCAC)-ISACAr for Fiscal Years 2008-2010. The ISACA is a Global organization, in which the NCAC ranks second in North America. She is a Certified Information Security Manager (CISM) and has received Masters Degree in Information Systems. She has been an active member of the NCAC for over five years and has also served on the Board of Directors as Vice President, Treasurer, and Director of CISA/CISM Review. Janet's government auditing experience of more 21 years has provided her with an enlightened perspective in the field of Information Technology Governance, Information Assurance, and Information Technology Controls. She is employed with the United States Postal Service, Office of Inspector General in the position of Information Technology Security Analyst.

Dennis Seymour

Senior Program Manager

STG

Dennis Seymour serves as Senior Program Manager for STG Inc. Dennis manages the VA Security Controls Assessment project for the Department of Veterans Affairs, Office of Cyber Security. As the PM Dennis is responsible for a team of over 60 security professionals who conduct security assessments of over 600 VA systems. Prior to October 2007 Dennis was a VA employee serving as the Technical Security Advisor for the Veterans Health Administration and supported the HHS Office of the National Coordinator, as a consultant for Committee for Privacy and Security under the AHIC. From 2002 to 2004 Dennis was responsible for assessing the security of biomedical/medical devices in use throughout VA, developing policies for interconnection of these devices to the VA network, and providing guidance on acquisitions, implementation, and overall security of medical devices throughout their life cycle. Prior to his current position, Dennis worked in the VA's information security program for 12 years.

Mr. Seymour passed the Certified Information Systems Security Professional (CISSP) certification in April 2002, and is also has obtained the Project Management Professional certification (PMP).

Mr. Seymour was recognized as the VHA Information Security Officer of the Year for 1999, and the California Jaycees Young Public Safety Officer of the Year for 1990. In his "prior life," before information security, Mr. Seymour worked as a Detective and Police Officer specializing in juvenile crimes, child abuse, sexual abuse, and spousal abuse cases, and as a Military Policeman in the United States Army, serving in Germany, Korea, Panama, and in the United States.

Dr. Amit Sinha

Vice President and Chief Technology Officer

AirDefense, Inc.

Dr. Amit Sinha, Vice President and Chief Technology Officer specializes in wireless communications and network security. Prior to joining AirDefense, he served as Vice President and Chief Technologist at Engim, a company he co-founded. At Engim he designed 802.11 modems and was responsible for the core technology portfolio of the company. Prior to Engim, he held various research positions at MIT, Hewlett Packard Laboratories, Intel Corporation and Texas Instruments. Dr. Sinha is an accomplished researcher with more than 25 refereed papers published in technical journals and conferences. In addition, he is a contributing author to three published books. He is also the author of 15 patents dealing with different inventions in 802.11 infrastructure and wireless security.
Dr. Sinha received his S.M. and Ph.D. degrees in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology, Cambridge, and his B.Tech. degree in Electrical Engineering from the Indian Institute of Technology, New Delhi, India where he was awarded the President of India Gold Medal for graduating summa cum laude.

Brian Snow

Independent Security Advisor

Mathematician/computer scientist, Brian taught mathematics and helped found the computer science department at Ohio University in the late 1960's. He joined the National Security Agency in 1971 where he became a cryptologic designer and security systems engineer.

Brian spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available and span a range from nuclear command and control to tactical radios for the battlefield. Computer Security and Network Security were major aspects for these systems. He created and managed NSA's Secure Systems Design division in the 1980s. He has many patents, awards, and honors attesting to his creativity.

His later years at NSA were the model for what it means to be a senior Technical Director at NSA (similar to a Chief Scientist or Senior Technical Fellow in industry); he served in that capacity in three major mission components -

The Research Directorate (1994-1995),
The Information Assurance Directorate (1996-2002), and
The Directorate for Education and Training --NSA's Corporate University (2003-2006)

He was the first Technical Director appointed at the "Key Component" level at NSA, and the only "techie" at NSA to serve in such a role across three different Directorates.

In all of his positions, he insisted that the actions NSA took to provide intelligence for our national and military leaders should not put U.S. persons or their rights at risk. He was a leading voice for always assessing the unintended consequences of both success and failure prior to taking action.

Brian retired in 2006 and is now an Independent Security Consultant and Ethics Advisor.

Judith Spencer

Chair, Federal Identity Credentialing Committee (FICC)

GSA

Ms. Spencer is the Chair, Federal Identity Credentialing Committee (FICC). In this capacity, she is responsible for building consensus and promoting cross cutting solutions for unified logical/physical credentialing of Federal employees.

The Homeland Security Presidential Directive 12, Policy for a Common Identification Standard for Federal Employees and Contractors, has further accentuated the importance of the FICC activities, whose role is to ensure collaborative implementation of the Standard as defined by this Directive.

In addition, Ms. Spencer works closely with the Federal PKI Policy Authority, in which capacity she promotes interagency cooperation and interoperability in the deployment of PKI. A key accomplishment of the Federal PKI is the Common Policy Framework which sets the requirements for the use of PKI in attaining HSPD-12 compliance. In addition, the Federal Bridge Certification Authority (FBCA) continues to promote interoperability between discrete trust domains. Ms. Spencer is continuing to inform about and build interest in the FBCA both within the Federal government and with outside entities, domestic and international.

Ms. Spencer has been involved in Federal IT Security programs for over 30 years.

David Stender

Associate Chief Information Officer (ACIO), Cybersecurity

IRS

David W. Stender recently joined the IRS as Associate Chief Information Officer (ACIO), Cybersecurity. As ACIO, David will provide executive leadership in designing, developing, and delivering a comprehensive Cybersecurity program and in managing the IRS's information technology security program in accordance with Federal Information Security Management Act requirements.
David joins the IRS from Perot Systems Government Services, in Fairfax, Va. As Director of Information Assurance, he lead an organization tasked with providing information assurance support on multiple contracts for the Department of Defense, federal civilian agencies, and the Intelligence Community.
David has more than 23 years of government, military, and business experience developing and implementing policy to support technical IA operations, in telecommunications management and leadership, strategic and crisis planning, Signals Intelligence, and information technology. A Certified Information Systems Security Professional (CISSP), he has extensive experience leading cutting-edge vulnerability assessments and penetration tests against U.S. Government national security-related networks and in managing IA testing laboratories and complex networks at multiple classification levels. David is also a recognized expert on his government's implementation of Public Key Infrastructure and "Red Team" operations.
David holds a Bachelor of Science Degree from the U.S. Naval Academy and a Master of Science Degree in Telecommunications from the University of Maryland University College.

Gary Stoneburner

Information System Security Engineer

JHU APL

Gary Stoneburner was the primary NIST represtative on the joint-agency working group for the Assessment Case Project. He is an electronic engineer with Master of Science in Electrical Engineering from the University of Texas (1974) and a Bachelor of Engineering Science from Johns Hopkins University (1972). He is a member of the senior professional staff at the Johns Hopkins University/Applied Physics Laboratory (JHU/APL) where he provides information system security engineering for Federal agencies. He was previous with the National Institute of Standards and Technology (NIST) where he served as the technical advisor to the NIST FISMA Implementation project. Prior to coming to NIST he served as the security architect for The Boeing Company. Gary retired from the US Army Reserve in 2004 where his last assignment was with the Army Network Operations and Security Center (ANOCS). Previous reserve assignments include the Army's Information Operations Red Team; the Army Computer Emergency Response Team (ACERT); and Deputy Chief, Information Assurance Division, J6, USSOUTHCOM. He is the author or co-author for several NIST publications including: NISTIR 6462 CSPP - Guidance for COTS Security Protection Profiles, NISTIR 6985 COTS Security Protection Profile - Operating Systems (CSPP-OS), SP 800-27 Engineering Principles for IT Security (EP-ITS), SP 800-30 Risk Management Guideline, SP 800-33 Underlying Technical Models for IT Security, SP 800-37 Certification and Accreditation of Federal IS, SP 800-53 Rev 2 Recommended Security Controls for Federal Systems, SP 800-53A Guide for Assessing the Security Controls in Federal Information Systems, SP 800-30 Rev 1 Assessing Risk from Information Systems (currently in work), and SP 800-39 Managing Risk from Information Systems - An Organizational Perspective.

Marianne Swanson

Senior Advisor for Information Technology Security Management

NIST

Marianne Swanson is a senior advisor for information technology security management in the Computer Security Division at the National Institute of Standards and Technology (NIST). She is the Chair of the Federal Computer Security Program Managers' Forum. She co-authored the NIST Special Publications, Recommended Security Controls for Federal Information Systems and Guide for the Security Certification and Accreditation of Federal Information Systems and is the author of NIST Special Publication, Security Self-Assessment Guide for Information Technology Systems. Ms. Swanson also co-authored the CIO Council's Federal Information Technology Security Assessment Framework, the NIST Special Publications: Security Metrics Guide for Information Technology Systems, Contingency Planning Guide for Information Technology Systems, Generally Accepted Principles and Practices for Securing Information Technology Systems, and Guide for Developing Security Plans for Information Technology Systems.

In June of 2001, Ms. Swanson received the Federal 100 Award for her work in developing the CIO Council Assessment Framework. In March of 2000 and 2001 she received the FedCIO Technology Leadership Award. In 1996, Ms. Swanson received the Industry Advisory Council Leadership and Achievement Award for developing the Federal Computer Incident Response Capability (FedCIRC) and promoting support mechanisms for government wide security initiatives. Also in 1996, she received the Department of Commerce Bronze Medal Award for successful establishment and management of the Forum of Incident Response and Security Teams (FIRST). Ms. Swanson has over twenty-five years of computer security experience. Prior to joining NIST, she worked as a Systems Security Specialist with the Nuclear Regulatory Commission and as a Program Analyst with the Internal Revenue Service.

Barbra Symonds

Associate Partner, Security, Privacy, Wireless & IT Governance

IBM Global Business Services

David Temoshok

Director, Identity Policy and Management

GSA Office of Governmentwide Policy

David Temoshok is the Director for Identity Policy and Management for the Office of Governmentwide Policy of the U.S. General Services Administration. In this capacity, David is responsible for the development and deployment of identity management policies and infrastructure for the Federal Government, including the government-wide implementation of Homeland Security Presidential Directive 12 (HSPD-12) and the Federal E-Authentication presidential initiatives. These initiatives provide government-wide infrastructure for the authentication of citizens, businesses, and internal government personnel. This infrastructure Includes the administration of the Federal PKI Management Authority and the Federal Bridge Certificate Authority to provide secure, cross-certification PKI services across government. David also serves as the Federal PKI Policy Management Authority for the Federal ACES Program that provides common PKI services for the Federal Government with the public.

Prior to this appointment, David served as the Inter-Agency Director for the Access America Program. This program provided public access to a wide range of government services electronically on a nationwide basis. In December 1993 David was appointed to serve as the Director for Systems Design and Development for the Federal Electronic Benefits Transfer (EBT) Task Force. The Federal EBT Task Force directed the national implementation of systems to deliver both federal and state government benefits electronically on a nationwide basis. EBT systems are currently in operation in all states. In addition, David has served as the USDA Director of Grants Management and numerous other managerial and financial management positions in public administration.

Dennis Toothman

Co-Founder, Chief Technical Officer and Senior Vice President of Engineering

CipherOptics

Dennis Toothman co-founded CipherOptics after a 30-year career that spanned software and hardware engineering experience with multi-billion dollar corporations and small technology start-ups. His accomplishments include the invention of the first commercially available ATM encryptor and the first gigabit Ethernet encryptor.

Toothman is a frequent contributor to industry publications, including Communications News and has been an IEEE member for over 33 years. Graduating Magna Cum Laude from West Virginia University, Toothman holds a Bachelor of Science Degree in Electrical Engineering. He has also done graduate work specializing in operating systems and communication systems at West Virginia University and University of South Carolina.

Pat Toth

National Institute of Standards and Technology

Pat is a Computer Scientist in the Computer Security Division at NIST. Pat has worked numerous documents and projects during her 17 years at NIST including the Common Criteria Evaluation Program and serving as Program chair for the National Computer Security Conference. Most recently she has worked with the FISMA team to produce the family of FISMA documents and the FISMA Phase II Credentialing Program.

Larry Wagoner

NSA

Dr. Larry Wagoner has served in a variety of technical and/or analytic organizations within the National Security Agency (NSA) for over 25 years. Before coming to the Information Assurance Directorate (IAD), he worked primarily in the Signals Intelligence Directorate and the Research Directorate. He has a Ph.D. in computer science from the University of Maryland.

Linda Wilbanks

CIO for the National Nuclear Security Administration

NNSA DOE

Dr. Linda Wilbanks is the Chief Information Officer for the National Nuclear Security Administration (NNSA) at the U.S. Department of Energy located in Washington, DC. She was appointed to this position by Secretary of Energy Samuel W. Bodman on October 31, 2004. In this position, Dr. Wilbanks supports NNSA's mission through the strategic management of cyber security and information technology (IT) programs which amount to well over $1 billion. Dr. Wilbanks has responsibility for working with the eight NNSA site offices on the development of cyber security and IT budgets and policies, then the oversight of budget and policy implementation. She coordinates with Department of Energy on cyber security and IT to ensure compliance with departmental policies. Dr. Wilbanks represents NNSA externally including at all Congressional inquiries.
Prior to coming to the U.S. Department of Energy, Dr. Wilbanks was the Acting Chief Information Officer for NASA, Goddard Space Flight Center where she was responsible for a broad range on Information Science and Technology activities to include: security, planning, architecture, program integration, and standards development. Previous to the CIO position, Dr. Wilbanks was responsible for software quality engineering, application, and research for Goddard. She also held the position of the Division Chief, Software Assurance Technology Office (SATO), Technical Director, Software Assurance Technology Center (SATC), and of the Engineering Section Head, SATC. She has also served on several technical professional committees such as IEEE. Dr. Wilbanks research can be found under "Linda H. Rosenberg."
Dr. Wilbanks has a Ph.D. in Computer Science from the University of Maryland, a M.E.S. in Computer Science from Loyola College and a B.A. in Mathematics/Education from Towson University.

Vern Williams

Senior Security Architect

ISSA/SAIC

Vern Williams is a Senior Security Architect for SAIC, Inc. and the Director of Operations for ISSA International. He was added to the ISSA Honor Roll in 2007 and in 2005 was selected as the ISSA 2005 Security Professional of the Year. He has also served as a Security Engineer and Enterprise Consultant with SAIC and is enrolled in a Ph.D. program in Information Assurance at the University of Fairfax. After 20 years as an officer with the U.S. Nuclear Submarine Force, including significant experience with InfoSec and obtaining a Masters in Information Systems, Williams moved to Austin, Texas and worked in the commercial IT services arena and learned the basics of the industry. Nine years ago, he became involved with computer security while on contract to the Texas Department of Public Safety and has been focused on securing information in increasingly complex environments ever since. Williams' current research interest is to identify the essential security metrics that a company or organization's should gather in order to improve their security posture.

Mark Wilson

NIST

Since coming to NIST in 1992, Mark has worked on computer security program management issues, including program management reviews, vulnerability analyses and other risk management issues, and security awareness and training.

Mark served as Editor for NIST Special Publication (SP) 800-16 - Information Technology Security Training Requirements: A Role- and Performance-Based Model - published in April 1998. He is a co-author of another NIST Special Publication (SP 800-50) - Building an Information Technology Security Awareness and Training Program - published in October 2003. He also co-authored NIST Special Publication 800-100 - Information Security Handbook: A Guide for Managers - published in October 2006. He is currently leading a team that is updating SP 800-16.

Mark also serves as the NIST Liaison to the Federal Information Systems Security Educators' Association (FISSEA), has served on the FISSEA Executive Board for five years, including two years as the Assistant Chair of the Board, and is currently the Chair of the Executive Board.
Mark came to NIST from Norfolk, Virginia where he worked for ten years in the computer security field for two U.S. Navy organizations. He earned a B.A. in political science from Old Dominion University in Norfolk in 1983. Mark is a native of New Jersey and is a U.S. Navy and Vietnam Veteran.