FISC 2008

Speakers

Major General William T. Lord

Commander, Air Force Cyberspace Command (Provisional)

Barksdale Air Force Base

Maj. Gen. Bill Lord is Commander, Air Force Cyberspace Command (Provisional), Barksdale Air Force Base, La. He is responsible for establishing cyberspace as a domain in and through which the Air Force flies and fights, to deliver sovereign options for defense of the United States. In his current duty, he is creating the Air Force major air command for organization, training, and equipping of combat forces to operate in cyberspace.

General Lord is a 1977 graduate of the U.S. Air Force Academy. He holds a bachelor's degree in biological and life sciences, and master's degrees in business administration and national resource strategy. General Lord held various duties with tours in Europe, U.S. Central Command and the White House. General Lord has commanded at the detachment, squadron, group, wing, joint levels.

Before assuming his current position, General Lord was Director, Cyberspace Transformation and Strategy, Secretary of the Air Force Office of Warfighting Integration and Chief Information Officer, the Pentagon, Washington, D.C.

MAJOR AWARDS AND DECORATIONS:
Distinguished Service Medal
Defense Superior Service Medal
Legion of Merit with three oak leaf clusters
Defense Meritorious Service Medal with oak leaf cluster
Meritorious Service Medal with two oak leaf clusters
Air Force Recognition Ribbon with two oak leaf clusters
Humanitarian Service Medal

OTHER ACHIEVEMENTS:
1983 U.S. Air Force Communications-Electronics Professional Achievement Award
1984 and 1986 Distinguished Young Armed Forces Communications-Electronics Association Officer
1985 General Edwin W. Rawlings Award, Air Force Association
1987 Citation of Honor, Air Force Association
1991 Presidential Communications Officer of the Year, the White House
2000 Leadership Award, AFCEA
2001 Department of Defense Innovator of the Year Award, Microsoft
2002 Top 100 Information Technology Professionals, Federal Computer Weekly
2006 General and Mrs. Jerome F. O'Malley Award

EFFECTIVE DATES OF PROMOTION:
Second Lieutenant June 1, 1977
First Lieutenant June 1, 1979
Captain June 1, 1981
Major March 1, 1987
Lieutenant Colonel July 1, 1991
Colonel Sept. 1, 1996
Brigadier General Oct. 1, 2002
Major General Feb. 1, 2006

Steve Antone

Vice President of Lumension Security, US Federal Government Division

Lumension

Steve Antone serves as the Vice President of Lumension Security, US Federal Government Division. In this role, Mr. Antone is responsible for driving sales strategy and execution for a broad range of security solutions. He brings extensive experience in driving product development and sales related to various US Federal Government standards including FISMA, FDCC and SCAP. A seasoned veteran with more than 16 years of industry experience, Mr. Antone has held several management positions, including Information Assurance Business Unit Manager at Harris Corporation. Mr. Antone holds a bachelor's of Science in Business Administration and Economics from Oregon State University and holds an Executive Management Certificate from the California Institute of Technology.

George Bieber

Deputy, IA Human Resources and Training

Defense-wide IA Program

Mr. Bieber is Deputy Director, Human Resources and Training, Defense-wide Information Assurance (IA) Program. He oversees implementation of the DoD's IA Workforce Improvement Program, including education, training and certification, and awareness activities.

Previously, he was the Chief, Information Assurance (IA) Education, Training, Awareness (ETA) Products, Defense Information Systems Agency, where he managed the development, production and delivery of IA training and awareness products. This included both classroom courseware, and distributive training content

Mr. Bieber served on the President's Critical Infrastructure Protection Board Education Standing Committee, and is a past member of the Federal Information System Security Educators Association (FISSEA) Executive Board. Awards include FISSEA 2000 Educator of the Year, and the Federal Computer Week's 2003 Federal 100.

Brian Chess

Chief Scientist & Founder

Fortify Software

Lou DeSorbo

Computer Network Defense Solution Architect for DoD and Intel customers

LLou DeSorbo, 8 years active duty Air Force service and former Strategic Advisor to Director of Operations, Department of Defense Joint Task Force-Global Network Operations (JTF-GNO). In this role, he helped author the DoD's Information Assurance (IA) and Computer Network Defense (CND) vision for 2010 and beyond to increasing the defensive posture of the DoD's Global Information Grid, an enterprise of more than 7 million systems world-wide.

John R. Feldmann

U.S. Department of State

John Feldmann has worked for the Department of State for 21 years and has held a variety of positions most notably as the Administrative Office of the Diplomatic Telecommunications Service Program Office and as Chief of the Systems Integrity Division responsible for providing communications and computer security to the Department. He holds a Masters of Science Degree from the University of Southern California and a Bachelor's Degree from the University of Maryland. Additionally John holds several Information Technology Certifications to include the Certified Information Systems Security Professional (CISSP).

Terry Grogan

QinetiQ North America, Mission Solutions Group

Mr. Grogan has spent many years dealing with the security of information. First on the Intelligence side of the US Air Force, and later as a civilian contractor to various DoD organizations.
More recently Mr. Grogan worked in the Security Division at Federal Bureau of Investigation Headquarters in Washington, DC. During his time there, Mr. Grogan worked as part of the Certification team, leading certification efforts for FBI-wide systems, and later as a member of the Accreditation team. Mr. Grogan was responsible for reviewing IT system certification packages and test results and provided expert opinion to the Designated Accreditation Authority.
Mr. Grogan also represented the Security Division on various configuration control boards, which reviewed both new system proposals and modifications to existing systems. After leaving the FBI environment Mr. Grogan continued working in a similar role on another Intelligence Community program, providing security review for proposed system changes.
Mr. Grogan currently serves as the Director of Education for the Boise ISSA Chapter. In his current role in QinetiQ North America he provides subject matter expertise and leadership guidance related to a multitude of security-related efforts within the framework of the QinetiQ North America enterprise.

Jeremiah Grossman

Founder and CTO

WhiteHat Security

Jeremiah Grossman, founder and CTO of WhiteHat Security, is a Web security expert. He is co-founder of the Web Application Security Consortium (WASC), part of InfoWorld's 2007 Top 25 CTOs, and has been featured in USA Today, PC World, Dark Reading, CNET, SC Magazine, CSO, InformationWeek, The Washington Post and NBC News. Mr. Grossman is a frequent speaker at industry events including RSA, CSI NetSec, Black Hat and Defcon. He was named a "friend of Google" and is an influential blogger (www.jeremiahgrossman.blogspot.com), receiving more than 20,000 unique visits per month. Prior to WhiteHat, he was an information security officer at Yahoo!

Guy Hadsall

FAA

Guy Hadsall (MSc CISSP) joined the FAA's ATO line of business as a Senior Computer Specialist in 2007. His challenge was to build and extend the agency's Security Information Group (SIG). The SIG is an operational center located with national air traffic management personnel focused on identifying impact on any air traffic Service by cyber or non-cyber event within the FAA's critical operations system (the National Airspace System).

Since 1991 Guy's been in tactical information technology positions within academia, government, and industry. He's been in enterprise as well as service provider voice and data networks. He's spent the last seven years in strategic roles educating, architecting, and managing information security programs. Since 1997 he has supported commercial and civilian agency service creation activities focused replicating decades of information security service delivery success within US military and intelligence communities. Along with Peter Thermos (Palindrome Technologies) he co-founded the first international VoIP Security forum VoIPSecurity.org in 2003.

Prior to joining the FAA Guy worked as a contractor to the Federal Aviation Administration with Smartronix, Inc. And prior to that he was a security researcher at Telcordia Technologies (formerly known as Bellcore) supporting the government agencies, the Federal Reserve, Citibank, Level 3 Communications, Global Crossing, S.W.I.F.T., as well as other clients domestic and international. Prior to joining Bellcore he was a telecommunications specialist with the US governments Federal Emergency Management Agency (FEMA). While at FEMA Guy was responsible for engineering and implementation of the agencies first dedicated IP based Wide Area Network interconnecting over 150,000 devices passing an estimated $10B in disaster assistance a year.

Guy teaches Information Security at Kogod School of Business and is an active educator and researcher in VoIP security often briefing senior policy makers and managers on this critical emerging technology. He enjoys regularly speaking to government and industry audiences on topics on emerging technologies impacts upon field operations.

Guy's passion lies with his Family. His bride and three children bring him great joy and pride! He enjoys coaching as well as volunteering at his children's elementary school and is an active member of his Church. With the love and support of his Family he appreciates knowing at the end of a days work that all roads lead Home.

Chad Hayes

Security Product Manager

Verizon Business-Applications Solutions Group

Chad Hayes is a Security Product Manager at Verizon Business - Applications Solutions Group. Mr. Hayes has worked with the DoD and Federal agencies where he consulted on various government projects on information assurance solutions. He was also part of a team engineers that architected the network infrastructure to support the Unmanned Areal Vehicles during Operation Enduring Freedom. Mr. Hayes spent eight years in the US Army as an Intelligence Operations Manager supporting the war fighter in numerous US led operations world wide.

Derek Isaacs

Computer Security/Information Assurance professional

Boecore (MDA)

Derek Isaacs is a Computer Security / Information Assurance professional at Schriever AFB with extensive background in architecture, integration, and Security management of DoD and Commercial systems. Derek has received BS & MS degrees from the University of California, Riverside; as well as an MS degree from Colorado Technical University in 2006. He received his CISSP certification in August 2006, and holds the CompTIA Security+ and EC-Council's CEH and CNDA certifications as well.

Derek is a Sr. IA Engineer for Boecore Inc. He is involved in Certification and Accreditation support as well as security assessments (including vulnerability, wireless, and penetration testing) across a variety of systems, networks, and programs.

Derek serves as an Adjunct Associate Professor of Computer Science-Security at Colorado Technical University and CTU-Online. Derek is a member of the Colorado Springs ISSA chapter, and the Federal Information Systems Security Educators Association (FISSEA).

Derek has presented previously at FISC 2007, and has also presented at regional, national and international venues (FRISC06, ICIW07, FISSEA 2006 & 2008). He has authored an article for the ISSA Journal on IAVA Management, which was published in August 2006. His research interests are in wireless security, privacy and ethical issues in Information Assurance.

Captain Jeffrey Jaime, USAF (Ret)

on behalf of Bivio Networks

Captain Jeffrey Jaime, USAF (Ret.) served as an information systems security architect for the Department of Defense Joint Task Force - Global Network Operations, directing overall operations of the Joint Computer Network Defense situational awareness capabilities within the DoD Centaur Program. Captain Jaime is also a former member of the DoD Computer Emergency Response Team (CERT) assigned to the Defense Information Systems Agency (DISA).

Captain Jaime earned a bachelor's of science in Computer Information Systems from Park University and a master's of science in Information Systems Technology from George Washington University. He is a certified Computer Information Systems Security Professional (CISSP) Information Security Specialist.

Keith Johnson

VP Public Sector

Liquid Machines

Keith brings more than 25 years of federal business development and sales experience to Liquid Machines. Most recently, Mr. Johnson held a similar position at Akamai Technologies, Inc. of Cambridge, Massachusetts.
Mr. Johnson joined Akamai in February 2002, and successfully managed the growth of Akamai's presence in the public sector, including customer relationships with civilian, DoD, and state and local and higher education agencies, as well as custom solutions. He also led the formation of the company's public sector advisory board, comprised of leaders in the federal, state & local, defense, and industry sectors.
In 2002, he managed Akamai's procurement of a GSA schedule award to further expand Akamai's federal sales channel. In 2004, Mr. Johnson became a recipient of the 2004 Federal 100, an annual award sponsored by the government IT publication, Federal Computer Week. Mr. Johnson was recognized for his role in bringing the technology to bear that allowed the National Weather Service (NWS) to extend its Internet infrastructure to meet the historic online demands for information brought about by Hurricane Isabel.
Prior to Akamai, Mr. Johnson held Federal sales management positions with such market-leading technology companies as Oracle and SAP.

Robert Jueneman

Chief Scientist

SPYRUS Inc.

Mr. Jueneman is the Chief Scientist at SPYRUS, Inc., a company based in San Jose, California, that specializes in developing cryptographic smart cards, USB tokens, HSMs, PKI systems, and cryptographic middleware for the government and high-security commercial market. As the security architect for the SPYRUS Cryptographic Modernization initiative, he has been intimately involved in the architecture and design of its advanced cryptographic developments, which culminated in SPYRUS being the first company to implement Suite B algorithms in its hardware and software cryptographic products. SPYRUS offers the only hardware-based DAR products included in the DAR Blanket Purchase Agreement.
Formerly with IBM, Satellite Business Systems, Computer Sciences Corp, GTE Laboratories, and Novell, Mr. Jueneman has over 30 years of experience in symmetric and public key cryptography in both hardware and software. He was instrumental in pioneering digital signature legislation in a number of states and foreign countries, and advancing the technical standards for encryption and PKI. He has been involved with communications security efforts ranging from telephony to cellular to high-speed satellite and fiber optics, and has consulted with the Department of Defense, the FBI, the Department of Commerce, the Department of State, the Royal Canadian Mounted Police, and several foreign governments.

Mark Kraynak

Senior Director of Strategic Marketing

Imperva

Mark Kraynak is the Senior Director of Strategic Marketing at Imperva. Before joining Imperva, Mr. Kraynak held marketing and consulting positions at Check Point, CacheFlow (now BlueCoat Systems) and Ernst & Young's Center for Technology Enablement. Mr. Kraynak is a regular speaker on application and database security and participates in industry efforts to define the role of application firewalls in security architectures.

David Lott, CCIE, CISSP

Consultant and Architect

IBM

Mr. David Lott started his IT career in 1990 and has been with IBM since 2002 and is currently a consultant and architect for IBM's Global Business Continuity and Resilency Services (BCRS) team.

Mr. Lott has 19+ years of experience in IT and has a wide range of skills. Mr. Lott's experience includes designing and building new data centers, upgrading existing enterprises to improve availability, continuity and security, management of a large team of consultants and managing complex global projects.

Mr. Lott has been granted patents in both networking and security. He has extensive cross industry experience with high availability networks, convergence technologies, and security practices. He has conducted technical design reviews and security audits of Fortune 500 companies.

Thomas J. McMahon

Information Resources Manager

Foreign Service Institute (FSI), U.S. Department of State

Thomas McMahon has been the Information Resources Manager for the Foreign Service Institute (FSI), the training bureau of the Department of State, since 2000 and in prior years managed end user IT training. He was instrumental in getting FSI designated one of five OPM-approved e-Training Service Providers and winning Shared Services Center designation under the ISS LOB. He holds an MBA from Syracuse, a Ph.D. from Notre Dame, and is a certified Project Management Professional.

Lynn McNulty, CISSP

Director of Government Affairs

(ISC)2

Lynn McNulty, CISSP, Director of Government Affairs, (ISC)2 Lynn McNulty brings a wealth of information security management experience in government and private practice. During his 30-year career in the federal government, Lynn was Associate Director for Computer Security at the National Institute of Standards and Technology, the first Director of Information Systems Security at the State Department, and Security Program Manager at the Federal Aviation Administration. Lynn has been a consultant since 1995, providing government affairs, business development and information security policy consulting services to private and public sector clients and has served on the (ISC)2 Board of Directors for several years. He is a current member of the Information Security and Privacy Advisory Board established by the Federal Information Security Management Act, manages government affairs for (ISC)2 and is Co-Chair of the (ISC)2 Government Advisory Board for Cyber Security. Most recently, Lynn was awarded the 2007 Colloquium Industry Award by the Colloquium for Information Systems Security Education (CISSE) for his outstanding leadership in industry relations with information assurance education and later was named one of only three individuals to receive the exclusive Fellow of (ISC)2 designation, a distinguished honor granted by the (ISC)2 Board of Directors to those influential information security professionals who have made outstanding contributions throughout their careers to the information security profession.

Lynn is actively pursued by both national and local media outlets for comment as an expert source on U.S. federal government information security policy and related issues. He has been a guest on PBS's Jim Lehrer News Hour and has been featured in numerous federal IT publications such as Government Executive Magazine, Federal Computer Week, Government Computer News, Federal Times and SIGNAL Magazine.

Peter Mell

Senior Computer Scientist

NIST

Peter Mell is a senior computer scientist in the Computer Security Division at the National Institute of Standards and Technology (NIST). He is the program manager for the National Vulnerability Database, http://nvd.nist.gov, as well as the Security Content Automation Protocol (SCAP) validation program. These programs are widely adopted within the U.S. government and used for standardizing and automating vulnerability and configuration management, measurement, and policy compliance checking. He has written the NIST Special Publications on Patching, Malware, Intrusion Detection, and the Common Vulnerabilities and Exposures standard. His research experience includes the areas of intrusion detection systems (IDSs) and vulnerability databases. Peter received an MS in computer science from the University of California at Davis in 1998 and is a CISSP.

Lynne Prince

Division Chief of Card Technology & Identity Solutions

Defense Manpower Data Center

Ms. Lynne Prince is the Division Chief of Card Technology & Identity Solutions, a division of the Defense Manpower Data Center (DMDC). This division is responsible for developing the software to issue all U.S. Department of Defense identity cards. Currently, Ms. Prince has operational responsibility for DoD CAC issuance and post issuance software, DBIDS software, as well as DMDC web services and web based applications which use a CAC for logon.

Ms. Prince has over 25 years experience working with automated information systems in both the public and private sector. Her previous experience includes development of data mining applications to detect fraudulent payments in DoD financial systems. Working with DoD auditors of the Defense Accounting and Finance Service (DFAS), her team assisted DFAS in identifying over 50 million dollars in erroneous payments.

Prior to joining, DMDC, Ms. Prince worked in the private sector where she developed and deployed applications for the Department of Justice and the Internal Revenue Service.

Steven Rodrigo

DNI

Rolando Rosas

V.P. for Business Development

Snap Defense Systems

Rolando Rosas serves as V.P. at Snap Defense Systems for Business Development.
He is in charge of strategic relationships with enterprise customers. Mr. Rosas has worked in various countries with consulting with government agencies, military departments and commercial institutions developing information assurance solutions for voice and data communications. He has also worked with high-tech companies integrating SIGNIT solutions for intelligence and surveillance missions around the world.