Dave has worked in IT for 15 years, in security for 10 of those, he has been security strategy director at Symantec and held similar roles at Thales eSecurity and McAfee prior to this. Dave currently works for zscaler a web security company as commercial director for the UK and Ireland. Dave is the co-author for PAS555 the UK’s national standard for Cyber Security.

TOP OF PAGE

Bio to follow...

TOP OF PAGE

Paul Blowers is proud to say he was born in Yorkshire, England in 1955. He started his working life as a chef and after 7 years joined the Royal Air Force as a Radio Telegraphist based in rural Lincolnshire but enjoying several stints in front of the Iron Curtain working in West Berlin.

His next career move was to the United Kingdom’s Government Communication Headquarters (GCHQ) where he was one of the final 12 students to fully graduate as a Radio Officer from Bletchley Park, the historic site of secret British code breaking activities during WWII and the birthplace of the modern computer. His career took him to several ‘Composite Signals Organisation’ outstations both at home in the UK and overseas.

During his 33 years in the intelligence, law enforcement and border control security environments he has provided authoritive analysis, advice and support to help promote and protect national and international security interests in Europe, the USA and New Zealand where he has lived since 2004.

In New Zealand he worked with the New Zealand Police as their lead Security Architect focusing on executive security governance, enterprise architecture strategy design and research into secure communication interoperability initiatives.

TOP OF PAGE

Chris Blunt is a Consulting Partner at Axenic Ltd, an information security consultancy he co-founded in 2009. He has worked in ICT for 20 years, specialising in information security for the past 8.

Chris has a Masters in Information Management (MIM) and holds several information security certifications including SCP, CISSP, CRISC, CISM and CISA.

TOP OF PAGE

Glen Bruce is focused on Security Strategies, Architectures and Policies supporting business and governments in their approach to managing information security risk. He has over 38 years of in-depth experience in IT consulting, systems management and technical positions. He has lead many information security engagements, where he has helped clients establish effective strategies, governance, architectures, policies and infrastructure implementations in support of both business and technical requirements. He is also the co-author of the book, "Security in Distributed Computing: Did You Lock the Door" published by Prentice-Hall. His experience and knowledge has taken him around the world to assist organizations with information security issues.

Glen is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM), certified in Risk and Information Systems Control (CRISC), a trained ISO 27001 Lead Auditor, a certified ITIL practitioner and is a SABSA Certified Practitioner in Risk Management and Governance (SCPR) and Architecture Design & Development (SCPA).

TOP OF PAGE

Pascal de Koning MSc CISSP SCF is a Senior Business Consultant with KPN Trusted Services, where he leads the security consulting practice. He is an active participant of The Open Group TOGAF-SABSA integration work and also participating in the European Network for Cyber Security (ENCS). He has worked on information security projects for the Dutch central government, European Union and KPN, to name just a few. Pascal is a frequent speaker at conferences on the topics of Cyber Security and Enterprise Security Architecture. When not working, Pascal loves to go running.

TOP OF PAGE

Lawrence Dietz,has over 30 years of military and commercial intelligence and security experience. At TAL Global he has managed a variety including technically complex investigations involving intellectual property, sensitive data compromise, potential international illegal shipments, and celebrity reputation issues. As the company’s chief legal officer he is responsible for a variety of legal transactions. Prior to joining TAL Global Dietz served in senior roles at Symantec Corporation to include Director of Market Intelligence and Global Public Sector Evangelist. He retired as a Colonel in the U.S. Army Reserve. His degrees include BS in BA, MBA, JD, LLM in European Law. He is the author of the authoritative Blog on Psychological Operations (PSYOP), http://psyopregiment.blogspot.com

TOP OF PAGE

Mary is the former CTO for Pro-Tec Design where clients included DHS, MSP, Best Buy Corp headquarters, City of Minneapolis, FBI and many departments at all levels of government. She also provided consulting services such as project/program management for Attorney General Settlement Agreement, Office of the Comptroller of the Currency as well as National Servicing Standards for Wells Fargo Bank. GLBA encryption remediation project for Target Corporation, Portfolio Manager for Cargill and USBank -Network Services and currently Program Manager for USBank Security Assesment -Application and Device.

Mary has earned a Masters in Information Technology Management from Saint Mary’s University and is on the adjunct faculty there. On hiatis from the pursuit of her PhD in Management and Decision Sciences (currently in the EBD phase).

Mary holds a SABSA Practioner certificate among many other industry certifications and has previously attended the 17th annual COSAC conference.

TOP OF PAGE

Bio to follow...

TOP OF PAGE

Stirling Goetz (SABSA SCF, CISSP, GSEC, CCSK) is a security professional of over 20 years and a Senior Manager from Accenture’s Security Consulting practice. Stirling currently manages Accenture’s security consulting offering development and has experience helping organizations across North America, Europe, and Asia Pacific with manage risk through information security solutions.

Accenture is a global management consulting, technology services and outsourcing company, with approximately 259,000 people serving clients in more than 120 countries. Accenture's clients span the full range of industries around the world and include 89 of the Fortune Global 100 and more than three-quarters of the Fortune Global 500. The company generated net revenues of US$27.9 billion for the fiscal year ended Aug. 31, 2012.

TOP OF PAGE

Wendy Goucher is a Senior Security Consultant at Idrach Limited which is a small, independent information security consultancy based in Scotland. She has a background in Social Science and a first career as a management lecturer, which lasted nearly 20 years before she followed her interest in the human aspect of information security into consultancy. Current clients range from UK government to small and medium business principally in the legal and financial sectors. She recently helped to develop a curriculum of security awareness for ages 5 to 18 for schools in the United Arab Emirates.

Wendy is in the final phase of researching herPhDin Computer Science at the University of Glasgow, focusing on mobile computing and the possible threats from increasing use of a virtual office in public places. She has had 2 academic papers published at the moment and will be speaking at the 12th European Conference on Information Warfare and Security conference in Finland in July as an academic. She will also be presenting twice at ISACA’s conference in London in September as an industry expert.

Wendy’s skill and unusual perspective on information security has enabled her to present at a number of international security conferences across the world, including for ISACA, Gartner, ENISA, and a range of others. These events also give her the opportunity to gain insight on the operation of her profession in a range of cultures. This same blend of experience and insight has allowed her have become involved in a number of key projects recently including memberships of the team developing the BCS CESG Certified Professional Scheme and the IEEE’s ‘Security of the Cloud’ team. Wendy has also maintained a regular column in Computer Fraud and Security Magazine for the last 5 years and was part of the Security Culture Project Team for ISACA that concluded in publication of the book ‘Creating a Culture of Security’ in 2011. She also contributed to the 2012 revision of the Information Security Management Handbook and is currently co-authoring a book on Incident Management.

TOP OF PAGE

G. Mark Hardy serves as President of National Security Corporation, an information security management consulting firm he founded in 1988. He has been providing cyber security expertise to government, military, and commercial clients for over 30 years, and is the author of over 100 articles and presentations on security, privacy, and leadership. He serves on the U.S. National Science Foundation's CyberWATCH Advisory Board, and is a retired U.S. Navy Captain. He wrote and taught information operations curriculum for NATO military officers. A graduate of Northwestern University and the U.S. Army War College, he holds a BS in Computer Science, a BA in Mathematics, a Masters in Business Administration, a Masters in Strategic Studies, and is designated as a Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM).

TOP OF PAGE

Richard Hollis is the Chief Executive Officer for Risk Factory Ltd, a European information security risk management consulting firm specialising in providing effective, independent information risk management services. As a Certified Information Security Manager (CISM), Certified Protection Professional (CPP) and a Payment Card Industry (PCI) Qualified Security Assessor (QSA), Richard possesses extensive hands on skills and experience in designing, implementing and managing and auditing information security programs.

Over the course of his career Richard has served as Director of Security for Phillips, Paris, and Deputy Director of Security for the US Embassy Moscow Reconstruction Project as well as a variety of sensitive security positions within the US government and military. In addition to his work with Risk Factory, Richard serves on several security technology company boards and security industry advisory councils.

A celebrated public speaker, Richard has presented to hundreds of audiences across the world on a wide variety of information risk management topics and techniques. As a recognised industry authority, he has published numerous articles and white papers. He has also appeared on national and international broadcast news as well as being cited in a wide range of press including the BBC, MSNBC, Radio 4, the Financial Times, Time magazine and various others.

TOP OF PAGE

Lynette Hornung-Kobes is currently a Senior Privacy and Enterprise Security Architecture Manager with Turner Consulting Group. I have my CIPP (Certified Information Privacy Professional) and SABSA SCF (Foundation) and SCPA and SCPR (Practitioner’s in Architecture and Design and Risk Management) Certifications. I have a Master of Science in Information Assurance from Iowa State University, a NSA Center of Excellence, as well as a Master of Arts in Political Science from Iowa State University. I have provided project leadership to a variety of Department of Justice components, including the Office of the Solicitor General, Interpol and the Office of the Chief Information Officer with security and privacy services. I also worked on a project with DOJ and OMB where I served in a liaison role between the two agencies on their joint project. I am currently applying a governance model to assist with the updating of security policies and preparing for re-certification using FedRAMP at OMB. I am applying enterprise security architecture, privacy and security solutions and services in my current position.

I was a contributing author to two books on Identity Theft by Dr. Steffen Schmidt and Michael McCoy, including *Who is You? *and *The Silent Crime: What You Need to Know About Identity Theft*. I have been an invited speaker at various computer security conferences, including COSAC, NetSec, the Computer Security Institute and the Cyber Information Security Conference where she has presented on various topics dealing with security and privacy. She was top speaker at the Cyber Information Security Conference. I am a current member of the Privacy Smart Grid.

TOP OF PAGE

Siân John CISM, CISSP is a Security Strategist at Symantec. She is responsible for discussing security strategy and management issues at a senior level with customers and researching / discussing security issues with customers and the press. Siân brings nearly 20 years experience experience in IT and security to Symantec. Having designed and implemented risk management and security solutions for many customers across all sectors.

TOP OF PAGE

Jason Kobes works as a Senior Cyber Architect & Research Scientist in Washington, DC for Northrop Grumman Corporation. Jason has over seventeen years of experience concentrated in information systems design, business/mission security architecture, enterprise risk management, information assurance research, and business consulting. Jason has a Master's of Science in Information Assurance (MSIA) and a Bachelor's of Science in Computer Science from Iowa State University. Jason's areas of research are federal cloud security architecture, accountable anonymity systems and applying enterprise security architecture. Jason has recently spoken about security, enterprise security architecture and business process & architecture improvement methods at The SABSA World Congress, the Computer Security Institute (CSI ) annual conferences and the Cyber Information Security Conference (CISCON). Jason also is an Enterprise Security Architecture instructor for Seccuris and the FEAC Institute.

Jason in cooperation with Michael Legary of Seccuris and William Schultz of Vanderbilt University is coordinating the effort by the SABSA Institute to collect and share industry specific SABSA security attributes profiles.

TOP OF PAGE

Lisa Lorenzin is a Principal Solutions Architect with Juniper Networks, specializing in security and mobility solutions, and a contributing member of Trusted Network Connect, a work group of the Trusted Computing Group that defines an open architecture and standards for endpoint integrity and network security. She has worked in a variety of Internet-related roles since 1994, with more than a decade of that focused on network and information security, and is currently concentrating on enterprise security including network segmentation, end-to-end identity-based access control, and integration of mobile security.

TOP OF PAGE

David Lynas, the COSAC Founder and Chairman, is currently enjoying his thirty-first year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he has been awarded Fellowship of the British Computer Society and is the only non-American ever to be honoured with the prestigious Computer Security Institute Lifetime Achievement Award.

He is the co-author of SABSA (the world’s leading free-use, open-source Security Architecture Methodology) and the CEO of the SABSA Institute charged with providing assurance and confidence over the competencies of SABSA Security Architects.

A widely-published author and commentator, his articles have appeared in publications such as CSI Alert, Information Security Bulletin and the BCS publication Information Security Now. He has served on the editorial board of Computers & Security magazine and has authored a series of opinion columns for SC Magazine. David has been quoted widely in the media and major trade and broadsheet press, including: BBC Television, BBC Radio Ulster, Independent Television News, The Irish Times, ITs Monday, Wired.com, CIO Magazine, Technology Ireland, Korea News and the Harvard Business Review.

TOP OF PAGE

Simphiwe Mayisela, CISSP, CISM, TOGAF, SCF, Founder and President of (ISC)2 Gauteng Chapter has recently been appointed as an Enterprise Security Architect at Sun International, a leading resort, hotel and casino group in South Africa. He has more than 10 years experience in security which he has served amongst various industry verticals, ranging from Government, Banking, MultinationalOutsourcing and Consulting organisations.

He holds a Master’s Degree in Computer Science, specialising in Information Security from Rhodes University, South Africa.

TOP OF PAGE

Bio to follow...

TOP OF PAGE

Stephen O’Boyle heads up the Information Governance team at Espion with over eight years experience in information security and over eighteen years experience in the IT industry.

Stephen is a CISSP, CISM, CISA, ISO 27001 Auditor, PCI QSA and works mainly in the areas of Information Risk, ISO 27001 and PCI compliance. Stephen has worked across a wide range of industry verticals, including government, financial, education and technology.

TOP OF PAGE

John O'Leary, CISSP, is President of O’Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John was the recipient of the 2004 COSAC award and the 2006 EuroSec Prix de Fidelite. He has never been convicted of anything really serious or run for public office.

TOP OF PAGE

Bio to follow...

TOP OF PAGE

Mr. Rogers is a proven Sr. Leader with executive experience & success managing multiple programs and challenges from over 30 years of growing responsibility and experience in the US military and as a civilian senior manager. His achievements include everything from designing secure, Multi-national interoperability programs to the development, acquisition, and implementation of a world-wide telecommunications network and operations center for the Defense Logistics Agency and helping stand up a new national level counter terrorism agency and IA program in Iraq. An inspired leader who has organized and facilitated inter-agency process teams & managed programs sized from 24 Test Center engineers to acquisitions with over 550 contractors, military, and government civilians. A fiscally responsible manager who has overseen budgets sized up to $750M. Collaborative and energetic, with a passion for helping leadership realize secure/effective IT infrastructure.

TOP OF PAGE

Dr. Char Sample is has over 19 years of experience in the information security industry, and presently works for CERT at Carnegie Mellon University where she supports various cyber security efforts. Dr. Sample recently defended her research of “Culture in Computer Network Attack Behavior”. Other areas of research interest include: Cloud Computing, Anomaly Detection methods, and DNS.

TOP OF PAGE

Bill Schultz is the Information Security Officer for the Vanderbilt Research Informatics Core and provides security consulting to various groups at Vanderbilt. He is a certified Information Security Architect and has worked in the Information Technology field for over 10 years, with the past 6 being in the Vanderbilt research community. This work has involved designing, implementing, managing, and securing critical research information technology software and hardware. He is committed to continuously collaborating, learning, and improving, as well as sharing his experience to help others. Bill has earned a Master's of Science in Computer Information Systems. His certifications include the Certified Information System Security Professional (CISSP), SABSA Foundation (SCF), and SABSA Risk, Assurance, and Governance Practitioner (SCPR) credentials.

TOP OF PAGE

John Sherwood is a Consulting Fellow at Sherwood Associates Limited bv in The Netherlands, where he is the thought-leader in the development and deployment of information risk management services. He is also the Head of the SABSA Academy at The SABSA Institute. He has 40 years experience as an information-systems professional, the last 26 of which have been as a specialist in operational risk management and information security. He is also a leading expert in enterprise security architectures and information assurance and is the Chief Architect and main author of the SABSA methodology (see www.sabsa.org). The great majority of this experience is in the banking and financial services industry, but covers also aerospace, chemicals, construction management, media, oil & gas, retailing, government, military and telecommunications. John is a well-known speaker and author and has worked in many countries across Western and Eastern Europe, Scandinavia, North America, the Middle East, Australia, Africa and South East Asia.

TOP OF PAGE

Bio to follow...

TOP OF PAGE

Mike has been involved in Information Security and, previously, Computer Audit since the mid 1980s, largely working within the financial services sector. A number of years were spent as an independent consultant where his work involved managing the Information Security Department of a number of investment banks.

Since 2003, Mike has been a Senior Security Consultant with Ultima Risk Management, a UK based risk management consultancy. His work includes helping clients in achieving certification to ISO 27001, developing business continuity strategies and plans (including certification to BS 25999) and implementing data protection management systems.

Mike is also accredited by the British Computer Society to deliver the training for their ISEB qualifications, Practitioner Certificate in Information Risk Management, Practitioner Certificate in BCM and Certificate in Information Security Management Principles. Mike is qualified in these ISEB certificates and is an MBCI. A regular presenter at COSAC over the past 10 years, Mike was the recipient of the COSAC Award in 2006.

TOP OF PAGE

Robert Trapp has over thirty five years in Information and Communications Technology as a practitioner leading or working hands-on to build enterprise system software, databases and networks, with the last half of that time being focused on architecture reliability, scalability, performance, and security. He currently works as a senior security architect at the consulting firm of Booz Allen Hamilton in the US, working for a variety of US federal government clients.

Bob specializes in enterprise security architecture, the establishment and improvement of organizational security programs, and the design of security solutions for clients. Bob has a B.S. in Physics from Virginia Polytechnic Institute and State University, and holds SABSA SCF (Foundation) and SCPA (Practitioner), CISSP, ISSAP, CSSLP, ISO 27001 Lead Auditor, and ISO 27001 Risk and Implementation Practitioner certifications. In his insufficient spare time, Bob relaxes by raising bees and borrowing their honey.

TOP OF PAGE

Tom Trusty is a banking security consultant and fraud investigator based in the United States, with over 25 years of experience with mainframe banking systems in the USA and Australasia. He has a BSc in Mathematics from the University of Texas.

TOP OF PAGE

Marc Verboven is an experienced IT Architect with over 25 years of experience.

After obtaining a PhD in Physics in 1988 he worked in process information and process control with Dow Chemical at Terneuzen (NL). After eight years in this challenging environment Marc changed course and joined a consultancy company, Cimad that became later part of IBM. Here he witnessed the start of the internet and all the associated technologies. In IBM Marc was also one of the first European consultants trained in IBM's security methodology.

In 1999 he left IBM to work for Ubizen, a high tech company specialised in the field of developing products in the area of Identity & Access Management. During this period Marc also worked for one year in the US subsidiary of Ubizen. After returning to Belgium in 2001 he decided to leave Ubizen temporarily for one year to try out a career as an independent consultant, specialised in e-business and security solutions. In January 2003 he finally joined ING. Since then he mainly worked on projects in the area of Retail & Wholesale Channels, acting both as a security & application architect. Since 2006 Marc is member of the Enterprise Architecture group of ING with continued focus on the area of Risk & Security.

TOP OF PAGE