Click on a speakers name to view their Bio.
As well as providing consulting services to key clients, as President and CEO Geoff Besko has responsibility for the leadership and general management of Seccuris Inc., a Canadian information security consultancy and solution provider.
Previously, Geoff was the Deputy Chief Information Officer at the Winnipeg Regional Health Authority where he had general management responsibilities for the e-Health Services Division. Prior to his position with the WRHA, he was a Solution Architect and Senior Consultant with EDS Inc. where he specialized in enterprise architecture, IT strategy, and service management best practices consulting.
At Seccuris, Geoff has provided consulting services in the areas of information security strategy, security architecture, and security information management for a number of clients. He has taught at the University of Manitoba as a sessional instructor in the undergraduate and MBA programs on data communications, IT strategy, and other general management information system topics. Along with his training in Enterprise Architecture development, Geoff also holds his CISSP, CISM, CGEIT, ITIL IT Service Manager Certification, PCI Qualified Security Assessor and SABSA Chartered Practitioner, along with MBA and BA (Honours) degrees from the University of Manitoba.
|
Jon Colombo is a regular Cosac speaker. He is an Executive Consultant with Capgemini's UK Security Consulting Practice, where he leads both 'Management and Governance' and 'Identity Management' competencies.
Jon started work as an archaeologist, with degrees from London and Oxford. In the mid '80s he moved into the field of IT, gaining an MBA from City University in 1993. In the early 90's he switched to Business Continuity, setting up the function at Smith New Court Securities. He has worked in 'pure' Information Security roles for the last 15 years, setting up and running Information Security functions at United Friendly Insurance and WestLB AG, London, before moving to Capgemini in 2003.
Jon is a qualified CISSP, CISM and MBCI, and regularly publishes on a variety of Information Security topics.
|
Charles Cook, CISSP, is currently the manager of Information Systems Security Computer Sciences Raytheon (CSR) a joint venture between Computer Sciences Corporation (CSC) and the Raytheon Corporation. CSR is assigned operations and maintenance responsibilities for Instrumentation (Radar, Telemetry, Optical, Range Safety, Meteorological, and Destruct) and Communications Systems in support of Eastern Range Space Launch Operations.
Prior to joining CSR, Charles was on active duty with the United States Air Force as a Senior Intelligence Analyst.
|
Cindy Cullen is Chief Technology Officer (CTO) of SAFE BioPharma Association, seconded from Bristol-Myers Squibb Company. As CTO she was integral in the cross certification of the SAFE BioPharma Bridge (SBCA) with the US Federal Bridge and oversaw the cross certification of several entities with the SBCA. She designed and manages Bristol-Myers Squibb Certificate Services Infrastructure. Cindy has spoken around the world on security issues including on business process improvement, hacking techniques, identity management, certificate infrastructures for authentication, authorization and legally binding digital signatures, business continuity. She has an MS Computer Science, Six Sigma Black Belt, CISSP and sixteen years experience.
|
Pascal de Koning MSc SCF CISSP TOGAF has 10 years of experience in information security. Pascal started as a software engineer. In the past he has conducted many technical security assessments on information systems in finance, healthcare and public sector. Besides this, he has thorough knowledge of PKI solutions and experience with implementing them.
As a senior security consultant at Getronics he's currently involved in defining and implementing security solutions that best fit the customer needs. For the translation from business needs to a solution design he finds it helpful to use an architecture approach like SABSA. He is active in exploring the possibilities of applying SABSA in his daily work.
|
Shannon is a Certified Information Security Manager (CISM) and Certified Information Systems Security Professional (CISSP) with more than 10 years of experience in information technology and security. She was the Information Security Officer at William Rainey Harper College where she was responsible for developing and managing the information security program. She was responsible for securing data on all systems as well as incident management, policy development, and security awareness. As a network support analyst and security architect for AT&T, Shannon provided tier 3 network support and helped to develop the virus response plan for managed service customers. She also was a lead member responsible for incident response and disaster recovery plans. In her current position with ISACA, Shannon is responsible for managing the security program and for serving the needs of the security profession through research projects and publications. Shannon has a masters degree in Management & Systems from New York University and is currently working on a PhD in Information Security at Capella University.
|
Miss Griffin's practice covers all aspects of criminal law, both prosecuting and defending. She regularly appears as an advocate in all levels of court (from Magistrate's Court to the Privy Council). She has dealt with serious offences including, conspiracy to supply class "A" drugs, "armed" robbery, fraud and sexual offences.
Lynn specialises in:
- Criminal litigation (prosecution and defence)
- Broadcasting Fraud/Intellectual Property Theft
- Health Care Regulatory and Professional Discipline
- Trading and Consumer Law
- Vulnerable Witness cases
|
Simon Gunning CFE direct's DigiLog's technical services including voice analysis and call centre risk solution packages, (forensic tape analysis, third party screening, interview assessments), investigation support and training, investigations, IT security awareness training. Digilog has a strong presence in insurance, banking, police and government, accountancy, human resource departments and call centres.
|
Mike Henson is a security professional with 18 years of industry experience. Mike began his career in the U. S. military and continued in private consulting for 6 years until he accepted his current position as Chief Security Officer for Northwest Open Access Network, NoaNet. During the last 8 years at NoaNet Mike has been responsible for physical and cyber security including policy management and training. Mike is the regulatory liaison and provides leadership on CALEA compliance and infrastructure security for the 14 member utilities of NoaNet.
|
Richard Hollis is the Chief Executive Officer for Orthus Ltd, a European information security risk management consulting firm specialising in providing effective, independent information risk management services. As a Certified Information Security Manager (CISM), Certified Protection Professional (CPP) and a Payment Card Industry (PCI) Qualified Security Assessor (QSA), Richard possesses extensive hands on skills and experience in designing, implementing and managing comprehensive information security programmes and architectures for technology driven companies.
Over the course of his career Richard has served as Director of Security for Phillips, Paris, and Deputy Director of Security for the US Embassy Moscow Reconstruction Project as well as a variety of sensitive security positions within the US government and military. In addition to his work with Orthus, Richard serves on several security technology company boards and security industry advisory councils.
An accomplished public speaker, Richard has presented to hundreds of audiences across the world on a wide variety of information risk management topics and techniques. As a recognised industry authority, he has published numerous articles and white papers. He has also appeared on national and international broadcast news as well as being cited in a wide range of press including the BBC, MSNBC, Radio 4, the Financial Times, Time magazine and various others.
|
Clemens Kurtenbach is a Security Analyst working in the S21sec e-crime team in Pamplona, Spain. Born and educated in Germany, he graduated in 'Computer Networking' at the Hochschule Furtwangen University. During his time at University his main focus changed from Unix and Networking to Information Security. He completed his studies partly abroad at the Czech Tecnical University in Prague and with a Thesis on IPv6 Security.Since then he has worked at different ISP's and companies in Germany. As of 2007 he works in the S21sec e-crime team as a specialist in botnets and banking trojans.
|
Michael Legary, CSA, CISSP, CISM, CISA, CGEIT, CSSLP, CCSA, CPP, GCIH, PCI-QSA, is Founder, Chief Innovation Officer & Principal of Seccuris Inc, where he helps address business risks associated with Intellectual Property, Technology and Compliance in large North American organizations. He specializes in security architecture, risk assessment and forensic procedure for high risk enterprise.
Michael's core passion lays in development of cutting edge security initiatives. Through Seccuris Labs Michael focuses include research in security information management architectures, trusted operating system design as well as risk assessment, code audit and forensic methodologies.
|
Jeff has 20 years experience working with IBM'S IMS and DB2 Data Base Management Systems; and has designed and supported data bases at J.L. Hudson, Michigan Consolidated Gas Company, EDS, Volkswagen of American, and Ford Motor Company.
He is the former Chief Information Officer of the Barbara Ann Karmanos Cancer Institute. The Institute is one of the National Cancer Institute's designated Comprehensive Cancer Centers combining research with patient education and treatment. Prior to working at the Karmanos Cancer Institute, Jeff worked at American Community Mutual Insurance company, Holley Carburetor, Harper-Grace Hospitals and American/SCI Inc. Jeff was a staff manager at American/SCI and performed consulting/contracting work at the big three automotive firms.
Jeff holds a Post-Doctoral Fellowship from the University of Maryland University College; a PhD from Nova Southeastern University; an MSA from Central Michigan University; and a BS from Wayne State University.
|
Lisa Lorenzin is a Principal Solutions Architect with Juniper Networks, specializing in security solutions, and a contributing member of Trusted Network Connect (TNC), a work group of the Trusted Computing Group (TCG) that defines an open architecture and standards for endpoint integrity and network access control. She has worked in a variety of Internet-related roles for the past 13 years, with more than a decade of that focused on network and information security. Lorenzin has participated in NAC deployment planning with dozens of customers ranging in size from SME to global Fortune 100 and in vertical from financial to government to healthcare to military-industrial, and is co-editor on a draft TNC specification directly related to NAC implementation.
|
David Lynas SCM, FBCS, CITP, the COSAC Founder and Chairman, is currently enjoying his twenty-sixth year of experience in Information Security, during which he has been invited to provide strategic advice to governments and industry clients on every continent. A globally renowned Enterprise Security Architect, Security Strategist, and Thought-Leader, he has been awarded Fellowship of the British Computer Society and the only non-American ever to be honoured with the prestigious Computer Security Institute Lifetime Achievement Award.
He is the co-author of SABSA (the world's leading free-use, open-source Security Architecture Methodology) and the CEO of the SABSA Institute charged with providing assurance and confidence over the competencies of Security Architects.
A widely-published author and commentator, his articles have appeared in publications such as CSI Alert, Information Security Bulletin and the BCS publication Information Security Now. He is on the editorial board of Computers & Security magazine and has authored a series of opinion columns for SC Magazine. David has been quoted widely in the media and major trade and broadsheet press, including: BBC Television, BBC Radio Ulster, Independent Television News, The Irish Times, ITs Monday, Wired.com, CIO Magazine, Technology Ireland, Korea News and the Harvard Business Review.
|
Caroline MacDonnell is the Manager of Business Development at Orthus Ltd, a leading European information security risk management consulting firm specialising in providing effective, independent information risk management services.
In her role at Orthus Caroline works with FTSE 100 clients across a wide variety of industries to develop a clear view of the information security threats they face. Once established, she then resources the appropriate Orthus service(s) to ensure that critical business goals are supported and are sustainable. Understanding that the three critical pillars of internal support are people, process and technology she is responsible for ensuring that her clients' information risk exposure is effectively identified minimized and managed for long term success.
Before joining Orthus Caroline worked for Xerox gaining her fundamental understanding of the importance of data security and has since parlayed these skills to a strong risk management consultant role. A noted public speaker, Caroline has a thirst for knowledge of information on the security threats that face businesses today. She speaks regularly on topics ranging from the importance of conducting threat and risk assessments, drafting simple and sound policies, countering insider threats and stopping data leakage to deploying cost-effective compliance programs. A confident speaker, Caroline is a popular presenter as she understands the primary business drivers of information risk management.
|
André Mariën has over 25 years of experience in applications and information security. During the first years the main accent was on application development, and for the last 10 years on information security.
His experience in application development covers most programming languages, including machines languages, and range from actual coding over design and inception of new applications and application architecture. He was deeply involved in product development, as head and member of the group, including sales and marketing aspects.
He is an experienced consultant, backed-up by a broad spectrum of information systems knowledge. He has sharpened his communication skills during 20 years of education at university level, presentations on conferences and shows, and with his customers. He coached a pan-European team of security consultants, and managed his local team.
He is well-versed in application development, even from a product perspective, as well as the supporting infrastructure, obvious from his university course, as well as policies, procedures and standardization as these are key instruments in information security and audit.
|
Kevin Nichols is a SABSA Chartered Architect (SCF) & SABSA Certified Practitioner (SCPA) with 35 years in IT Industry. He is currently employed by IBM as a Solution Designer, Bid Delivery Engagement Manager, Security Manager & Client Security Architect deployed on the Westpac Bank Enterprise Security Architecture project. Kevin was the Cycling Results Manager for the 2000 Olympic Games in Sydney and won a Gold Medal at the Los Angeles Olympiad.
|
John O'Leary, CISSP, is President of O'Leary Management Education. His background spans four decades as an active practitioner in information systems, IT Security and contingency planning. He has designed, implemented and managed security and recovery for networks ranging from single site to multinational. John has trained tens of thousands of practitioners, and conducted on-site programs at major corporations and government facilities worldwide. He has also facilitated meetings of Working Peer Groups, where security professionals from diverse corporations share ideas, concerns and techniques. John was the recipient of the 2004 COSAC award and the 2006 EuroSec Prix de Fidelite. He has never been convicted of anything really serious or run for public office.
|
Marco Plas is one of Netherlands most known information security experts. His unorthodox and direct approach started many discussions in his field. Marco Plas MSc CISSP CISA graduated in Business Economy and Business Information Science with a specialization in applied mathematics. After his studies, Marco dedicated himself to information security. Currently he works for Domus Technica in the Netherlands as Principal Security consultant. Marco is specialized in the areas of IT continuity, Security Management, Architecture, Identity Management and Compliance.
|
Joseph Ponnoly, MSc, MBA, CISM, CISA, CISSP has over 25 years of techno-managerial experience. His experience covers white collar crime investigation, cyber crime investigations and forensics. He has extensive experience in information technology systems and network operations and information security. He was a member of the two member delegation from India at the 2nd International Conference on Computer Crimes that was held by Interpol in Lyon France in 1996 to deal with the emergence of crimes on the Internet. He held the position of Officer on Special Duty (Computers), as Head of the Systems Division of CBI-India for 4 years. He has since then been involved with information security / risk management consulting for major corporations in USA. He is currently pursuing Ph.D. in Computer Information Systems with concentration in information security at Nova Southeastern University, an NSA accredited center of excellence for information security graduate studies and research.
|
Nan is a CISSP, CISM, PMP and holds an MA degree from Wayne State University. She has been a security consultant, instructor, standards specialist, corporate communications consultant, and project manager in information protection and security for large and small-scale computer networks for the last twenty years. Nan has successfully delivered and managed security solutions in the financial, pharmaceutical, government, insurance and public utility industries as well as to Fortune 500 organizations while incorporating the complex nature of combining security requirements and solutions with business needs. She has taught various topics within information assurance which included training security teams for fortune 500 clients. Recently she has joined the Walsh College faculty as a full time member of the Masters of Information Assurance program. Her last position was as Senior Training Consultant for Easyi, Inc. and an adjunct instructor for Norwich University and Walsh College. Both institutions are nationally recognized Centers of Excellence by the NSA. She is currently the Director of the Information Assurance Center at Walsh College. She has designed and taught a master's level course entitled, "Implementing a Security Program" which focuses on communicating security topics throughout the corporate environment and developing an information security strategy in support of the business strategy and functions. Nan has an undergraduate degree in English and Communicative Arts and Sciences. She is currently enrolled in a doctoral program at Nova Southeastern University specializing in information assurance.
|
Tony Sale is founder and curator of the world-famous Bletchley Park Museum and the re-builder of Colossus. In a varied and fascinating career spanning over six decades beginning at the RAF, he worked with Peter Wright (of 'Spy Catcher' fame) on Q Band Doppler Radar research at Marconi Research Laboratories and again as Principal Scientific Officer at MI5 until 1963. Tony started the Computer Conservation Society in November 1989, as a joint venture between the British Computer Society and the Science Museum. He delivered the Royal Institution Lecture in 1996 and has been interviewed numerous times on television world-wide. Tony was the adviser and link man on Channel 4's "Station-X" program and the adviser on the "Secrets of War" television series. His film credits include being adviser to "Breaking the Code" and the Technical Consultant to Mick Jagger's hit film "Enigma".
|
Helvi Salminen has worked full-time in information security since June 1990, first as security analyst and since April 200 as information security manager. Before starting information security tasks she has 12 years experience in systems development.
Cooperation with colleagues is an important asset for security professionals. Helvi is founder member of Finnish Information Security Association which celebrated its 10th anniversary in 2007. Helvi is qualified CISA (1992), CISSP (1998), SABSA chartered security architect - foundation level (2008) and was one of the first to achieve Master of Security in 2003 (PD program in Helsinki University of technology lifelong learning centre Dipoli. She has been the program manager of information security training in Dipoli in 2003-2008, and has given presentations in several information security seminars.
|
Dr. Eugene Schultz, CISM, CISSP, is the Chief Technology Officer at Emagined Security, an information security consultancy based in San Carlos, California. He is the author/co-author of five books, one on Unix security, another on Internet security, a third on Windows NT/2000 security, a fourth on incident response, and the latest on intrusion detection and prevention. He has also written over 120 published papers. Gene was the Editor-in-Chief of "Computers and Security" from 2002 - 2007, is currently on the editorial board for this journal, and is an associate editor of "Network Security". He is also a SANS instructor, member of the SANS NewsBites, co-author of the 2005 and 2006 Certified Information Security Manager preparation materials, and is on the technical advisory board of three companies.
Gene has previously managed an information security practice as well as a national incident response team. He has also been professor of computer science at several universities and is retired from the University of California at Berkeley. He has received the NASA Technical Excellence Award, the Department of Energy Excellence Award, the Information Systems Security Association (ISSA) Professional Achievement and Honor Roll Awards, the ISACA John Kuyers Best Speaker/Best Conference Contributor Award, the Vanguard Conference Top Gun Award (for best presenter) twice, the Vanguard Chairman's Award, and the National Information Systems Security Conference Best Paper Award.
Additionally, Gene has been elected to the ISSA Hall of Fame. While at Lawrence Livermore National Laboratory he founded and managed of the U.S. Department of Energy's Computer Incident Advisory Capability (CIAC). He is also a co-founder of FIRST, the Forum of Incident Response and Security Teams. He is currently a member of the accreditation board of the Institute of Information Security Professionals (IISP). Dr. Schultz has provided expert testimony before committees within the U.S. Senate and House of Representatives on various security-related issues, and has served as an expert witness in legal cases.
|
John Sherwood BSc MSc CEng FBCS FIMC CMC CITP CISSP is a Director of idRisk with responsibility for developing the firm's offerings in Operational Risk and Compliance Management. He has more than 36 years experience as an information-systems professional, the last 22 of which have been as a specialist in operational risk management and information security. He is also a leading expert in enterprise security architectures and information assurance and is the Chief Architect and main author of the SABSA methodology (see www.sabsa.org). The great majority of this experience is in the banking and financial services industry, but covers also aerospace, chemicals, media, oil & gas, retailing, government, military and telecommunications. John is a well-known speaker and author and has worked in many countries across Western and Eastern Europe, Scandinavia, North America, the Middle East, Australia, Africa and South East Asia.
|
Mike has been involved in Information Security and, previously, Computer Audit since the mid 1980s, largely working within the financial services sector. A number of years were spent as an independent consultant where his work involved managing the Information Security Department of a number of investment banks.
Since 2003, Mike has been a Senior Security Consultant with Ultima Risk Management, a UK based risk management consultancy. His work includes helping clients in achieving certification to ISO 27001, developing business continuity strategies and plans (including certification to BS 25999) and implementing data protection management systems.
Mike is also accredited by the British Computer Society to deliver the training for their ISEB qualifications, Practitioner Certificate in Information Risk Management, Practitioner Certificate in BCM and Certificate in Information Security Management Principles. Mike is qualified in these ISEB certificates and is an MBCI. A regular presenter at COSAC over the past 10 years, Mike was the recipient of the COSAC Award in 2006.
|
Richard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He recently re-launched the security blog ThreatChaos.com and is the founder of IT-Harvest, an independent analyst firm that researches the 1,200 IT security vendors. He was an executive for Fortinet, Inc. the leading UTM vendor. Prior to that he was VP Threat Research at Webroot Software.
Before Webroot, Mr. Stiennon was VP Research at Gartner Inc. where he covered security topics including firewalls, intrusion detection, intrusion prevention, security consulting, and managed security services for the Security and Privacy group. He is a holder of Gartner's Thought Leadership award and was named "One of the 50 most powerful people in Networking" by NetworkWorld Magazine.
Mr. Stiennon has presented in 26 countries on six continents. He has written for Network World (IDG) and CIOUpdate (Jupiter Media) His blog was hosted by CNet for two years and is still published by Network World. He earned a B.S. in Aerospace Engineering from the University of Michigan. He holds two patents.
|
Dr. Peter Stephenson is a writer, consultant, researcher and lecturer in information assurance and incident investigation on large-scale computer networks with over 40 years experience in various technology fields. He has lectured extensively, and has written or contributed to 15 books and several hundred articles in major national and international trade publications and technical/scientific journals for the past 25 years in eleven countries plus the United States. He is the technology editor for "SC Magazine".
Currently, he holds the positions of Chair of the Department of Computing and Director of the Norwich University Advanced Computing Center at Norwich University where he is also the Chief Information Security Officer and the distinguished lecturer in complex computing systems. Dr Stephenson's current research is on security analytics, cyber attack attribution, and cyber conflict. He currently is working on a book on information assurance analytics, due to be published in 2010.
|
Andrew S. Townley is the Founder and Managing Director of Archistry Limited, a professional services firm dedicated to helping clients find innovative ways to unlock hidden organizational value. He is an international speaker and author of several papers and articles on Enterprise Architecture, SOA and Information Assurance. Andrew has extensive experience in the Mobile & Wireless Telecommunications, Public Sector, Financial Services and Software industries and has worked with top-tier professional services firms including BearingPoint and Deloitte in delivering multi-million Euro projects.
Andrew is an active member of the SOA, Security and Knowledge Management communities, including holding the CISSP security certification and regularly speaking on these topics at conferences such as COSAC, worldwide OASIS events, InfoSeCon, InfoSecWeek and the SOA for E-Government conference hosted by the U.S. Federal SOA Community of Practice.
|
Matt Whelan (SCF, CISM, CISSP, ISSPCS), Technical Director at ALC Training, has specialised in information security for the past eight years, although it has been one of his key talents since he conducted his first penetration test in 1984 and began lecturing on the subject in 1986.
Matt was Project Manager for the AINSEP (Association of Infocomm Security Professionals) project for the Singapore Infocomm Development Authority (IDA), which set out to define knowledge and capability requirements for high-level certification of security professionals in the future. Matt also developed the career- and certification-mapping database prototype for the project's proof-of-concept presentation to the IDA Board.
Matt's company is a significant supplier of both training and security consulting to Government, and is as an Australian Federal Government Endorsed supplier. Matt assisted David Lynas in the introduction of a new security architecture at one of the country's biggest government agencies, Centrelink, through a "SABSA Fast-Track" workshop series, and in an ongoing project for the Australian Electoral Commission which introduced and developed Risk Assessment methodologies for the organisation's evaluation of electronic voting. Matt developed comprehensive Risk Assessment and Management software based on the SABSA framework, with a prototype of the system in active use at the Electoral Commission.
His experience in creating and implementing security strategies in the corporate environment led to the development of ALC Training's flagship "Network Security Essentials" seminar series, while his dedicated 'know your enemy' research resulted in the acclaimed hands-on "Hacking and Securing Windows" which he has twice presented as COSAC Master Classes.
He has trained security staff for major corporates and government in Australia, New Zealand and Singapore, including Defence in all three countries, the NZ Police eCrime unit, leading banks, universities, airlines, telecommunications and aerospace companies and even divisions of NASA. He ran customised in-house training for the NSW Police Fraud Squad.
Matt is co-founder of ALC's Enterprise Security training and consulting group, which boasts a prestigious international team of security professionals with wide-ranging experience in banking, finance, government and industry.
Matt's unique background combines unusually broad technical prowess with extensive business management experience. As a writer Matt founded Your Computer magazine in 1981 and subsequently was Foundation Editor of PC Database Analyst and Managing Editor of PC Support Advisor. As a businessman, he has been a magazine group publisher and managing editor for three media companies. As a trainer, Matt has delivered courses on software, hardware, operating systems and security in many countries around the world - Singapore, Malaysia, Indonesia, Thailand, Australia, New Zealand, United Kingdom, Ireland, Sweden, Norway and the Netherlands.
As a developer, Matt completed software projects for Computer Associates, Borland, Ashton-Tate and Nantucket, including a compiler for the dBase IV language that was sold internationally.
|
Peter is an experienced information security and information risk professional. He joined Computer Sciences Corporation in 2007 as a Lead Information Risk Manager and has in the past managed the WA Police and Alcoa accounts. Currently as the LIRM for the Newmont and the Department of the Attorney General (WA), Peter is responsible for information security and information risk management programme on the accounts. Peter works closely with other service lines and service providers to ensure secure provision of services and solutions his customers.
Prior to joining CSC, Peter spent four years as an information security consultant primarily in the finance sector. Peter is also very active in the information security community and was the founding member and current Executive of the Australian Information Security Association Perth branch.
|
|