2011 – Speakers

Thanks for stopping by, we are still working to nail down our list of speakers for this year. Don’t worry though they are going to be great and we will let you know as soon as we get confirmations.

Bill Dean

Director of Computer Forensics
Sword and Shield Enterprise Security
Schedule: 10/12/2011 – 11:00 a.m.
Presentation Title: From the Boardroom to the Courtroom

Mr. Bill Dean is the Director of Computer Forensics for Sword & Shield Enterprise Security. Bill has more than 15 years of experience in the technical field in roles such as programmer, systems support, enterprise systems design and engineering, virtualization, digital forensics, and information security. In 2005, he was recognized as the primary architect for an Intel virtualization/server consolidation project and was awarded Network World’s “Enterprise All Star” and “InfoWorld’s Top 100 Projects”. Since that time Bill has focused his career on the specialties of information security, electronic discovery, digital forensics, and incident response. Bill served as the technical expert and provided Federal Court testimony in the 7th largest eDiscovery case in 2007 and is an expert witness involving a wide variety of issues involving computer forensics. Bill is a frequent speaker and published author on the topics of computer security, digital forensics and electronic discovery for numerous legal and technical associations. Bill possesses an associate’s degree in Computer Science and a baccalaureate degree in Information Technology from East Tennessee State University. Additionally he is a Certified Computer Examiner, GIAC Certified Incident Handler, GIAC Certified Penetration Tester and GIAC Certified Forensic Analyst. He is also an active member of the International Society for Forensic Computer Examiners and InfraGard.

Ron Ross

Senior Computer Scientist and Fellow
National Institute of Standards and Technology
Schedule: 10/12/2011 – 9:45 a.m.
Presentation: Update on December Security Controls Catalog SP 800-53 changes

Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His current areas of specialization include information security, testing and evaluation, and risk management. Dr. Ross leads the Federal Information Security Management Act (FISMA) Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government, support contractors, and the United States critical information infrastructure. Dr. Ross is also the principal architect of the NIST Risk Management Framework. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. Dr. Ross has been inducted into the Information Systems Security Association (ISSA) Hall of Fame and elected to the grade of ISSA Distinguished Fellow. Dr. Ross is a graduate of the Defense Systems Management College and holds both Masters and Ph.D. degrees in Computer Science from the United States Naval Postgraduate School.

Bobby Brown

Director of Communication and Information Systems Security
Schedule: 10/13/2011 – 1:00 p.m.
Presentation: Cybersecurity Challenges in Smart Grid

Bobby Brown is a utility consultant supporting informatoin security and systems engineering for AMI, Home Area Network, Distribution Automation, Demand Response, and other utility convergence and infrastructure applications. He is a member of the Cyber Security team for Consumers Energy. Bobby helpd autor the NIST SmartGrid Interim Roadmap; UCAlug AMI-SEC AMI System Security Requirements developed by the AMI Security Accepleration Project (ASAP); and has authored several other AMI whitepapers and guides. Bobby is the Program Manage for the ASAP for SmartGrid – a utility driven private-public collaborative focused on developing a blueprint for smart grid security profiles and security profiles for AMI, Third-party Data Access, Distribution Automation and other smart grid applications. Bobby has also serverd as the CIO for Appalachain Underwriters, Inc.’ President of Computer Knowledge, Inc.; and Information Systems Security Specialist for the Department of Energy at Y-12. He is Secretary of the UCAIug SG Security WG and AMI-SEC TF, Chair of SG Security Conformance and a contributing member of the NIST SGIP Cyber Security WG, ANSI, IEC TC57, and IEEE PES. Bobby holds a B.S. in Computer Information Systems.

Angie Singer Keating

Vice President Compliance & Security
Schedule: 10/12/2011 – 1:30
Presentation: Is Your Computer Incident Response Team Ready for the 21st Century?

Angie Singer Keating is a co-founder of Reclamere, Inc., a security focused I.T. asset management, data recovery and computer forensics company servicing Fortune 1000 as well as small and medium accounts. Keating is recognized as a Certified Information Systems Auditor and a Certified Information Security Manager by the Information Systems Audit and Control Association (ISACA). Also, she is recognized as a Certified Information Privacy Professional by the International Association of Privacy Professionals. As Vice President of Compliance & Security for Reclamere, Keating is responsible for all security, legal and regulatory compliance aspects of the business. She is the primary liaison between Reclamere and its vendors, local DEP officials and the EPA. Keating sits on the Certification Committee and co-chairs the Electronic Media Destruction subcommittee for the National Association for Information Destruction (NAID). Ms. Keating is a member of the Board of Directors for the Ben Franklin Technology Partnership, Her keen analytical and research abilities are necessary at Reclamere to insure quality control and compliance with complicated legal and environmental issues within the industry. A graduate of the Pennsylvania State University, Altoona campus, in Electrical Engineering Technology, Keating resides in Altoona, Pennsylvania.

Christopher Novak

Managing Principal, Co-Founder
Verizon Business’ Global Investigative Response Team
Schedule: 10/12/2011 – 1:30
Presentation: Data Breaches: The Latest Report on Trends and Threats

Chris Novak is a senior investigator and has more than 10 years of experience investigating both civil and criminal data breaches. He has led dozens of tactical response cases over the past 18 months and continues to respond to high-profile cases on a global basis. He routinely works with law enforcement agencies on joint investigative operations around the world. Chris has been published on a number of security-related topics, including the recently released Data Breach Investigations Report.

Dr. David A. Dampier

Associate Professor of Computer Science and Engineering
Director, National Forensics Training Center
Mississippi State University
Schedule: 10/13/2011 – 9:15 a.m.
Presentation: Forensics

Dr. Dave Dampier currently serves as Associate Professor of Computer Science & Engineering at Mississippi State University and Director of both the Center for Computer Security Research and the National Forensics Training Center. Prior to joining MSU in 2000, Dr. Dampier spent 20 years active duty as an Army Ordnance and Acquisition Corps Officer. He has a B.S. Degree in Mathematics from the University of Texas at El Paso, and M.S. and Ph.D. degrees in Computer Science from the Naval Postgraduate School. His research interests are in Digital Forensics, Computer Security, and Formal Methods for Software Evolution.

Harlan Carvey

VP Engagement Services
Terremark WorldWide Inc.
Schedule: 10/12/2011 – 14:45
Presentation: Incident Preparedness

Harlan Carvey is a digital forensics and incident response analyst located in the Metro DC area, and is a VP with the Engagement Services group at Terremark WorldWide, Inc. After conducting penetration tests and vulnerability assessments in support of corporate and federal government clients, in 1999 he began performing a wide range of incident response activities. He currently conducts digital forensic examinations and research, with specific attention towards the Windows operating system. He has written several books focused on digital forensic analysis of Windows systems, including “Windows Forensic Analysis” (first and second editions), “Windows Registry Forensics”, and he is the co-author of “Digital Forensics with Open Source Tools”. Harlan has presented at several conferences, and maintains the “WindowsIR” blog (http://windowsir.blogspot.com). He has earned an MSEE degree, and holds CISSP and SANS GCFA certifications.

Joe McCray

Founder and CEO
Schedule: 10/13/2011 – 14:45
Presentation: You Spent all that Money and Still Got Owned?

Joe McCray is an Air Force Veteran and has been in security for over 10 years. Joe has been involved in over 150 high level penetration testing engagements and has some major hacking accomplishments that he can share with his students and clients. His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DefCon, BruCon, Hacker Halted and more. Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award.

Joe is the founder and CEO of http://strategicsec.com an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis.

Kevin Kerr

Chief Information Security Officer
Schedule: 10/13/2011 – 13:00
Presentation: The ORNL Cyber Event
Mr. Kerr was recently hired as the Chief Information Security Officer and Senior Advisor, IT Risk Management at the Oak Ridge National Laboratory. Prior to this he was the Manager, Cyber Security Evaluations leading his team in performing red team and cyber security assessments for the Department of Energy, Department of Labor, the Center for Disease Control, and other government, commercial, and private entities. He has over 28 years of experience in many aspects of IT including programming, network and data base design, business analysis, project management, security, and governance development. He has presented at several computing events on cyber security and risk management. Kevin recently retired from the Air Force and Air National Guard as a Lieutenant Colonel where he was the Commander, Cyber Warfare Squadron.

Jeff Schibonski

Computer Scientist
Oak Ridge National Laboratory
Schedule: 10/13/2011 – 10:45 (breakout)
Presentation: Insider Threats
Jeff Schibonski is a computer scientist specializing in protecting information and information systems from both internal and external threats. He has a background that includes network engineering, software development, and cyber security. In addition to these technical aspects, Jeff has studied the human component of the insider threat and shares his expertise across organizations and agencies at local, regional, and national levels. Breakout attendees will learn about the four conditions that must pre-exist and align to create an insider threat. Real world examples will help participants recognize these conditions and tips on mitigating or neutralizing them will be discussed.

Matthew Luallen

Schedule: 10/12/2011 – 8:30
Presentation: Control System Security
Matthew E. Luallen is a well-respected information professional, researcher, instructor, and author. Mr. Luallen serves as the president and co-founder of CYBATI, a strategic and practical educational and consulting company. CYBATI provides critical infrastructure and control system cybersecurity consulting, education, and awareness. Prior to incorporating CYBATI, Mr. Luallen served as a co-founder of Encari and provided strategic guidance for Argonne National Laboratory, U.S. Department of Energy, within the Information Architecture and Cyber Security Program Office. In an effort to promote education and collaboration in information security, Mr. Luallen is an instructor and faculty member at several institutions. Mr. Luallen is adjunct faculty for DePaul University, teaching the Computer Information and Network Security Masters degree capstone course. He is also a certified instructor and CCIE for Cisco Systems, covering security technologies, such as firewalls, intrusion prevention, and virtual private networks, and general secure information architecture. As a certified instructor for the SANS Institute, Mr. Luallen teaches infrastructure architecture, wireless security, web application security, regulatory and standards compliance, and security essentials. Mr. Luallen is a graduate of National Technological University with a master’s degree in computer science, and he also holds a bachelor of science degree in industrial engineering from the University of Illinois, Urbana.

Ernest W. Wohnig

Senior Associate
Booz Allen Hamilton
Schedule: 10/12/2011 – 2:45 Breakout Session
Presentation: Risk Informed Decision Making (Risk-ID)
Mr. Wohnig has 19 years of experience in the Information Assurance and Energy Security fields, the last ten of which he has lead both delivery and intellectual capital development teams for Booz Allen Hamilton’s Information Assurance division. He is currently the Sr. Associate responsible for Booz Allen’s Energy and Environmental Security portfolio. Mr. Wohnig directs a number of diverse teams assisting various commercial energy sector and federal government cyber security senior leaders and stakeholders in the design, development, implementation, and assessment of Cyber Security Programs at the Corporate/Departmental Headquarters and Strategic Business Operations levels. He is also a leader in the firm’s energy sector Smart Grid Initiative and serves as the Firm’s representative to the industry’s Smart Grid Interoperability Panel and sits on NERC’s Smart Grid Task Force. During his seven years as an Air Force Intelligence Officer, he was a key player in the Air Force standing up its first operational Information Warfare Squadron and led a special access program team supporting Air Force Information Warfare capabilities. As a DOD threat analyst, he published several classified papers on Cyber Security Threats and was a primary author on two National Intelligence Assessments. He has also given numerous public and closed-hearing presentations at the Departmental (DOD, State, DOE) and Congressional level on Internal/External Threats to US systems and critical (Energy) infrastructure as well as the vulnerability of said systems and infrastructure.

Ernest McDuffie

Lead for the National Initiative for Cybersecurity Education (NICE)
United States Department of Commerce (D)C)
National Institute of Standards and Technology (NIST)
Schedule: 10/13/2011 – 9:30
Presentation: NIST National Initiative for Cybersecurity Education
In early 2010 the National Institute of Standards and Technology (NIST) was selected as the lead agency for the National Initiative for Cybersecurity Education (NICE) and they identified Dr. McDuffie to be the Leader of this effort and is now in transition between two positions. He was appointed (the other position) Associate Director of the National Coordination Office (NCO) for Networking and Information Technology Research and Development (NITRD) in February 2008. From early September 2009 until early November 2009 he served as Acting Director of the NCO. His appointment as the Associate Director of the NCO comes after joining the NIST as a Computer Scientist in their Information Technology Laboratory, Office of Federal and Industrial Relations. In August 2006, Dr. McDuffie joined the NCO where he served as the Technical Coordinator for the Cyber Security and Information Assurance (CSIA) Interagency Working Group (IWG), Federal Agency Administration of Science and Technology Education and Research (FASTER) Committee of Practice (CoP), and the Software Design and Productivity (SDP) Coordination Group (CG). Prior to joining the NCO, Dr. McDuffie served as the Deputy Director of the Office of Naval Research (ONR) – Science and Technology for America’s Readiness (N-STAR) Initiative. He served as the Lead Program Director for the Federal Cyber Service: Scholarship for Service (SFS) Program at the National Science Foundation (NSF). He served as an Assistant Professor at Florida State University in the Department of Computer Science where he taught both graduate and undergraduate courses in CS for seven years. Dr. McDuffie has participated in software engineering projects for the U.S. Air Force, the National Center for Atmospheric Research, the Federal Aviation Administration, Lockheed Missiles and Space Company, Los Alamos National Laboratory, and the National Security Agency.

Dr. McDuffie received his Ph.D. and M.S. degrees in Computer Science from the Florida Institute of
Technology in Melbourne, Florida.