RSA Conference US Podcast

Art Gilliland, Senior Vice President, and General Manager, HP Software Enterprise Security Products, Hewlett-Packard Company Market forces are organizing our adversaries, driving cooperation, specialization and efficient predatory behavior. Their rapid adoption of new technologies and efficacy in information sharing have trumped our more static defenses. Learn why security frameworks like ISO or PCI hinder security, and how improvements such as benchmarking can persuade criminals to look elsewhere for targets. Art Gilliland, Senior Vice President of HP Software Enterprise Security Products (ESP), oversees security solutions and services across HP’s vast product portfolio and helps enterprise customers manage risk and compliance requirements. A 15-year veteran of the enterprise security industry, Gilliland joins HP from Symantec, where he served as a Senior Vice President of the Information Security Group.   As part of the original IMlogic team, he served as Vice President of products and marketing and helped grow that company into an industry leader before it was acquired by Symantec.  He also served as a Senior Consultant for Gemini Consulting, which specialized in innovation and technology strategies. Gilliland holds several key patents and is a CISSP.  Download <07:56>

Andy Ellis, Chief Security Officer, Akamai Technologies  Risk management is not a science... it’s an art.  To manage risk effectively, we need to understand how people feel about, and react to risk.  Akamai CISO Andy Ellis will talk about how research into the psychology of risk has informed his approach to information security and enabled him to manage the security of Akamai’s vast cloud platform with a very lean team.  Andy Ellis is Akamai's Chief Security Officer, responsible for overseeing the security architecture and compliance of the company's massive, globally distributed network. Ellis is the designer and patent holder of Akamai's SSL acceleration network, as well as several of the critical technologies underpinning the company's Kona Security Solutions. He is at the forefront of Internet policy; as a speaker, blogger, member of the FCC CSRIC, supporting Akamai's CEOs on the NIAC and NSTAC, and an advisory board member of HacKid. He is a graduate of MIT and a former US Air Force officer, the recipient of the CSO Magazine Compass Award, the Air Force Commendation Medal, The Wine Spectator's Award of Excellence, and the Spirit of Disneyland Award. Ellis can be found on Twitter as @csoandy.  Download <07:42>

Dmitri Alperovitch, Co-Founder & CTO, CrowdStrike  Dmitri Alperovitch is Co-Founder and CTO of CrowdStrike, leading Intelligence, Research and Engineering teams. A renowned computer security researcher, he is a thought-leader on cybersecurity policies and state tradecraft. As former VP of Threat Research at McAfee, he led company’s Internet threat intelligence analysis, correlation, and visualization. In 2010 and 2011, Alperovitch led the global team that investigated and brought to light Operation Aurora, Night Dragon and Shady RAT groundbreaking cyberespionage intrusions, and named those incidents. Alperovitch serves on Georgia Tech Information Security Center Industry Advisory Board and is a Senior Fellow at Atlantic Council.  Download <04:17>

David Burhop, Deputy Commissioner and Chief Information Officer, Commonwealth of Virginia - DMV Michael Farnsworth, Commonwealth Authentication Service (CAS) Project Manager, Commonwealth of Virginia - DMV  For the past 17 years, David Burhop has led large divisions within organizations and continues to do so within the DMV. Burhop’s teams have been recognized by multiple organizations such as the Harvard School of Government (Patient/Resident Automated Information System), Hewlett Packard (Innovations in Technology National Award), Governing Technology magazine (Best of the Web), Computerworld magazine (Network Topology), AAMVA (Best of the Web; various motor vehicle applications), Governor's Technology (DMV business applications) and others. He is a frequent speaker at industry events, a member of numerous state organizations and is considered an executive thought leader within the Commonwealth.  With nearly 20 years IT experience, Mike Farnsworth has served many roles for the Virginia DMV in the past 13 years, most recently leading the Commonwealth Authentication Service (CAS) e-identity initiative, a multi-agency collaboration providing an enterprise authentication system of NIST LOA 1-3 compliant credentials available to more than 90 executive branch agencies.  Farnsworth began his career in the defense industry and prior to that, served as a program manager for the Mobilization, Education, Training and Security Division for the 67th Combat Support Hospital in Wurzburg, Germany. He is a frequent speaker at industry events, a member of numerous state organizations, maintains numerous IT certifications and is considered a thought leader in the identity management arena.  Download <06:49>

Lawrence Dietz, General Counsel and Managing Director, Information Security, TAL Global Corporation  Lawrence Dietz is a member of the Bar of the US Supreme Court and the Bar of the State of California where he serves on the Cyberspace Law Committee. Dietz has been a licensed attorney since 1990 and has had experience in a variety of Internet and business law matters. Dietz served as General Counsel of TAL Global since 2010.Dietz has particular expertise in contract drafting and negotiation, partner agreements, sub-contractor agreements, NDAs and intellectual property.  Download <03:31>

Mark Risher, Chief Executive Officer and Co-founder, Impermium  Mark Risher is CEO and Co-founder of Impermium, a service which protects the Internet from social spam, fraud and abuse. An expert on the bad things people do online, Risher previously served as the “Spam Czar” for Yahoo!, where he was the manager of global product development for security and abuse products to protect over 300MM user accounts. He was also the Sr. Director of Product Management for Yahoo! Mail, leading development and execution of product strategy and business development for strategic deals across the platform. He graduated from Harvard University with a degree in Computer Science.  Download <06:33>

Joshua Corman, Director of Security Intelligence, Akamai Technologies David Etue, Vice President, Corporate Development Strategy, SafeNet  Joshua Corman is the Director of Security Intelligence for Akamai.  Most recently he served as Research Director for Enterprise Security at The 451 Group. Mr. Corman’s cross-domain research highlights adversaries, game theory and motivational structures. His analysis cuts across sectors to the core security challenges plaguing the IT industry, and helps to drive evolutionary strategies toward emerging technologies and shifting incentives.   A staunch advocate for CISOs, Corman also serves as a Fellow with the Ponemon Institute, on the Faculty for IANS, co-founder of Rugged Software and was a Top Influencer of IT in NetworkWorld. Corman received his bachelor’s degree in philosophy, graduating summa cum laude, from the University of New Hampshire.  David Etue brings together experience and perspective from a number of security roles including security program leadership, management consulting, product management and technical implementation. Etue is the VP of Corporate Development Strategy at SafeNet, where he is responsible for strategic decisions regarding partnerships and mergers & acquisitions. He was previously the cyber security practice lead at management consultancy PRTM, VP of Products & Markets at Fidelis Security Systems, led General Electric's global computer security program and held various positions in technology strategy, operations and product management. He is a Certified Information Privacy Professional, a Certified CISO, a graduate of GE’s Information Management Leadership Program and a Six Sigma Green Belt.  Download <06:07>

Jason Andress, Security Researcher  Dr. Jason Andress is a seasoned security professional with a depth of experience in both the academic and business worlds. In his present and previous roles, he has provided information security expertise to a variety of companies operating globally. He has taught undergraduate and graduate security courses since 2005 and conducts research in the area of data protection. He has written several books and publications covering topics including data security, network security, penetration testing, and digital forensics.  Download <04:15>

Daniel Ayoub, Manager, Product Marketing, Dell SonicWALL  Modern brute force attacks leverage powerful graphics processors to crack passwords in a fraction of the time a traditional CPU would take. In this session, we'll examine the practical application of utilizing a graphics processor to attack hashes and passwords. We will examine the efficiency of various platforms and discuss the benefits of using graphics cards as a password cracking platform.  Daniel Ayoub is a network security engineer most recently engaged as the Manager of Product Marketing for Dell SonicWALL. Daniel has been involved with implementing information security systems and methodologies to public-sector corporations and numerous small-medium sized businesses. He has also been published in several publications including: 2600 magazine, SC magazine, and Network World. His areas of interest include penetration testing, CSIRT, malware and digital forensics. He has a Bachelor’s of Science in Electrical Engineering from the University of California, Irvine and numerous technical certifications including CISSP, CISM, CISA, CCNP, CCSP & CEH.  Download <03:35>

Lance Spitzner, Director, Securing The Human program, SANS Institute  Mr. Spitzner is the Training Director at SANS Securing The Human program and has helped develop and implement numerous multi-cultural security awareness programs around the world. He invented and developed the concept of honeynets, is the author of several books, and has published over thirty security whitepapers. Mr. Spitzner started his security career with Sun Microsystems and is the founder of the Honeynet Project. Mr. Spitzner serves on the Distinguished Review Board for AFIT, Technical Review Board for CCIED, and the Information Assurance Curriculum Advisory Board at DePaul University. Before working in information security, Mr. Spitzner served as an armor officer in the Army's Rapid Deployment Force and earned his MBA from the University of Illinois-Chicago.  Download <05:06>

Dawn Cappelli, Technical Manager, Carnegie Mellon University CERT Insider Threat Center  Dawn Cappelli is Founder and Technical Manager of the CERT Insider Threat Center and the Enterprise Threat & Vulnerability Management team in Carnegie Mellon’s Software Engineering Institute. Her team members are domain experts in insider threat and incident response; they research, analyze and model cyber threats; develop and conduct security assessments; and provide solutions and training for preventing, detecting and responding to illicit cyber activity.  Cappelli is invited to speak at national and international venues, is adjunct professor in CMU’s Heinz College, Vice-Chair for CERT’s CSIH Certification Advisory Board, on the program committee for RSA and HICSS conferences and was awarded the 2011 SEI Director's Office Award of Excellence.  Download <04:10>

Moderator: Simon Bramfitt, Founder and Principal Analyst, Entelechy Associates  The BYOD movement is changing how business is done. It is creating a nightmare for CSOs, CIOs and IT managers who are struggling to create a mobile strategy, that is not only secure, but also does not impact user experience. How do you balance the irresistible convenience of enabling a mobile workforce with the cost, security and privacy challenges that are bound to come up?  Simon Bramfitt is the founder and principal analyst at Entelechy Associates where he covers application delivery, desktop management and virtualization technologies. He works extensively with end-user organizations, advising them on architecture and best practices for both private cloud and desktop transformation initiatives, and with technology startups. He has worked with application delivery and endpoint management technologies for over 25 years and has long been recognized as a thought leader in the virtualization space. Prior to founding Entelechy Associates, he covered desktop virtualization at Burton Group and Gartner and was a senior architect at Kaiser Permanente.  Download <07:18>

Kate Randal, Insider Threat Analyst, Federal Bureau of Investigation Patrick Reidy, Chief Information Security Officer, Federal Bureau of Investigation  Kate Randal is an Insider Threat Analyst at the Federal Bureau of Investigation and leads the psychosocial indicator development program.  She holds a Masters degree in Forensic Psychology and has wide range of experience in internal security matters, to include information assurance, physical security and personnel security.  In her current role, she leads a multi-agency psychosocial indicator research project, is the program liaison to behavioral analysis and works on active FBI insider threatinvestigations. Prior to her work with the FBI, she provided investigative and research support to both CNN and the Vera Institute of Justice.  Patrick Reidy is the Chief Information Security Officer at the Federal Bureau of Investigation. During his 16 year carrier in information assurance Reidy has worked in both the private and public sectors. During his time with the FBI he led the development of the FBI’s information assurance and advanced cyber adversary protection programs focused on insider misuse. Over his professional career he has been involved in the investigation, analysis and mitigation of hundreds of insider threat and computer intrusion incidents. He holds a Masters in Information Assurance from Eastern Michigan University and a Masters of Science in Strategic Intelligence from the National Intelligence University. In addition, he holds several industry certifications including a CISSP.  Download <06:26>

Thomas Stamulis, Regional Director, Verizon   Tom Stamulis is a Regional Director with Verizon's Security Services. Stamulis has worked in information security for more than 20 years specializing in the financial, insurance and medical industries. He manages the delivery of a Security Management Program providing a programmatic approach to security management reducing security risks, improving overall security posture and enabling customers to meet Governance, Risk and Compliance issues. He spent 20 years in the U.S. Army serving in communications and as a Counterintelligence Agent .  He holds a CISSP certification from (ISC)2, the CISM and CRISC from ISACA and the HISP certification focusing on international standards, best practices and comprehensive frameworks for developing robust and effective information security programs.  Download <06:11>

Wiliam Hagestad, Author, Red Dragon Rising  Examine several distinct elements of current Chinese cybernetic doctrine. The main points will include the history of traditional Chinese warfare, its application to official Communist "informization" doctrine today and what it means for the Chinese State, People's Liberation Army and State Owned Enterprises.  LtCol Hagestad provides current cyber threat assessments to international defense, intelligence and law enforcement entities. He speaks domestically and internationally on the Chinese Cyber Threat. LtCol Hagestad studied Third Year Mandarin Chinese at Nakai University, Tianjin, People’s Republic of China in 1983-1984. His first book, “21stCentury Chinese Cyber Warfare” was published March 2012. LtCol Hagestad holds a Master of Science in Security Technologies from the College of Science & Engineering and a Master of Science in the Management of Technology from the Technological Leadership Institute,  both from the University of Minnesota. He received a Bachelor of Arts in Mandarin Chinese, with minor emphasis in Classical Chinese and Modern Japanese, also from the University of Minnesota.  Download <05:30>