SECURITY ANALYST SUMMIT

Mark Dowd is a veteran of the security industry who has spent his career focusing on application security research. Over the course of his career, Mark has found numerous software vulnerabilities in widely deployed operating systems and software. He has found vulnerabilities in critical software components in server operating systems, client-side software and, more recently, smart phones. He has spoken at numerous industry conferences, and is a member of the BlackHat Review Board. He is also the co-author of “The Art of Software Security”, published by Addison Wesley.

Professor Catherine Lotrionte is the Director of the Institute for Law, Science and Global Security and Visiting Assistant Professor of Government and Foreign Service at Georgetown University. Professor Lotrionte teaches courses on national security law, US intelligence law, and international law. In addition to teaching, Professor Lotrionte coordinates research projects and events for the Institute for Law, Science and Global Security at Georgetown. She is the Institute Liaison for the Program on Nonproliferation Policy and Law, funded by the Defense Threat Reduction Agency, in cooperation with the Monterey Institute for International Studies’ James Martin Center for Nonproliferation Studies. Professor Lotrionte is also the Director of the CyberProject. Professor Lotrionte and the Institute focus on the role of international and domestic law in recent and upcoming developments in cyber-technology and cyber-threats.

Ron Gula started his cyber-security career as a network penetration tester for the NSA. At BBN, he developed network honeypots to lure hackers and he ran US Internetworking’s team of penetration testers and incident responders.
As CTO of Network Security Wizards, Ron pioneered the art of network security monitoring and produced the Dragon Intrusion Detection System which was recognized as a market leader by Gartner in 2001.
As CEO and co-founder of Tenable Network Security, Ron led the company’s rapid growth and product vision from 2002 through 2016. He helped the company scale to more than 20,000 customers worldwide, raise $300m in venture capital and achieve revenues in excess of $100m annually.

Sergey started his career at Kaspersky Lab in 2005, joining the company as a Virus Analyst before going on to become Head of the Non-Intel Research Group. He was appointed malware expert for Kaspersky Lab’s Russian Research Center in 2009 and has since risen to the position of Principal Security researcher, conducting research into banking threats and cyber-espionage. Sergey’s areas of expertise also include embedded system security, cybercriminal ‘partner networks’, non-Windows threats (Mac OS, Unix OS), botnets and other aspects of cybersecurity.

Rid’s most recent book is Rise of the Machines, out in June 2016, in German as Maschinendämmerung. It tells the sweeping story of how cybernetics, a late-1940s theory of machines, came to incite anarchy and war half a century later. His recent research article, “Attributing Cyber Attacks,” was designed to explain, guide, and improve the identification of network breaches (Journal of Strategic Studies 2015). Rid’s book Cyber War Will Not Take Place (Oxford University Press/Hurst 2013) analysed political computer network intrusions; a Chinese translation is forthcoming with the People’s Publishing House. His text “Deterrence Beyond the State” (Contemporary Security Policy 2012) opened a fresh conceptual angle on the deterrence debate by exploring Israel’s experience with non-state militants. His articles appeared in major English, French, and German peer-reviewed journals as well as magazines and news outlets.

Currently, Director General of the Israeli National Cyber Security Authority. Former CEO of Sphera Systematic Hedge fund, part of Sphera, the largest Israeli Hedge Funds management group (>$1B AUM). Former Head of M.O.D. Cyber and Technology Defense Authority. Published several academic articles in cyber arena. Ex-Officer at one of IDF’s elite technological units. Entrepreneur and founder with over 30 years of experience in leading of large research and development teams. Vast experience in research, development, implementation and practical execution of mathematical algorithms for capital market trading. Engineer, Bachelor of Science in Electronics and Computing (B.Sc.) from Ben-Gurion University; Wide knowledge and experience in parallel and supercomputing engineering.

John Lambert has been at Microsoft for 15 years. He is the General Manager of the Microsoft Threat Intelligence Center. The Center is responsible for detecting and disrupting adversary based threats aimed at Microsoft and its customers. Its mission is to drive detective innovations into products and services to raise the ability for every defender to deal with adversary based threats through security research, threat intelligence, forensics, and data science. Previously at Microsoft, Lambert worked in the Trustworthy Computing group for ten years and the Windows Security group on features related to cryptography and security management.
He joined Microsoft after three years at IBM as a developer in their software group. Lambert holds a bachelor’s degree in computer science from Tulane University and is named on more than nine software patents and seven pending applications.

Peter Kruse co-founded the Danish IT-security company CSIS in 2003 and is currently leading the eCrime department which provides services mainly aimed at the financial sector.
His ability to combine a keen appreciation of business needs and a profound technical understanding of malware has made CSIS a valued partner of clients in both Scandinavia and the rest of Europe.
Today, Peter is by far the most quoted IT-security expert in Denmark and considered among the most recognized in Europe. He has a long history of active participation in several closed and vetted top IT-security communities and has numerous international connections in the antivirus- and banking industry, law enforcement and higher education institutions. He is also a member of CARO.

Katie Moussouris is a noted authority on vulnerability disclosure and bug bounties, and the founder and CEO of Luta Security, Inc. Katie helped the US Department of Defense start the government’s first bug bounty program, called “Hack the Pentagon,” and “Hack the Army”, as well as helped advise on the DoD’s ongoing vulnerability disclosure program. Katie created Microsoft’s bug bounty programs, and started Microsoft Vulnerability Research. She is also a subject matter expert for ISO standards in vuln disclosure (29147), vuln handling processes (30111), and secure development (27034). Katie is a visiting scholar with MIT Sloan School, doing research on the vulnerability economy and exploit market. She is a New America Foundation Fellow and Harvard Belfer Affiliate. Katie is also part of the official US Wassenaar delegation. She is on various CFP review boards, and is an adviser to the Center for Democracy and Technology.

Kris leads PwC’s Cyber Threat Detection and Response team which comprises of highly specialised cyber security professionals. He is responsible for the delivery of our cyber threat response capabilities which enables clients to resist, detect and respond to advanced cyber attacks. Focusing on cyber crime, espionage investigations and technical countermeasures, his team is regularly called on to investigate and contain network intrusions and provide actionable threat intelligence to clients in crisis situations.
Since joining PwC, Kris has led complex and multinational civil and criminal investigations that require advanced digital forensics and data mining. He also has a strong background working closely with legal counsel on strategies for data retention, collection, analysis and disclosure on a number of high profile regulatory compliance investigations involving both structured and unstructured data. Kris has a wealth of experience in malware reverse engineering and secure systems and network architecture design.

Chris Eng has over 15 years of application security experience. As Vice President of Research at Veracode, he leads the team responsible for integrating security expertise into Veracode’s technology. Throughout his career, he has led projects breaking, building, and defending web applications and commercial software for some of the world’s largest companies.
Chris is a frequent speaker at premier industry conferences, such as BlackHat, RSA, OWASP, and CanSecWest, where he has presented on a diverse range of application security topics, including cryptographic attacks, agile security, mobile application security, and security metrics. Chris has been interviewed by Bloomberg, Fox Business, CBS, and other media outlets regarding security trends and noteworthy events. Additionally, he has served on the advisory board of the SOURCE Boston conference since its inception.
Chris holds a B.S. in Electrical Engineering and Computer Science from the University of California. Chris is an unabashed supporter of the Oxford comma and hates when you use the word “ask” as a noun.

Nick Biasini’s interest in computers and technology started at a young age when he tore apart his parents brand new 486SX PC. Ever since he has been tinkering with computers in one way or another. In his time with Talos Nick has been responsible for exposing new details to major threats, with a focus on crimeware. This includes exposing the Angler exploit kit, identifying new techniques like Domain Shadowing, helping to stop a large scale Nuclear exploit kit campaign, and revealing clever spam campaigns delivering ransomware. Nick has a master’s degree in digital forensics from the University of Central Florida and has worked for government and private sector environments in his career.