The Cybersecurity 202 Network:\
The Network is a group of high-level digital security experts from across government, the private sector and security research community invited by The Washington Post to vote in surveys on the most pressing issues in the field. Our regular surveys will highlight insights from some of the most influential people in cybersecurity. They include members of Congress and the Trump administration, the country’s top security researchers and senior leaders at companies as varied as Facebook, General Motors and Visa. Their responses will be featured in The Cybersecurity 202 newsletter and elsewhere on The Post.
Aitel is the founder and former CEO of of Immunity Inc. Recruited by the National Security Agency at the age of 18, Aitel served six years as a security scientist before moving on to work as a consultant for @stake. He launched Immunity Inc. in 2002, advising customers ranging from major financial institutions to Fortune/Global 500 companies to government agencies.
Alperovitch is co-founder and chief technology officer of CrowdStrike. He has received numerous awards and recognitions, including appearing on Fortune’s “40 Under 40” list; Politico’s guide to the 50 most influential doers, thinkers and visionaries; MIT’s “Innovators Under 35” and Foreign Policy’s Leading Global Thinkers.
Baker is a partner at the law firm of Steptoe & Johnson. From 2005 to 2009, he was the first assistant secretary for policy at the Department of Homeland Security. Baker has been general counsel of the National Security Agency and general counsel of the commission that investigated WMD intelligence failures before the Iraq war.
Laura Bate is currently a cybersecurity policy fellow and was previously a policy analyst with the Cybersecurity Initiative at New America. She is a director for cyber engagement at the U.S. Cyberspace Solarium Commission and a member of the Mid-Atlantic Affiliate of Women in Cybersecurity.
Beckerman is vice president and head of U.S. public policy at TikTok. Beckerman is the former president and CEO of the Internet Association. Under his leadership, association membership has grown to over 40 top Internet companies. Beckerman is regularly cited as an authority on Internet policy and speaks regularly about the industry’s perspective on policy issues. He was recognized by Washingtonian magazine as one of D.C.’s Tech Titans and by Recode as one of Silicon Valley’s top advocates in Washington.
Bejtlich is a principal security strategist at Corelight. Previously, he was chief security officer at Mandiant and chief security strategist at FireEye. He was a military intelligence officer and leader at the Air Force CERT and created the General Electric CIRT.
Blaze is a professor in the Computer and Information Science department at the University of Pennsylvania, where his research focuses on computer security, cryptography, privacy and the relationship between technology and public policy. He is especially interested in the implications of large-scale systems, surveillance technologies and electronic voting.
Thomas P. Bossert
Bossert is the president of Trinity Cyber and previously held the role of chief strategy officer at the company. Before joining Trinity Cyber, he was homeland security advisor to two U.S. presidents, serving as the nation’s chief risk officer and senior advisor on cybersecurity, homeland security, counterterrorism and global health security policy, managing a range of domestic and transnational security issues and consequence management operations. He’s currently the national security analyst for ABC News and is a senior fellow at the Scowcroft Center for Strategy and Security at the U.S. Atlantic Council.
Boyer is vice president of global public policy at AT&T Services where he is responsible for the company's global policy positions on issues at the intersection of emerging technology, cybersecurity and national security. He supports AT&T’s CEO with work on the Homeland Security Department’s National Security Telecommunications Advisory Council and is a former chairman of the National Institute of Standards and Technology’s Information Security and Privacy Advisory Board. He is a member of the executive committee and former vice chair of the Communications Sector Coordinating Council.
Brill is Microsoft’s chief privacy officer, corporate vice president and deputy general counsel for privacy and regulatory affairs. Before Microsoft, Brill joined global law firm Hogan Lovells as partner and co-director of its privacy and cybersecurity practice. Brill also served for six years as a commissioner of the U.S. Federal Trade Commission.
Brooks is the president of Brooks Consulting International. He is a faculty member at Georgetown University’s cybersecurity risk management and applied intelligence graduate programs. He served at the Department of Homeland Security as the first legislative director of the Science & Technology directorate.
Brumley is the CEO and co-founder of ForAllSecure and a professor at Carnegie Mellon University. ForAllSecure's mission is to make the world's software safe. The company also develops automated techniques to find and repair exploitable bugs to make this happen.
Cain is vice president for technology, innovation and mobility policy at the Alliance for Automotive Innovation trade association where she handles policy issues relating to connected and automated vehicle technology, including cybersecurity and data privacy. She was previously Toyota’s director of technology and innovation policy. Before that she was on the staff of the U.S. House Committee on Science, Space, and Technology and served as staff director of the House Science subcommittee on Technology and Innovation.
Carhart is a principal threat hunter at the industrial cybersecurity company Dragos Inc. She is a subject matter expert in cybersecurity incident response with a focus on nation-state adversaries and regularly speaks on the topic at conferences and universities. In 2017, Carhart was named a “Top Woman in Cybersecurity” by Cyberscoop news and received the Guidance EnFuse Women in Technology award.
Carlin is the acting Deputy Attorney General and a former assistant attorney general for the Justice Department’s National Security Division. He is a former partner in Morrison & Foerster’s Washington office. He has served as a top-level official in both Republican and Democratic administrations, most recently as the DOJ’s highest-ranking national security lawyer. In this capacity, Carlin oversaw nearly 400 employees responsible for terrorism, espionage and cyber, and other national security threats.
Carr is an internationally known cybersecurity consultant, entrepreneur and author. He’s a fellow with the Ponemon Institute, senior analyst at Wikistrat and founder of Suits and Spooks and the Securing Mobility Summit.
Chabinsky is a partner and the global chair of data, privacy and security at White & Case LLP. He previously served as a member of the White House Commission on Enhancing National Cybersecurity, the general counsel and chief risk officer of CrowdStrike and deputy assistant director of the FBI’s Cyber Division.
Chang is a non-resident affiliate with the Belfer Center’s Cyber Security Project at the Harvard Kennedy School. Chang also works in the financial sector on cybersecurity issues. Before that, Chang served as the staff director of the U.S. House Foreign Affairs subcommittee on Asia and the Pacific. She was the Norman R. Augustine research associate in the Technology & National Security Program at the Center for a New American Security.
Chesney is a law professor at University of Texas at Austin who teaches and writes about an array of national security and cybersecurity issues. He is a co-founder of Lawfare, directs UT’s Strauss Center and co-hosts the weekly National Security Law podcast.
Cilluffo directs Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security. He previously directed George Washington University’s Center for Cyber and Homeland Security. He was special assistant to President George W. Bush for homeland security.
Cohn is the executive director of the Electronic Frontier Foundation. From 2000 to 2015, she served as EFF’s legal director as well as its general counsel. Cohn first became involved with EFF in 1993, when the foundation asked her to serve as the outside lead attorney in Bernstein v. Department of Justice, the successful First Amendment challenge to the U.S. export restrictions on cryptography.
Cole is the chief technology officer at Attivo Networks. He previously served in a number of executive roles at FireEye, McAfee and Symantec, leading consulting groups globally, and is a former cyber operator in the U.S. Army. Cole is on the Gula Tech Foundation Grant Advisory Board, Bayshore Networks Advisory Board, and TDI Security Advisory Board where he actively helps with their strategy.
Cooper is a policy director at the Aspen Institute and a senior adviser at Albright Stonebridge Group. Dr. Cooper joined ASG and Aspen after serving as the executive director of the Berkeley Center for Long-Term Cybersecurity at the University of California, Berkeley, where she managed a $15 million cybersecurity organization and published research on cybersecurity policy. Previously, she served at the U.S. Department of Homeland Security as an attorney advisor to the deputy general counsel and as a policy counselor in the Office of Policy, and worked for over a decade in homeland security consulting.
Cross has led cybersecurity research efforts at OPAQ Networks, Lancope and IBM’s X-Force Advanced Research team. His areas of expertise include vulnerability disclosure, network security and cyber-conflict.
Cummiskey is the CEO of Cummiskey Strategic Solutions, which specializes in cyber and homeland security consulting. Cummiskey served for 25 years in federal and state government as an under secretary at the Department of Homeland Security, a state chief information officer and state senator. He also serves as a senior fellow with Auburn’s McCrary Institute for Cyber & Critical Infrastructure Security and Virginia Tech’s Hume Center for National Security & Technology.
Daniel is president and CEO of the Cyber Threat Alliance. Previously, Daniel served from June 2012 to January 2017 as special assistant to President Barack Obama and cybersecurity coordinator on the National Security Council staff. In that role, Daniel led the development of national cybersecurity strategy and policy, and ensured that the U.S. government effectively partnered with the private sector, non-governmental organizations and other nations.
Daly is chief technology officer for cybersecurity and special missions for Raytheon Intelligence, Information and Services. He supports the National Security Telecommunications Advisory Committee to the U.S. president. Daly has worked with both the private sector and the federal government on things including software engineering for law enforcement and as a manager of enterprise applications and distributed computing.
Daskal is a professor and faculty director of the Tech, Law & Security Program at American University Washington College of Law, where she teaches and writes in the fields of cyber, national security, criminal and constitutional law. Previously, she was counsel to the assistant attorney general for national security at the Department of Justice, and she is an executive editor of the Just Security blog.
Dawson is executive director of i2Coalition and co-founder of Open-i Advisors Inc. Dawson went from 16 years as an executive at Web hosting provider ServInt to help co-found the i2Coalition to ensure that those who build the infrastructure of the Internet have a say in policy that affects them.
Jing de Jong-Chen
De Jong-Chen is a senior associate of the Center for Strategic and International Studies, with a focus on technology policy and cyber governance. She was a partner and general manager of global security strategy at Microsoft Corporation with over 15 years of cybersecurity experience. She also served as vice president of the Trusted Computing Group for 10 years and is a board adviser of the Executive Women’s Forum.
Joel de la Garza
De la Garza is a partner at Andreessen Horowitz and is focused on information security. Before this, he was the chief security officer at Box. From 2007 to 2013, he was the global head of Threat Management and Cyber Intelligence for Citigroup. Earlier, he ran Security Incident Response for Deutsche Bank.
Eggers is vice president for cybersecurity policy in the Cyber, Intelligence, and Security Division at the U.S. Chamber of Commerce. He leads the Chamber’s Cybersecurity Working Group, which focuses on developing and advocating for the Chamber’s cyber policies before Congress, the administration and the business community.
Ekeland is managing partner for Tor Ekeland Law PLLC (New York) and partner at TorMark Law LLP (California). He represents hackers nationally in federal criminal court and regularly consults on cybersecurity and computer law.
Ellis is the chief security officer of Akamai Technologies. He is the designer and patentholder of Akamai's SSL acceleration network, as well as several of the critical technologies underpinning the company’s Kona Security Solutions. Ellis is at the forefront of Internet policy; as a speaker, blogger, member of the FCC CSRIC, supporting Akamai's CEOs on the NIAC and NSTAC, and an advisory board member of HacKid. He is a graduate of MIT and a former U.S. Air Force officer, the recipient of the CSO Magazine Compass Award and Air Force Commendation Medal.
Enright is the director of Google's global privacy legal team. He joined Google in March 2011 after more than 10 years at high-growth start-ups, large consulting practices and Fortune 500 retail and online services organizations.
Espinel is CEO of BSA|The Software Alliance. She leads strategic efforts aimed at shaping the technology landscape in 60 countries. Espinel also serves as president of Software.org: the BSA Foundation and chairs the World Economic Forum’s Future of the Digital Economy group. She was an adviser to former President Barack Obama on intellectual property and a chief trade negotiator under George W. Bush.
Fick has been CEO of Endgame since 2012. He is also an operating partner at Bessemer Venture Partners. Before joining Endgame, Fick was CEO of the Center for a New American Security. He led Marine Corps infantry and reconnaissance units in combat in Afghanistan and Iraq. His book about that experience, “One Bullet Away,” was a New York Times bestseller and a Washington Post "Best Book of the Year.”
Finan is CEO and co-founder of Manifold Technology, a provider of high-performance blockchain infrastructure. Finan previously served in the Obama administration as the director for cybersecurity legislation and policy on the National Security Council staff and worked on the development of new cyber-warfare technologies at DARPA.
Flournoy is co-founder and managing partner of WestExec Advisors, a new consulting firm that advises companies on geopolitical risk and navigating international and USG markets. She served as the Undersecretary of Defense for Policy from 2009-2012.
Marcus Fowler is the director of strategic threat at Darktrace. Marcus spent 15 years at the Central Intelligence Agency developing global cyber operations and technical strategies.
Francois is the research and analysis director at Graphika, where she leads a data science and analysis team focused on analyzing social media manipulations. Before that, she served as the principal researcher for Google’s Jigsaw, where she led interdisciplinary research on state-sponsored cyberthreats against civil society, countering violent extremism and algorithmic biases in machine learning. Francois is a cybersecurity fellow at the New America Foundation and an affiliate at the Harvard-Klein Berkman Center for Internet & Society, where she pursues her work on mechanisms to establish peace and security in the face of cyber conflict.
Galante works with governments and corporations to respond to cyber threats through her consultancy, Galante Strategies and is a senior fellow at the Atlantic Council’s Cyber Statecraft Initiative. She previously led a contractor team at the Defense Intelligence Agency and later served as the Director of Global Intelligence at FireEye.
Galperin is the Electronic Frontier Foundation’s director of cybersecurity. She focuses on protecting vulnerable populations from unwanted tracking and surveillance and has contributed to countless security guides, including EFF's Surveillance Self Defense and the Security Education Companion. She has published research on state-sponsored malware from Vietnam, Syria, Kazakhstan and Lebanon.
Garcia is the executive director for cybersecurity of the Health Sector Coordinating Council, an industry cybersecurity group. He was appointed by President George W. Bush as the nation's first assistant secretary for cybersecurity and communications at the Homeland Security Department. He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held senior executive positions with Bank of America, 3Com Corporation, Information Technology Association of America, and American Electronics Association.
Geer is a security researcher with a quantitative bent. He is an electrical engineer (MIT) and a biostatistician (Harvard). He serves as the chief information security officer at In-Q-Tel. His staff produced Kerberos and the X Window System, his cybersecurity consulting firm was the first on Wall Street, and he and a colleague run the Index of Cyber Security. He received the USENIX Lifetime Achievement Award in 2011 and was inducted into the Cybersecurity Hall of Fame in 2016.
Geiger is senior director of public policy at Rapid7, where he leads U.S. policy engagement on cybersecurity, vulnerability disclosure, privacy, encryption, computer crime, and digital trade. Previously, Geiger was senior counsel at the Center for Democracy & Technology and senior legislative counsel for U.S. Rep. Zoe Lofgren.
Gerstell served as general counsel of the National Security Agency from 2015 to 2020. He’s now a senior adviser at the Center for Strategic & International Studies. Prior to joining the NSA, Gerstell was an attorney at the international law firm Milbank, LLP, where he focused on the global telecommunications and technology industries. He was managing partner of the firm’s Washington, D.C., Singapore, and Hong Kong offices. Gerstell also served on the President’s National Infrastructure Advisory Council and the District of Columbia Homeland Security Commission.
Ghosh founded and was CEO of Invincea until it was acquired by Sophos in March 2017. Before that, he was a program manager at the Defense Advanced Research Projects Agency where he created and managed an extensive portfolio of cybersecurity programs. He was recognized in 2014 by the Washington Business Journal as one of the Top 5 Most Admired CEOs in technology.
Gillis serves as vice president of cybersecurity strategy and global policy for Palo Alto Networks. He is responsible for developing corporate policy, serves as the company’s primary interface for global public policy and legislative matters and leads company participation in various industry associations. He previously spent nearly 15 years serving in a variety of roles in the U.S. government, as well as technology start-up and defense contracting companies. Most recently, he served as director of legislative affairs and cybersecurity policy for the National Security Council at the White House.
Gleicher is Facebook’s head of Cybersecurity Policy. He is an engineer and lawyer, and works at the intersection of technology, security and law. He has built security solutions, investigated and prosecuted cybercrime, and served as director for Cybersecurity Policy on the National Security Council staff.
Gordon is vice president and chief information security officer for Lockheed Martin Corporation. He was previously director of intelligence and operations for Lockheed Martin’s Corporate Information Security division. He is a founder and is serving his 10th year on the board of directors for the Defense Information Security Exchange and the National Defense Information Sharing and Analysis Center and serves as chairman of the Defense Industrial Base Sector Coordinating Council for the protection of critical national infrastructure.
Granick is surveillance and cybersecurity counsel with the American Civil Liberties Union’s Speech, Privacy, and Technology Project where she litigates, speaks, and writes about privacy, security, technology, and constitutional rights. She is the author of “American Spies: Modern Surveillance, Why You Should Care, and What To Do About It” and winner of the 2016 Palmer Civil Liberties Prize.
Grant established and led the National Program Office for the first new cybersecurity program launched by the Obama administration: the National Strategy for Trusted Identities in Cyberspace (NSTIC). As Venable’s managing director of its Technology Business Strategy, he works as part of the firm’s eCommerce, Privacy, and Cybersecurity team to advise clients in the IT, cybersecurity, identity and payments sectors.
Greene is the senior director of global government affairs and policy at Symantec, leading a team that focuses on cybersecurity, data integrity and privacy issues. Previously, Greene was senior counsel with the Senate Homeland Security and Governmental Affairs Committee. Greene is a member of the National Institute of Standards and Technology’s Internet Security and Privacy Advisory Board and was a guest researcher supporting the president’s Commission on Enhancing National Cybersecurity.
Grobman is McAfee’s chief technology officer. Previously, he spent over two decades in senior technical leadership positions at Intel focused on protecting the company’s own assets and building new security architectures into hardware and software as the chief architect for Intel’s vPro platform. He has published multiple technical papers and books, and holds 30 U.S. and international patents in the fields of security, software and computer architecture, with another 14 patents pending.
Hall is the senior vice president for a strong internet at the Internet Society, a global non-profit organization dedicated to an open, globally connected, secure, and trustworthy internet for everyone. Hall leads ISOC’s Strong Internet portfolio including encryption, routing security, and making the case for the critical properties of Internet. Hall is part of ISOC’s executive leadership team and provides substantive technical and policy expertise to ISOC’s programs.
Hancock is a principal at Advanced Cybersecurity Group, working with Fortune 100 companies and federal agencies on active cyber defense, critical infrastructure, cyber-operations, cyber-deterrence and intelligence. He’s also a senior fellow and adjunct professor at George Washington Center for Cyber and Homeland Security.
Hansen became the chief technology officer of Bit Discovery after his company OutsideIntel was acquired. Hansen has worked for Digital Island, Exodus Communications and Cable & Wireless and at eBay as a senior global product manager of trust and safety, focusing on anti-phishing, anti-malware and anti-virus. Later, he was the vice president of Labs for Whitehat Security.
Healey is senior research scholar at Columbia University’s School for International and Public Affairs, specializing in cyber-conflict and risk. He started his career as a U.S. Air Force intelligence officer, before moving to cyber-response and policy jobs at the White House and Goldman Sachs. He was founding director for cyber-issues at the Atlantic Council where he remains a senior fellow and is the editor of the first history of conflict in cyberspace, “A Fierce Domain: Cyber Conflict, 1986 to 2012."
Henderson leads IBM X-Force Red, an elite security testing team that specializes in network, application, physical, and device penetration testing, as well as vulnerability research. He works closely with his team to identify weaknesses and flaws before they’re exploited by “the bad guys” to help customers stay a few steps ahead of the criminals. He has been a featured speaker on security testing and incident response at various conferences around the world, including Black Hat, DEFCON, and RSA.
Hill is the chief information security official at MITRE Corp., where he works to keep networks secure while aiming not to hinder the creativity he believes powers technical advances.
Hoffman is founder and distinguished research professor at George Washington University’s Cyber Security and Privacy Research Institute. He developed the first regularly offered course on cybersecurity in 1970 and instituted GW’s CyberCorps scholarship program that has graduated over 100 cybersecurity experts in multiple disciplines. His research has included cryptography policy, societal vulnerability, and privacy. He is a fellow of the Association for Computing Machinery and has served on the Data Privacy and Integrity Advisory Committee of the Department of Homeland Security.
Howard is the chief security officer for Palo Alto Networks, where he is responsible for the company’s internal security program and the oversight of the Palo Alto Networks Threat Intelligence Team. He served in the Army for 23 years and spent the last two years of his military career running the Army’s CERT.
Niloofar Razi Howe
Howe has been an investor, executive and entrepreneur in the technology industry for the past 25 years with a focus on cybersecurity for the past 10 years. Most recently, Howe served as chief strategy officer and senior vice president of strategy and operations at RSA, a global cybersecurity company. Before RSA, Howe served as the chief strategy officer of Endgame. Before that, Howe spent 12 years leading deal teams in private equity and venture capital, first as a principal at Zone Venture and then as managing director at Paladin Capital Group, a Washington, D.C.-based private equity fund focused on investing in next generation security companies. Howe started her professional career as a lawyer with O’Melveny & Myers and as a consultant with McKinsey & Co.
Hultquist is the vice president of intelligence analysis at FireEye. He has over a decade of experience covering emerging cyberthreats, with a focus on cyberespionage and state capabilities. He is also the founder of CYBERWARCON, an annual cyber defense conference, and an adjunct professor at Georgetown University.
Hursti is considered one of the world’s foremost experts on voting security. He has conducted and co-authored studies on election systems vulnerabilities at the request of legislators and policymakers in five countries including the United States. He successfully demonstrated how Diebold Election Systems’ voting machines could be hacked in 2005, ultimately altering final voting results. Demonstrations of these attacks were filmed for an HBO documentary called “Hacking Democracy” which was nominated for an Emmy award for outstanding investigative journalism. He’s a founding partner of Nordic Innovation Labs.
Toomas Hendrik Ilves
Ilves was the president of Estonia from 2006 to 2016. He is a Berggruen fellow at the Center for Advanced Study in the Behavioral Sciences and distinguished visiting fellow at Stanford University’s Hoover Institution. Before assuming the presidency, Ilves served as vice-president of the Foreign Affairs Committee of the European Parliament (2004-2006), and foreign minister of Estonia (1996-2002), where he led Estonia’s EU and NATO accession process. From 1993-96 he served as Estonia’s first post-independence ambassador to Washington.
Irwin is head of security at Tendermint. Previously, Irwin worked to solve security obstacles for non-expert users as a strategic adviser, security executive and former security empress at 1Password.
Jaffer is senior vice president for strategy, partnerships, and corporate development at IronNet Cybersecurity. He previously served on the leadership team of the U.S. Senate Foreign Relations Committee as chief counsel and senior advisor, as senior counsel to the House Intelligence Committee, associate counsel to President George W. Bush in the White House, and on the leadership team of the Justice Department’s National Security Division, among other things. Jaffer also currently serves as the founder and executive director of the National Security Institute at George Mason University’s law school.
As senior vice president and senior technologist, Joffe leads Neustar’s security initiatives, and serves as Neustar’s national security executive. He has been involved in computing, technology and security for over 40 years. He is the founder of Genuity, sold to GTE (now Verizon) in 1997, and UltraDNS, sold to Neustar in 2006.
Johnson is a partner in the law firm of Paul, Weiss, Rifkind, Wharton & Garrison. He is the former secretary of Homeland Security (2013-2017), and the former general counsel of the Defense Department (2009-2010). Earlier in his career, Johnson was general counsel of the Air Force (1998-2001) and an assistant U.S. attorney in the Southern District of New York (1989-1991). Currently, Johnson is also a director of Lockheed Martin and a non-resident senior fellow at the Harvard Kennedy School.
Kaplan co-founded Synack after serving in several security-related capacities at the Defense Department, including its Incident Response and Red Team. Previously, Kaplan was a global network exploitation and vulnerability analyst at the National Security Agency, where his focus was supporting counterterrorism-related intelligence operations.
Kellermann is chief cybersecurity officer for Carbon Black. Before joining Carbon Black, he was the CEO and founder of Strategic Cyber Ventures, a cybersecurity venture capital firm, chief cybersecurity officer for Trend Micro and deputy chief information security for the World Bank Treasury. He was appointed the Wilson Center’s global fellow for cyber policy in 2017.
Kerr is a law professor at the University of California at Berkeley. He is a national expert in the field of computer crime and digital surveillance law. His articles are frequently cited in leading court decisions on electronic privacy and cybersecurity law. Before becoming an academic, he was a trial attorney at the Computer Crime and Intellectual Property Section of the Justice Department.
Rep. Jim Langevin (D-R.I.)
Langevin is a senior member of the Homeland Security Committee and the Armed Services Committee, where he serves as the ranking member of the subcommittee on Emerging Threats and Capabilities. Langevin is also the co-founder and co-chair of the Congressional Cybersecurity Caucus.
Lee is the CEO and founder of Dragos, a trusted leader in industrial cyberthreat detection and response. He started his career in the U.S. Air Force and National Security Agency where he built and led a first-of-its-kind mission for the U.S. government to identify national adversaries compromising industrial infrastructure companies.
Leiter is a partner at Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates, where he represents clients in matters involving national security and cybersecurity, cross-border transactions and government investigations. Prior to joining Skadden, Leiter most recently was president of Leidos Defense. He formerly was the director of the National Counterterrorism Center from 2007 until 2011 for both Presidents Bush and Obama, helped to establish the Office of the Director of National Intelligence and served as the deputy general counsel and assistant director of the President’s Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction.
Lewis is a senior vice president at the Center for Strategic and International Studies. He has written extensively on cybersecurity and technological competition. His government service included political-military, negotiating and intelligence assignments. Lewis was executive director for the CSIS Report “Cybersecurity for the 44th Presidency” and rapporteur for three United Nations Group of Government Experts negotiations on cybersecurity.
Libicki holds the Keyser Chair of Cybersecurity Studies at the U.S. Naval Academy. In addition to teaching, he carries out research in cyberwar, nuclear strategy and the general impact of information technology on domestic and national security. He is the author of a 2016 textbook, “Cyberspace in Peace and War.”
Lin is senior research scholar for cyber policy and security and Hank J. Holland fellow in Cyber Policy and Security at Stanford University. He is knowledgeable about the use of offensive operations in cyberspace as instruments of national policy and the impact of information warfare and influence operations on national security. He is also a member of the Science and Security Board of the Bulletin of Atomic Scientists. In 2016, he served on President Obama’s Commission on Enhancing National Cybersecurity.
Lotrionte is a Brent Scowcroft scholar at the Atlantic Council with the Cyber Statecraft Initiative in the Scowcroft Center for Strategy and Security. She is also the founder and former director of the CyberProject at Georgetown University, focusing on the role of international and domestic law in recent and emerging developments in the proliferation of weapons, technology and threats. Lotrionte previously served as counsel to the President’s Foreign Intelligence Advisory Board at the White House, on the Joint Inquiry Committee of the Senate Select Committee on Intelligence, as an assistant general counsel at the CIA and in the Justice Department.
As CEO of BluVector, Lovejoy’s role is developing a product she believes customers truly love. Previously, she was general manager of the IBM Security Services Division, charged with the development and delivery of managed and professional security services to IBM clients worldwide.
Massimilla is vice president for global cybersecurity at General Motors, a role that encompasses both product and corporate cybersecurity functions across all areas of the business. Previously, Massimilla led GM’s global Product Cybersecurity organization, which is developing and implementing protocols and strategies to reduce the risks associated with cybersecurity threats related to advanced technology vehicles and vehicle-connected services.
Matwyshyn is a professor of law at Northeastern University, where she is the co-director of the Center for Law, Innovation, and Creativity. She is also a faculty affiliate of the Center for Internet and Society at Stanford Law School and a senior fellow of the Cyber Statecraft Initiative at the Atlantic Council’s Brent Scowcroft Center on International Security. In 2014, she served as the senior policy adviser/academic in residence at the Federal Trade Commission.
McSweeny served as a commissioner of the Federal Trade Commission from 2014 to 2018. Before joining the FTC, McSweeny worked in a variety of government positions including as deputy assistant to President Barack Obama and domestic policy adviser to Vice President Joe Biden, chief counsel of the Justice Department’s Antitrust Division and counsel on the Senate Judiciary Committee.
Meinrath is the Palmer chair in telecommunications at Penn State University and the founding director of X-Lab, a think tank focusing on the intersection of vanguard technologies and public policy. He was elected as an Ashoka fellow for social entrepreneurship in 2012, named to the Time Magazine “Tech 40” as one of the most influential figures in technology and to the “Top 100” in Newsweek’s Digital Power Index. He is a recipient of the Public Knowledge IP3 Award for excellence in public interest advocacy. Prior to founding X-Lab, Meinrath was vice president of the New America Foundation, where he founded the Open Technology Institute in 2008.
Merrill is a data protection officer, privacy and information security lawyer, and technologist. Previously, she was at Electronic Arts (EA), and she served in government as an attorney at the Federal Trade Commission, where she worked on a variety of consumer protection matters including data security, privacy and deceptive marketing and advertising. She runs the Crypto and Privacy Village, which appears at the DEF CON conference each year.
Mickos is CEO of HackerOne, the leading provider worldwide of hacker-powered security. HackerOne operates the Hack the Pentagon program that has enabled the Defense Department to identify and fix 3,600 security vulnerabilities faster and at lower cost than using any other method. Previously, Marten served as senior vice president and general manager at Hewlett-Packard and at Sun Microsystems, and as CEO of Eucalyptus Systems and MySQL AB.
Miller is a security researcher known as the first to hack the iPhone and first to hack an Android phone. He also revealed vulnerabilities that allowed remote compromise of many Fiat Chrysler vehicles. He currently works as principal autonomous vehicle security architect at Cruise Automation.
Mokady is the chairman and CEO of CyberArk, and a pioneer in establishing the Privileged Account Security software market. Since co-founding the company in 1999, Mokady has entrenched CyberArk as the market leader. During his tenure at CyberArk, Mokady has also served as its chief strategist and visionary, overseeing global expansion, management, execution and corporate development. Prior to CyberArk, Mokady specialized in legal management and business development for international high-tech companies.
Montgomery is chief technical officer at Federal Resources Corporation, a mission-focused technology aggregator. He manages the responsibility of delivering information security and privacy solutions to US federal department and agency wide problem sets, with focus upon large modernization projects at the Defense Health Agency and the Department of State. Earlier in his career at McAfee, Montgomery oversaw worldwide government certification efforts and worked with Congress, industry leaders, other government leaders and public-sector customers to help ensure that technologies, standards and implementations addressed data security and privacy challenges.
Moore is chief executive and co-founder of Rumble. Best known as the creator of Metasploit, HD has been building security companies since 1999 with a mix of services, research, and product development roles that focus on applying research to real-world security challenges. HD has been hands-on with network discovery and fingerprinting for over twenty years, pentesting networks, writing exploits, and starting Rapid7’s Project Sonar.
Moss is the founder and CEO of DEF CON Communications and the founder of the Black Hat Briefings, two of the world’s most influential information security events. Moss is an angel investor to start-ups in the security space, technical adviser to the TV series “Mr. Robot” and serves on the board of directors for Compagnie Financière Richemont SA. Moss is a member of DHS’s Advisory Council and a commissioner on the Global Council on the Stability of Cyberspace. In a prior life, Moss served as the chief security officer and was a vice president of ICANN, the Internet Corporation for Assigned Names and Numbers.
Katie Moussouris is the founder and CEO of Luta Security. As a computer hacker with more than 20 years of professional security experience, she is a pioneer in vulnerability disclosure and security research. She led the launch of the first bug bounty programs for both the U.S. government (Hack the Pentagon) and Microsoft. She also worked with the State Department to help renegotiate the Wassenaar Arrangement.
Olsen is the president and chief revenue officer at IronNet Cybersecurity. He previously served as director of the National Counterterrorism Center, general counsel for the National Security Agency and in a number of leadership positions at the Justice Department. Olsen teaches at Harvard Law School.
Painter has been a leader on cyber-issues for over 25 years, first as a federal prosecutor in Los Angeles handling some of the most high-profile cyber-cases in the country, then holding senior positions at the Justice Department and FBI. From 2009 to 2011, Painter served as senior director for Cybersecurity Policy at the National Security Council in the White House. From 2011 until he left the government last fall, he served as the first coordinator for cyber-issues in the State Department and spearheaded the creation of a whole new area of diplomacy around the globe involving the full range of cyber-issues — including cybersecurity, international security, cybercrime, human rights online and Internet governance. Among other things, he currently serves as a commissioner on the Global Commission for the Stability of Cyberspace and a member of the board of the Center for Internet Security.
Past is the chief national cyber risk officer for the Estonian Government. She is the former chief research officer at the cybersecurity branch of the Estonian Information System Authority. She spent 2018 and 2019 as a Next Generation Leader at the McCain Institute for International Leadership at Arizona State University focusing on the cybersecurity of elections.
Pescatore is director of emerging security trends at the SANS Institute, the largest cybersecurity training organization. He joined SANS in 2013 after 14 years as Gartner’s lead security analyst. He started his security career at the NSA and in the Secret Service.
Pfefferkorn is the cryptography fellow at the Stanford Center for Internet and Society. Her work focuses on investigating and analyzing the government’s policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices and products, both technically and through the courts and legislatures. Pfefferkorn also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development and other public interests.
Phatak is founder of NSS Labs where he was CEO from 2007 to 2019. He is also a board director and remains on the executive team. Prior to NSS Labs, he founded and led several Internet and cybersecurity companies including Lucid Security and Intermedia Sciences Group, one of the first internet service providers and security consulting firms in the United States.
Plunkett, a former director of Information Assurance for the National Security Agency, is principal of Plunkett Associates, a cybersecurity consulting firm. She is a senior fellow at Harvard’s Belfer Center where she supports the Defending Digital Democracy Project and is an adjunct professor in the Cybersecurity Department of the University of Maryland University College Graduate School.
Purdy is chief security officer for Huawei Technologies USA overseeing Huawei USA’s cyber security assurance and user privacy protection program. He is the Huawei global lead for the East-West Institute Global Cooperation in Cyberspace Initiative. He was the senior cybersecurity official of the U.S. government from 2004 to 2006.
Quade is chief information security officer at Fortinet. He previously was the National Security Agency Director’s special assistant for cyber and chief of the NSA Cyber Task Force. He also served as the chief operating officer of the information assurance directorate at the NSA.
Rep. John Ratcliffe (R-Tex.)
Ratcliffe is chairman of the U.S. House Homeland Security Cybersecurity and Infrastructure Protection subcommittee. In this role, he focuses on oversight of the Department of Homeland Security’s cybersecurity mission.
Richey is vice chairman of risk and public policy of Visa, leading the company’s strategic policy initiatives and risk management. She also leads crisis management at the executive level and is a member of Visa’s Executive Committee. Before assuming her current role, Richey concurrently served as chief legal officer and chief enterprise risk officer.
Rhoades is the managing director of the Cybersecurity and Technology Program at the Aspen Institute, where he oversees and facilitates the work of Aspen’s Cyber Strategy Group. Previously, Rhoades served in the Obama administration as a director for Legislative Affairs on the National Security Council staff focusing on counterterrorism, defense and intelligence programs. He also served at the Defense Department, where he advised senior leaders on congressional actions, plans and urgent issues affecting the department.
With over two decades of experience C. Thomas (Space Rogue) helped found L0pht Heavy Industries where he created the Hacker News Network and went on to work at companies such as @Stake, Trustwave, Tenable and others. He currently works for IBM X-Force Red where he assists clients in understanding their risks and how they can meet compliance and security challenges.
Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company, and a senior fellow at the R Street Institute. He is also a senior adviser to The Chertoff Group. He formerly served as deputy assistant secretary for policy in the Homeland Security Department. He is a professorial lecturer in law at George Washington University and the author of “Cyber Warfare: How Conflicts in Cyberspace are Challenging America and Changing the World.”
Ryan is founder and CEO of Trinity Cyber. He left the National Security Agency in 2016 as the deputy director of its Threat Operations Center after a distinguished 32-year career as a custom chip designer and cybersecurity operator. He has applied his unique skills and vision to develop a fundamentally new approach to cybersecurity. Steve was a primary architect of the NSA’s NTOC, bringing together intelligence and defensive missions to identify and stop cyber threats at very large scale. He is a recipient of the Presidential Rank Award, the Exceptional Civilian Service award, and a first-place winner of the Department of Defense CIO Award.
Schneier is an internationally renowned security technologist. He is the author of 13 books — including “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” — as well as hundreds of articles, essays and academic papers. Schneier is a fellow and lecturer at the Harvard Kennedy School.
Schwartz is Venable’s managing director of cybersecurity services. Previously, Schwartz served on the National Security Council, as special assistant to the president and senior director for cybersecurity, where he led legislative and policy outreach to businesses, trade groups and others. Before that, Schwartz led the Commerce Department’s Internet Policy Task Force, worked at the National Institute of Standards and Technology and served for 12 years at the Center for Democracy and Technology.
Suzanne B. Schwartz
Schwartz is the acting director of the Office of Strategic Partnerships and Technology Innovation at FDA’s Center for Devices & Radiological Health. She chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy and co-chairs the Government Coordinating Council for the Healthcare and Public Health Sector Critical Infrastructure Sector. Her work in medical device cybersecurity includes raising awareness, educating and outreach as well as fostering collaborations across government agencies and the private sector.
Segal is the Ira A. Lipman chair in emerging technologies and national security and director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations. An expert on security issues, technology development and Chinese domestic and foreign policy, Segal was the project director for the CFR-sponsored Independent Task Force report “Defending an Open, Global, Secure, and Resilient Internet.” His book “The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age” describes the increasingly contentious geopolitics of cyberspace.
Sell is chairman and co-founder of numerous technology start-ups including 533DZ, c0sm0, r00tz, SuperSessions, Whistler and Wickr. Sell also serves on advisory boards for leading Washington think tanks, including the Center for Democracy and Technology and the Center for Strategic and International Studies, where she is co-chair of Workforce Acceleration on the Cyber Policy Agenda for President Trump. For almost two decades, Sell managed zero-day vulnerabilities, government and press relations for DEF CON.
Singer is a strategist at New America and best selling author of multiple books, including “Cybersecurity and Cyberwar: What Everyone Needs to Know;” “Ghost Fleet: A Novel of the Next World War,” and the forthcoming “LikeWar: The Weaponization of Social Media.”
Soltani is an independent researcher and technologist specializing in privacy, security and behavioral economics. He formerly served as the chief technologist for the Federal Trade Commission and as a senior adviser to the U.S. Chief Technology Officer in the White House Office of Science and Technology Policy.
Spaulding is senior adviser for Homeland Security as part of the International Security Program at the Center for Strategic and International Studies, and a member of the Cyberspace Solarium Commission. She spent over 30 years working national security issues for Republican and Democratic administrations and on both sides of the aisle in Congress, most recently as under secretary at DHS for cybersecurity and critical infrastructure protection, as well as in private practice. Spaulding served as chair of the American Bar Association’s Standing Committee on Law and National Security; security counsel to the Business Roundtable; member of the CSIS Commission on Cybersecurity for the 44th Presidency; and co-founder of the ABA Cybersecurity Task Force.
Stamos is an adjunct professor and Hoover Fellow at Stanford University. He’s the former chief security officer at Facebook. He has previously worked as the chief information security officer of Yahoo and was the co-founder of iSEC Partners.
Currently serving as the director of the CERT division of the Software Engineering Institute, Stempfley has more than 20 years of public service aimed at leveraging technology to transform and improve lives. She has held cybersecurity and technology leadership positions at the Software Engineering Institute at Carnegie Mellon University, the MITRE Corporation, Department of Homeland Security and the Defense Information Systems Agency.
Stepanovich is the Executive Director at Silicon Flatirons. Stepanovich previously served as U.S. Policy Manager and Global Policy Counsel at Access Now in Washington, D.C., where she worked to protect human rights through law and policy involving technologies and their use.
Stiennon is the chief research analyst at IT-Harvest. He is the author of several books on cyberwar and is a lecturer at Charles Sturt University in Australia.
Stifel is executive director for the Americas at the Global Cyber Alliance nonprofit. She previously served as director for international cyber policy at the National Security Council, where she worked to expand the U.S. government’s information and communications technology policy abroad, including in connection with cybersecurity, Internet governance, bilateral and multilateral engagement, and capacity building. She’s also served as cybersecurity policy director at the Public Knowledge think tank and is a senior fellow in the Atlantic Council’s Cyber Statecraft Initiative and a visiting fellow at George Mason University’s National Security Institute.
Strayer is the deputy assistant secretary for cyber and international communications and information policy at the State Department. Previously, Strayer was the general counsel for the U.S. Senate Foreign Relations Committee under the leadership of Sen. Bob Corker (R-Tenn.).
Sulmeyer is the Belfer Center’s cybersecurity project director at the Harvard Kennedy School. Before Harvard, he served as the director for plans and operations for cyber-policy in the Office of the Secretary of Defense.
Swire teaches privacy and cybersecurity at Georgia Tech and is senior counsel at Alston & Bird. He was one of five members of President Barack Obama’s Review Group on Intelligence and Communications Technology, and served as chief counselor for Privacy at the Office of Management and Budget under President Bill Clinton.
Teplinsky is an adjunct professor at the American University’s Washington College of Law, a faculty fellow at AU’s Internet Governance Lab and an advisory board member for CrowdStrike. A graduate of Princeton University and Harvard Law School, Teplinsky began her career at the NSA and practiced technology law at Steptoe & Johnson LLP, where she counseled multinational clients on a wide array of issues including cybersecurity, data protection and electronic surveillance.
Jonathan “J.J.” Thompson
Thompson is the senior director of managed threat response at Sophos. He was the founder of Rook Security, which was acquired by Sophos in 2019.
Todt is president and managing partner of Liberty Group Ventures. She is also the managing director of the Cyber Readiness Institute and Scholar in Washington at the University of Pittsburgh Institute for Cyber Law, Policy, and Security. She served as the executive director of the Presidential Commission on Enhancing National Cybersecurity and has served in senior positions in the White House and in the United States Senate, where she drafted components of the legislation to create the U.S. Department of Homeland Security.
Touhill is president of Cyxtera Federal Group. He previously served as the U.S. government’s first chief information security officer under President Obama and as director of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. He is a retired Air Force general officer, a highly-decorated combat leader and an adjunct professor at Carnegie Mellon University.
Turner is director of the Internet architecture project at the Center for Democracy & Technology advocacy organization where he focuses on CDT’s Election Security and Privacy Project. He has nearly a decade of municipal management experience complemented by numerous private sector technology positions, fellowships, and internships.
Visner is a MITRE Tech Fellow and former director of the National Cybersecurity Federally Funded Research and Development Center. Visner serves as an adjunct professor of cybersecurity policy at Georgetown University. He was previously a senior executive at the National Security Agency.
Watters is executive vice president for corporate strategy at FireEye. He entered the cybersecurity industry through his acquisition, turnaround and sale of iDEFENSE from 2002 to 2005. In 2007, he founded iSIGHT Partners and served as its chairman and CEO until its acquisition by FireEye in 2016.
Weatherford is a general partner at Aspen Chartered. He was formerly a global information security strategist at Booking Holdings and a principal at the Chertoff Group. He served as deputy under secretary for cybersecurity at the Department of Homeland Security in the Obama administration; and previously held the roles of chief information security officer in both the states of California and Colorado. He is a retired U.S. naval officer.
Weber is the founder and director of the Center for Long Term Cybersecurity at the University of California at Berkeley, where he directs a large-scale multidisciplinary research program on emerging cybersecurity issues at the intersection of new technologies, human behavior and risk calculations made by firms and governments.
Weinstein is the vice president of threat research at Claroty, a New York-based industrial cybersecurity firm. Before Claroty, Weinstein served as the chief technology officer of New Jersey. He began his career at U.S. Cyber Command.
Weitzner is founding director of the MIT Internet Policy Research Initiative, principal research scientist at CSAIL and teaches Internet public policy in MIT’s Electrical Engineering and Computer Science Department. He was U.S. deputy chief technology Officer for Internet Policy in the White House, where he led initiatives on cybersecurity, copyright and digital trade policies, and was responsible for the Obama administration’s Consumer Privacy Bill of Rights and the OECD Internet Policymaking Principles. Weitzner is a founder of the Center for Democracy and Technology, led the World Wide Web Consortium’s public policy activities and was deputy policy director of the Electronic Frontier Foundation.
Wenger is director of cybersecurity public policy at Cisco Systems. His work focuses on a range of technology policy issues relating to security and privacy, including IoT, AI, autonomous vehicles and government electronic surveillance. He held a similar role at Microsoft before coming to Cisco. Before joining the private sector, Wenger worked as an attorney in the Justice Department’s Computer Crime and Intellectual Property Section, the Federal Trade Commission and the New York State Office of the Attorney General prosecuting computer crimes and online scams.
At Mozilla, maker of the Firefox browser, West leads policy work for the Americas with a global focus on data governance. West is a policy and tech translator, product consultant and long-term Internet strategist guiding the intersection of emerging technologies, culture, governments and policy. Areas of focus include digital identity, data governance, data security, net neutrality, privacy and intermediary liability protections.
Tarah Wheeler is an information security researcher, social scientist and executive. She is a New America international security fellow, a cybersecurity fellow at the Harvard Kennedy School’s Belfer Center for Science and International Affairs and a U.S./U.K. Fulbright cybersecurity scholar researching cyber war crimes. She serves on the advisory board of the Electronic Frontier Foundation and is the author of Women In Tech.
Williams is the founder and president of Rendition Infosec, an information security firm serving customers worldwide in incident response and red teaming. Before founding Rendition, he served almost two decades in the intelligence community, primarily at NSA, in offensive and defensive cybersecurity missions.
Jamie Winterton is the Director of Strategy for Arizona State University’s Global Security Initiative. She steers the university’s cybersecurity research strategy and drives partnerships with government and industry. Jamie has provided expert testimony to the U.S. Senate on the impact of large data breaches. Before joining ASU, Jamie was a scientist at Lockheed Martin’s Advanced Technology Center.
Wolff is an assistant professor of cybersecurity policy at the Fletcher School of Law and Diplomacy at Tufts University. Her research interests include the aftermath of cybersecurity incidents, cyber insurance, security responsibilities and liability of online intermediaries, the impact of cybersecurity and privacy policies and government-funded programs for cybersecurity education and workforce development. Her book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” was published by MIT Press in 2018.
Wysopal, chief technology officer at Veracode, oversees technology strategy and information security. Wysopal has testified to Congress on government security and how vulnerabilities are discovered in software. He is the author of “The Art of Software Security Testing.”
Yoran is chairman and CEO of Tenable. Previously, he served as president of RSA, leading its transformation into a successful global security company. Yoran joined RSA through the acquisition of NetWitness, the network forensics company he founded and led as CEO.
Harvard law and computer science professor and co-founder of the Berkman Klein Center for Internet and Society, Zittrain’s research interests include battles for control of digital property and content, cryptography, electronic privacy, the roles of intermediaries within Internet architecture, human computing and the deployment of technology in education. He is currently focused on the ethics and governance of artificial intelligence, jointly teaching a course on the topic with the MIT Media Lab. He wrote “The Future of the Internet -- And How to Stop It.”
Zheng is vice president at the Business Roundtable where she leads technology, cyber and innovation policy. Previously, she directed the Technology Policy Program at the Center for Strategic and International Studies, worked on cyber programs at the Defense Advanced Research Projects Agency and was a professional staff member for the Senate Homeland Security and Governmental Affairs Committee.
Zhu is chief information security officer at Brave Software, building a new web browser focused on security, privacy and respecting user choice. She was previously a staff technologist at the Electronic Frontier Foundation and a senior security engineer at Yahoo. Zhu has worked on a variety of open source security projects such as SecureDrop, Let’s Encrypt, HTTPS Everywhere, and Privacy Badger.
Recruiting and reporting: Joseph Marks, Tonya Riley, Derek Hawkins, Sara Sorcher. Design and development: Cece Pascual and Kazi Awal. Photo editing: Dee Swann. Editor: Sara Sorcher.