Brad Arkin - Director of Product Security and Privacy Adobe Systems Incorporated
Brad Arkin is a Director of Product Security and Privacy at Adobe Systems Incorporated. He is responsible for the Adobe Secure Software Engineering Team (ASSET) and Product Security Incident Response Team (PSIRT), as well as cross-company coordination and initiatives related to security and privacy. Mr. Arkin has worked in software security for more than 12 years. He served as a Technical Director for @Stake's New York office and as a Senior Manager at Symantec. Earlier, he worked at Cigital, where he co-founded the company’s software security group. Mr. Arkin holds a Bachelor of Science in Computer Science from the College of William and Mary, a Master of Science in Computer Science from George Washington University, and MBA degrees from Columbia University and London Business School.
For more information (Adobe ASSET team blog): http://blogs.adobe.com/asset/
Eric Baize - Product Security Office EMC
Eric Baize leads EMC’s Product Security Office with company-wide responsibility for product security assurance, covering vulnerability response handling, security development lifecycle implementation and coordination of security certifications. He also represents EMC on SAFECode’s Board of Directors. Additionally, Mr. Baize leads RSA’s product strategy for securing virtual and physical infrastructures.
Previously, Mr. Baize pioneered EMC’s push towards security. He was a founding member of the leadership team that defined EMC’s vision of information-centric security, and which drove the acquisition of RSA Security and Network Intelligence in 2006.
Prior to joining EMC, Mr. Baize held various positions for Groupe Bull in Europe and in the US where he was successively the security architect, product manager and director of security strategy, responsible for the company’s security product line.
Mr. Baize holds a M.S. degree in Computer Science from Ecole Nationale Supérieure des Télécommunications in Brest, France, and is a Certified Information Security Manager (CISM) by the Information Systems Audit and Control Association (ISACA). He is holder of a US patent, author of international security standards and a regular speaker at security conferences in the US and Europe.
Diego Baldini - Senior Product Security Manager Nokia
Diego Baldini is a Senior Product Security Manager responsible for Nokia’s product security development in the Asian Pacific & Greater China region. He currently works in Nokia’s Beijing office where he is an expert in information security assurance.
Mr. Baldini joined Nokia in 2000 and has since held different positions covering a wide spectrum of security aspects and competences: systems testing, risk and threat analysis, military and public safety networks, engineering and incident handling processes, evangelization and awareness, mobile devices, outsourcing and supply chain development, industry collaboration, strategy formulation.
Gunter Bitz - Senior Manager Product Security SAP AG
Dr. Gunter Bitz (MBA and CISSP) is responsible for the Product Security Governance and Strategy at SAP AG. This includes testing security strategies to find security vulnerabilities in the software products and to ensure the integrity of the software supply chain.
As Director of SAP’s fraud prevention competence center, Dr. Bitz has developed concepts for financial fraud detection and prevention by means of using IT systems as an automated detection of misconduct.
Previously, he was an information security manager for SAP, where he was responsible for protecting SAP’s intellectual property. Dr. Bitz has also developed and implemented measures to protect SAP from the consequences of industrial espionage.
Dr. Bitz presents his work regularly in front of international audiences such as at the RSA and the Information Security Solutions Europe (ISSE) conferences. He is also a member of several committees for various security conferences.
For more information: https://www.xing.com/profile/Gunter_Bitz
Bob Dix - Vice President, Government Affairs & Critical Infrastructure Protection Juniper Networks, Inc.
Bob Dix is the Vice President of Government Affairs & Critical Infrastructure Protection for Juniper Networks. Mr. Dix is a widely recognized subject matter expert and a leading policy expert in furthering government—especially in industry partnerships to protect this nation’s critical infrastructure.
Mr. Dix has served in senior executive positions in the IT sector. Prior to joining Juniper, he served as the Executive Vice President for Government Affairs & Corporate Development at Citadel Security Software. While with Citadel and continuing at Juniper, Mr. Dix has been active in IT and Telecommunications industry leadership roles.
Among his various roles with Juniper, Mr. Dix serves on the Industry Executive Subcommittee (IES) of the President’s National Security Telecommunications Advisory Committee (NSTAC). Mr. Dix represented Juniper as Chair of the Cyber Security Collaboration Task Force and also participates on several other NSTAC initiatives, examining issues related to national security and emergency preparedness communications.
Dix is active with the Partnership for Critical Infrastructure Security (PCIS), where he is the principal representative of the IT sector, and was elected to the Executive Committee in 2008. Dix has been active in facilitating improved integration of the private sector CI/KR community into the planning and execution of the National Exercise Program, testing our nation’s emergency preparedness, including the TOPOFF, NLE, and Cyber Storm series of National Level Exercises.
Dix also represents Juniper Networks on the National Security Task Force of the U. S. Chamber of Commerce and with TechAmerica. He continues to represent Juniper and participate with the IT-ISAC and the Communications Sector Coordinating Council, and also represents Juniper on the Board of Directors for SAFECode.
Chris Fagan - Senior Director for Software Integrity Microsoft
Chris Fagan is a member of Microsoft’s Trustworthy Computing Group and leads Microsoft Corporation’s Software Integrity Initiative, which is responsible for creating and implementing secure supply chain practices for software products.
Mr. Fagan has 30 years of information technology experience in software development, and delivering programs that change business processes for enterprises, vendors and suppliers. Before joining Microsoft in Australia in 1995 Fagan held development, consulting, and management roles in corporations based in Europe and Australia. He has been responsible for Windows source licensing programs and integrity since May 2003.
Mr. Fagan and his team have initiated, developed, and delivered policy and multiple programs governing access to development assets including the software supply chain program and the Windows Academic program.
For more information: http://www.microsoft.com/resources/sharedsource/default.mspx.
Cassio Goldschmidt - Senior Manager, Product Security Symantec
Cassio Goldschmidt is senior manager of the product security team under the Office of the CTO at Symantec Corporation. In this role he leads efforts across the company to ensure the secure development of software products. His responsibilities include managing Symantec’s internal secure software development process, training, threat modeling and penetration testing. Mr. Goldschmidt’s background includes over 13 years of technical and managerial experience in the software industry. During the seven years he has been with Symantec, he has helped to architect, design and develop several top selling product releases, conducted numerous security classes, and coordinated various penetration tests. Mr. Goldschmidt is also known for leading the OWASP chapter in Los Angeles. Mr. Goldschmidt represents Symantec and U.S. industry in many senior capacities, including as company press spokesperson, conference speaker and panelist.
He holds a bachelor degree in computer science from Pontificia Universidade Catolica do Rio Grande Do Sul, a masters degree in software engineering from Santa Clara University, and a masters of business administration from the University of Southern California.
Michael Howard - Principal Security Program Manager Microsoft
Michael Howard is a principal security program manager on the Trustworthy Computing (TwC) Group’s Security Engineering team at Microsoft, where he is responsible for managing secure design, programming, and testing techniques across the company. Mr. Howard is an architect of the Security Development Lifecycle (SDL), a process for improving the security of Microsoft’s software.
He began his career with Microsoft in 1992 at the company’s New Zealand office, working for the first two years with Windows and compilers on the Product Support Services team, and then with Microsoft Consulting Services, where he provided security infrastructure support to customers and assisted in the design of custom solutions and development of software. In 1997, Mr. Howard moved to the United States to work for the Windows division on Internet Information Services, Microsoft’s next-generation web server, before moving to his current role in 2000.
He is an editor of IEEE Security & Privacy, a frequent speaker at security-related conferences and he regularly publishes articles on secure coding and design. Mr. Howard is the co-author of six security books, including the award-winning Writing Secure Code, 19 Deadly Sins of Software Security, The Security Development Lifecycle and his most recent release, Writing Secure Code for Windows Vista.
Tiffany Jones - Policy and Government Affairs Symantec
Tiffany Jones heads Symantec’s North and Latin American Government Affairs team. Her office advises public policy concerning technology, information security, privacy, and other appropriate issues. Ms. Jones’ team is the primary policy resource to federal and state government officials, which includes presenting the company's public policy platform and coordinating the provision of product and subject matter experts to assist legislators and agencies on development of technology and business related policy. Ms. Jones represents Symantec and U.S. industry in many senior capacities, including as company press spokesperson, conference keynote speaker and panelist, designated representative for the company CEO and VP’s during various high profile events and initiatives, and delegate at several government-industry bilateral events with foreign governments.
Prior to working for Symantec in March 2003, Ms. Jones assumed the duties of Deputy Chief of Staff of the President’s Critical Infrastructure Protection Board at the White House in February 2002. In addition to her Deputy Chief of Staff responsibilities, she was responsible for Government Affairs, Public Affairs, Cybersecurity Education and Awareness programs, and Industry Outreach. Additionally, Ms. Jones coordinated all 11 White House town hall events for the National Strategy to Secure Cyberspace dialogue, and assisted in the drafting of the document.
Ms. Jones graduated from the Coast Guard Academy. She is currently on the Board of Officers for the Women’s High Tech Coalition, IT-Sector Coordinating Council (IT-SCC) and the National Cyber Security Alliance, Executive Committee of the IT-ISAC, and is Chair of the Information Security Committee at ITAA.
Yuecel Karabulut - Chief Security Advisor and Head of Security Strategy in the Technology Strategy Group SAP Labs
Yuecel Karabulut is the Chief Security Advisor and Head of Security Strategy in the Technology Strategy Group at SAP Labs in Palo Alto. Yuecel is responsible for security technology scouting, leading, innovating and evangelizing cutting-edge security technologies for SAP and providing technical and strategic guidance to various SAP business units in the areas such as cloud computing security.
Previously, Yuecel worked as a Fellow in the Corporate Strategy Group and a Senior Research Scientist & Consultant in the Office of the Chief Scientist. Prior to joining the Office of the Chief Scientist Yuecel worked as a Senior Research Scientist at SAP Research North Americas and SAP Research EMEA responsible for leading advanced security technology research projects including academic research projects, large European Union funded research projects and internal technology transfer projects in the areas of application, platform & software security, and collaborative business processes. Yuecel also worked as an Adjunct Professor at Carnegie-Mellon University Silicon Valley where he taught a graduate security course and supervised an engineering practicum.
Yuecel has over 32 publications in highly recognized professional workshop, conference & journals, and holds more than 12 patents. He serves as general chair, program chair, advisory board member, program committee member as well as reviewer for several professional conferences, workshops and journals.
Yuecel holds a BSc Degree in Computer Science Engineering from Ege University, Turkey, a MSc Degree and PhD in Computer Science from the University of Dortmund, Germany. He is the recipient of DAAD – German Academic Exchange Service – Best Student Award.
Tim LeMaster - Director of Systems Engineering Juniper Networks, Inc.
Timothy LeMaster is Director of Systems Engineering at Juniper Networks, where he is responsible for driving product development efforts to meet the demands of public sector customers and for overseeing the activities of Juniper’s public sector systems engineers.
A government IT industry veteran, Mr. LeMaster leverages his more than 15 years of experience in telecommunications and networking for the benefit of Juniper’s public sector customers.
Prior to Juniper, he spearheaded the development of applications aiding the government in the management of a very large SONET/IP network for IT solutions provider Veridian. Mr. LeMaster has also held several positions in the government, ranging from network operations and network modeling to engineering. He is a former U.S. Air Force officer.LinkedIn: http://www.linkedin.com/in/timlemaster
Brad Minnis - Director of Environmental, Health, Safety and Security (EHS&S) Juniper Networks, Inc.
Brad Minnis is the director of Environmental, Health, Safety and Security (EHS&S) for Juniper Networks, Inc., where he is responsible for design, implementation and management of the company’s EHS&S function. Mr. Minnis has more than 20 years experience in management system design and EHSS operations for high technology companies.
Prior to joining Juniper Networks in 2001, Mr. Minnis held senior EHS&S positions at 3Com Corporation and National Semiconductor Corporation. Before becoming an EHS&S professional he served for 10 years in the United States Navy.
Mr. Minnis holds certificates in Occupational and Environmental Safety and Health from the University of Connecticut, and has been certified as a Protection Professional (C.P.P.) by the Professional Certification Board of ASIS International, since 1997.
Paul Nicholas - Director, Global Security Strategy and Diplomacy Microsoft, Chairman of SAFECode
Paul Nicholas is the Chairman of SAFECode and he also leads Microsoft’s Critical Infrastructure Protection Program, which focuses on driving strategic change aimed at advancing infrastructure security and resilience. He manages a team that addresses the global challenges related to critical infrastructure and, in particular, challenges related to supply-chain security, risk management, operational response, emergency communications and information sharing.
Prior to joining Microsoft, Mr. Nicholas spent over eight years in the United States Federal Government focusing on emerging threats to economic and national security. From 2002-2004, he served as a White House Director for Cybersecurity and Critical Infrastructure Protection. In that capacity, Mr. Nicholas led the coordination of the National Strategy to Secure Cyberspace. He also has served in the legislative branch working in the United States Senate as a senior policy advisor for Senator Robert F. Bennett, as a staff member of the Senate Judiciary Subcommittee on Technology Terrorism and Government Information, and as an assistant director for the United States Government Accountability Office.
He earned his B.A. from Indiana University and an M.A. in National Security Studies from Georgetown University, and he is a Certified Information Systems Security Professional.
Gary Phillips - Senior Director, Standard Tools and Technologies Symantec
Gary Phillips is a Senior Director of Standard Tools and Technologies in the Office of the CTO for Symantec Corporation and is a member of SAFECode’s Board of Directors. In his position at Symantec, Mr. Phillips manages a diversity of responsibilities, including open source operations and strategy, product security, interactions with all standards bodies, standards compliance, shared development tool investigations, shared code management, technology control planning and software supply chain management.
Prior to joining Symantec, Mr. Phillips held several senior management and technology leadership positions for Compaq, Schlumberger, Western Geophysical, and Fairchild. He is also currently a member of the Storage Networking Industry Association (SNIA) board of directors, the International Committee for IT Standards (INCITS) executive board, the Software and Information Industry Association software board, and the board of directors for IT-ISAC.
Mr. Phillips earned his Bachelors degree in Computer Science from the Georgia Institute of Technology and attended graduate school at the University of South Florida and the University of Houston.LinkedIn: http://www.linkedin.com/in/glphillips
Dan Reddy - Consulting Product Manager in the Product Security Office EMC
Dan Reddy is a Consulting Product Manager in the Product Security Office at EMC, a group that is charged with the continued driving of security improvements into EMC products. His primary focus is to work with EMC engineering groups to follow best practices to assure the integrity of EMC products as they are developed within the software supply chain.
In his various roles within his 13 years at EMC he has been consulting with EMC customers around product security issues and has been involved in numerous IT software development projects.
Prior to joining EMC, Dan spent 15 years at New England Electric, a major electric utility with nationally critical infrastructure where he held a variety of IT and business roles including Manager of Technical Services in IT and Staff Assistant to the Chief Operating Officer.
He also teaches Computer Science courses at Quinsigamond Community College in Massachusetts where has taught for over 33 years. He holds a B.A. from Tufts University in Education and two M. Ed. degrees from Worcester State College (Education and Computer Science). He has his CISSP and CSSLP security certifications.
Klaus Schimmer - Director of Government Relations SAP AG
Klaus Schimmer is a Director of Government Relations for SAP AG. He has been working with SAP as a communications specialist in the Corporate Security Department since 2003. He is responsible for communications strategies aimed at increasing the level of security awareness among SAP customers, partners and employees. Mr. Schimmer has also been in charge of the SAP Global Security Alliance, whose members provide IT security solutions within the SAP environment.
Reeny Sondhi - Senior Manager of Product Security Assurance EMC
Reeny Sondhi is Senior Manager of Product Security Assurance in the Product Security Office at EMC Corporation. She is responsible for driving the strategy and execution of the EMC Security Development Lifecycle, a companywide initiative to build security into every phase of the product development lifecycle. She also manages the EMC Product Security Response Center, which is responsible for reporting, managing, and resolving security vulnerabilities in EMC products and the EMC Security Certifications program.
Ms. Sondhi has a B.S. in Electronics & Telecommunications Engineering and a Master's Degree in Business Administration.
LinkedIn: http://www.linkedin.com/pub/reeny-sondhi/0/59/a1b
Blog: http://rsa.com/blog/blog.aspx?author=sondhi
Janne Uusilehto - Head of Product Security Nokia Vice Chairman of SAFECode
Janne Uusilehto is the Vice Chairman of SAFECode and he is also the Head of Nokia Product Security for which he is globally responsible for Nokia’s product security development. His team is the overall owner of Product Security and Product Security related education, awareness and process improvement tasks. He started working for the company in 1998.
Mr. Uusilehto first started his career in the ICT industry in 1982 where he worked as an independent software developer and consultant for small businesses. He then started working with security related tasks as an IT Support and Electronic Banking Specialist for several Finnish banks. Mr. Uusilehto was also a member of the Merita-Nordbanken Cash Management Services team who initiated Internet sales portals for Finland in mid 1990’s.
Currently, Mr. Uusilehto is also a member of several Nokia internal security related management boards, Nokia’s main representative to Trusted Computing Group, Chairman of TCG Mobile WG, and Chairman of DIGITALEUROPE mobile Security Issue group.LinkedIn: http://www.linkedin.com/in/uusilehto
Antti Vähä-Sipilä - Product Security Manager Nokia
Antti Vähä-Sipilä is a Product Security Manager at Nokia Corporation. For more than five years, he has focused on the security and privacy of mass-market mobile devices, both in terms of security functionality and the principles and processes of secure software development. Mr. Vähä-Sipilä has designed and taught numerous product security trainings for Nokia and is currently active in Open Source and security development lifecycle areas. In addition to product security, Mr. Vähä-Sipilä has several years' experience of software projects and managing software development.
Mr. Vähä-Sipilä holds a Master's degree in Computer Science from Tampere University of Technology, Finland.