Dr. Baruch Fischhoff - (Co-Chair)
Carnegie Mellon University
Baruch Fischhoff (IOM) is Howard Heinz University Professor, in the Departments of Social and Decision Sciences and of Engineering and Public Policy at Carnegie Mellon University, where he heads the Decision Sciences major. A graduate of the Detroit Public Schools, he holds a BS in mathematics and psychology from Wayne State University and an MA and PhD in psychology from the Hebrew University of Jerusalem. He is a member of the Institute of Medicine of the National Academies and is a past President of the Society for Judgment and Decision Making and of the Society for Risk Analysis. He chaired the Food and Drug Administration Risk Communication Advisory Committee and the National Research Council Committee on Behavioral and Social Science Research to Improve Intelligence Analysis for National Security. He has been a member of the Eugene, Oregon Commission on the Rights of Women, the Department of Homeland Security Science and Technology Advisory Committee, and the Environmental Protection Agency Scientific Advisory Board, where he chaired the Homeland Security Advisory Committee. He has written or edited several books: Acceptable Risk (1981), A Two-State Solution in the Middle East: Prospects and Possibilities (1993), Preference Elicitation (1999), Risk Communication: The Mental Models Approach (2001), Intelligence Analysis: Behavioral and Social Science Foundations (2011), Risk: A Very Short Introduction (2011), Communicating Risks and Benefits: An Evidence-Based User’s Guide (2011), Judgment and Decision Making (2011), Risk Analysis and Human Behavior (2011), and Counting Civilian Casualties (in press).
Dr. Peter J. Weinberger - (Co-Chair)
Peter J. Weinberger has been a software engineer at Google, Inc. since 2003. He is a member of the National Research Council’s Computer Science and Telecommunications Board. He has a Ph.D. in Mathematics (Number Theory) from the University of California at Berkeley. After teaching mathematics at the University of Michigan in Ann Arbor he moved to Bell Laboratories. At Bell Labs he worked on Unix, and did research on topics including operating systems, compilers, network file systems, and security. He then moved into research management ending up as Information Sciences Research Vice President, responsible for computer science research, math and statistics, and speech. His organization included productive new initiatives, one using all call detail to detect fraud and another doing applied software engineering research to support building software for the main electronic switching systems for central offices. After Lucent and AT&T split, he moved to Renaissance Technologies, a technical trading hedge fund, as Head of Technology, responsible for computing and security.
Ms. Jandria S. Alexander
The Aerospace Corporation
Jandria S. Alexander is Principal Director of the Cyber Security Subdivision, the Aerospace Corporation. She has been with Aerospace Corporation since 1992 and leads cyber and information assurance architecture definition, technology assessments, vulnerability and countermeasures experiments, cyber command and control and security engineering and acquisition for DOD, the intelligence community, and civil customers. She has a B.S. in computer science from Brandeis University and an M.S. in technology management from American University.
Dr. Annie Anton
Georgia Institute of Technology
Annie I. Antón is a Professor in and Chair of the School of Interactive Computing at the Georgia Institute of Technology in Atlanta. She has served the national defense and intelligence communities in a number of roles since being selected for the IDA/DARPA Defense Science Study Group in 2005-2006. Her current research focuses on the specification of complete, correct behavior of software systems that must comply with federal privacy and security regulations. She is founder and director of ThePrivacyPlace.org. Antón currently serves on various boards, including: the U.S. DHS Data Privacy and Integrity Advisory Committee, an Intel Corporation Advisory Board, and the Future of Privacy Forum Advisory Board. She is a former member ofthe CRA Board of Directors, the NSF Computer & Information Science & Engineering Directorate Advisory Council, the Distinguished External Advisory Board for the TRUST Research Center at U.C. Berkeley, the DARPA ISAT Study Group, the USACM Public Council, the Advisory Board for the Electronic Privacy Information Center in Washington, DC, the Georgia Tech Alumni Association Board of Trustees, the Microsoft Research University Relations Faculty Advisory Board, the CRA-W, and the Georgia Tech Advisory Board (GTAB). Prior to joining the faculty at Georgia Tech, she was a Professor of Computer Science in the College of Engineering at the North Carolina State University. Antón is a three-time graduate of the College of Computing at the Georgia Institute of Technology, receiving a Ph.D. in 1997 with a minor in Management & Public Policy, an M.S. in 1992, and a B.S. in 1990 with a minor in Technical and Business Communication.
Dr. Steven M. Bellovin
Steven M. Bellovin (NAE) is a professor of computer science at Columbia University, where he does research on networks, security, and especially why the two don't get along. He joined the faculty in 2005 after many years at Bell Labs and AT&T Labs Research, where he was an AT&T Fellow. He received a BA degree from Columbia University, and an MS and PhD in Computer Science from the University of North Carolina at Chapel Hill. While a graduate student, he helped create Netnews; for this, he and the other perpetrators were given the 1995 Usenix Lifetime Achievement Award (The Flame). He is a member of the National Academy of Engineering and is serving on the Department of Homeland Security's Science and Technology Advisory Committee and the Technical Guidelines Development Committee of the Election Assistance Commission; he has also received the 2007 NIST/NSA National Computer Systems Security Award. Bellovin is the co-author of Firewalls and Internet Security: Repelling the Wily Hacker, and holds a number patents on cryptographic and network protocols. He has served on many National Research Council study committees, including those on information systems trustworthiness, the privacy implications of authentication technologies, and cybersecurity research needs; he was also a member of the information technology subcommittee of an NRC study group on science versus terrorism. He was a member of the Internet Architecture Board from 1996-2002; he was co-director of the Security Area of the IETF from 2002 through 2004.
Dr. Seymour E. Goodman
Georgia Institute of Technology
Seymour E. Goodman is Professor of International Affairs and Computing, jointly at the Sam Nunn School of International Affairs and the College of Computing at the Georgia Institute of Technology. He serves as Co-Director of both the Georgia Tech Information Security Center (GTISC) and the Center for International Strategy, Technology and Policy (CISTP). Prof. Goodman's research interests include international developments in the information technologies (IT), technology diffusion, IT and national security, and related public policy issues. Areas of geographic interest include the former Soviet Union and Eastern Europe , Latin America , the Middle East , South and Southeast Asia , and parts of Africa . Earlier research had been in areas of statistical and continuum physics, combinatorial algorithms, and software engineering. Current work includes research on the global diffusion of the Internet and the protection of large IT-based infrastructures Immediately before coming to Georgia Tech, he was Director of the Consortium for Research on Information Security and Policy (CRISP) at the Center for International Security and Cooperation, with an appointment in the Department of Engineering Economic Systems and Operations Research, both at Stanford University; and Professor of MIS and a member of the Center for Middle Eastern Studies at the University of Arizona. Earlier tenured and visiting appointments have been at the University of Virginia (Applied Mathematics, Computer Science, and Soviet and East European Studies), Princeton University (Mathematics, and the Woodrow Wilson School of Public and International Affairs), and the University of Chicago (Economics). Prof. Goodman is Contributing Editor for International Perspectives for the Communications of the ACM, and has served with many government, academic, professional society, and industry advisory and study groups. His research pursuits have taken him to all seven continents and over 80 countries, and have included testimony before legislative bodies and Ministerial-level briefings. He is currently principal investigator on two large grants from the National Science Foundation and the MacArthur Foundation. Prof. Goodman was an undergraduate at Columbia University, where he started as an aspiring English major, and obtained his Ph.D. from the California Institute of Technology, where he worked on problems of applied mathematics and mathematical physics.
Dr. Ronald L. Graham
University of California, San Diego
Ronald Graham currently holds the Irwin and Joan Jacobs Endowed Chair in Computer and Information Science in the Computer Science and Engineering Department at UC San Diego. He is also Chief Scientist of the California Institute for Telecommunications and Information Technology at UCSD. He joined the UCSD faculty in 1999 after a 37-year career with AT&T. Graham received his Ph.D. in mathematics from UC Berkeley in 1962. From 1962 – 95 he was director if information sciences at AT&T Bell Labs, and from 1996 – 99 Chief Scientist at AT&T Labs. Graham has held visiting professorships at Rutgers, Princeton, Caltech, Stanford and UCLA and he holds six honorary doctorates. Graham has served as Treasurer of the National Academy of Sciences (for 12 years), and is Past President of the American Mathematical Society and the Mathematical Association of America. He is a Fellow of the American Association of Arts and Sciences, SIAM, ACM and the New York Academy of Sciences. Graham has won numerous awards in the field of mathematics, including the Polya Prize in Combinatorics, the Euler Medal in Combinatorics, the Allendoerfer Award , the Ford Award and the Steele Prize for Lifetime Achievement in Mathematics (from the Amer. Math. Soc.)
Dr. Carl E. Landwehr
Carl Landwehr is an Independent Consultant. He received his Bachelor of Science degree in Engineering and Applied Science from Yale University, and M.S. and Ph.D. degrees in Computer and Communication Sciences from the University of Michigan, where he helped implement the MERIT packet-switched network. For many years, he headed the Computer Security Section of the Center for High Assurance Computer Systems at the Naval Research Laboratory, where he led numerous research projects to advance technologies of computer security and high-assurance systems. He chaired an international defense research committee concerned with trustworthy computing, founded IFIP WG 11.3 (Database and Application Security) and is also a member of IFIP WG 10.4 (Dependability and Fault Tolerance). He has received Best Paper awards from the IEEE Symposium on Security and Privacy and the Computer Security Applications Conference. IFIP has awarded him its Silver Core, and the IEEE Computer Society has awarded him its Golden Core, as well as two Distinguished Service Awards, and ACM SIGSAC has given him its Outstanding Contribution Award. Dr. Landwehr recently completed a four-year term as Editor-in-Chief of IEEE Security & Privacy magazine and is a member of the Advisory Board of the International Journal for Information Security. He has served on the editorial boards of IEEE Transactions on Dependable and Secure Computing, IEEE Transactions on Software Engineering, the Journal of Computer Security, and the High Integrity Systems Journal. He served on the computer science faculty at Purdue University, and he has taught courses on topics in computer science and information security at Georgetown, the University of Maryland, and Virginia Tech. Landwehr served as Director of the Trustworthy Computing Program at the National Science Foundation, within the CISE Directorate, from 2009-2011. Prior to this position, he was on assignment with IARPA as the Program Manager for Safe and Secure Operations. He also worked in the Disruptive Technology Office as a Division Chief responsible for funding research in cyber security. He previously served the National Science Foundation as coordinator of the Cyber Trust theme in the Computer and Information Science and Engineering Directorate. He began his work at NSF while a Senior Fellow with Mitretek Systems (now Noblis); at Mitretek he also led support for several DARPA programs in Information Assurance and Survivability.
Mr. Steven B. Lipner
Steven Lipner is partner director of program management for the security development lifecycle at Microsoft Corporation. He previously served as the Senior Director of Security Engineering Strategy of Microsoft’s Trustworthy Computing Group. He is responsible for Microsoft’s Security Development Lifecycle team, including the development of programs that provide improved product security and privacy to Microsoft® customers. Lipner has more than 35 years experience as a researcher, development manager and general manager in information technology security, and is named as inventor on thirteen U.S. patents in the field of computer and network security. He holds both an S.B. and S.M. degree from the Massachusetts Institute of Technology, and attended the Harvard Business School’s Program for Management Development.
Dr. Roy A. Maxion
Carnegie Mellon University
Roy Maxion is a Research Professor in the Computer Science, Machine Learning and ECE Departments at Carnegie Mellon University, and director of the CMU Dependable Systems Laboratory. His general research interests are rooted in system dependability and reliability, recently turning toward information assurance, behavioral biometrics and selected aspects of computer security. He has been program chair of the International Conference on Dependable Systems and Networks, member of the executive board of the IEEE Technical Committee on Fault Tolerance, the United States Defense Science Board, and various professional organizations. He has consulted for the US Department of State, as well as for numerous industry and government bodies. He is presently on the editorial boards of the International Journal of Biometrics and IEEE Security and Privacy, and is past associate editor of the IEEE Transactions on Dependable and Secure Computing, the IEEE Transactions on Information Forensics and Security, and the International Journal of Security and Networks. He is an elected member of the International Federation for Information Processing Working Group 10.4 on Dependable Systems. Dr. Maxion is a Fellow of the IEEE.
Dr. Greg Morrisett
Greg Morrisett is Allen B. Cutting Professor of Computer Science at Harvard University. He received his B.S. in Mathematics and Computer Science from the University of Richmond in 1989, and his Ph.D. from Carnegie Mellon in 1995. In 1996, he took an assistant professor position in the Computer Science Department of Cornell University, where he was promoted to associate professor with tenure in 2002. In the 2003-04 academic year, he took a sabbatical and visited the Microsoft European Research Laboratory. In 2004, he moved to Harvard as the Allen B. Cutting Professor of Computer Science, and served in the position of Associate Dean for Computer Science and Engineering from 2007-2010. Morrisett has received a number of awards for his research on programming languages, type systems, and software security, including a Presidential Early Career Award for Scientists and Engineers (presented at the White House in 2000), an IBM Faculty Fellowship, an NSF Career Award, and an Alfred P. Sloan Fellowship. He served as Chief Editor for the Journal of Functional Programming and as an associate editor for ACM Transactions on Programming Languages and Systems. He currently serves on the editorial boards for The Journal of the ACM and Information Processing Letters. In addition, Morrisett has served on the DARPA Information Science and Technology Study (ISAT) Group, the NSF Computer and Information Science and Engineering (CISE) Advisory Council, Microsoft Research's Technical Advisory Board, Microsoft's Trustworthy Computing Academic Advisory Board, and the Fortify Technical Advisory Board.
Mr. Richard Schaeffer, Jr.
Richard C. (Dick) Schaeffer, Jr. is a private consultant with Riverbank Associates, LLC. He is a former Senior Executive with the National Security Agency (NSA), with over 40 years total U.S. Government service, including 15 years as a member of the Defense Intelligence Senior Executive Service. He brings extensive leadership, management and technical experience in the area of Information Security and Intelligence. During the early phase of his career Mr. Schaeffer led technical programs and organizations from several dozen to several hundred people, with financial responsibility from several million to almost a billion dollars. Principal positions during his career include Director, Information and Infrastructure Assurance, in the Office of the Assistant Secretary of Defense (Command, Control, Communications, and Intelligence) at the Pentagon; NSA Deputy Chief of Staff; Acting Director of Research; Director, National Security Operations Center; Information Assurance Deputy Director; and, Information Assurance Director, during the last four years of his career with the NSA. Since retiring from the NSA in April 2010, Mr. Schaeffer has continued to pursue his passion for improving the security of U.S. interests in the Cyber domain. He started a private consulting firm, Riverbank Associates, LLC, located in Severna Park, Maryland, providing clients with expert services in the areas of cyber and intelligence consulting. His client base includes a full range of private sector companies from small start-ups, to mid-size companies, to large system integrators and commercial businesses. He serves on the advisory boards of a number of government, private sector and non-profit companies and organizations. He also remains a strong advocate in the area of cyber education and training, believing that the Nation’s future in the complex world of Cyberspace depends upon a corps of professionals who are well equipped to deal with a rapidly changing technology and threat environment. Throughout his career, Mr. Schaeffer has been recognized for his vision, leadership, and commitment to excellence. He is known for his strategic thinking, ability to build cohesive teams, political savvy, technical competence, and ability to communicate complex topics to any audience.
Mr. Brian Snow
Brian Snow is an Independent Security Advisor. As a mathematician/computer scientist, Brian taught mathematics and helped lay the groundwork for a computer science department at Ohio University in the late 1960’s. He joined the National Security Agency in 1971 where he became a cryptologic designer and security systems architect. Brian spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available and span a range from nuclear command and control to tactical radios for the battlefield. Computer Security, Network Security and strong Assurance were major aspects for these systems. He created and managed NSA’s Secure Systems Design division in the 1980s. He has many patents, awards, and honors attesting to his creativity. His later years at NSA were the model for what it means to be a senior Technical Director at NSA (similar to a Chief Scientist or Senior Technical Fellow in industry); he served in that capacity in three major mission components – The Research Directorate (1994-1995); the Information Assurance Directorate (1996-2002), and the Directorate for Education and Training -- NSA’s Corporate University (2003-2006). He was the first Technical Director appointed at the “Key Component” level at NSA, and the only “techie” at NSA to serve in such a role across three different Directorates. Throughout those years, his Credo was: “Managers are responsible for doing things right; Technical Directors are responsible for finding the right things to do.” In all of his positions, he insisted that the actions NSA took to provide intelligence for our national and military leaders should not put U.S. persons or their rights at risk. He was a leading voice for always assessing the unintended consequences of both success and failure prior to taking action. Brian retired in 2006 and is now a Security Consultant and Ethics Advisor. He received his B.S. and M.S. in mathematics from the University of Colorado in 1965 and 1967, respectively, and did additional graduate course work at in computer science at the University of Ohio from 1969-1971 and in mathematics at the University of Maryland from 1972-1973.
Mr. Phil Venables
Philip Venables is Chief Information Risk Officer at Goldman Sachs. He leads the Information Security, Technology Risk and Business Continuity Programs. He joined Goldman Sachs as a vice president in London in 2000 and transferred to New York in 2001. Phil was named Managing Director in 2003 and Partner in 2010. Prior to joining the firm, Phil was Chief Information Security Officer at Deutsche Bank. Prior to his information security career he held multiple software engineering roles in various defense, finance and energy companies. Phil is a member of a number of different critical infrastructure advisory boards in the public and private sector. He is on the Board of Referees of the journal, Computers & Security, and the Board of Directors of the Center for Internet Security. Phil earned a B.Sc (Hons) in Computer Science from York University in the United Kingdom in 1989 and an M.Sc in Computation and Cryptography from The Queen's College at Oxford University in 1990. Additionally, he was awarded the designation of Chartered Engineer in 1995; Chartered Scientist in 2002 and in 2005, Phil was elected a Fellow of the British Computer Society. In 2008, he received the annual RSA Conference Award for Excellence in the Field of Security Practices. He became a United States citizen in 2011.
Mr. Steven J. Wallach
Steven Wallach (NAE) is a founder of Convey Computer Corporation and is an adviser to venture capital firms CenterPoint Ventures, Sevin-Rosen and InterWest Partners. Previously, he served as vice president of technology for Chiaro Networks Ltd., and as co-founder, chief technology officer and senior vice president of development of Convex Computer Corporation. After Hewlett-Packard Co. bought Convex, Wallach became chief technology officer of HP's Enterprise Systems Group. Wallach served as a consultant to the U.S. Department of Energy's Advanced Simulation and Computing Program at Los Alamos National Laboratory from 1998 to 2007. He was also a visiting professor at Rice University in 1998 and 1999, and was manager of advanced development for Data General Corporation. His efforts on the MV/8000 are chronicled in Tracy Kidder's Pulitzer Prize winning book, "The Soul of a New Machine." Wallach, who has 33 patents, is a member of the National Academy of Engineering, an IEEE Fellow, and was a founding member of the Presidential Information Technology Advisory Committee. He is the 2008 recipient of IEEE's prestigious Seymour Cray Award.