Edward Amoroso's responsibilities at AT&T include real-time protection of the network and computing infrastructure, and leading the design, development and operations support for AT&T's managed and network-based security services.

Jerry Archer's responsibilities include securing and protecting all of Sallie Mae's systems and offerings, and for security initiatives across the company. Prior to Sallie Mae, Archer was the CISO at Intuit and prior to joining Intuit, Archer was managing director at Global Competitive Strategies. Previously, Archer was SVP for Global Interoperability at Visa International and before Visa, at the Fidelity Brokerage; he was SVP of information security and technical risk. For his work in the U.S. Intelligence Community Archer earned the National Performance Review Hammer Award, a Distinguished Service Award from the CIA and a Meritorious Unit Citation from the National Security Agency.

Warren Axelrod is leading FSTC's groundbreaking Software Assurance Initiative. Previously, he was business information security officer and chief privacy officer for the US Trust division of Bank of America. He won the 2009 Michael Cangemi Best Book/Best Article Award for an article on security metrics published in the ISACA Control Journal. His most recent book is Outsourcing Information Security (2004), and he is the coordinating editor of Enterprise Information Security and Privacy (2009). He is participating in the updating of the Cloud Security Alliance's Security Guidance.

Rich has led multi-national teams designing, implementing, measuring and advising organizations to effectively and efficiently balance risk, technology and data management decisions with data protection risks, regulatory compliance issues, privacy and security controls. Baich is former CISO at ChoicePoint where he held enterprise-wide responsibility for information and technology security. Previously, he held leadership positions within NSA, McAfee and the FBI. In 2005, Baich authored "Winning as a CISO," a security executive leadership guidebook.

Ron Baklarz has held various information security consulting, technical, and operational positions throughout his career. He is currently a member of GFIRST (Government - Forum of Incident Response and Security Teams) and has developed and led a number of incident response and network monitoring teams. Mr. Baklarz is a frequent speaker and author on information warfare and security management topics. His books and articles include "The Art of Information Warfare" and he has also appeared on BBC radio and CNN television.

Daniel Blum covers security architecture, identity management, federated identity, and security technologies. Daniel has consulted many Global 1000 companies on key strategic architecture and technology decisions. He has participated in and contributed to industry organizations such as the International Information Integrity Institute, Electronic Authentication Partnership, Internal Standards Organization, and National Institute of Standards. He has also worked with the Organization for the Advancement of Structured Information Syntaxes, and the Liberty Alliance.

Dennis Brixius is responsible for establishing an information security program to protect McGraw-Hill intellectual property rights, ensure business continuity and protect the privacy of customers. His role also accommodates information risk analysis and assessment, developing security and risk management among internal technology groups, consulting with business units regarding their changing business and technical plans and educating senior management about changes in technical, legal and regulatory arenas affecting information security and business continuity.

Joyce Brocaglia heads the personnel search firm Alta Associates, which focuses on recruiting IT risk management, information security and privacy specialists. In September of 2003 Information Security Magazine honored Ms. Brocaglia with a "Women of Vision" award naming her one of the 25 most influential women in the information security industry. She is on the board of advisors for the ISSA and International Information Systems Security Certification Consortium.

Bob Carr founded Heartland Payment Systems, the nation's fifth largest payments processor, in 1997. In a widespread effort to stop cybercriminals -- and help protect business owners, consumers, processors and financial institutions -- Bob has been speaking to groups across the country detailing Heartland's experience and learnings from its 2008 data breach. He has been active in the formation of the Payments Processing Information Sharing Council and the development of "E3™," Heartland's end-to-end encryption technology that is designed to protect cardholder data at rest and in motion throughout the lifecycle of credit, debit and prepaid card transactions.

Dr. Cline has more than 25 years of experience in information systems—10 years of which were in information systems security management and engineering in the US Department of Defense (DoD) and North Atlantic Treaty Organization. He has participated in security and risk panels at SecureWorld, Techno Security and Techno Forensics, spoken at the DoD Cyber Crime Conference and SecureWorld, and published articles in peer-reviewed journals and proceedings such as the Information Systems Control Journal and International Council on Systems Engineering and IEEE Computer Society symposia.

Paul Contino is a health care IT executive with more than 15 years of experience in technology development and management. He oversees Mount Sinai's extensive application portfolio, which encompasses all clinical, financial and administrative systems used by the hospital and school of medicine. In addition, Contino is responsible for the overall architecture of all custom developed applications and database systems.

Coviello was CEO of RSA Security prior to its acquisition by EMC in 2006. He joined the company in 1995 and has been a driving force in its rapid growth. Under his stewardship RSA became acknowledged as a de facto standard for two-factor authentication and encryption, and as a leader in identity and access management. Coviello's expertise and influence have made him a recognized leader in the industry, where he plays a key role in several national cybersecurity initiatives. He currently serves as co-chair of TechNet New England.

Mr. Cox is responsible for supervising prosecutions of federal computer crimes. Before joining the Department of Justice, Mr. Cox held a number of positions with the Office of Inspector General of the U.S. Postal Service, including director of the OIG's Computer Intrusion, Forensics & Technical Services Unit. He is an adjunct Full Professor at George Washington University's Department of Forensic Science where he teaches graduate level courses in computer security and computer forensics.

Dean Lainas is the technical communications lead of the Systems and Network Analysis Center (SNAC) in the Vulnerability Analysis and Operations Group of the Information Assurance Directorate at the National Security Agency. The SNAC provides guidance to customers on how best to protect their information systems from technical penetration. His network security career began in the financial sector and has culminated as a telecommunications engineer entrusted with transforming deep technical content into actionable information.

Jim Cupps is responsible for the operations of networking, databases, user support, architecture and engineering and security at Liberty Mutual Investments. He took this role after two years as director of Security Operations of Liberty Mutual Hosting Services where he was responsible for directing, Perimeter controls and Operational Risk Management. Before starting at Liberty Mutual he served two years as Digital Security Risk Manager of Exploration and Production at BP and seven years as CISO at Sappi Fine Paper.

Jerry Dixon is the director of analysis for Team Cymru, focused on supporting customers and conducting cybersecurity research. Prior to being chosen to lead NCSD, Mr. Dixon served as the deputy director of operations for the U.S. Computer Emergency Readiness Team (US-CERT). Mr. Dixon was instrumental in creating US-CERT. He led the initial development of US-CERT's capabilities for analyzing and reducing cyber threats and vulnerabilities, disseminating cyber threat warning information, and coordinating incident response activities across federal, state, local government agencies, and private sector organizations, making it Homeland Security's primary element of cyber preparedness and response.

At Time, Duran's organization has responsibility for information security, privacy, business continuity and vendor management programs both domestically and internationally. Prior to Time, Duran worked at Aetna, Genentech and as an independent consultant. He has CIPP, CISM and CISSP certifications and has served as a member of the board of directors for the New York Metropolitan Chapter of ISACA.

Kirsten Bay Francissen develops and leads investment, policy, and thought leadership projects for national security initiatives. She brings 15 years of strategic process and organizational policy experience in financial services and risk management to lead consulting projects and develop policy models for information and national security programs. Francissen represents the University of Detroit Mercy's NSA Center of Excellence as the director of strategic initiatives, and has written policy initiatives for the financial services sector and CNAS/CSIS information collaboration studies. She is a frequent speaker on applied economics and its relationship to cyber and national security.

Stephen G. Fridakis is the chief of IT programs and quality assurance of UNICEF. He has responsibility for the oversight, coordination of IT Programs worldwide. Prior to that he was the Chief Information Security Officer of the United Nations Development Programme, the UN's global development network. He is the former Chief Security Engineer of BearingPoint, where he had enterprisewide responsibility for IT security of government and defense contracts.

Jeremiah Grossman is the founder and CTO of WhiteHat Security. He is considered a world-renowned expert in web security, is a co-founder of the Web Application Security Consortium, and was named to InfoWorld's Top 25 CTOs for 2007. Grossman is a frequent speaker at industry events and universities around the globe. He has authored dozens of articles and white papers and is credited with the discovery of many cutting-edge attack and defensive techniques.Prior to WhiteHat, Grossman was an information security officer at Yahoo!

Renee has been an information security practitioner since 1996. Before moving to Time Warner in 2007, she served as vice president, Information Security and Privacy, at Time Inc. Previously, she worked as a security analyst for the Gartner. She was responsible for information security strategy at Capital One Financial in Richmond, VA. and information security policy at Glaxo Wellcome in RTP, NC.

Stacey Halota joined The Washington Post Company in 2003. She sets the strategic information security and privacy goals for the company and leads the development and implementation of information security and privacy programs including Sarbanes Oxley, privacy law and payment card industry compliance efforts. She has more than 20 years of experience in the information technology, security and privacy field. Before joining The Washington Post Company she served as the federal government and southeast region leader of Guardent (now part of Verisign).

Shawn Henry was named named to his post in September 2008. He began his career as a special agent with the FBI in 1989. In 1999, he was designated chief of the computer investigations unit within the National Infrastructure Protection Center at FBIHQ, with management responsibility for all criminal computer intrusion matters under investigation by the FBI. In 2006 he was selected as a member of the Senior Executive Service to serve as Chief of the Executive Staff to the Executive Assistant Director of the National Security Branch, and in 2007, was named Deputy Assistant Director of the FBI's Cyber Division, with program management responsibility for all FBI computer investigations worldwide.

Kris Herrin joined Heartland Payment Systems as CSO in April, 2008. Herrin led the internal security response to the recent data intrusion at Heartland, and Heartland's successful revalidation as being Payment Card Industry (PCI) DSS compliant in May, 2009. He continues to drive overall IT security strategy including compliance, risk management and audit. Prior to Heartland, Herrin served as director and CSO for Intervoice. He also held several senior level information security positions with Alcatel-Lucent, both domestically and in China.

Joe leads government interagency efforts with industry, academia, and standards organizations to shift the security paradigm away from patch management by addressing security needs in work force education and training, more comprehensive diagnostic capabilities, and security-enhanced development and acquisition practices. Joe served in the U.S. Air Force as a lieutenant colonel in program management.

As the CTO for Qualys, Wolfgang Kandek is responsible for product direction and all operational aspects of the QualysGuard platform and its infrastructure. Wolfgang has more than 20 years of experience in developing and managing information systems. His focus has been on Unix-based server architectures and application delivery through the Internet. Kandek is a frequent speaker at security events and forums including Black Hat, RSA Conference, InfoSecurity UK and The Open Group. Wolfgang is the main contributor to the Laws of Vulnerabilities blog at Qualys.

John Kelly is responsible for protecting the critical network and application assets of Comcast's internal enterprise network and external customer facing broadband network, including services for television-video, digital telephone, and high-speed internet. He also leads the Legal Response Center for Comcast, which governs the processing and response to legal demands. Before joining Comcast, Kelly spent more than 15 years at several technical and managerial positions at CIGNA.

William Kovacic has served on the Federal Trade Commission since January 2006, and served as chairman from March 2008 until March 2009. Kovacic was the agency's General Counsel from 2001 through 2004. Before he became a commissioner, Kovacic was the E.K. Gubin Professor of Government Contracts Law at George Washington University Law. Since 1992, Kovacic has been an adviser on antitrust and consumer protection issues to a number of foreign governments.

Paul Kurtz is a recognized expert on cybersecurity and served in senior positions on the White House's National Security and Homeland Security Councils under U.S. Presidents Clinton and Bush. Kurtz served as the founding executive director of the Cyber Security Industry Alliance. Prior to joining CSIA, Kurtz most recently was special assistant to the President and senior director for critical infrastructure protection on the White House's Homeland Security Council, where he was responsible for both physical and cyber security. Before joining HSC in 2003, Kurtz served on the White House's National Security Council as senior director for national security of the Office of Cyberspace Security and a member of the President's Critical Infrastructure Protection Board.

Latif Ladid is president of the IPv6 forum. He also serves as chairman of the European IPv6 Task Force, and is an emeritus trustee of the internet society (ISOC). He has been on the IPv6 Ready Logo Program Board and is a senior researcher at the University of Luxembourg on multiple European Commission Next Generation Technologies IST Projects.

Richard Marshall has been instrumental in framing critical appreciation by key Senators and Representatives on information assurance and its impact on helping to protect the nation's critical infrastructures. Marshall also represents NSA in the National Centers of Academic Excellence in Information Assurance Program in Boston, Mass. and the Detroit, Mich. areas where he led the effort to establish an International Consortium on Information Assurance.

For the past 18 years, Martin's efforts focused on the interplay of risk management, cybersecurity, and quality assessment. The majority of this time has been spent working on the CVE, OVAL, CAPEC and CWE security standards initiatives in addition to basic quality measurement and management. He is a frequent speaker on the various security and quality issues surrounding information technology systems and has published numerous papers on these topics.

McFarland has been in the computer security industry for over twelve years where he has served multiple product management and business development roles, spanning intrusion prevention, firewall, VPN and anti-X security technologies. Currently Joel leads the Cisco IronPort email Security Services team focusing on hosted and hybrid hosted markets. Joel joined Cisco Systems in 1998 through the acquisition of WheelGroup Corporate, the original developer of the Cisco IPS product.

As an information assurance engineer at SRA, Adam Meyers has served as a consultant for both long-term and short-term projects for clients. He has extensive experience in penetration testing, security engineering and architecture, wireless communication, and reverse code engineering. Meyers is a recognized speaker who has presented on topics ranging from high-level business solutions to deep technical training.

Since 1996, Jim Nelms has been responsible for the information security and risk management infrastructure for the Treasury as well as the security of all related financial services worldwide, which includes computer systems, networks, business systems and procedures, web-based applications and on-line trading systems. Jim is also responsible for systems and information compliance to security policy and business models, security direction during the design and implementation phase of any business/application system, and the investigation (both technical and logistical) of security events.

Betsy Nichols is a serial entrepreneur who has applied mathematics to develop solutions in satellite mission optimization, industrial process control, war gaming, economic modeling, network and systems management, and most recently, security metrics. She has started three companies, the most recent being PlexLogic. She has helped organize several MetriCon Workshops and contributed chapters on security metrics to two books.

Steve Peltzman is responsible for all of MoMA's technology, including infrastructure and applications, websites, multimedia displays and exhibitions, and strategic technology partnerships. Peltzman spearheaded the technology design and implementation for MoMA's landmark $858M new building project, which opened in November of 2004 and featured a highly publicized technology partnership with IBM. Prior to his tenure at MoMA, Peltzman held the position of VP, Technology Operations for EarthWeb.com (now Dice.com).

At the Department of Justice, Ms. Peretti investigates and prosecutes multi-agency and multi-district computer crime and financial fraud cases, especially those involving large scale data breaches, identity theft, and online payment systems. Ms. Peretti is currently the co-lead prosecutor of a global internet-based payment system for money laundering and illegal money transmitting. She is an officer and council member of the American Bar Association's Section of Science and Technology Law and was formerly co-chair Information Security Commit

Mark Pollitt served more than thirty years in the U.S. government: Ten years as a military officer in the Marine Corps and Coast Guard and then another twenty as a special agent of the Federal Bureau of Investigation. In addition to conducting criminal and national security investigations for more than 13 years, he supervised online investigations, was the chief of the FBI's computer forensic unit (CART) and was the director of the regional Computer Forensic Laboratory Program.

Rasmussen is founder and CEO of Secunia, provider of Vulnerability intelligence, research and scanning technology. Prior to founding Secunia in 2002, he was the CEO and sales president of business at a VeriSign affiliate. He has been instrumental in two other start-ups within IT and recruitment.

Jim Reavis co-founded the Cloud Security Alliance and serves as its executive director. Jim has been an international board member of ISSA and formerly served as the association's executive director. He was a co-founder of the Alliance for Enterprise Security Risk Management, a partnership between the ISSA, ISACA and ASIS. Reavis founded SecurityPortal in 1998 and has been an advisor on the launch of many industry ventures. He was also formerly CMO for VIGILANTe, a European security software company.

Russell Rochte is a faculty member at the National Defense Intelligence College, where he teaches Information Operations, Information Assurance and Propaganda Analysis. He lectures several times yearly at the NATO School in Oberammergau, Germany on topics in Strategic Information Power. Rochte is also a frequent guest lecturer at the National Defense University, and is a often-requested speaker at a variety of information operations-related events both in CONUS and abroad. From June 2003 until his military retirement, he taught information operations and information assurance courses, both resident and online, as military faculty at the Information Resources Management College of the National Defense University in Washington, DC.

Kris Rowley has been CISO for Vermont for one year. Prior to working for the state she was employed with Norwich University in Northfield, Vermont. At Norwich she worked with the CISO to develop and write university security policies. She also worked for the School of Graduate Studies as an administrative director.

Marcus Sachs is a member of the CSIS Commission on Cyber Security for the 44th Presidency and is Verizon's executive director for national security policy. He is a retired U.S. Army officer, a former presidential appointee to the staff of the National Security Council, and was part of the original cadre of the DHS National Cyber Security Division in 2003. Since 2003 he has volunteered as the director of the SANS Internet Storm Center. Prior to joining Verizon in 2007 he was the deputy director of SRI International's Computer Science Laboratory.

Dan Shoemaker serves as an expert panelist on three national working groups within the Department of Homeland Security's Cybersecurity Division. The most prominent of these is the Software Assurance Common Body of Knowledge (SWABOK). Shoemaker is an author and one of three domain editors for that document. He also serves on the Assurance Business Case Working Group and the IT Security Competency Certification Working Group. Shoemaker has written and lectured on cybersecurity and information assurance topics throughout the United States, Canada and the United Kingdom. He founded the International Cybersecurity Education Coalition (ICSEC), which is an NSA sponsored consortium of higher education institutions located in Michigan, Ohio and the UK. ICSEC's mission is to extend and support the teaching of standard information assurance curricula.

Randolph Smith is responsible for United Parcel Service's enterprise security policy, strategy and architecture. Mr. Smith's extensive involvement in the practice of information security at UPS includes the establishment of the UPS Privacy Policy, an enterprise data classification process, customer assurance, vendor contract requirements, national and international compliance, systems development life cycle improvements and the introduction of new security technology.

Tim Stanley is responsible for development and execution of Continental Airlines' enterprise-wide IT security strategy and driving implementation of security related programs within each business unit. Tim is also responsible for development and implementation of corporate IT security and control policies and standards, as well as ensuring that appropriate tools and metrics are in place to allow for effective monitoring, measurement and control of risk as it relates to IT security.

Thorsten Stuke developed and co-founded msells, the telemetrics solution division of the S+M Group based in Germany. Before Thorsten joined the S+M Group, he managed the implementation and start of mobile parking in the German cities Cologne, Düsseldorf and Bremen. He works on telemetrics for diverse systems of banks and cities requiring high security standards, including projects such as a comprehensive Youth Protection programm that facilitates automated proof of age via cellphone at vending machines.

Scott Swartz joined the Federal Energy Regulatory Commission in May, 2009. He provides guidance and recommendations to the Commission and staff on infrastructure and cybersecurity issues affecting reliability and security of the nation's bulk power system. Prior to FERC, Swartz developed and managed the control system security program for the Navy's Mission Assurance Division. Prior to DoD, Scott conducted disaster response and recovery operations for FEMA and later joined their Office of Cyber Security.

Larry Whiteside manages a group of security professionals and secures data on internal/external networks and computer systems used by the Visiting Nurse Service of New York. He interfaces with business managers, engineers, developers and systems personnel to address security issues in projects. Mr. Whiteside has held senior security positions with Marsh & McLennan Companies, Computer Horizons Corp., netForensics, Naval Strategic Systems Programs, TruSecure Corporation, and the United States Air Force.

Dow Williamson led the founding and launch of SCIPP International in 2006. In this role, he is responsible for directing the corporate strategy and day-to-day operations of SCIPP's global mission - developing, delivering, and managing professional security awareness and certification programs. Prior to joining SCIPP, Williamson held senior management roles at ITPG, responsible for managing the day-to-day operations of ITPG's mission of developing, delivering, and managing professional education and certification programs; and (ISC)² as director of corporate development.

Nancy Wilson's organization oversees corporate information security policies and standards, and plans all enterprise strategic information security measures; manages the company's Payment Card Industry (PCI) security remediation and compliance efforts, vulnerability management, risk management and assurance program, and security incident response programs. Wilson started her career in computer operations and security in the U.S. Air Force, where she served for seven years.

Since completing a management buyout from Mantech in 2006,Amit Yoran has served as the Chairman and CEO of NetWitness. Prior to NetWitness he was director of the National Cyber Security Division of Homeland Security, and as CEO and advisor to In-Q-Tel, the venture capital arm of the CIA. Formerly Mr Yoran served as the Vice President of Worldwide Managed Security Services at the Symantec Corporation. He formerly served an officer in the United States Air Force in the Department of Defense's Computer Emergency Response Team.

Dov Yoran has held a number of leadership roles in security firms such as Solutionary, Symantec, and Riptech. At Symantec he had global responsibility for creating, launching and managing the Service Partner Program. Dov came to Symantec as part of the Riptech acquisition, the leading Managed Security Services Provider at the time. Initially, he began his career with Accenture (formerly Anderson Consulting) focusing on strategy and process engagements in the Financial Services Industry. Dov is a founding member of the Cloud Security Alliance and participates on a number of advisory boards.