The Cybersecurity 202 Network:\
The Network is a group of high-level digital security experts from across government, the private sector and security research community invited by The Washington Post to vote in surveys on the most pressing issues in the field. Our regular surveys will highlight insights from some of the most influential people in cybersecurity. They include members of Congress and the Trump administration, the country’s top security researchers and senior leaders at companies as varied as Facebook, General Motors and Visa. Their responses will be featured in The Cybersecurity 202 newsletter and elsewhere on The Post.
Dave Aitel
Aitel is a partner at Cordyceps Systems. He previously founded Immunity Inc. and worked as its CEO. Recruited by the National Security Agency at the age of 18, Aitel served six years as a security scientist before moving on to work as a consultant for @stake.
Kendra Albert
Albert is a public interest technology lawyer with a special interest in computer security law and in protecting marginalized speakers and users. Albert serves as a clinical instructor at the Cyberlaw Clinic at Harvard Law School, where they teach students to practice law by working with pro bono clients. Albert is also the founder and director of the Initiative for a Representative First Amendment. They serve on the board of the ACLU of Massachusetts and the Tor Project, and provide support as a legal advisor for Hacking // Hustling.
Dmitri Alperovitch
Alperovitch is co-founder and chief technology officer of CrowdStrike. He has received numerous awards and recognitions, including appearing on Fortune’s “40 Under 40” list; Politico’s guide to the 50 most influential doers, thinkers and visionaries; MIT’s “Innovators Under 35” and Foreign Policy’s Leading Global Thinkers.
Stewart Baker
Baker is a partner at the law firm of Steptoe & Johnson. From 2005 to 2009, he was the first assistant secretary for policy at the Department of Homeland Security. Baker has been general counsel of the National Security Agency and general counsel of the commission that investigated WMD intelligence failures before the Iraq war.
Michael Beckerman
Beckerman is vice president and head of U.S. public policy at TikTok. Beckerman is the former president and CEO of the Internet Association. Under his leadership, association membership has grown to over 40 top Internet companies. Beckerman is regularly cited as an authority on Internet policy and speaks regularly about the industry’s perspective on policy issues. He was recognized by Washingtonian magazine as one of D.C.’s Tech Titans and by Recode as one of Silicon Valley’s top advocates in Washington.
Matt Blaze
Blaze is a professor in the Computer and Information Science department at the University of Pennsylvania, where his research focuses on computer security, cryptography, privacy and the relationship between technology and public policy. He is especially interested in the implications of large-scale systems, surveillance technologies and electronic voting.
Tatyana Bolton
Bolton is the policy director for R Street Institute’s Cybersecurity and Emerging Threats team. She crafts and oversees the public policy strategy for the team with a focus on secure and competitive markets, data security and data privacy and diversity in cybersecurity. Previously, she was senior policy director for the U.S. Cyberspace Solarium Commission focusing on U.S. government reorganization and resilience. From 2017 to 2020, she served as cyber policy lead in CISA’s Office of Strategy, Policy and Plans.
Kelly Born
Born is director of the Cyber Initiative at the Hewlett Foundation, a 10-year, $130 million grant-making effort that aims to build a more robust cybersecurity field and improve policymaking. Prior to directing Hewlett’s Cyber Initiative, Born served as the founding director of Stanford’s Cyber Policy Center. She previously helped to launch and lead the Democracy Program at the William and Flora Hewlett Foundation, one of the largest philanthropic undertakings in America working to improve U.S. democracy.
Thomas P. Bossert
Bossert is the president of Trinity Cyber and previously held the role of chief strategy officer at the company. Before joining Trinity Cyber, he was homeland security advisor to two U.S. presidents, serving as the nation’s chief risk officer and senior advisor on cybersecurity, homeland security, counterterrorism and global health security policy, managing a range of domestic and transnational security issues and consequence management operations. He’s currently the national security analyst for ABC News and is a senior fellow at the Scowcroft Center for Strategy and Security at the U.S. Atlantic Council.
Chris Boyer
Boyer is vice president of global public policy at AT&T Services where he is responsible for the company's global policy positions on issues at the intersection of emerging technology, cybersecurity and national security. He supports AT&T’s CEO with work on the Homeland Security Department’s National Security Telecommunications Advisory Council and is a former chairman of the National Institute of Standards and Technology’s Information Security and Privacy Advisory Board. He is a member of the executive committee and former vice chair of the Communications Sector Coordinating Council.
Julie Brill
Brill is Microsoft’s chief privacy officer, corporate vice president and deputy general counsel for privacy and regulatory affairs. Before Microsoft, Brill joined global law firm Hogan Lovells as partner and co-director of its privacy and cybersecurity practice. Brill also served for six years as a commissioner of the U.S. Federal Trade Commission.
Charles Brooks
Brooks is the president of Brooks Consulting International. He is a faculty member at Georgetown University’s cybersecurity risk management and applied intelligence graduate programs. He served at the Department of Homeland Security as the first legislative director of the Science & Technology directorate.
David Brumley
Brumley is the CEO and co-founder of ForAllSecure and a professor at Carnegie Mellon University. ForAllSecure's mission is to make the world's software safe. The company also develops automated techniques to find and repair exploitable bugs to make this happen.
Jack Cable
Cable is a security researcher and student at Stanford University. He’s currently a security architect at Krebs Stamos Group. He formerly served as an election security technical advisor at CISA and advises the Defense Digital Service on cybersecurity. Cable is a top ranked bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies.
Hilary Cain
Cain is vice president for technology, innovation and mobility policy at the Alliance for Automotive Innovation trade association where she handles policy issues relating to connected and automated vehicle technology, including cybersecurity and data privacy. She was previously Toyota’s director of technology and innovation policy. Before that she was on the staff of the U.S. House Committee on Science, Space, and Technology and served as staff director of the House Science subcommittee on Technology and Innovation.
Lesley Carhart
Carhart is a principal threat hunter at the industrial cybersecurity company Dragos Inc. She is a subject matter expert in cybersecurity incident response with a focus on nation-state adversaries and regularly speaks on the topic at conferences and universities. In 2017, Carhart was named a “Top Woman in Cybersecurity” by Cyberscoop news and received the Guidance EnFuse Women in Technology award.
John Carlin
Carlin is a partner at Paul, Weiss where he leads the Cybersecurity & Data Protection practice and advises industry-leading organizations on matters involving privacy and cybersecurity, crisis management, Committee on Foreign Investment in the United States (CFIUS), sanctions and export control, white collar defense and internal investigations. He has served as a top official in both Republican and Democratic administrations, including as the Acting Deputy Attorney General of the United States, as the top national security official for the U.S. Department of Justice, as the Chief of Staff of the FBI and as an experienced Assistant United States Attorney. He is the author of “Dawn of the Code War: America’s Battle Against Russia, China and the Rising Global Cyber Threat.” John is also the Founding Chair (now Chair Emeritus and Strategic Advisor) of the Aspen Institute’s Cybersecurity and Technology program.
Steven Chabinsky
Chabinsky is a partner and the global chair of data, privacy and security at White & Case LLP. He previously served as a member of the White House Commission on Enhancing National Cybersecurity, the general counsel and chief risk officer of CrowdStrike and deputy assistant director of the FBI’s Cyber Division.
Amy Chang
Chang is a non-resident affiliate with the Belfer Center’s Cyber Security Project at the Harvard Kennedy School. Chang also works in the financial sector on cybersecurity issues. Before that, Chang served as the staff director of the U.S. House Foreign Affairs subcommittee on Asia and the Pacific. She was the Norman R. Augustine research associate in the Technology & National Security Program at the Center for a New American Security.
Bobby Chesney
Chesney is a law professor at University of Texas at Austin who teaches and writes about an array of national security and cybersecurity issues. He is a co-founder of Lawfare, directs UT’s Strauss Center and co-hosts the weekly National Security Law podcast.
Frank Cilluffo
Cilluffo directs Auburn University's McCrary Institute for Cyber and Critical Infrastructure Security. He previously directed George Washington University’s Center for Cyber and Homeland Security. He was special assistant to President George W. Bush for homeland security.
Cindy Cohn
Cohn is the executive director of the Electronic Frontier Foundation. From 2000 to 2015, she served as EFF’s legal director as well as its general counsel. Cohn first became involved with EFF in 1993, when the foundation asked her to serve as the outside lead attorney in Bernstein v. Department of Justice, the successful First Amendment challenge to the U.S. export restrictions on cryptography.
Tony Cole
Cole is the chief executive officer of ColeSec LLC. He previously served in a number of executive roles at Attivo Networks, FireEye, McAfee and Symantec, leading consulting groups globally, and is a former cyber operator in the U.S. Army. Cole is on the Gula Tech Foundation Grant Advisory Board, Digital Directors Network Advisory Board, and TDI Security Advisory Board where he actively helps with their strategy.
Betsy Cooper
Cooper is a policy director at the Aspen Institute and a senior adviser at Albright Stonebridge Group. Dr. Cooper joined ASG and Aspen after serving as the executive director of the Berkeley Center for Long-Term Cybersecurity at the University of California, Berkeley, where she managed a $15 million cybersecurity organization and published research on cybersecurity policy. Previously, she served at the U.S. Department of Homeland Security as an attorney advisor to the deputy general counsel and as a policy counselor in the Office of Policy, and worked for over a decade in homeland security consulting.
Tom Cross
Cross is entrepreneur in residence at Company, a tech startup community. He previously led cybersecurity research efforts at OPAQ Networks, Lancope and IBM’s X-Force Advanced Research team. His areas of expertise include vulnerability disclosure, network security and cyber-conflict.
Chris Cummiskey
Cummiskey is the CEO of Cummiskey Strategic Solutions, which specializes in cyber and homeland security consulting. Cummiskey served for 25 years in federal and state government as an under secretary at the Department of Homeland Security, a state chief information officer and state senator. He also serves as a senior fellow with Auburn’s McCrary Institute for Cyber & Critical Infrastructure Security and Virginia Tech’s Hume Center for National Security & Technology.
Michael Daniel
Daniel is president and CEO of the Cyber Threat Alliance. Previously, Daniel served from June 2012 to January 2017 as special assistant to President Barack Obama and cybersecurity coordinator on the National Security Council staff. In that role, Daniel led the development of national cybersecurity strategy and policy, and ensured that the U.S. government effectively partnered with the private sector, non-governmental organizations and other nations.
Michael Daly
Daly is chief technology officer for cybersecurity and special missions for Raytheon Intelligence, Information and Services. He supports the National Security Telecommunications Advisory Committee to the U.S. president. Daly has worked with both the private sector and the federal government on things including software engineering for law enforcement and as a manager of enterprise applications and distributed computing.
Christian Dawson
Dawson is executive director of i2Coalition and co-founder of Open-i Advisors Inc. Dawson went from 16 years as an executive at Web hosting provider ServInt to help co-found the i2Coalition to ensure that those who build the infrastructure of the Internet have a say in policy that affects them.
Jing de Jong-Chen
De Jong-Chen is a senior associate of the Center for Strategic and International Studies, with a focus on technology policy and cyber governance. She was a partner and general manager of global security strategy at Microsoft Corporation with over 15 years of cybersecurity experience. She also served as vice president of the Trusted Computing Group for 10 years and is a board adviser of the Executive Women’s Forum.
Joel de la Garza
De la Garza is a partner at Andreessen Horowitz and is focused on information security. Before this, he was the chief security officer at Box. From 2007 to 2013, he was the global head of Threat Management and Cyber Intelligence for Citigroup. Earlier, he ran Security Incident Response for Deutsche Bank.
John Demers
Demers was assistant attorney general for national security from February 2018 through June 2021. In that capacity, he led the Department of Justice’s efforts to combat national security related cybercrime, terrorism and espionage. He was previously vice president and assistant general counsel at The Boeing Company. He clerked for Associate Justice Antonin Scalia of the U.S. Supreme Court and Judge Diarmuid O’Scannlain of the U.S. Court of Appeals for the Ninth Circuit. He graduated from Harvard Law School and the College of the Holy Cross.
Matthew Eggers
Eggers is vice president for cybersecurity policy in the Cyber, Intelligence, and Security Division at the U.S. Chamber of Commerce. He leads the Chamber’s Cybersecurity Working Group, which focuses on developing and advocating for the Chamber’s cyber policies before Congress, the administration and the business community.
Tor Ekeland
Ekeland is managing partner for Tor Ekeland Law PLLC (New York) and partner at TorMark Law LLP (California). He represents hackers nationally in federal criminal court and regularly consults on cybersecurity and computer law.
Andy Ellis
Ellis is operating partner at YL Ventures. He was previously the chief security officer of Akamai Technologies. He is the designer and patentholder of Akamai’s SSL acceleration network, as well as several of the critical technologies underpinning the company’s Kona Security Solutions. He is a graduate of MIT and a former U.S. Air Force officer, the recipient of the CSO Magazine Compass Award and Air Force Commendation Medal.
Keith Enright
Enright is the director of Google's global privacy legal team. He joined Google in March 2011 after more than 10 years at high-growth start-ups, large consulting practices and Fortune 500 retail and online services organizations.
Victoria Espinel
Espinel is CEO of BSA|The Software Alliance. She leads strategic efforts aimed at shaping the technology landscape in 60 countries. Espinel also serves as president of Software.org: the BSA Foundation and chairs the World Economic Forum’s Future of the Digital Economy group. She was an adviser to former President Barack Obama on intellectual property and a chief trade negotiator under George W. Bush.
Chris Finan
Finan is CEO and co-founder of Manifold Technology, a provider of high-performance blockchain infrastructure. Finan previously served in the Obama administration as the director for cybersecurity legislation and policy on the National Security Council staff and worked on the development of new cyber-warfare technologies at DARPA.
Michele Flournoy
Flournoy is co-founder and managing partner of WestExec Advisors, a consulting firm that advises companies on geopolitical risk and navigating international and USG markets. She co-founded the Center for a New American Security and chairs its board. Flournoy served as the Undersecretary of Defense for Policy from 2009-2012.
Marcus Fowler
Marcus Fowler is the director of strategic threat at Darktrace. Marcus spent 15 years at the Central Intelligence Agency developing global cyber operations and technical strategies.
Camille Francois
Francois is the research and analysis director at Graphika, where she leads a data science and analysis team focused on analyzing social media manipulations. Before that, she served as the principal researcher for Google’s Jigsaw, where she led interdisciplinary research on state-sponsored cyberthreats against civil society, countering violent extremism and algorithmic biases in machine learning. Francois is a cybersecurity fellow at the New America Foundation and an affiliate at the Harvard-Klein Berkman Center for Internet & Society, where she pursues her work on mechanisms to establish peace and security in the face of cyber conflict.
Laura Galante
Galante works with governments and corporations to respond to cyber threats through her consultancy, Galante Strategies and is a senior fellow at the Atlantic Council’s Cyber Statecraft Initiative. She previously led a contractor team at the Defense Intelligence Agency and later served as the Director of Global Intelligence at FireEye.
Eva Galperin
Galperin is the Electronic Frontier Foundation’s director of cybersecurity. She focuses on protecting vulnerable populations from unwanted tracking and surveillance and has contributed to countless security guides, including EFF's Surveillance Self Defense and the Security Education Companion. She has published research on state-sponsored malware from Vietnam, Syria, Kazakhstan and Lebanon.
Greg Garcia
Garcia is the executive director for cybersecurity of the Health Sector Coordinating Council, an industry cybersecurity group. He was appointed by President George W. Bush as the nation's first assistant secretary for cybersecurity and communications at the Homeland Security Department. He also served as executive director of the Financial Services Sector Coordinating Council, stood up the I.T. Sector Coordinating Council, and held senior executive positions with Bank of America, 3Com Corporation, Information Technology Association of America, and American Electronics Association.
Dan Geer
Geer is a security researcher with a quantitative bent. He is an electrical engineer (MIT) and a biostatistician (Harvard). He serves as the chief information security officer at In-Q-Tel. His staff produced Kerberos and the X Window System, his cybersecurity consulting firm was the first on Wall Street, and he and a colleague run the Index of Cyber Security. He received the USENIX Lifetime Achievement Award in 2011 and was inducted into the Cybersecurity Hall of Fame in 2016.
Harley Geiger
Geiger is an attorney with Venable LLP’s privacy and data security group. With a broad range of experience in cybersecurity and privacy law and policy, Geiger counsels clients on matters related to data security, vulnerability disclosure, cyber incident management, and regulatory developments. Previously, Geiger led public policy and government affairs at Rapid7, advising executives on global security regulatory and public policy issues affecting the company and the security community. Geiger previously served as a senior legislative counsel at the U.S. House of Representatives, as well as advocacy director at the Center for Democracy & Technology. Geiger is CIPP/US certified.
Glenn Gerstell
Gerstell served as general counsel of the National Security Agency from 2015 to 2020. He’s now a senior adviser at the Center for Strategic & International Studies. Prior to joining the NSA, Gerstell was an attorney at the international law firm Milbank, LLP, where he focused on the global telecommunications and technology industries. He was managing partner of the firm’s Washington, D.C., Singapore, and Hong Kong offices. Gerstell also served on the President’s National Infrastructure Advisory Council and the District of Columbia Homeland Security Commission.
Anup Ghosh
Ghosh founded and was CEO of Invincea until it was acquired by Sophos in March 2017. Before that, he was a program manager at the Defense Advanced Research Projects Agency where he created and managed an extensive portfolio of cybersecurity programs. He was recognized in 2014 by the Washington Business Journal as one of the Top 5 Most Admired CEOs in technology.
Ryan Gillis
Gillis serves as vice president of cybersecurity strategy and global policy for Palo Alto Networks. He is responsible for developing corporate policy, serves as the company’s primary interface for global public policy and legislative matters and leads company participation in various industry associations. He previously spent nearly 15 years serving in a variety of roles in the U.S. government, as well as technology start-up and defense contracting companies. Most recently, he served as director of legislative affairs and cybersecurity policy for the National Security Council at the White House.
Nathaniel Gleicher
Gleicher is Facebook’s head of Cybersecurity Policy. He is an engineer and lawyer, and works at the intersection of technology, security and law. He has built security solutions, investigated and prosecuted cybercrime, and served as director for Cybersecurity Policy on the National Security Council staff.
Mike Gordon
Gordon is vice president and chief information security officer for Lockheed Martin Corporation. He was previously director of intelligence and operations for Lockheed Martin’s Corporate Information Security division. He is a founder and is serving his 10th year on the board of directors for the Defense Information Security Exchange and the National Defense Information Sharing and Analysis Center and serves as chairman of the Defense Industrial Base Sector Coordinating Council for the protection of critical national infrastructure.
Jennifer Granick
Granick is surveillance and cybersecurity counsel with the American Civil Liberties Union’s Speech, Privacy, and Technology Project where she litigates, speaks, and writes about privacy, security, technology, and constitutional rights. She is the author of “American Spies: Modern Surveillance, Why You Should Care, and What To Do About It” and winner of the 2016 Palmer Civil Liberties Prize.
Jeremy Grant
Grant established and led the National Program Office for the first new cybersecurity program launched by the Obama administration: the National Strategy for Trusted Identities in Cyberspace (NSTIC). As Venable’s managing director of its Technology Business Strategy, he works as part of the firm’s eCommerce, Privacy, and Cybersecurity team to advise clients in the IT, cybersecurity, identity and payments sectors.
Jeff Greene
Greene is the senior director for cybersecurity programs at the Aspen Institute. Before joining Aspen, he was the chief for cyber response and policy in the cybersecurity directorate of the National Security Council at the White House. Jeff previously served as director of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology (NIST) and was the vice president of global government affairs and policy at Symantec. He was also counsel to the both the House and Senate Homeland Security Committees.
Regine Grienberger
Grienberger is the director for cyber, foreign and security policy at Germany’s Federal Foreign Office. Her previous professional experience was chiefly in the field of European Union foreign policy, including financial and economic policy and as a desk officer for agricultural policy. She was head of the Political Section at the German Embassy in Rome and culture, press and protocol attaché at the German Embassy in Ljubljana. She studied agricultural sciences in Bonn, Munich, Vienna and at Michigan State University. She obtained her doctorate in agricultural economics in Bonn.
Steve Grobman
Grobman is McAfee’s chief technology officer. Previously, he spent over two decades in senior technical leadership positions at Intel focused on protecting the company’s own assets and building new security architectures into hardware and software as the chief architect for Intel’s vPro platform. He has published multiple technical papers and books, and holds 30 U.S. and international patents in the fields of security, software and computer architecture, with another 14 patents pending.
Joe Hall
Hall is the senior vice president for a strong internet at the Internet Society, a global non-profit organization dedicated to an open, globally connected, secure, and trustworthy internet for everyone. Hall leads ISOC’s Strong Internet portfolio including encryption, routing security, and making the case for the critical properties of Internet. Hall is part of ISOC’s executive leadership team and provides substantive technical and policy expertise to ISOC’s programs.
Geoff Hancock
Hancock is a principal at Advanced Cybersecurity Group, working with Fortune 100 companies and federal agencies on active cyber defense, critical infrastructure, cyber-operations, cyber-deterrence and intelligence. He’s also a senior fellow and adjunct professor at George Washington Center for Cyber and Homeland Security.
Robert Hansen
Hansen became the chief technology officer of Bit Discovery after his company OutsideIntel was acquired. Hansen has worked for Digital Island, Exodus Communications and Cable & Wireless and at eBay as a senior global product manager of trust and safety, focusing on anti-phishing, anti-malware and anti-virus. Later, he was the vice president of Labs for Whitehat Security.
Jason Healey
Healey is senior research scholar at Columbia University’s School for International and Public Affairs, specializing in cyber-conflict and risk. He started his career as a U.S. Air Force intelligence officer, before moving to cyber-response and policy jobs at the White House and Goldman Sachs. He was founding director for cyber-issues at the Atlantic Council where he remains a senior fellow and is the editor of the first history of conflict in cyberspace, “A Fierce Domain: Cyber Conflict, 1986 to 2012."
Charles Henderson
Henderson leads IBM X-Force Red, an elite security testing team that specializes in network, application, physical, and device penetration testing, as well as vulnerability research. He works closely with his team to identify weaknesses and flaws before they’re exploited by “the bad guys” to help customers stay a few steps ahead of the criminals. He has been a featured speaker on security testing and incident response at various conferences around the world, including Black Hat, DEFCON, and RSA.
Bill Hill
Hill is the chief information security official at MITRE Corp., where he works to keep networks secure while aiming not to hinder the creativity he believes powers technical advances.
Lance Hoffman
Hoffman is founder and distinguished research professor at George Washington University’s Cyber Security and Privacy Research Institute. He developed the first regularly offered course on cybersecurity in 1970 and instituted GW’s CyberCorps scholarship program that has graduated over 100 cybersecurity experts in multiple disciplines. His research has included cryptography policy, societal vulnerability, and privacy. He is a fellow of the Association for Computing Machinery and has served on the Data Privacy and Integrity Advisory Committee of the Department of Homeland Security.
Rick Howard
Howard is the chief security officer for Palo Alto Networks, where he is responsible for the company’s internal security program and the oversight of the Palo Alto Networks Threat Intelligence Team. He served in the Army for 23 years and spent the last two years of his military career running the Army’s CERT.
Niloofar Razi Howe
Howe has been an investor, executive and entrepreneur in the technology industry for the past 25 years with a focus on cybersecurity for the past 10 years. Most recently, Howe served as chief strategy officer and senior vice president of strategy and operations at RSA, a global cybersecurity company. Before RSA, Howe served as the chief strategy officer of Endgame. Before that, Howe spent 12 years leading deal teams in private equity and venture capital, first as a principal at Zone Venture and then as managing director at Paladin Capital Group, a Washington, D.C.-based private equity fund focused on investing in next generation security companies. Howe started her professional career as a lawyer with O’Melveny & Myers and as a consultant with McKinsey & Co.
John Hultquist
Hultquist is the vice president of intelligence analysis at FireEye. He has over a decade of experience covering emerging cyberthreats, with a focus on cyberespionage and state capabilities. He is also the founder of CYBERWARCON, an annual cyber defense conference, and an adjunct professor at Georgetown University.
Shane Huntley
Huntley is the director of Google’s Threat Analysis Group. He and his team detect, analyze, and disrupt serious and government backed threats against Google and Google users. Shane’s core interests lie in combining Google’s technology and resources, delivering tools that aid in the analysis of targeted malware, disinformation and phishing attacks. This work is also fundamental to separating reality from hype about the world of government backed attacks. Prior to joining Google, Shane was a technical director in the Australian intelligence community.
Harri Hursti
Hursti is considered one of the world’s foremost experts on voting security. He has conducted and co-authored studies on election systems vulnerabilities at the request of legislators and policymakers in five countries including the United States. He successfully demonstrated how Diebold Election Systems’ voting machines could be hacked in 2005, ultimately altering final voting results. Demonstrations of these attacks were filmed for an HBO documentary called “Hacking Democracy” which was nominated for an Emmy award for outstanding investigative journalism. He’s a founding partner of Nordic Innovation Labs.
Toomas Hendrik Ilves
Ilves was the president of Estonia from 2006 to 2016. He is a Berggruen fellow at the Center for Advanced Study in the Behavioral Sciences and distinguished visiting fellow at Stanford University’s Hoover Institution. Before assuming the presidency, Ilves served as vice-president of the Foreign Affairs Committee of the European Parliament (2004-2006), and foreign minister of Estonia (1996-2002), where he led Estonia’s EU and NATO accession process. From 1993-96 he served as Estonia’s first post-independence ambassador to Washington.
Amy Hogan-Burney
Hogan-Burney is general manager of Microsoft’s Digital Crimes Unit, where she leads a global team of attorneys, investigators, engineers and analysts who work together in an ongoing effort to fight cybercrime. At Microsoft, she has also led the privacy compliance and law enforcement and national security teams. Prior to joining Microsoft, she was an attorney at the FBI.
Jessy Irwin
Irwin is director of security at Agoric, where she protects people from blockchains and blockchains from people. In her previous role as director of security at Tendermint, she led security initiatives that set industry precedents in incentivized testnet programs, product security assessments, incident response, and coordinated vulnerability disclosure across the Cosmos Network.
Jamil Jaffer
Jaffer is the founder and executive director of the National Security Institute at George Mason University’s Antonin Scalia Law School. He is on the advisory board of IronNet Cybersecurity, where he worked as the company’s senior vice president for strategy, partnerships, and corporate development. He previously served on the leadership team of the U.S. Senate Foreign Relations Committee as chief counsel and senior advisor, as senior counsel to the House Intelligence Committee, associate counsel to President George W. Bush in the White House, and on the leadership team of the Justice Department’s National Security Division, among other things.
Rodney Joffe
Joffe is a consultant for organizations in the public and private sector who helps them deal with cyber-based threats from nation-state hacking groups. He retired from Neustar in 2021. There, he worked as Neustar’s senior vice president and senior technologist. He also led Neustar’s security initiatives and served as Neustar’s national security executive. He has been involved in computing, technology and security for over 40 years. He is the founder of Genuity, sold to GTE (now Verizon) in 1997, and UltraDNS, sold to Neustar in 2006.
Jeh Johnson
Johnson is a partner in the law firm of Paul, Weiss, Rifkind, Wharton & Garrison. He is the former secretary of Homeland Security (2013-2017), and the former general counsel of the Defense Department (2009-2010). Earlier in his career, Johnson was general counsel of the Air Force (1998-2001) and an assistant U.S. attorney in the Southern District of New York (1989-1991). Currently, Johnson is also a director of Lockheed Martin and a non-resident senior fellow at the Harvard Kennedy School.
Jay Kaplan
Kaplan co-founded Synack after serving in several security-related capacities at the Defense Department, including its Incident Response and Red Team. Previously, Kaplan was a global network exploitation and vulnerability analyst at the National Security Agency, where his focus was supporting counterterrorism-related intelligence operations.
Tom Kellermann
Kellermann is senior vice president of cyber strategy at Contrast Security. Previously, he was head of cybersecurity strategy for VMware, and also served as chief cybersecurity officer for Carbon Black. Prior to joining Carbon Black, Kellermann was the CEO and founder of Strategic Cyber Ventures. In 2020, he was appointed to the Cyber Investigations Advisory Board for the United States Secret Service. On January 19, 2017, Kellermann was appointed the Wilson Center’s Global Fellow for Cyber Policy. Tom is a Certified Information Security Manager (CISM).
Alexander Klimburg
Klimburg is senior fellow at The Hague Center for Strategic Studies. He is also a non-resident senior associate at the Center for Strategic and International Studies. He previously worked as the head of center for cybersecurity at the World Economic Forum, director of the Cyber Policy and Resilience Program at the Hague Centre for Strategic Studies and director of the Global Commission on the Stability of Cyberspace Initiative and Secretariat. He also held appointments as a fellow and associate of Harvard Kennedy School’s Belfer Center, as an affiliate of the Berkman Klein Center and as a non-resident senior fellow with the Atlantic Council.
Norma Krayem
Krayem is vice president and chair of the cybersecurity, privacy and digital innovation practice at the Van Scoyoc Associates. She previously served as senior policy adviser and global chair of cybersecurity and privacy policy at Holland & Knight and global co-chair of the cybersecurity and data privacy industry group at Squire Patton Boggs. She held executive positions at the U.S. Departments of State, Commerce and Transportation and as a consultant at FEMA. In 2005, she created one of the first ever cybersecurity practices at a major international law firm. She specializes in the intersection of global cyber risk in international trade, technology advancements and national security working with clients in heavily regulated critical infrastructure sectors.
Rep. Jim Langevin (D-R.I.)
Langevin is a senior member of the Homeland Security Committee and the Armed Services Committee, where he serves as the ranking member of the subcommittee on Emerging Threats and Capabilities. Langevin is also the co-founder and co-chair of the Congressional Cybersecurity Caucus.
Robert M. Lee
A recognized authority in the industrial cybersecurity community, Lee is CEO and co-founder of Dragos. He serves on the Department of Energy’s Electricity Advisory Committee as the Vice Chair of the DOE’s Grid Resilience for National Security Subcommittee, and is a member of the World Economic Forum’s subcommittees on Cyber Resilience for the Oil & Gas and Electricity communities. Robert began his pioneering work in ICS/OT cybersecurity as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency, where he built a first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure.
Michael Leiter
Leiter is a partner at Skadden, Arps, Slate, Meagher & Flom LLP and Affiliates, where he represents clients in matters involving national security and cybersecurity, cross-border transactions and government investigations. Prior to joining Skadden, Leiter most recently was president of Leidos Defense. He formerly was the director of the National Counterterrorism Center from 2007 until 2011 for both Presidents Bush and Obama, helped to establish the Office of the Director of National Intelligence and served as the deputy general counsel and assistant director of the President’s Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction.
James Lewis
Lewis is a senior vice president at the Center for Strategic and International Studies. He has written extensively on cybersecurity and technological competition. His government service included political-military, negotiating and intelligence assignments. Lewis was executive director for the CSIS Report “Cybersecurity for the 44th Presidency” and rapporteur for three United Nations Group of Government Experts negotiations on cybersecurity.
Martin Libicki
Libicki holds the Keyser Chair of Cybersecurity Studies at the U.S. Naval Academy. In addition to teaching, he carries out research in cyberwar, nuclear strategy and the general impact of information technology on domestic and national security. He is the author of a 2016 textbook, “Cyberspace in Peace and War.”
Herb Lin
Lin is senior research scholar for cyber policy and security and Hank J. Holland fellow in Cyber Policy and Security at Stanford University. He is knowledgeable about the use of offensive operations in cyberspace as instruments of national policy and the impact of information warfare and influence operations on national security. He is also a member of the Science and Security Board of the Bulletin of Atomic Scientists. In 2016, he served on President Obama’s Commission on Enhancing National Cybersecurity.
Allan Liska
Liska is senior security architect at the cybersecurity firm Recorded Future. Liska provides ransomware-related counsel and key recommendations to major global corporations and government agencies. He sits on national ransomware task forces and speaks at global conferences. Liska has worked as both a security practitioner and an ethical hacker at Symantec, iSIGHT Partners, FireEye and Recorded Future. He has authored numerous books including “The Practice of Network Security” and “Building an Intelligence-Led Security Program.”
Erica D. Lonergan
Erica D. Lonergan (nee Borghard) is an Assistant Professor in the Army Cyber Institute at the United States Military Academy at West Point. She is also a Research Scholar in the Saltzman Institute of War and Peace Studies at Columbia University. She previously served as a Senior Director on the U.S. Cyberspace Solarium Commission. Lonergan holds a PhD in Political Science from Columbia University and is a Term Member at the Council on Foreign Relations.
Catherine Lotrionte
Lotrionte is a Brent Scowcroft scholar at the Atlantic Council with the Cyber Statecraft Initiative in the Scowcroft Center for Strategy and Security. She is also the founder and former director of the CyberProject at Georgetown University, focusing on the role of international and domestic law in recent and emerging developments in the proliferation of weapons, technology and threats. Lotrionte previously served as counsel to the President’s Foreign Intelligence Advisory Board at the White House, on the Joint Inquiry Committee of the Senate Select Committee on Intelligence, as an assistant general counsel at the CIA and in the Justice Department.
Kris Lovejoy
As CEO of BluVector, Lovejoy’s role is developing a product she believes customers truly love. Previously, she was general manager of the IBM Security Services Division, charged with the development and delivery of managed and professional security services to IBM clients worldwide.
Maggie MacAlpine
MacAlpine is a cybersecurity strategist and one of the co-founders of the DEF CON Voting Village. Over the course of 10 years in the field, MacAlpine has been a contributing researcher on the “Security Analysis of the Estonian Internet Voting System” in partnership with the University of Michigan, co-authored DEF CON Voting Village annual reports and appeared in the HBO documentary “Kill Chain.” In February 2021, she joined the office of the chief security officer at Cybereason as a security strategist.
Jeanette Manfra
Manfra is director for risk and compliance for Google Cloud. She is focused on helping customers, particularly those in regulated industries, build and maintain the highest levels of security and trust into their technical infrastructure and services. Prior to joining Google, she was assistant secretary for cybersecurity at CISA. She spent more than a decade serving in various roles at the Department of Homeland Security and the White House, where she focused on establishing the nation’s first civilian cyber defense agency. She is a veteran of the U.S. Army and an alumna of the University of Wisconsin and Johns Hopkins University.
Ciaran Martin
Martin is professor of practice at the University of Oxford’s Blavatnik School of Government. From 2014 to 2020 he set up and led the UK’s National Cyber Security Centre, part of the intelligence agency GCHQ, on whose board he served.
Jeffrey Massimilla
Massimilla is vice president for global cybersecurity at General Motors, a role that encompasses both product and corporate cybersecurity functions across all areas of the business. Previously, Massimilla led GM’s global Product Cybersecurity organization, which is developing and implementing protocols and strategies to reduce the risks associated with cybersecurity threats related to advanced technology vehicles and vehicle-connected services.
Andrea Matwyshyn
Matwyshyn is a professor at Penn State University’s law school and engineering school. She is the Associate Dean of Innovation at Penn State Law (University Park) and the founding faculty director of both the Penn State PILOT Lab (Policy Innovation Lab of Tomorrow) and the Anuncia Donecia Songsong Manglona Lab for Gender and Economic Equity. Matwyshyn is a faculty affiliate of the Bioethics Program at Penn State and the Penn State Institute for Computational Data Sciences. She is also an affiliate scholar of the Center for Internet and Society at Stanford Law School. In 2014, she served as the senior policy adviser/academic in residence at the Federal Trade Commission.
Bruce McConnell
McConnell has served at the forefront of government and private sector cybersecurity policy for 25 years. He is a distinguished fellow at the Stimson Center and the Observer Research Foundation America. From 2013 to 2021, McConnell led the cybersecurity policy program and became president of the EastWest Institute. From 2009 to 2013, he served four years in the Obama administration, acting as the deputy under secretary for cybersecurity at the Department of Homeland Security.
Terrell McSweeny
McSweeny served as a commissioner of the Federal Trade Commission from 2014 to 2018. Before joining the FTC, McSweeny worked in a variety of government positions including as deputy assistant to President Barack Obama and domestic policy adviser to Vice President Joe Biden, chief counsel of the Justice Department’s Antitrust Division and counsel on the Senate Judiciary Committee.
Sascha Meinrath
Meinrath is the Palmer chair in telecommunications at Penn State University and the founding director of X-Lab, a think tank focusing on the intersection of vanguard technologies and public policy. He was elected as an Ashoka fellow for social entrepreneurship in 2012, named to the Time Magazine “Tech 40” as one of the most influential figures in technology and to the “Top 100” in Newsweek’s Digital Power Index. He is a recipient of the Public Knowledge IP3 Award for excellence in public interest advocacy. Prior to founding X-Lab, Meinrath was vice president of the New America Foundation, where he founded the Open Technology Institute in 2008.
Whitney Merrill
Merrill is a data protection officer, privacy and information security lawyer, and technologist. Previously, she was at Electronic Arts (EA), and she served in government as an attorney at the Federal Trade Commission, where she worked on a variety of consumer protection matters including data security, privacy and deceptive marketing and advertising. She runs the Crypto and Privacy Village, which appears at the DEF CON conference each year.
Mårten Mickos
Mickos is CEO of HackerOne, the leading provider worldwide of hacker-powered security. HackerOne operates the Hack the Pentagon program that has enabled the Defense Department to identify and fix 3,600 security vulnerabilities faster and at lower cost than using any other method. Previously, Marten served as senior vice president and general manager at Hewlett-Packard and at Sun Microsystems, and as CEO of Eucalyptus Systems and MySQL AB.
Charlie Miller
Miller is a security researcher known as the first to hack the iPhone and first to hack an Android phone. He also revealed vulnerabilities that allowed remote compromise of many Fiat Chrysler vehicles. He currently works as principal autonomous vehicle security architect at Cruise Automation.
Kurtis Minder
As the co-founder and CEO of GroupSense, Minder leads a team of analysts and technologists providing custom cybersecurity intelligence to some of the world’s top brands. He has spent 20 years in roles spanning operations, design and business development at companies including Mirage Networks (acquired by Trustwave), Caymas Systems (acquired by Citrix) and Fortinet.
Udi Mokady
Mokady is the chairman and CEO of CyberArk, and a pioneer in establishing the Privileged Account Security software market. Since co-founding the company in 1999, Mokady has entrenched CyberArk as the market leader. During his tenure at CyberArk, Mokady has also served as its chief strategist and visionary, overseeing global expansion, management, execution and corporate development. Prior to CyberArk, Mokady specialized in legal management and business development for international high-tech companies.
Mark Montgomery
Montgomery is the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies. Prior to joining CCTI, Montgomery served as the executive director of the Cyberspace Solarium Commission, where he remains a senior advisor. Previously, he served as policy director for the Senate Armed Services Committee under the leadership of Sen. John McCain (R-Ariz.). He served 32 years in the U.S. Navy as a nuclear trained surface warfare officer, retiring as a Rear Admiral in 2017.
Scott Montgomery
Montgomery is vice president and general manager of public sector solutions at Island. He manages the worldwide effort focused on public sector cybersecurity and is responsible for ensuring Island products and services are authorized for federal, state, and high assurance environments using approved methods such as FedRAMP. Over his career, Montgomery has worked with U.S. federal departments and agencies, cybersecurity industry leaders, global 2000 enterprises, foreign governments and public-sector customers to help ensure that technologies, standards, personnel and implementations resolve data security and privacy challenges.
HD Moore
Moore is chief executive and co-founder of Rumble. Best known as the creator of Metasploit, HD has been building security companies since 1999 with a mix of services, research, and product development roles that focus on applying research to real-world security challenges. HD has been hands-on with network discovery and fingerprinting for over twenty years, pentesting networks, writing exploits, and starting Rapid7’s Project Sonar.
Jeff Moss
Moss is the founder and CEO of DEF CON Communications and the founder of the Black Hat Briefings, two of the world’s most influential information security events. Moss is an angel investor to start-ups in the security space, technical adviser to the TV series “Mr. Robot” and serves on the board of directors for Compagnie Financière Richemont SA. Moss is a member of DHS’s Advisory Council and a commissioner on the Global Council on the Stability of Cyberspace. In a prior life, Moss served as the chief security officer and was a vice president of ICANN, the Internet Corporation for Assigned Names and Numbers.
Katie Moussouris
Katie Moussouris is the founder and CEO of Luta Security. As a computer hacker with more than 20 years of professional security experience, she is a pioneer in vulnerability disclosure and security research. She led the launch of the first bug bounty programs for both the U.S. government (Hack the Pentagon) and Microsoft. She also worked with the State Department to help renegotiate the Wassenaar Arrangement.
Katie Nickels
Nickels is director of intelligence for Red Canary and a SANS Instructor focused on cyber threat intelligence. She is also a non-resident senior fellow for the Atlantic Council’s Cyber Statecraft Initiative. She has worked in cyber threat intelligence and network defense for over a decade for the U.S. Department of Defense, MITRE, Raytheon and ManTech.
Sasha Cohen O’Connell
O’Connell is a professorial lecturer and executive in residence in the Department of Justice, Law & Criminology at American University’s School of Public Affairs. She spent the majority of her career at the FBI, where she served most recently as the organization’s chief policy advisor for science and technology. She also served as section chief in the Office of National Policy for the FBI’s Deputy Director, where she led policy engagement with the National Security Council on a wide breadth of issues.
Matthew Olsen
Olsen is the president and chief revenue officer at IronNet Cybersecurity. He previously served as director of the National Counterterrorism Center, general counsel for the National Security Agency and in a number of leadership positions at the Justice Department. Olsen teaches at Harvard Law School.
Chris Painter
Painter has been a leader on cyber-issues for over 25 years, first as a federal prosecutor in Los Angeles handling some of the most high-profile cyber-cases in the country, then holding senior positions at the Justice Department and FBI. From 2009 to 2011, Painter served as senior director for Cybersecurity Policy at the National Security Council in the White House. From 2011 until he left the government last fall, he served as the first coordinator for cyber-issues in the State Department and spearheaded the creation of a whole new area of diplomacy around the globe involving the full range of cyber-issues — including cybersecurity, international security, cybercrime, human rights online and Internet governance. Among other things, he currently serves as a commissioner on the Global Commission for the Stability of Cyberspace and a member of the board of the Center for Internet Security.
Liisa Past
Past is the chief national cyber risk officer for the Estonian Government. She is the former chief research officer at the cybersecurity branch of the Estonian Information System Authority. She spent 2018 and 2019 as a Next Generation Leader at the McCain Institute for International Leadership at Arizona State University focusing on the cybersecurity of elections.
John Pescatore
Pescatore is director of emerging security trends at the SANS Institute, the largest cybersecurity training organization. He joined SANS in 2013 after 14 years as Gartner’s lead security analyst. He started his security career at the NSA and in the Secret Service.
Riana Pfefferkorn
Pfefferkorn is a Research Scholar at the Stanford Internet Observatory. Her work focuses on investigating and analyzing the government’s policy and practices for forcing decryption and/or influencing crypto-related design of online platforms and services, devices and products, both technically and through the courts and legislatures. Pfefferkorn also researches the benefits and detriments of strong encryption on free expression, political engagement, economic development and other public interests.
Vikram Phatak
Phatak is founder of NSS Labs where he was CEO from 2007 to 2019. He is also a board director and remains on the executive team. Prior to NSS Labs, he founded and led several Internet and cybersecurity companies including Lucid Security and Intermedia Sciences Group, one of the first internet service providers and security consulting firms in the United States.
Debora Plunkett
Plunkett, a former director of Information Assurance for the National Security Agency, is principal of Plunkett Associates, a cybersecurity consulting firm. She is a senior fellow at Harvard’s Belfer Center where she supports the Defending Digital Democracy Project and is an adjunct professor in the Cybersecurity Department of the University of Maryland University College Graduate School.
Andy Purdy
Purdy is chief security officer for Huawei U.S. For the past nearly eleven years, he has overseen the company’s cybersecurity and privacy assurance strategies and advocacy in the U.S. Andy was a member of the White House staff team that drafted the National Strategy to Secure Cyberspace in 2003. That year, he joined the Department of Homeland Security where he was a member of the team that launched the National Cyber Security Division (NCSD) and U.S. Computer Emergency Readiness Team (US-CERT). Leading the NCSD and US-CERT from 2004-2006, Andy was the senior cyber security official of the U.S. Government.
Rep. John Ratcliffe (R-Tex.)
Ratcliffe is chairman of the U.S. House Homeland Security Cybersecurity and Infrastructure Protection subcommittee. In this role, he focuses on oversight of the Department of Homeland Security’s cybersecurity mission.
Samantha Ravich
Ravich is chair of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies. She serves as a commissioner on the Cyberspace Solarium Commission and as a member of the U.S. Secret Service’s Cyber Investigation Advisory Board. She previously served as co-chair of the Artificial Intelligence Working Group of the Secretary of Energy Advisory Board and vice chair of the President’s Intelligence Advisory Board.
Jim Richberg
Richberg is a field chief information security officer at the cybersecurity firm Fortinet, where he is focused on the U.S. public sector. He previously served as senior advisor to the Director of National Intelligence on cyber issues. In that position he set collection and analytic priorities for the intelligence community’s 17 departments and agencies on cyber threats.
Ellen Richey
Richey is the retired vice chairman of risk and public policy of Visa, where she led the company’s strategic policy initiatives and risk management. She also led crisis management at the executive level and previously served as chief legal officer and chief enterprise risk officer. She currently serves as a board member or advisor at several financial technology firms.
Matthew Rhoades
Rhoades is the managing director of the Cybersecurity and Technology Program at the Aspen Institute, where he oversees and facilitates the work of Aspen’s Cyber Strategy Group. Previously, Rhoades served in the Obama administration as a director for Legislative Affairs on the National Security Council staff focusing on counterterrorism, defense and intelligence programs. He also served at the Defense Department, where he advised senior leaders on congressional actions, plans and urgent issues affecting the department.
Space Rogue
With over two decades of experience C. Thomas (Space Rogue) helped found L0pht Heavy Industries where he created the Hacker News Network and went on to work at companies such as @Stake, Trustwave, Tenable and others. He currently works for IBM X-Force Red where he assists clients in understanding their risks and how they can meet compliance and security challenges.
Paul Rosenzweig
Rosenzweig is the founder of Red Branch Consulting PLLC, a homeland security consulting company, and a senior fellow at the R Street Institute. He is also a senior adviser to The Chertoff Group. He formerly served as deputy assistant secretary for policy in the Homeland Security Department. He is a professorial lecturer in law at George Washington University and the author of “Cyber Warfare: How Conflicts in Cyberspace are Challenging America and Changing the World.”
Steve Ryan
Ryan is founder and CEO of Trinity Cyber. He left the National Security Agency in 2016 as the deputy director of its Threat Operations Center after a distinguished 32-year career as a custom chip designer and cybersecurity operator. He has applied his unique skills and vision to develop a fundamentally new approach to cybersecurity. Steve was a primary architect of the NSA’s NTOC, bringing together intelligence and defensive missions to identify and stop cyber threats at very large scale. He is a recipient of the Presidential Rank Award, the Exceptional Civilian Service award, and a first-place winner of the Department of Defense CIO Award.
Tony Sager
Sager is a senior vice president at the Center for Internet Security. He led the development of the CIS Critical Security Controls and has guided numerous activities to share, scale and sustain effective defensive cyber practices for global adoption. He retired from the National Security Agency in 2012 after 34 years as a mathematician, software vulnerability analyst and executive manager.
Stephen A. Schmidt
Schmidt is vice president and chief information security officer for Amazon Web Services. Prior to joining AWS, Schmidt had an extensive career at the FBI, where he served as a senior executive. His responsibilities included a term as acting chief technology officer, section chief responsible for the FBI’s technical collection and analysis platforms. He also served as a section chief overseeing the FBI’s Cyber Division components responsible for the technical analysis of computer and network intrusion activities.
Jacquelyn Schneider
Schneider is a fellow at the Hoover Institution, an affiliate at Stanford’s Center for International Security and Arms Control and a non-resident fellow at the Naval War College’s Cyber and Innovation Policy Institute. She was previously a senior policy advisor to the Cyberspace Solarium Commission and served in the U.S. Air Force. She has a BA from Columbia University, MA from Arizona State University, and PhD from George Washington University.
Bruce Schneier
Schneier is an internationally renowned security technologist. He is the author of 13 books — including “Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World” — as well as hundreds of articles, essays and academic papers. Schneier is a fellow and lecturer at the Harvard Kennedy School.
Ari Schwartz
Schwartz is Venable’s managing director of cybersecurity services. Previously, Schwartz served on the National Security Council, as special assistant to the president and senior director for cybersecurity, where he led legislative and policy outreach to businesses, trade groups and others. Before that, Schwartz led the Commerce Department’s Internet Policy Task Force, worked at the National Institute of Standards and Technology and served for 12 years at the Center for Democracy and Technology.
Suzanne B. Schwartz
Schwartz is the director of the Office of Strategic Partnerships and Technology Innovation at FDA’s Center for Devices & Radiological Health. She chairs CDRH’s Cybersecurity Working Group, tasked with formulating FDA’s medical device cybersecurity policy and co-chairs the Government Coordinating Council for the Healthcare and Public Health Sector Critical Infrastructure Sector. Her work in medical device cybersecurity includes raising awareness, educating and outreach as well as fostering collaborations across government agencies and the private sector.
Adam Segal
Segal is the Ira A. Lipman chair in emerging technologies and national security and director of the Digital and Cyberspace Policy Program at the Council on Foreign Relations. An expert on security issues, technology development and Chinese domestic and foreign policy, Segal was the project director for the CFR-sponsored Independent Task Force report “Defending an Open, Global, Secure, and Resilient Internet.” His book “The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age” describes the increasingly contentious geopolitics of cyberspace.
Nico Sell
Sell is chairman and co-founder of numerous technology start-ups including 533DZ, c0sm0, r00tz, SuperSessions, Whistler and Wickr. Sell also serves on advisory boards for leading Washington think tanks, including the Center for Democracy and Technology and the Center for Strategic and International Studies, where she is co-chair of Workforce Acceleration on the Cyber Policy Agenda for President Trump. For almost two decades, Sell managed zero-day vulnerabilities, government and press relations for DEF CON.
Rinki Sethi
Sethi is vice president and chief information security officer at Twitter, where she is responsible for leading efforts to protect Twitter’s information and technology assets and advises the company’s continued product innovations in the security space. Prior to Twitter, Sethi was vice president and chief information security officer at Rubrik, Inc. She holds several recognized security certifications and has a B.S. in computer science engineering from the University of California, Davis and a M.S. in information security from Capella University.
Peter Singer
Singer is a strategist at New America and best selling author of multiple books, including “Cybersecurity and Cyberwar: What Everyone Needs to Know;” “Ghost Fleet: A Novel of the Next World War,” and the forthcoming “LikeWar: The Weaponization of Social Media.”
Ashkan Soltani
Soltani is an independent researcher and technologist specializing in privacy, security and behavioral economics. He formerly served as the chief technologist for the Federal Trade Commission and as a senior adviser to the U.S. Chief Technology Officer in the White House Office of Science and Technology Policy.
Eugene H. Spafford
Spafford is a professor of computer science at Purdue University, with courtesy appointments in four other departments. He founded the Center for Education and Research in Information Assurance and Security (CERIAS), where he is now the executive director emeritus. He is a past chair of ACM’s U.S. Technology Policy Committee and current editor-in-chief of “Computers & Security,” the field’s oldest journal.
Suzanne Spaulding
Spaulding is senior adviser for Homeland Security as part of the International Security Program at the Center for Strategic and International Studies, and a member of the Cyberspace Solarium Commission. She spent over 30 years working national security issues for Republican and Democratic administrations and on both sides of the aisle in Congress, most recently as under secretary at DHS for cybersecurity and critical infrastructure protection, as well as in private practice. Spaulding served as chair of the American Bar Association’s Standing Committee on Law and National Security; security counsel to the Business Roundtable; member of the CSIS Commission on Cybersecurity for the 44th Presidency; and co-founder of the ABA Cybersecurity Task Force.
Alex Stamos
Stamos is director of the Stanford Internet Observatory and co-founder of the cybersecurity consultancy Krebs Stamos Group. He is formerly the CISO of Facebook and Yahoo and the co-founder of iSEC Partners.
Bobbie Stempfley
Currently serving as the director of the CERT division of the Software Engineering Institute, Stempfley has more than 20 years of public service aimed at leveraging technology to transform and improve lives. She has held cybersecurity and technology leadership positions at the Software Engineering Institute at Carnegie Mellon University, the MITRE Corporation, Department of Homeland Security and the Defense Information Systems Agency.
Amie Stepanovich
Stepanovich is the Executive Director at Silicon Flatirons. Stepanovich previously served as U.S. Policy Manager and Global Policy Counsel at Access Now in Washington, D.C., where she worked to protect human rights through law and policy involving technologies and their use.
Camille Stewart
Stewart leads security and privacy policy for Google’s Android and Google Play divisions. She served as the senior policy adviser for Cyber Infrastructure & Resilience Policy at the Department of Homeland Security in the Obama administration focusing on a number of domestic and international cyber and technology policy issues. Prior to working at DHS, Stewart was the senior manager, legal affairs at Cyveillance Inc., now LookingGlass Cyber Solutions.
Richard Stiennon
Stiennon is the chief research analyst at IT-Harvest. He is the author of several books on cyberwar and is a lecturer at Charles Sturt University in Australia.
Megan Stifel
Megan Stifel is the chief strategy officer for the Institute for Security and Technology. She was previously global policy officer at the Global Cyber Alliance nonprofit. Before that she served as director for international cyber policy at the National Security Council, where she worked to expand the U.S. government’s information and communications technology policy abroad, including in connection with cybersecurity, Internet governance, bilateral and multilateral engagement, and capacity building. She’s also served as Cyber Policy Director in DOJ’s National Security Division and is a visiting fellow at George Mason University’s National Security Institute.
Robert Strayer
Strayer is executive vice president of policy at the Information Technology Industry Council. Previously, Strayer was the deputy assistant secretary for cyber and international communications and information policy at the State Department. He also previously worked as the general counsel for the U.S. Senate Foreign Relations Committee under the leadership of Sen. Bob Corker (R-Tenn.).
Michael Sulmeyer
Sulmeyer is the Belfer Center’s cybersecurity project director at the Harvard Kennedy School. Before Harvard, he served as the director for plans and operations for cyber-policy in the Office of the Secretary of Defense.
Peter Swire
Swire teaches privacy and cybersecurity at Georgia Tech and is senior counsel at Alston & Bird. He was one of five members of President Barack Obama’s Review Group on Intelligence and Communications Technology, and served as chief counselor for Privacy at the Office of Management and Budget under President Bill Clinton.
Melanie Teplinsky
Teplinsky is an adjunct professor at the American University’s Washington College of Law, a faculty fellow at AU’s Internet Governance Lab and an advisory board member for CrowdStrike. A graduate of Princeton University and Harvard Law School, Teplinsky began her career at the NSA and practiced technology law at Steptoe & Johnson LLP, where she counseled multinational clients on a wide array of issues including cybersecurity, data protection and electronic surveillance.
Shane Tews
Tews is a non-resident senior fellow at the American Enterprise Institute, where she works primarily on cybersecurity, technology and innovation policy and internet governance issues. She is also president of Logan Circle Strategies and vice chair of the board of directors of the Internet Education Foundation, which governs outside work for the Congressional Internet Caucus. She began her career in the George H. W. Bush White House as a deputy associate director in the Office of Cabinet Affairs and later moved to Capitol Hill as a legislative director for a member of Congress.
Jonathan “J.J.” Thompson
Thompson is the senior director of managed threat response at Sophos. He was the founder of Rook Security, which was acquired by Sophos in 2019.
Kiersten Todt
Todt is president and managing partner of Liberty Group Ventures. She is also the managing director of the Cyber Readiness Institute and Scholar in Washington at the University of Pittsburgh Institute for Cyber Law, Policy, and Security. She served as the executive director of the Presidential Commission on Enhancing National Cybersecurity and has served in senior positions in the White House and in the United States Senate, where she drafted components of the legislation to create the U.S. Department of Homeland Security.
Greg Touhill
Touhill is director of the world-renowned CERT division at Carnegie Mellon University’s Software Engineering Institute. He previously served as the U.S. government’s first chief information security officer under President Obama and as director of the Department of Homeland Security’s National Cybersecurity and Communications Integration Center. Touhill was the president of Appgate Federal and served on several corporate boards. He is a retired Air Force general officer, a highly-decorated combat leader and is a member of the faculty at Carnegie Mellon University’s Heinz College.
Maurice Turner
Turner, principal at Turner Consulting LLC, is a recognized public interest technologist, cybersecurity expert and election integrity advocate. He has held numerous public policy positions at technology companies, government agencies and civil society organizations.
Sam Visner
Visner is a technical fellow at MITRE and a professor of cybersecurity policy, operations, and technology at Georgetown University. He’s also a member of the board of directors of the Space Information Sharing and Analysis Center. He was previously a senior executive at the National Security Agency.
John Watters
Watters is executive vice president for corporate strategy at FireEye. He entered the cybersecurity industry through his acquisition, turnaround and sale of iDEFENSE from 2002 to 2005. In 2007, he founded iSIGHT Partners and served as its chairman and CEO until its acquisition by FireEye in 2016.
Mark Weatherford
Weatherford is a general partner at Aspen Chartered. He was formerly a global information security strategist at Booking Holdings and a principal at the Chertoff Group. He served as deputy under secretary for cybersecurity at the Department of Homeland Security in the Obama administration; and previously held the roles of chief information security officer in both the states of California and Colorado. He is a retired U.S. naval officer.
Steve Weber
Weber is a Professor of the Graduate School at the University of California at Berkeley, where he founded the Center for Long Term Cybersecurity. He is a partner at the Washington, D.C.-based advisory firm Breakwater Strategy.
David Weinstein
Weinstein is the vice president of threat research at Claroty, a New York-based industrial cybersecurity firm. Before Claroty, Weinstein served as the chief technology officer of New Jersey. He began his career at U.S. Cyber Command.
Daniel Weitzner
Weitzner is founding director of the MIT Internet Policy Research Initiative, principal research scientist at CSAIL and teaches Internet public policy in MIT’s Electrical Engineering and Computer Science Department. He was U.S. deputy chief technology Officer for Internet Policy in the White House, where he led initiatives on cybersecurity, copyright and digital trade policies, and was responsible for the Obama administration’s Consumer Privacy Bill of Rights and the OECD Internet Policymaking Principles. Weitzner is a founder of the Center for Democracy and Technology, led the World Wide Web Consortium’s public policy activities and was deputy policy director of the Electronic Frontier Foundation.
Eric Wenger
Wenger is director of cybersecurity public policy at Cisco Systems. His work focuses on a range of technology policy issues relating to security and privacy, including IoT, AI, autonomous vehicles and government electronic surveillance. He held a similar role at Microsoft before coming to Cisco. Before joining the private sector, Wenger worked as an attorney in the Justice Department’s Computer Crime and Intellectual Property Section, the Federal Trade Commission and the New York State Office of the Attorney General prosecuting computer crimes and online scams.
Heather West
West is a senior director of Privacy and Cybersecurity Services at Venable LLP. She serves as a policy and tech translator, product consultant, and long-term internet strategist at the intersection of emerging technologies, culture, governments, and policy. Heather’s areas of focus include data governance, data security, digital identity, and privacy in the digital age. Prior to joining Venable, she served as the director of the privacy policy team at one of the world’s largest social technology companies, leading policy development around the company’s work to develop privacy-protective product experiences, building policy frameworks that create accountability and promoting privacy-protective decision making across the company.
Elizabeth Wharton
Elizabeth (Liz) Wharton leverages almost two decades of legal, public policy and business experience to advise researchers and to build and scale cybersecurity and threat intelligence focused companies. In addition to having led operations at two adversary research focused startups, her recent prior experience includes serving as the Senior Assistant City Attorney on Atlanta’s ransomware incident immediate response team. Liz was recognized as the 2022 “Cybersecurity or Privacy Woman Law Professional of the Year” by the United Cybersecurity Alliance.
Tarah Wheeler
Tarah Wheeler is an information security executive, social scientist in the area of international conflict, author and poker player. She is CEO of information security company Red Queen Dynamics, Senior Fellow in Global Cyber Policy at the Council on Foreign Relations and an Electronic Frontier Foundation advisory board member. She has been a cybersecurity fellow at the Harvard Kennedy School’s Belfer Center for Science and International Affairs and a U.S./U.K. Fulbright cybersecurity scholar researching cyber war crimes. She is the author of Women In Tech.
Jake Williams
Williams is a security analyst at the SANS Institute. He was previously the president of Rendition Infosec, an information security firm serving customers worldwide in incident response and red teaming. Before founding Rendition, he served almost two decades in the intelligence community, primarily at NSA, in offensive and defensive cybersecurity missions.
Jamie Winterton
Jamie Winterton is the Director of Strategy for Arizona State University’s Global Security Initiative. She steers the university’s cybersecurity research strategy and drives partnerships with government and industry. Jamie has provided expert testimony to the U.S. Senate on the impact of large data breaches. Before joining ASU, Jamie was a scientist at Lockheed Martin’s Advanced Technology Center.
Josephine Wolff
Wolff is an assistant professor of cybersecurity policy at the Fletcher School of Law and Diplomacy at Tufts University. Her research interests include the aftermath of cybersecurity incidents, cyber insurance, security responsibilities and liability of online intermediaries, the impact of cybersecurity and privacy policies and government-funded programs for cybersecurity education and workforce development. Her book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” was published by MIT Press in 2018.
Chris Wysopal
Wysopal, chief technology officer at Veracode, oversees technology strategy and information security. Wysopal has testified to Congress on government security and how vulnerabilities are discovered in software. He is the author of “The Art of Software Security Testing.”
Amit Yoran
Yoran is chairman and CEO of Tenable. Previously, he served as president of RSA, leading its transformation into a successful global security company. Yoran joined RSA through the acquisition of NetWitness, the network forensics company he founded and led as CEO.
Lauren Zabierek
Zabierek is executive director of the Cyber Project at the Harvard Kennedy School’s Belfer Center. She completed a Kennedy School Masters in Public Administration degree in 2019. She is also an Air Force veteran and former civilian intelligence analyst at the National Geospatial Intelligence Agency where she did three warzone deployments. She previously worked at the cybersecurity threat intelligence firm Recorded Future. She is the co-founder of #ShareTheMicInCyber, a campaign to increase diversity in the cybersecurity profession.
Jonathan Zittrain
Harvard law and computer science professor and co-founder of the Berkman Klein Center for Internet and Society, Zittrain’s research interests include battles for control of digital property and content, cryptography, electronic privacy, the roles of intermediaries within Internet architecture, human computing and the deployment of technology in education. He is currently focused on the ethics and governance of artificial intelligence, jointly teaching a course on the topic with the MIT Media Lab. He wrote “The Future of the Internet -- And How to Stop It.”
Denise Zheng
Zheng is vice president at the Business Roundtable where she leads technology, cyber and innovation policy. Previously, she directed the Technology Policy Program at the Center for Strategic and International Studies, worked on cyber programs at the Defense Advanced Research Projects Agency and was a professional staff member for the Senate Homeland Security and Governmental Affairs Committee.
Yan Zhu
Zhu is chief information security officer at Brave Software, building a new web browser focused on security, privacy and respecting user choice. She was previously a staff technologist at the Electronic Frontier Foundation and a senior security engineer at Yahoo. Zhu has worked on a variety of open source security projects such as SecureDrop, Let’s Encrypt, HTTPS Everywhere, and Privacy Badger.
Recruiting and reporting: Aaron Schaffer, Tim Starks, Joseph Marks, Tonya Riley, Derek Hawkins, Sara Sorcher. Design and development: Cece Pascual and Kazi Awal. Photo editing: Dee Swann. Editor: Sara Sorcher.
Related stories:
The Cybersecurity 202: For cyber experts, disinformation overshadows cyberthreats in midterms
The Cybersecurity 202: Our survey experts: It’s okay to expose the government
Comments are not available on this story.
Share your feedback by emailing the author. Have a question about our comment policies? Review our guidelines or contact the commenting team here.