Judges

2011 Judges

CTF: Application Security

Renaud Deraison, Chief Research Officer, Tenable Network Security

Mr. Deraison is known in the global security community as the father of the world-renowned Nessus Vulnerability Scanner. His original creation, Nessus, celebrated its 10th anniversary in 2008 and is considered the de-facto standard for vulnerability scanning worldwide.

At Tenable, Renaud is responsible for driving all vulnerability, configuration and event and log research. In addition, Renaud is instrumental in the design of Tenable's Unified Security Monitoring enterprise solution.

Prior to Tenable, Mr. Deraison was the primary author and visionary of the Nessus Vulnerability Scanner. Mr. Deraison released the first version of Nessus in the spring of 1998 at the ripe age of 17. He worked for SolSoft, and founded his own computing security consulting company, "Nessus Consulting S.A.R.L." Under Renaud's leadership, Nessus has won numerous awards, including the 2002 Network Computing "Well Connected" award and PC Magazine's 2003 "Open Source Product of the Year" award. Mr. Deraison also is an editorial board member of the Common Vulnerabilities and Exposures Organization, has presented at a variety of security conferences including Black Hat and CanSecWest and has had his work published in several magazines and books.
 

Dan Guido, iSEC Partners | https://www.isecpartners.com/
Dan Guido is a Security Consultant at iSEC Partners, where he specializes in incident response, application security and penetration testing. Before joining iSEC, Dan worked for the Federal Reserve System’s incident response team, where he developed and ran a threat intelligence program to report on current trends in cybercrime, threats to payment systems and nation-state cyber espionage activities.

In addition to his work at iSEC, Dan is an adjunct faculty member at NYU:Poly, where he teaches a graduate computer science course in penetration testing and vulnerability analysis. He has presented his experiences teaching at information security conferences such as SOURCE Boston and SummerCon.

Dean De Beer, Principal, zero(day)solutions | zerodaysolutions.com

Dino Dai Zovi, Principal, Trail of Bits | http://trailofbits.com/
Dino Dai Zovi, currently an independent security consultant and researcher, has been working in information security for over 9 years with experience in red teaming, penetration testing, software security and information security management. Mr. Dai Zovi is also a regular speaker at information security conferences, having presented his independent research on memory corruption exploitation techniques, 802.11 wireless client attacks and Intel VT-x virtualization rootkits over the last 10 years at conferences around the world including DEFCON, Black Hat and CanSecWest. He is a co-author of the books "The Mac Hacker's Handbook" (Wiley, 2009) and “The Art of Software Security Testing” (Addison-Wesley, 2006). In 2008, eWEEK named him one of the 15 Most Influential People in Security. He is perhaps best known in the information security and Mac communities for winning the first PWN2OWN contest at CanSecWest 2007. 

Erik Cabetas, Director of Information Security @ an NYC e-commerce startup | http://erik.cabetas.com
Erik has a decade of Information Security experience. He was part of the winning team for DEFCON CTF in 2003. As a CSAW CTF judge he is looking to award points for out-of-the-box thinking and complete and total ownage of the CTF applications and servers.

Marcin Wielgoszewski, Gotham Digital Science | http://www.gdssecurity.com/

Marcin Wielgoszewski is a Security Consultant at Gotham Digital Science LLC, specializing in software security, penetration testing and secure SDLC training. Marcin most recently spoke at Black Hat USA and DEFCON, as well as SummerCon earlier this year. In addition, he has presented at the OWASP NY/NJ Metro Chapter.
 

Stephen Ridley, Matasano Security | http://www.dontstuffbeansupyournose.com
Stephen Ridley is a Senior Researcher at Matasano Security LLC, specializing in reverse engineering and software security. Prior to Matasano, Stephen worked at McAfee as a founding member of the Security Architecture research group. Before that, Stephen did reverse engineering and software vulnerability research in a "skunkworks" team at a leading U.S. Defense and Intelligence contractor. He is privately credited with vulnerability discoveries in popular COTS packages as well as open-source software. Stephen has written for several trade magazines and been quoted in publications such as "Wired" and "Security Focus." He has also taught reverse engineering and software security to companies from the Fortune 500 and to Military and Defense agencies both domestic and abroad. He has most recently been invited to speak at ReCon, SyScan Singapore, EuSecWest (Netherlands) and Black Hat Vegas on his recent research on evading and reversing software Sandboxing technologies. Stephen currently lives in Manhattan, New York.

Ryan Seu, Facebook

Ryan is a Security Engineer at Facebook where he splits his time between hardening Facebook's ever-expanding infrastructure and handling various security incidents around the company.

In his previous life, Ryan worked to secure Barnes & Noble Inc. from payment card breaches and prior to that, he worked at United Parcel Service as a network security engineer. Ryan is CISSP certified and holds a BS in Electrical Engineering from Cornell University.

Embedded Systems

Dr. Nachiketh Potlapally, Security Validation Team Lead, Intel’s Security Center of Excellence

Nachiketh Potlapally works as a security validation team lead in Intel’s Security Center of Excellence. He has worked on improving security assurance of Intel processor and chipset products in client desktop and mobile systems, and was involved in validating security of key platform-level security technologies such as Trusted Execution Technology (TXT) and Active Management Technology (AMT). His research interests comprise investigating security of systems with respect to their hardware and software implementations in order to build secure systems, and he has published his research in peer-reviewed conferences and journals. He holds a PhD in Electrical Engineering from Princeton University.

Dr. Youngok Pino

Dr. Youngok Pino is an Electronics Engineer/Program Manager at the Information Directorate, Air Force Research Laboratory, Rome, NY. Dr. Pino is responsible for the research and development on advanced computing architecture technologies to provide secure computational capabilities to information systems. Her research areas include high assurance computing architectures, trusted computing and hardware design synthesis for trust and security.

Dr. Pino began her professional career at the International Business Machines (IBM), Burlington, VT and was involved in developing and implementing ASICs methodologies in the area of Physical Design, Signal/Power Routing, and Timing optimization and developing compact model analytic stress formulation for IBM’s most advanced 32nm node SOI and bulk CMOS technologies as well as passive compact modeling. She received her PhD in Electrical Engineering from Rensselaer Polytechnic Institute.

Dr. Sek Chai, Technical Manager, SRI International Sarnoff

Sek Chai leads an architecture team focused on embedded computing activities at SRI. He is working on secured and trusted design for embedded systems with applications in robotics, surveillance and intelligence. Prior to joining SRI Sarnoff, Dr. Chai developed imaging and video solutions for next generation mobile devices and home broadband products at Motorola Labs. He is a senior member of IEEE and ACM. He has authored or co-authored peer-reviewed technical papers and patents relating to system architecture hardware and rapid prototyping. He holds a PhD in Electrical Engineering from Georgia Tech.

Sergey Panasyuk

Sergey Panasyuk is employed as a Computer Scientist at the Air Force Research Laboratory's Information Directorate in Rome NY. He joined AFRL in 2008 and is assigned to the Trusted Systems Branch (AFRL/RITA). In his current position; Sergey focuses on research and development of technologies related to the application of advanced computing to Information Assurance and Trusted Computing. Sergey has more than nine years of professional experience as embedded system developer.

Sergey received his Bachelor of Science in Computer/Information Science with Minor in Mathematics from SUNY Institute of Technology at Utica/Rome in 2002. In 2008 he received Master of Science in Computer/Information Science from the same institution.

NYU-Poly AT&T Best Applied Cyber Security Award

David K.A. Mordecai

David K.A. Mordecai is the President and co-founder of Risk Economics, Inc. (RiskEcon), a New York City based advisory firm. RiskEcon specializes in the application of computational economics to the proprietary development and scalable implementation of robust modeling and data analytic frameworks for valuation, strategic and systemic risk analysis, and dynamic asset-liability management.

Dr. Mordecai is a Visiting Scholar at the recently established Risk Economics Lab for Decision Metrics at the Courant Institute for Mathematical Sciences at New York University. He is also a Fellow at, and a member of the Advisory Board of, the Mathematical Finance Program at Courant and has served as a guest lecturer for the program since 2006.

Dr. Mordecai is also a Senior Advisor to, and member of the Advisory Committee of, Compass Lexecon, an economic consulting firm, specializing in forensic valuation, litigation and regulatory analysis. Compass Lexecon is a unit of FTI Consulting, a NYSE traded corporation. His expertise includes: economic damages related to market structure; financial institutions governance; and complex issues related to finance, economics and market standards and practices within securities, derivatives and commodities markets, the financial sector and a broad range of non-financial industry sectors.

During his thirty year tenure in the financial services industry, Dr. Mordecai has served as a Managing Director at Swiss Re, where he led Relative-Value Market Strategies, a quantitative economics and financial engineering function with the global mandate to develop firm-wide and industry standards, benchmarks and frameworks for the valuation and trading of exposures underlying long-dated life, health, medical and pension liabilities as well as geopolitical risk. Prior to this, he served as Senior Advisor to the Head of Swiss Re Financial Services. Previously, at a multi-strategy hedge fund with $10 Billion of assets under management, he was Managing Director of Structured Products, responsible for $5 billion CDO assets. Prior to his role as a hedge fund manager, he was Vice President of Financial Engineering/Principal Finance at AIG, and a Director at the rating agency Fitch. During the first decade of his career, he specialized in credit analysis and the origination, structuring, and trading of leveraged loans for non-recourse project finance and highly leveraged transactions involving corporations and financial institutions.

Dr. Mordecai has served as an advisor on systemic risk issues to the Federal Reserve, the International Monetary Fund (IMF), and the Commodities and Futures Trading Commission (CFTC), and as an advisor on hedge fund valuation issues to the International Organization of Securities Commissions (IOSCO). He has also been a member of the Investment Advisory Committee of the New York Mercantile Exchange (NYMEX). He is the founding Co-Chair of the International Association of Financial Engineers’ (IAFE) Liquidity Risk

Baris Coskun, Researcher, AT&T Security Research Center

Baris Coskun is a researcher at the AT&T Security Research Center. He is interested in the general area of computer and information security. He is particularly interested in multimedia security and network security. His recent research focuses on network-based detection of malware, botnet and other malicious activities.

Baris received his PhD from Polytechnic Institute of NYU, his MS and BS from Bogazici University (Turkey), all in Electrical Engineering. He joined AT&T in 2010. He was a summer intern at Microsoft Research in 2006 and 2007. Before starting PhD, Baris was a Software Engineer at Argela. Baris was the winner of 2009 CSAW Best Applied Security Research Award.

Cristina Serban, PhD, CISSP, Researcher, AT&T Security Research Center

Cristina Serban is a researcher with the AT&T Security Research Center. Her research interests include security and privacy for mobility and cloud, as well as CDN and IPTV security, and their implications on service security. She is also one of the main organizers of the Annual AT&T Cyber Security Conference http://tawkster.att.com/securityconference.

Cristina is involved with major security conferences including ACSAC, NSPW, and COMPSAC, where she served as member of Steering Committee, Organizing Committee and PC for many years. She received her Ph.D. in computer security from the Missouri University of Science and Technology.

Randy David Smith, Senior Member, Technical Staff, Sandia National Laboratories

Randy Smith, PhD, is a Senior Member of Technical Staff at Sandia National Laboratories. He is involved in and leads a number of activities at Sandia ranging from system analysis and design to algorithm research and development for streaming network analysis, all from the perspective of improving security.

Previously, Randy worked in the telecommunications industry for several years, where among other things he developed telephony signaling software for carrier-grade products, bridging IP-based and legacy protocols.

Randy has a PhD in Computer Science from University of Wisconsin—Madison. His dissertation work focused on models, algorithms, and architectures in support of high-speed network analysis. He also holds a BS in Mathematics and an MS in Computer Science from Brigham Young University.

Sounil Yu, Senior Associate, Booz Allen Hamilton

Sounil Yu is a security evangelist with 30 years of hands on experience creating, breaking, and fixing computer and network systems. His clients include private and public sector institutions spanning from multiple Fortune 100 companies with three letters on the stock exchange to secretive three letter agencies that aren't. Sounil also specializes in establishing, managing, and protecting startups within the environment of an existing large enterprise. Every summer, he runs an intern program with over 100 students to channel their energy and creative ideas into plans for world domination. Although he enjoys writing about himself in the third person, he would rather meet people in person to share ideas and experiences rather than writing it up in a short bio. Sounil lives in Northern Virginia with his wife and their four homeschooled children.

Marc Donner, PhD, Engineering Director, Google Health

Marc Donner, PhD, has over 30 years of experience in engineering of hardware, software, and complex systems. He is currently engineering director for Google Health.

Before taking on Health, Donner was the engineering site director for ads development in New York and looked after the DoubleClick integration into Google. Prior to joining Google, he worked at Morgan Stanley as an executive director, where he led a series of projects ranging from one of the first corporate intranets, re-engineering of the broker-dealer back office systems, elimination of paper from the clearance and settlement systems, and event-based simulation forecast modeling for individuals and enterprises. Before joining Morgan Stanley, Donner was a research staff member at IBM Research, where he developed a juggling robot, introduced UNIX and TCP/IP networking, initiated the Agora distributed computing environment, and wrote the Op Cit bibliographic markup system for IBM's GML text processing system. Prior to IBM, he worked at NASA's Jet Propulsion Lab where he developed an extremely high capacity recording system to support planetary radar signal processing.

Donner holds a BS in Engineering from Caltech and a PhD in Computer Science from Carnegie-Mellon University, where his dissertation work made Ivan Sutherland's six-legged robot walk. He serves as associate editor-in-chief of the IEEE Computer Society magazine, "Security & Privacy" and he has been the organizer of the New York CTO Club. He is a member of the Association for Computing Machinery, the Institute of Electrical and Electronic Engineers, and of USENIX.

Shari Lawrence Pfleeger, Director of Research for Institure for Information Infrastructure Protection, Dartmouth College

Shari Lawrence Pfleeger is the Director of Research for the Institute for Information Infrastructure Protection at Dartmouth College, a consortium of leading universities, national laboratories and nonprofit institutions dedicated to strengthening the cyber infrastructure of the United States.

Shari was a senior researcher at the RAND Corporation, a not-for-profit company doing high-quality, high-impact research in the public interest.  At RAND, she worked on policy and decision-making issues that helped organizations and government agencies understand whether and how information technology supports their mission and goals.From 1982 to 2002, Dr. Pfleeger was president of Systems/Software, Inc., a consultancy specializing in software engineering and technology. From 1997 to 2000, she was also a visiting professor at the University of Maryland's computer science department. She was founder and director of Howard  University's Center for Research in Evaluating Software Technology (CREST), and was a visiting scientist at the City University (London) Centre for Software Reliability, principal scientist at MITRE Corporation's Software Engineering Center, and manager of the measurement program at the Contel Technology Center.

Dr. Matthew Campagna, Director, Certicom Research

Matthew Campagna joined Certicom in 2007 as the Director of Research. At Certicom, Matthew has been focused on defining strategy for Research, Standardization, and Intellectual Property generation. Matthew has specialized on development of efficient implementation and the development of new cryptographic primitives using elliptic curve cryptography.

Prior to joining Certicom, Matthew managed the Secure Systems research group at Pitney Bowes' Advanced Concepts and Technology division. In addition to managing Matthew functioned as the group's lead cryptographic researcher. Matthew focused was on developing, engineering and deploying efficient public key systems for low cost and low computing power devices communicating over restricted communication channels. Matthew worked for the National Security Agency as a senior cryptologic mathematician focused on commercial cryptography. He holds a Ph.D. in mathematics from Wesleyan University in group theory, and a bachelor’s degree in mathematics from Fordham University.

Henry Mendenhall, Senior Fellow, Lockheed Martin

Henry Mendenhall is a Lockheed Martin Senior Fellow, and is a Chief Scientist at the Lockheed Martin Advanced Technology Laboratories in Cherry Hill, NJ. In his role as Chief Scientist, Henry provides technical oversight for the laboratory's Cyber-Security R&D.

Gus de los Reyes, Executive Director, AT&T Security R&D Center

Gus is an Executive Director of Technology Security in the AT&T Chief Security Office (CSO).  Gus leads the AT&T Security R&D Team under the AT&T Chief Security Officer -- Ed Amoroso.  The Security R&D Team is responsible for looking ahead at both the threat and opportunity landscape in AT&T’s priority services such as Mobility and Cloud Computing.

Previously, Gus had responsibility for defining the security architecture and security requirements for key AT&T IP Services such as AT&T Business and Consumer VoIP Services.

Gus has been with AT&T for 22 years.  He has contributed to AT&T in the areas of robust design, service delivery, and photonic development.

Gus has a PhD in Electrical Engineering from Columbia University.  He has a BSME and MSE from MIT.  Before joining AT&T, Gus designed control systems for General Electric Aircraft Engines.

Bill Horne, Research Manager, Cloud and Security Lab of HP Labs.

Bill Horne is a Research Manager in the Cloud and Security Lab of HP Labs.  He primary areas of interest are security, algorithms and machine learning.  He manages HP Labs’ Princeton research facility and oversees research projects involving systems and network security, cryptography, privacy and risk management.  Prior to joining HP, he held industrial research positions at InterTrust Technologies and NEC Research Institute.

Chesert J. Maciag, Chief of the Cyber Offense Branch, Information Directorate, Air Force Research Lab

Chesert Maciag is chief of the Cyber Offense Branch, Information Directorate, Air Force Research Lab, Rome NY. In this capacity he is responsible for the planning, execution, development, and transition of basic and applied technologies to enable the Air Force to “fly and fight in cyberspace.”  Prior to his current position, Mr. Maciag was a senior computer engineer with over 15 years experience developing AF technology solutions in the areas of network management, firewalls, guards, intrusion detection, digital forensics, and enterprise protection planning.  He has authored 12 papers in the field of information assurance and information operations, and is co-author of a book chapter on live computer forensic techniques. 

In addition, Mr. Maciag has served since 2001 as an adjunct professor at Utica College and teaches in the award-winning Economic Crime Management master’s program.  He has experience teaching at the undergraduate and graduate levels on the topics of information security, and Internet security.  He has extensive experience in classroom, residency, and online delivery formats. He has assisted in the development of the undergraduate Information Security degree program, and was the Federal consultant during the development of the successful 2002 National Science Foundation Grant “Building Excellence in Information Assurance for Federal Cyber Science.”

Mr. Maciag has a B.S. in Electrical Engineering from Rochester Institute of Technology, and a M.S. in Economic Crime Management from Utica College.

Ton Kalker, FutureWei Technologies, VP of Technology

Marcus Sachs, Vice President for National Security Policy, Verizon, Washington, D.C.

Security Awareness Video

Samantha Kappagoda

Samantha Kappagoda is Chief Economist of Risk Economics, Inc (RiskEcon). She provides consulting services by applying rigorous analytics to large-scale real world geopolitical and socioeconomic issues relating to macroeconomics and demographics, including areas within labor, housing, consumption and consumer behavior, global population, immigration, environment, health and aging. She is also a Visiting Scholar at the recently established Risk Economics Lab for Decision Metrics at the Courant Institute for Mathematical Sciences at New York University.

Previously, she was Senior Economist at Caxton Associates LP, a hedge fund established in 1983, investing in global fixed income, currencies, commodities and equities. She was a key member of Caxton Global, the firm’s flagship global macro fund, which at its peak had approximately $12 billion of assets under management. Her views on the global economy and markets guided the firm's senior decision makers during her thirteen year tenure there. Prior to entering the financial markets, Samantha was an Economist in the Operations Evaluation Department of The World Bank in Washington D.C., working on the evaluation of structural adjustment lending programs, with a primary focus on the outcome, impact and sustainability of these programs in developing countries.

Samantha pursues her broader research by serving as a senior editorial advisory board member of The Journal of Risk Finance (JRF), an Emerald Publications journal which provides a rigorous forum for the publication, both by academics and practitioners, of theoretical and empirical research related to the financing of risk, with a long-standing focus on issues of market convergence. She was originally the founding Managing Editor of JRF in 1999, initially published by Institutional Investor Journals/Euromoney, before its successful sale to its current publisher. She has also served as Special Editor to The Journal of Alternative Investments, another Institutional Investor journal.

Samantha received an M.B.A. in Analytic Finance and Statistics from the University of Chicago, Booth School of Business. She also holds a M.A. in Economics from the University of Toronto, and graduated with a B.Sc. (Honors) in Mathematics from Imperial College, London.

Samantha was born in Sri Lanka, and has also resided in Canada, the Philippines, Singapore, and the United Kingdom. Her biography is included in Who’s Who in the World, Who’s Who in America, Who’s Who in Finance and Industry, Who’s Who of American Women, and Canadian Who’s Who. She currently serves on the board of directors of Hudson Valley Shakespeare Festival in Garrison and Glynwood in Cold Spring. She divides her time between Manhattan and the Hudson Valley region.

Jenn Lesser, Security Operations Manger, Facebook

Jenn is the Security Operations Manager at Facebook. In her current role, Jenn is responsible for budget and roadmap management, along with Program Management for key cross functional initiatives, both inside and outside Facebook. She most recently program managed a Cyber Security Awareness month long campaign for all Facebook employees. Prior to her employment at Facebook, Jenn was Chief of Staff for the CISO at PayPal where she was responsible for budgeting, metrics and reporting, training and awareness, strategic planning, and governance. She has over 10 years industry experience, holds her PMP and CRISC certifications and is a graduate of St. Mary’s College of California where she received a B.A. in Communications.

Todd Aven, Technology Fellow / Security Solutions Architect, Goldman Sachs & Co.

Todd Aven has been a member of the Technology Risk Management team since 2003, specializing in application risk and security solutions. Prior to this, Todd managed several engineering teams at the firm. Before joining Goldman Sachs, Todd worked for several technology start-up companies, managed the mid-range systems for Computer Associates, and built out a global e-mail and directory backbone for Bankers Trust. He earned his B.S. in Physics at the University of Maryland.

David Peach, Information Security Manager, The Economist Group

David is head of Information Security - a role he has held for 18 months. Before this he worked in various operational and strategic roles in IT and for Economist Group businesses - always with a security focus. He's worked for The Economist Group since 1998 - until 2005 was based in London, and since 2005 has been in New York. He holds a CISSP certification and a B.Sc. in Computer Science from the University of Portsmouth in the UK.

Michael Shive, Department of Defense Multimedia Producer

Michael Shive has become a recognized leader throughout the Intelligence Community for his outstanding video productions. Over the past several years a panel of media experts from across the IC have nominated his projects 8 different times for the ICY Award for Media Excellence, the IC's coveted equivalent to the Oscar. He has received 5 "First Place" awards for his work and 3 "Finalist" awards - more than any other producer in the Intelligence Community.

He is probably best known for his contributions to the Cyber Defense Exercise (CDX) video. Recognizing that this annual exercise presents a powerful message on America's most critical vulnerability and one of the Department of Defense's most critical missions: CYBER security, Mr. Shive has created three award-winning videos based on CDX that continue to be used to educate and inspire a wide audience about cyber security

Anna Weeks, Program Manager, Assured Cloud Computing University Center of Excellence

Anna Weeks is a Program Manager for the several organizations including the Assured Cloud Computing University Center of Excellence. She works with the Air Force Office of Scientific Research (AFOSR) encouraging and managing Basic Research Projects and is also involved in managing cyber security projects with universities such as Purdue and the University of Tulsa. Her Bio-Medical Engineering degree is from Rensselaer Polytechnic Institute and she has a Masters Degree in business from the State University of New York Institute of Technology.

High School Cyber Forensics

Donald R. Proctor Senior Vice President, Office of the Chairman and CEO Cisco

Don Proctor is a Senior Vice President at Cisco in the Office of the Chairman and CEO. As the leader of Cisco's Cybersecurity Task Force, he works with Cisco customers and partners, as well as worldwide government leaders in defense, civilian agencies, and the intelligence community to advance the safety, privacy, and integrity of their critical network infrastructure. In his tenure at Cisco, Proctor has served on or led a broad variety of Cisco's corporate boards and councils, including the Enterprise Business Council, the Cisco Development Council, the Software Council, the Diversity and Inclusion Council, the Public Policy Council, and the Cancer Support Network.

Proctor joined Cisco in 1995 and has held a variety of leadership positions in the company's enterprise, commercial, and service provider businesses. Most recently, he led Cisco's software development group and was responsible for Cisco's VoIP, web collaboration, Cisco IOS, network management, and global government solutions businesses. Before that, he was Vice President and General Manager of Cisco's Service Provider Switching Group, the Voice Technology Group, and the Collaboration Software Group. Early in his tenure at Cisco, he led the product team that developed Cisco's first integrated voice/data router. Prior to joining Cisco, he worked for software maker Sybase

A graduate of the University of California, Berkeley, Proctor is also part of the professional faculty in the Management of Technology graduate program at UC Berkeley's Haas School of Business and formerly taught in the UC Berkeley Extension Telecommunications Engineering certification program.

Carl S. Young -Managing Director and Chief Security Officer

Carl S. Young, Managing Director at Stroz Friedberg, is an applied physicist and internationally recognized security risk consultant. As part of the firm’s Business Intelligence & Investigations practice, he serves clients as an expert advisor on individual and holistic security risk matters related to physical security, insider threats and terrorism. He is also a key contributor to the practice’s multidisciplinary due diligence and M&A engagement teams.

Prior to joining Stroz Friedberg, Mr. Young was a risk strategist and Global Head of Physical Security Technology at Goldman Sachs. There, he delivered a broad spectrum of security risk solutions, such as providing quantitative analyses of security risk, evaluating the effectiveness of proposed security technologies, creating unique anti-terrorism security solutions, and developing facility risk assessment and mitigation frameworks in high risk and/or complex environments . In particular, he led the security technology planning and installation effort for the new Goldman Sachs headquarters building at 200 West Street.

Over the course of fifteen years, he held a succession of senior posts at the Federal Bureau of Investigation (“FBI”) while managing sensitive national security programs. Mr. Young is credited with significantly enhancing the US government’s technical capabilities in addressing counterintelligence, counterterrorism and high-risk criminal threats.

In 1997, The White House awarded Mr. Young the President’s Foreign Intelligence Advisory Board (PFIAB) James R. Killian Award, in recognition of his individual contributions to national security. Mr. Young served as a consultant for four years to the renowned JASON Defense Advisory Group where he developed technical security solutions for a variety of government sponsors. During that time, the Director of Central Intelligence appointed him to serve on a blue ribbon panel to examine the effectiveness of technology in the Intelligence Community. Mr. Young was also selected to participate in the Council on Foreign Relations Roundtable Group on Homeland Security.

Mr. Young currently instructs on the technology of security and safety as an adjunct professor in the Department of Protection Management at the John Jay College of Criminal Justice (CUNY) in New York. He is a respected author whose physical security and risk articles appear in a number of scientific journals. Moreover, his recently published book, Metrics and Methods of Security Risk Management (Syngress 2010), has received critical acclaim for providing a much-needed analytic framework to assess security risk.

Mr. Young holds undergraduate and graduate degrees in Mathematics and Physics respectively from the Massachusetts Institute of Technology (MIT).

Eric K. Thompson, Founder & CTO, AccessData

Eric Thompson is responsible for setting the company's strategic direction and leading its growth as a global provider of computer forensics, cryptography and password recovery software and services. An award-winning expert on the topic of encryption, decryption and computer forensics, Eric Thompson has presented research on cryptography and code breaking to Congress. He has also worked with the DoD and was recognized for his code breaking expertise that led to the largest drug arrest in Bolivian history. He is a frequent guest instructor at the Federal Law Enforcement Training Center (FLETC) and at High Tech Criminal Investigation Association (HTCIA) events. Thompson is an honorary lifetime member of the International Association of Computer Investigative Specialists (IACIS).

Warren Kruse, Principal, Cyber Technology, Booz Allen Hamilton

Warren Kruse is a Principal with Booz Allen Hamilton’s Cyber Technology Team, providing functional leadership in Cyber Security Operations, and developing eDiscovery capabilities across the firm’s markets. He is a primary leader for the Red Bank, NJ office, with a major role in the BRAC (Defense Base Closure and Realignment Commission) transition. He has spent the last two decades between law enforcement and as a consultant supporting various agencies with incident response, computer forensics and eDiscovery.

Mr. Kruse is the President of the Digital Forensics Certification Board (DFCB), a project of the National Center for Forensic Science, and University of Central Florida.

He is a frequent lecturer on the subjects of eDiscovery, computer forensics, incident response and cybercrime and has extensive experience in computer forensic cases involving some of the largest law firms and corporations in the world. He was a consulting expert for Continental Airlines, US Air, Cirrus Aircraft, for electronic discovery preservation, collection and identification of electronically stored information. He is the author of “Computer Forensics: Incident Response Essentials,” and has supported incident response projects across a wide range of major U.S. corporations and agencies. In addition: led a team of computer forensic experts in a three-year engagement in support of a fraud investigation task force at the world’s largest international cooperative organization; expert for AMD on the AMD versus Intel Antitrust lawsuit; led the forensics on the two billion dollar "Comtraid" theft of IP; supported a financial statement inquiry into 50 officers of a Fortune 500 manufacturing company; and testified as a computer forensic expert for the US Securities and Exchange Commission (SEC) on issues involving the intentional destruction of data.

In addition, he was the recipient of the International High Tech Crime Investigative Association’s (HTCIA) “High Tech Case of the Year” award for the “Comtraid” Theft of Intellectual Property investigation.