Speakers

Dr. Michael Geist

Dr. Michael Geist is a law professor at the University of Ottawa where he holds the Canada Research Chair in Internet and E-commerce Law. He has obtained a Bachelor of Laws (LL.B.) degree from Osgoode Hall Law School in Toronto, Master of Laws (LL.M.) degrees from Cambridge University in the UK and Columbia Law School in New York, and a Doctorate in Law (J.S.D.) from Columbia Law School.

Dr. Geist is an internationally syndicated columnist on technology law issues with his regular column appearing in the Toronto Star and the Ottawa Citizen. Dr. Geist is the editor of From "Radical Extremism" to "Balanced Copyright": Canadian Copyright and the Digital Agenda (2010) and In the Public Interest: The Future of Canadian Copyright Law (2005), both published by Irwin Law, the editor of several monthly technology law publications, and the author of a popular blog on Internet and intellectual property law issues.

Dr. Geist serves on many boards, including the CANARIE Board of Directors, the Canadian Legal Information Institute Board of Directors, the Privacy Commissioner of Canada's Expert Advisory Board, the Electronic Frontier Foundation Advisory Board, and on the Information Program Sub-Board of the Open Society Institute. He has received numerous awards for his work including the Kroeger Award for Policy Leadership and the Public Knowledge IP3 Award in 2010, the Les Fowlie Award for Intellectual Freedom from the Ontario Library Association in 2009, the Electronic Frontier Foundation's Pioneer Award in 2008, Canarie's IWAY Public Leadership Award for his contribution to the development of the Internet in Canada and he was named one of Canada's Top 40 Under 40 in 2003. In 2010, Managing Intellectual Property named him on the 50 most influential people on intellectual property in the world and Canadian Lawyer named him one of the 25 most influential lawyers in Canada in 2011. More information can be obtained at http://www.michaelgeist.ca.

Charlie Miller

Charlie Miller is Principal Research Consultant at Accuvant Labs. He was the first with a public remote exploit for both the iPhone and a phone running Android. He won the CanSecWest Pwn2Own competition for the last four years. He's hacked Second Life and Batteries. He has authored two (and a half) information security books and holds a PhD from the University of Notre Dame.

Jim Reavis

Co-founder and Executive Director of CSA. Jim Reavis is the Executive Director of the CSA, and was recently named as one of the Top 10 cloud computing leaders by SearchCloudComputing.com. Jim is the President of Reavis Consulting Group, LLC, where he advises security companies, large enterprises and other organizations on the implications of new trends and how to take advantage of them. Jim has previously been an international board member of the ISSA and formerly served as the association's Executive Director. Jim currently serves in an advisory capacity for many of the industry's most successful companies.

2012 Speakers

Chuck Ben-Tzur is an IT Security professional and a senior manager with over 15 years of experience in the industry. Chuck managed several security professional teams including advisory services, risk analysts, security operations and application development. In addition, Chuck experience includes managing and executing large IT Security projects for organizations in various industries (finance, utilities, retail, telecommunication and more). Chuck's areas of expertise also include hands-on application and network vulnerability assessment, penetration testing, risk and threat analysis, compliance and security program development and implementation.

Kevvie Fowler (GCFA Gold, SANS Forensicator, CISSP) leads the TELUS Intelligent Analysis practice where he delivers advanced event analysis and proactive intelligence to protect customers against present and emerging threats.

He is also the founder and CEO of Ringzero, a security research and forensic services company. Kevvie's recent research has focused on database forensics, rootkits and native encryption flaws which he has presented at industry conferences and by invitation to Microsoft. As author of "SQL Server Forensic Analysis" and contributing author to several forensics and security books, Kevvie serves as a trusted advisor to public and private sector clients. He serves as a resource to the media and has been featured within Information Security Magazine, Dark Reading and Kaspersky Threat Post.

Kevvie holds multiple security certifications and is a recognized SANS Forensicator and GIAC Advisory Board member who helps guide the direction of emerging security and forensics research.

Seth Hardy is a Senior Security Analyst at the Citizen Lab, Munk School of Global Affairs, University of Toronto. Prior to the Citizen Lab, he worked for a large anti-virus vendor. Seth has worked extensively on analysis of document-based malware and AV evasion methods. Other areas of experience include: provably secure cryptography, random number generators, and network vulnerability research. Seth has spoken at a number of security conferences including Black Hat, DEF CON, SecTor, and the CCC. He holds degrees from Worcester Polytechnic Institute in Mathematics and Computer Science.

Naveed Ul Islam (BEE Telecom/DSP, CISSP, GCFA, MCSE, CCNA) is a Sr. Security Analyst at TELUS and the Security Intelligence architect within the TELUS Intelligent Analysis team. Naveed's other interests are in application forensics and security.

Previous to TELUS, Naveed was a security consultant for Microsoft USA where he performed security and privacy audits of Microsoft's core-business related websites and has secured several key sites such as Microsoft XBOX 360 host web site and Microsoft's internal auction site known as Micronews.

Gunter Ollmann has a long-held passion for threat research and currently serves as Vice President of Research at Damballa, where he is focused on inventing new crimeware mitigation technologies and the identification of criminal operators behind botnets and other advanced persistent threats. Prior to joining Damballa, he held the role of Chief Security Strategist at IBM, was responsible for predicting the evolution of future threats and helping guide IBM's overall security research and protection strategy, and was the key IBM spokesperson on evolving threats and mitigation techniques. Ollmann also served as the Director of X-Force at Internet Security Systems where he was responsible for the company's R&D advancements and the development of security technologies in the field of vulnerability scanning, intrusion prevention, web application protection, and malware detection.

Christopher Pogue, SpiderLabs Americas, Managing Consultant.

Having served as a US Army Signal Corps Warrant Officer, he has worked on digital forensic investigations and as Cyber Security Instructor. Pogue joined the IBM Internet Security Systems (ISS) X-Force after leaving the military. As a Penetration Tester and Forensic Investigator with IBM, he performed over 300 penetration test and 50 investigations for IBM internal contracts, as well as third party customers.

In his role with SpiderLabs, Pogue leads the US based Incident Response team that performs investigations all over the United States, Central and South America, and the Caribbean Islands. He also assists local, state, and federal law enforcement agencies with cases involving digital media.

Among his many achievements, Pogue was the original creator of the forensic methodology known as Sniper Forensics, which is fast emerging as the industry standard, with users including the Federal Bureau of Investigation and the United States Secret Service. Additionally, in 2010, Pogue was named as a SANS Thought Leader. Since its introduction in 2007, only 41 security professionals have been awarded this distinction.

Pogue holds a full range of professional certifications, including: Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Reverse Engineering Analyst (CREA), SANS GIAC Certified Forensic Analyst (GCFA), and Payment Card Industry Qualified Security Assessor (QSA). He also plays a leading role in a number of industry-relevant organizations, among them the Consortium of Digital Forensics Specialists (CDFS), and United States Secret Service Electronic Crimes Task Force (USSS ECTF). Pogue is the primary author of Unix and Linux Forensic Analysis by Syngress and the author of the award winning blog,

The Digital Standard. Pogue holds a BS in Applied Management from Grand Canyon University and an MS in Information Security from Capella University, as well as an active Top Secret (TP/SSBI) clearance.

Mike Rothman, Analyst & President, Securosis Mike's bold perspectives and irreverent style are invaluable as companies determine effective strategies to grapple with the dynamic security threatscape. Mike specializes in the sexy aspects of security, like protecting networks and endpoints, security management, and compliance. Mike is one of the most sought after speakers and commentators in the security business and brings a deep background in information security. After 20 years in and around security, he's one of the guys who "knows where the bodies are buried" in the space.

Starting his career as a programmer and a networking consultant, Mike joined META Group in 1993 and spearheaded META's initial foray into information security research. Mike left META in 1998 to found SHYM Technology, a pioneer in the PKI software market, and then held senior roles at CipherTrust and TruSecure -- providing experience in marketing, business development, and channel operations for both product and services companies.

After getting fed up with vendor life, he started Security Incite in 2006 to provide the voice of reason in an over-hyped yet underwhelming security industry. After taking a short detour as Senior VP, Strategy and CMO at eIQnetworks to chase shiny objects in security and compliance management, Mike joins Securosis with a rejuvenated cynicism about the state of security and what it takes to survive as a security professional.

Mike published "The Pragmatic CSO" in 2007 to introduce technically oriented security professionals to the nuances of what is required to be a senior security professional. He also possesses a very expensive engineering degree in Operations Research and Industrial Engineering from Cornell University. His folks are overjoyed that he uses literally zero percent of his very expensive education on a daily basis. He can be reached at mrothman (at) securosis (dot) com.

David Seidman is a Senior Security Program Manager on the Microsoft Security Response Center Software Security Incident Response team. Prior to working at the MSRC, David managed development of Microsoft Office security updates and service packs. He holds a Bachelor's degree in Computer Science and a Master's in Cognitive and Neural Systems from Boston University. When not putting out fires on the Internet, David enjoys triathlon, mountain climbing, and brewing his own beer.

Jeremy Tinder is a Security Program Manager at the Microsoft Security Response Center. If you have recently reported any Windows vulnerabilities you might have exchanged emails with him at secure@microsoft.com. Prior to working at the MSRC, Jeremy was an independent security consultant, teaching ethical hacking classes and helping businesses secure their networks.