Board of Advisers
Our exclusive board of advisers guides this site’s coverage of security, fraud, privacy, risk management
and other key issues. These experts provide input about the latest hot topics and contribute insight for news
coverage, podcast interviews and guest blogs. They regularly offer expert advice about regulatory compliance and the
current threat landscape, as well as provide insights about risk management strategies and security technologies.
CISO, New York-Presbyterian
Aske is the CISO for New York-Presbyterian. Prior to this he was VP Information Security & Chief Security Officer of Nuance Communications as well as Chief Information Security and Privacy Officer of Partners HealthCare. Prior to Partners, Aske was the Chief Information Security Officer for UMass Memorial Hospital. Aske was also the Chief Information Security Officer for the Commonwealth of Massachusetts's Executive Office of Health and Human Services, responsible for coordinating information security across the 16 state agencies. Aske is a licensed attorney in the Commonwealth of Massachusetts.
International Vice President, ISACA
Boardman began his career with Deloitte in Cape Town, South Africa, and has more than 30 years of experience in IT audit, risk, security and consultancy roles at companies such as JPMorgan, Goldman Sachs, KPMG, PricewaterhouseCoopers, Marks and Spencer and the London Stock Exchange. He is a past president of the ISACA London Chapter and has served on the British Computer Society's Information Risk Management and Audit Committee. He has also served on and chaired ISACA's CISM Certification Committee and the Leadership Development Committee. He currently chairs ISACA's Credentialing Board and is a member of the association's Strategic Advisory Council.
Professor, George Washington University
Burley is a leading cybersecurity workforce expert. She has spent more than 15 years as a researcher and professor designing and evaluating computing education programs to build the IT workforce. She co-chaired the 2013 National Research Council report on professionalizing the nation's cybersecurity workforce, has been twice appointed (2012, 2013) to the Virginia General Assembly JCOTS Cyber Security Advisory Committee, directed the NSF Cyber Corps program, and has been honored by the Federal CIO Council.
Director, Darwin Deason Institute for Cyber Security at Southern Methodist University
Chang is the Director of the Darwin Deason Institute for Cyber Security, the Bobby B. Lyle Endowed Centennial Distinguished Chair in Cyber Security and Professor in the Department of Computer Science and Engineering in SMU's Lyle School of Engineering. He is the former director of research at the National Security Agency and was previously the president and COO of 21CT, Inc. Chang has been awarded the National Security Agency Director's Distinguished Service Medal, and served as a member of the Commission on Cyber Security for the 44th Presidency.
National Director, U.S. Cyber Challenge, and Partner, KE&T Partners
As head of the Cyber Challenge, Evans oversees an organization focused on searching for talent to strengthen the cybersecurity workforce in and out of government. Evans previously served as the federal government's de facto chief information officer - officially, administrator for information technology and e-government in the White House Office of Management and Budget - overseeing $70 billion-plus in federal government spending on IT. Earlier, she served as chief information officer at the Department of Energy.
Senior Cybersecurity Consultant, SecureInfo, a Kratos Company
Patrick D. Howard has over 40 years experience in security, including 20 years service as a U.S. Army military police officer, and has specialized in information security since 1989. He previously served as CISO for the Nuclear Regulatory Commission in Rockville, Md. from 2008 to 2012, and for the Department of Housing and Urban Development from 2005 to 2008.
CEO & President, International Association of Privacy Professionals
Hughes is an attorney specializing in e-commerce, privacy and technology law. In his role as executive director of the IAPP, Hughes leads the world's largest association of privacy professionals. He has testified before the U.S. Congress Commerce Committee, the U.S. Senate Commerce Committee, the U.S. Federal Trade Commission and the EU Parliament on issues of privacy and data protection, spam prevention and privacy-sensitive technologies.
Former CISO, Merrill Lynch and Citi
Steve Katz is the founder and President of Security Risk Solutions, LLC an information security company providing consulting, mentoring, coaching and advisory services to major, mid-size, startup and venture capital companies. He is an Executive Advisor to Deloitte, and is on the Advisory Boards for, Agari. Veriphyr, Glasswall, Vaultive, and TrustMapp He has also served as a member of the (ISC)² Americas Advisory Board for Information Systems Security as well as Advisor to the Executive Committee of the Financial Services Sector Coordinating Council (FSSCC). In 1995, Katz joined Citicorp/Citigroup after the Russian hacking incident. At Citi, he was named as the industry's first Chief Information Security Officer. He spent the next six years directing Citigroup's global Corporate Information Security Office. Katz then joined Merrill Lynch as their Chief Information Security and Privacy Officer, where he organized and instituted the company-wide privacy and security program. He also served as the interim CISO and Advisor to the Head of Technology Risk at Kaiser Permanente. In addition to testifying before Congress on numerous information security issues and mentoring many Fortune 50 CISOs, he was appointed as the first Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury. Katz was also named as the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC) and is an Advisor to the National Health Sharing and Analysis Center (NH/ISAC) Board of Directors.
Digital Forensic Trainer, SANS Institute
Lee has more than 13 years experience in computer forensics, exploit discovery, intrusion detection/prevention, and incident response. He graduated from the U.S. Air Force Academy and served as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. He worked with government agencies as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and led a computer forensics and security software development team.
Vice President & Information Security Manager, Central Pacific Bank
Newman joined Central Pacific Bank as vice president & information security manager in February 2009. He oversees the bank's information security program and the protection of its information assets. Prior to joining CPB, Newman served as VP & risk manager for Washington Mutual and has managed various global and regional security and risk functions for Deutsche Bank and Citigroup in New York.
Co-Lead, Cybersecurity Preparedness and Response practice, Alston and Bird, and Former DOJ Cybercrime Prosecutor
Peretti is a partner in the Alston & Bird, LLP law firm's white collar crime group and co-chair of its security incident management and response team. She is also a former director of PricewaterhouseCoopers' cyberforensic service practice and a former senior litigator for the Department of Justice's Computer Crime and Intellectual Property Section. While at the Department of Justice, Peretti led several benchmark cybercrime investigations and prosecutions, including the prosecution of the TJX hacker Albert Gonzalez, currently serving 20 years in prison for his role in the largest hacking and identity theft case ever prosecuted by the department.
Professor of Computer Science, Purdue University
Commonly known as Spaf, Spafford is a professor of computer science at Purdue University and a leading computer security expert. He is one of the senior, most recognized leaders in the field of computing. With nearly three decades of experience as a researcher and instructor, Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy and computing curriculum design.
Tipton is the executive director for (ISC)Â², the global leader in educating and certifying information security professionals throughout their careers. Tipton previously served as president and chief executive officer of Ironman Technologies, where his clients included IBM, Perot Systems, EDS, Booz Allen Hamilton, ESRI, and Symantec. Before founding his own business, he served for five years as Chief Information Officer for the U.S. Department of the Interior.