Faculty Directory

Dave is the Founder and Owner of TrustedSec, an information security consulting firm, and Binary Defense, a Managed Security Service Provider (MSSP) that detects attackers early to prevent large-scale invasions. In addition to creating several widely popular open-source tools, including 'The Social-Engineer Toolkit' (SET), PenTesters Framework (PTF), and Artillery. David has also released security advisories, including zero-days, with a focus on security research.

Prior to his work in the private sector, Dave served in the United States Marine Corps (USMC), focusing on cyber warfare and forensics analysis activities, including two tours to Iraq. He also served on the board of directors for (ISC)2, which is one of the largest security collectives and offers certifications such as the CISSP.

Lee Kim specializes in cybersecurity, data privacy, governance, compliance, and generative artificial intelligence. Her insights are informed by her scientific training, creative pursuits, and diverse professional background. She presents before a wide range of domestic and international audiences. She has significant experience with the media and has been featured on the Canadian Broadcasting Corporation (live and pre-recorded interviews), radio shows, and podcasts. She also has significant experience working in the public policy realm, including with Congressional staffers and various governmental agencies around the world.

By way of background, Lee is an AV preeminent peer review rated attorney (a distinction that only 10% of all attorneys have earned according to Martindale-Hubbell). (Note, however, that while Lee is an attorney, she does not provide legal services through IANS.) Additionally, prior to law school, Lee worked as a database, system, and web administrator at a major university, software company, and a major academic medical center.

Lee is currently serving as an analyst with the US Department of Homeland Security Analytic Exchange Program. Over the years, her teams’ research topics have included phishing, healthcare cybersecurity, patient safety, and maritime and port cybersecurity.

Lee serves as a Director of InfraGard Northern Capital Region, Vice Chair of the Policy Committee of the American Bar Association Health Law Section, and National Visiting Committee member of the National Cybersecurity Training and Education Center. Previously, Lee served with the ISC2 Government Advisory Council Executive Writers Bureau.

Please note: The advice that Lee Kim provides through IANS is not legal advice and is not intended to be relied on as such. There is no attorney-client relationship.

AJ is the CISO for Hunter Strategy where he leads their Cyber Security consulting practice advising clients in public, private, and government spaces. His core skills include cyber security leadership, security architecture, third-party vendor risk management, program management, and general governance practices.

Prior to his current role, AJ has developed information security programs from the ground up leading extensive cybersecurity teams in support of globally distributed companies. AJ actively seeks opportunities to add value to organizations and measurably increase their overall security posture. As an active member in the information security community AJ is a member of ISSA, Infragard, and a regular at local events such as SecDSM and SecKC.

John is an IT Security Engineer for Verizon Wireless and is a member of OWASP, ISC2, and ISSA. In his career, John has architected solutions that allowed companies to be PCI-DSS compliant, protected 100 million customers sensitive information and over 6 billion sensitive data elements, and created one of the first complete Enterprise Mobile Application Security policy for a major telecom company. He has also served by developing high-performance aircraft test systems for the US Department of Defense aircrafts such as B-1, B-2, and YF-22.

Dr. Ondrej Krehel is the Founder, CEO, and Digital Forensics Lead of LIFARS LLC, an international cybersecurity and digital forensics firm. He is also the Co-Founder and an Advisory Board Member of QuBit Conference, an events and training company dedicated to connecting the information security community. Ondrej is an accomplished speaker having lectured for FBI Training Academy and the National Executive Institute. He also serves as a member of New York Metro Infragard, as the Chapter Leader of OWASP NYC, and as a Distinguished Fellow with the Ponemon Institute.

Eric is a Senior Security Consultant at Secure Ideas, an information security consulting company that focuses on security testing, assessments, and training. He has spent close to 20 years working with Microsoft infrastructures for large Fortune 100 companies. Since its release, his core focus has been Active Directory. He was the technical leader and responsible for the engineering and architecture of one of the most complex and largest AD infrastructures used by one of the world’s largest banks. This included ongoing maintenance and major enhancements of not only a highly secure authentication environment, but also of all the supporting tool sets required to monitor its health and integrity.

Peter is the Managing Director at ClearSky Security, an information security solutions firm that focuses on threat intelligence services. He also serves as the Managing Partner at HypAdvisor Consulting, LLC, an advisory firm for technology companies. He is also an Advisor to the Pacific Northwest National Lab. Formerly, as the Lead Software Analyst for Morgan Stanley, he published industry-leading investment reports and led over 18 public transactions. In total, Peter was a Wall Street analyst for 15 years, which offered him the opportunity to work top executives in both public and private companies. As a visible voice for the software industry, Kuper is an active speaker to many professional and government groups.

Justin has over twenty years of experience in system administration, software development,
and information security. His core skills include regulatory and contractual compliance,
program management, payment card standards, and general governance and privacy practices
and frameworks.

He founded episki, a cloud-based governance tool geared toward helping mid-market
organizations manage their security programs. Justin also performs fractional CISO and
security consulting services for various clients in multiple industries, including areas
involving GRC, DevSecOps, Privacy, and other matters.

Before his current roles, Justin consulted with Fortune 1000 companies in information
systems, audit, governance, and cybersecurity. He has led the governance and security
practices for leading eCommerce and large financial services companies. Additionally,
Justin has spoken at conferences concerning risk management, the payment card industry
(PCI), security leadership, and general information security practices.

Dustin is the Co-founder and Chief Product & Technology Officer (CPTO) at Katilyst, a company which enhances companies' security cultures through engaging security champion programs. Previously, Dustin spent over a decade in technical roles as a software engineer and application architect in retail, US Department of Defense (DoD), and video game industries before moving into cybersecurity executive leadership and successfully implementing cybersecurity, application security, and security culture programs at large and small companies.

Ryan is the Founder and CEO of Neuvik, a cybersecurity research and development consultancy. He has spent the better part of two decades enhancing cyber programs at the world's largest institutions — from the Department of Defense to some of the most successful private and commercial organizations. He focuses largely on providing advanced capabilities for CISO's, as well as testing for best possible security practices at board of directors' requests.

Ryan’s C-level work experience also includes developing Board level metrics to measure and manage enterprise cyber risk, developing and instructing C-Suite cyber risk management courses, and establishing functional reporting metrics for assessing cyber readiness.

Dave has 30 years of industry experience. He has extensive experience in IT security operations and management. Dave is the Global Advisory CISO and Head of the Special Operations & Engagements team for 1Password. He is the founder of the security site Liquidmatrix Security Digest & podcast. He is currently a member of the board of directors for BSides Las Vegas. Dave has previously worked in critical infrastructure for 9 years as well as for companies such as Duo Security, Akamai, Cisco, AMD and IBM. Previously he served on the board of directors for (ISC)2 as well as being a founder of the BSides Toronto conference. Dave was a DEF CON speaker operations goon for 13 years. Lewis also serves on the advisory board for the Black Hat Sector Security Conference in Canada and the CFP review board for 44CON in the UK. Dave has previously written columns for Forbes, CSO Online, Huffington Post, The Daily Swig and others. 

Shannon is the Founder and CEO of ThirdScore. This followed her role as VP, Security at Adobe, where she led Product and Software Security. Shannon is also the Founder of DevSecOps, a non-profit organization committed to uniting security with DevOps and Agile practices via experimentation and education. Shannon is an award-winning security innovator and leader experienced in developing emerging security programs for Fortune 500 companies including Intuit, ServiceNow, Sony, Sempra, Savvis, Cable & Wireless, 99 Cents Only, Exodus, and Bank of America.

Anna is the Vice President Risk Officer Digital at the Navy Federal Credit Union. She returned to Navy Federal in 2023 from her previous time here from 2019 to 2021, when she was as Vice President of Vulnerability, Risk and Enterprise Security Services. Prior to her current role, Anna was the Senior Vice President Advance Cyber Defense and Digital Forensics and Incident Report teams at Booz Allen Hamilton Commercial sector. Before her time with NFCU and Booz Allen, Anna managed Global Information Security Engineering and Operations for Marriott International. In her earlier career days, Anna held various positions in the security field with Accenture and Sun Microsystems/Oracle.  As a technology executive, Anna is focusing on empowering innovation, fostering collaboration, and promoting risk-based approach to security. Her mission is to protect and enable the business by transforming the culture from “No” to “KNOW”. 

Josh is executive director of GuardedRisk, a firm devoted to the security and compliance of law firms, insurance companies, data processors and their clients. An internationally recognized digital forensics expert, Josh has strategized and performed on government corruption, bad compliance, protecting mission-critical data, and everything in between. Likewise, he has presented on topics ranging from Facial Recognition and National Security to audiences from government agencies, law enforcement, Fortune 5 companies, and many others.

Steve is a partner in Artico Search’s cybersecurity practice. He is an expert in security executive recruiting and compensation focused on recruiting best-in-class CISOs and their teams across various industries. He leads strategic partnerships and initiatives including Artico’s annual CISO compensation & budget survey conducted in collaboration with IANS.

Prior to Artico, Steve served in Caldwell Partner's cybersecurity practice and at Russell Reynolds associates.

Raffy is VP of Research and Intelligence at Forcepoint where he leads Forcepoint X-Labs, a specialized group dedicated to behavior-based security research and development of predictive intelligence to Forcepoint's human-centric product portfolio. Bringing more than 20 years of cybersecurity experience across engineering, analytics, research, and strategy, Raffy is one of the industry's most respected authorities on security data analytics, big data, and visualization. As such, he serves as an advisor to many technology startups. He is the author of Applied Security Visualization and is a frequent speaker at global academic and industry events. Additionally, Raffy has held key roles at IBM Research, ArcSight, and Splunk.