"Cyber Security for Energy and Communications"
September 8-9, 2008
Hyatt Regency
Calgary, Alberta, Canada
Speaker Bios:
Yogen Appalraju
Yogen Appalraju was recently named Vice President of TELUS Security Solutions. He has over 17 years of experience in the IT information risk management and security sector, most of it in a leadership and customer facing role. As a chartered accountant, Yogen has used his understanding of business together with technology to be an advisor to customers assisting in the areas of IT risk, security and regulatory compliance.
Prior to TELUS, Yogen was Vice President, Security Services and Chief Information Security Officer at Emergis. Yogen led the Security Services business which had a strong focus on security compliance and managed security services, especially in the Healthcare, Retail and Oil & Gas verticals. As CISO, he also oversaw the Cyber Security program designed to protect Emergis' data centre environment that processes millions of financial transactions and healthcare records annually.
Prior to Emergis, Yogen worked at both Ernst & Young and KPMG in senior management and customer facing roles in Canada and internationally where he focused primarily on financial institutions, service providers and large corporations.
Yogen is an active member of the standards committee within the Canadian Institute of Chartered Accountants (CICA) and is frequently called upon to assist in developing technology related auditing standards. Most recently, he contributed to the revision of the CICA S5970 standard to incorporate the requirements laid out in the Sarbanes Oxley laws.
James Arlen
Mr. Arlen is a senior consultant currently engaged as the CISO of a mid-market publicly traded financial institution.
He has been involved with implementing a practical level of information security in Fortune 500, TSE 100, and major public-sector corporations for more than a decade. In his most recent posting, Mr. Arlen was deeply involved in preparatory work for NERC compliance in an NPCC Control Area.
Through the innovative application of lessons learned in a diverse working background, Mr. Arlen has successfully made information security an intrinsic part of the operations of many organizations.
Hy Chantz
Hy Chantz is a founding member of IBM's Global Security and Privacy Practice, where he is a Certified Executive Consultant. Hy specializes in addressing the security needs of utilities and regulated industries. He serves as architect, technology resource, and consultant in assessing and developing technology solutions . Hy has over thirty years of world-wide experience in these areas, and has prototyped, installed and operated hardware, software, and processes to appropriately address security and privacy implications in many large-scale telecommunications implementations. Hy is a Certified Information Systems Security Professional (CISSP) of the ISC2, and a licensed Professional Engineer in New York State. Hy holds many US FCC technical communications licenses.and has been a featured presenter at the US NJ FBI Infraguard regarding radio topics.
Ganesh Devarajan
Ganesh Devarajan is a security researcher within TippingPoint's Digital Vaccine group. Currently he focuses on SCADA security research and other application based security. Prior to TippingPoint, he worked as a security researcher for the CASE Research Center Syracuse, NY. He has publications in various fields such as SCADA Securities, RBAC, Wireless Securities, XML based Signatures and Runtime Software Application patches and holds a Masters Degree in Computer Engineering from Syracuse University, NY. He has previously presented at DEFCON, LayerOne, NPRA and various other Security Conferences.
Timothy Durnford
Timothy Durnford is the Country Manager for ArcSight Canada. He joined the ArcSight team over three years ago. He has held a variety of Management positions with enterprise software and storage companies over the past 20 years. In his current role, Tim is responsible for all aspects of ArcSight's growing business in Canada.
Tim has worked closely with many of the world's largest utilities, energy producers/distributors and oil + gas/pipeline companies to help defend critical infrastructure against cyber threats.
Kalvin Falconar
Mr. Falconar is an information management specialist with 22-years of experience working in the technology sector. In April of 2008 he took on the responsibility of the business development and growth of the CA Security Business Unit across Western Canada. CA Security solutions include industry leading automation technology to simplify system access and improve compliance.
Prior to this role, Kalvin supported key CA clients as a Customer Solution Architect covering the energy and telecommunications sectors. Additional experience included working with Xerox Global Services, SAS, ORACLE, and SHL in Western Canada. He is a graduate of architecture, certified project manager and a Lean Six Sigma practitioner. Located in Calgary, Alberta, Canada, Kalvin Falconar is married, and has two teenage children.
Dr. Stephen Flynn
Dr. Stephen Flynn is one of world's foremost authorities on homeland and maritime security and critical infrastructure protection. In his new landmark book, The Edge of Disaster: Rebuilding a Resilient Nation, Flynn details the major man-made and natural perils that will almost certainly confront the United States and offers a menu of actions the U.S. government, the private sector, and everyday Americans should undertake right now to manage these dangers. Flynn is also the author of the critically acclaimed and national bestseller, America the Vulnerable, the first book to comprehensively analyze America's susceptibility to deadly and disruptive attacks on America's domestic front, and to propose more inclusive, more democratic and ultimately more effective measures to confront our current state of homeland insecurity.
A Senior Fellow for National Security Studies at the Council on Foreign Relations and a former Commander in the United States Coast Guard, Flynn has been at the forefront of homeland and maritime security issues since long before the attacks of September 11. A graduate of the U.S. Coast Guard Academy, Flynn is a highly-decorated officer who spent twenty years on active duty in the Coast Guard, including twice in command at sea. He served in the White House Military Office during the George H. W. Bush administration and as a director for global issues on the National Security Council staff during the Bill Clinton administration. Dr. Flynn is currently a consulting professor at Stanford University's Center for International Security and Cooperation.
Brian Geffert
Brian is a Principal with Deloitte's Federal Security and Privacy Services Group in Washington, DC with over 16 years of experience with information security and privacy assessment, design and implementation across various industries and the Federal Government. Brian primarily focuses on the development of data protection programs to address regulatory requirements, such as FISMA, A-130, A-123 and HIPAA, which includes the implementation of identity and risk management solutions in addition to Brian's enterprise system implementation experience. Brian is a Certified Information Systems Security Professional (CISSP) with an advanced certification as an Information Systems Security Management Professional (ISSMP) and holds the Certified Information Security Manager (CISM) designation. In addition, Brian holds a BS from Penn State University and a MBA from University of Pittsburgh. Finally, Brian has published works on enterprise security programs and architectures; as well as, participated and led various industry panel discussions on information security and identity management.
Patrick Gray
Patrick Gray joined Cisco Systems after serving as the Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also comes to Cisco Systems after twenty years of service with the Federal Bureau of Investigation. Upon his retirement from the FBI in November 2001, he joined Internet Security Systems and created the X-Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X-Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first-hand knowledge of the hacking community, its aims and methodologies as they attack government, ecommerce, energy and financial entities relentlessly.
Prior to joining Internet Security Systems, Gray served as a Special Agent with the Federal Bureau of Investigation for twenty years and has served in Baltimore, Maryland, Daytona Beach, Florida, Washington, D.C. and Atlanta, Georgia. Gray was also assigned as a Supervisory Special Agent at FBI Headquarters, Washington, D.C. in the Intelligence Division where he was responsible for global counterintelligence investigations. While serving in the Washington, D.C. area, Gray was seconded to the National Security Agency where he was responsible for an FBI group that provided operational support to the Intelligence Community.
He was transferred to Atlanta in 1988 to assume Supervisory Duties for the FBI's Drug and Violent Gang Program in Georgia. In 1994, he assumed the duties as the Supervisor of the Technical Services Squad and served as the Acting Assistant Special Agent in Charge of the FBI in Georgia in 1996 and 1997 during the time of the spree of terrorist bombings at Centennial Olympic Park and two subsequent bombings at two women's clinics in Alabama and Georgia.
Gray was assigned as Supervisor of the Special Operations Group in 1994 which ultimately morphed into one of the FBI's first regional Cyber Crime Squads; and was a member of the FBI's elite Computer Assistance Response Team as a Forensic Examiner. He has investigated cases involving financial institutions, government agencies, commercial businesses and colleges and universities. He was also assigned to the investigation of the September 11 attacks. He was the Coordinator of the Atlanta Chapter of InfraGard, an alliance between the public and private sectors for the sharing of information regarding technology security issues. He grew the Atlanta Chapter of InfraGard into the largest chapter nationally. He continues to work closely with the FBI, the National Infrastructure Protection Center, the Department of Homeland Security and the White House.
Gray is a member of the American College of Forensic Examiners International and maintains a CHS Level III certification; is a member of the Association of Certified Fraud Examiners; the Information Systems Audit and Control Association; InfraGard Atlanta; the Atlanta Chapter of the Information Systems Security Association, and the International Information Systems Forensic Association. He has lectured at Colleges and Universities around the country. He has spoken at numerous technology events around the world to include Gartner Sector 5, Networld Interop, the IT World Congress, CIO Summit, GE Access, Forbes and others. He has been quoted in numerous newspapers, magazine articles and periodicals and makes regular cable television appearances.
Gray is a former Marine having served in Vietnam.
Barry Kokotailo
Barry Kokotailo currently works as a security specialist for the Edmonton Public School Board. He has over 22 years of experience in the field of information technology covering all aspects of the IT space. He has qualified as an Encase forensic specialist, one of 28 members in Canada and one of only three in Alberta. He is a certified Solaris administrator, certified Solaris network administrator, certified ethical hacker, registered engineering technologist, and certified information system security professional.
He teaches extensively. He has been part of the development of the security programs for NAIT and Concordia University College of Alberta. He lectures for key interest groups and has been qualified as an expert witness in legal proceedings.
Michael Legary
Michael is a Principal of Seccuris Inc, where he helps address business risks associated with Intellectual Property, Technology and Compliance in large North American organizations. He specializes in security architecture, risk assessment and forensic procedure for high risk enterprise.
Michael’s core passion lays in development of cutting edge security initiatives. Through Seccuris Labs Michael focuses include research in security information management architectures, trusted operating system design as well as risk assessment, code audit and forensic methodologies.
Lisa Lorenzin
Lisa Lorenzin is a Principal Solutions Architect with Juniper Networks,
specializing in security solutions, and a contributing member of Trusted
Network Connect (TNC), a work group of the Trusted Computing Group (TCG)
that defines an open architecture and standards for endpoint integrity
and network access control. She has worked in a variety of
Internet-related roles for the past 13 years, with more than a decade of
that focused on network and information security. Her experience in
data center, government and enterprise environments, as well as her
active participation and service in local user groups, has brought her a
thorough understanding of the challenges network administrators and
users face in today's world of expanding regulations and increasing
security threats.
Michael Martin
Michael Martin is an IBM Senior Managing Consultant. He consults on complex Radio Frequency systems, and digital media systems and architecture. Specifically, he serves as a technical consultant pertaining to digital media and wireless for the energy and utility, government, surveillance and communication industry sectors. His areas of expertise include baseband video, digital video surveillance, multifaceted radio frequency broadband systems including satellite, microwave, optical fiber, coaxial cable, broadband over power line and narrowband wireless systems, as well as broadband wired telecommunications, still imagery, and project management. He has held a variety of security clearances with the RCMP, DND, CSIS, and others. Mr. Martin possesses extensive post-secondary education and is a dedicated life-long learner. He has earned degrees, diplomas, and certifications from seven universities and is currently pursuing a Master of Arts in Communications and Technology at the University of Alberta. Last year, he earned his Master of Business Administration degree with Athabasca University. In addition, he serves on the Board of Governors and the Audit and Finance Committee at the University of Ontario Institute of Technology.
Donald Meyer
Donald Meyer, product marketing manager, High-End Security Systems at Juniper Networks has more than nine years of industry experience. In his current role, Meyer is responsible for Juniper’s high-end enterprise firewall and Intrusion Detection and Prevention (IDP) product lines. Prior to Juniper, Meyer served as product marketing manager for Nokia, where he worked to market and promote high-end Nokia IP security appliances as well as launch the Nokia relationship and product offerings with Sourcefire, Inc. Subsequently, he held various positions at Mitel, AlitGen Communications, and the Associated Press. Meyer holds a Bachelors of Science in Business Administration, marketing concentration, from San Jose State University.
Scott Montgomery
As vice president of product management at Secure Computing, Scott Montgomery is responsible for directing the tactical and strategic planning of Secure Computing’s product lines, and cultivating technical and OEM partnerships. Scott has more than ten years of security engineering, deployment, and consulting experience, and frequently serves as a presenter and on panel discussions at security conferences. He also acts as an advisor to a number of Washington DC security consultancies, and is Secure Computing’s representative to standards groups such as the Cyber Security Industry Alliance. Prior to joining Secure Computing, Scott spent five years at McAfee Security as the director of engineering services for the PGP Security products.
David Moore
David Moore is an expert on petroleum and chemical process security management, chemical security risk assessment, and process safety. He is actively involved in consulting and training assignments to industrial facilities and Governments worldwide. Mr. Moore has taught security and process safety curses for over 20 years to many of the world’s largest corporations.
Mr. Moore was the project manager of the AIChE CCPS® "Guidelines for Managing and Analyzing the Security Vulnerabilities of Fixed Chemical Sites", the security guidelines for the American Petroleum Institute (API), and the API/National Petrochemical and Refiners Association Security Vulnerability Assessment Methodology. He is the lead author of the 2008 edition of the AIChE CCPS® "Inherently Safer Chemical Processes; A Lifecycle Approach".
He has served in various capacities to advise the DHS on chemical security management and vulnerability assessment, including Chemical Facility Anti-Terrorism Standards 6 CFR Part 27. He served as the Sector Coordinator for petroleum, chemical, and LNG for the) initiative to develop a common vulnerability analysis standard ‘Risk Analysis and Management for Critical Asset Protection (RAMCAP).
Mr. Moore was formerly a Senior Engineer with Mobil Corporation in Princeton, NJ; and a Fire Protection Engineer with the National Fire Protection Association in Boston, MA. Mr. Moore is a Registered Professional Engineer. He is a board member for the Energy Security Council. He serves on the AIChE Center for Chemical Process Safety Technical Steering Committee, and the Mary Kay O’Connor Process Safety Center at Texas A&M University. He is a member of the American Institute of Chemical Engineers, the National Fire Protection Association, and the American Society of Industrial Security. He has an MBA, (NYU-1987), and a B.Sc., Fire Protection Engineering (University of Md.-1979).
Brian Phillips
Mr. Phillips brings more than 35 years of demonstrated experience in security, strategic planning and operational readiness to his role as the Director, Public Safety for Bell. A certified management consultant and project management professional, he is dedicated to providing information communications technology solutions to organizations that focus on delivering public safety. As part of Bell’s Vancouver 2010 Team, he is providing his expertise in the design and development of leading edge technology in strategic and tactical solutions that support public safety and critical infrastructure protection.
Prior to joining Bell, Mr. Phillips was a Principal Consultant at Qunara Inc. where he specialized in business strategy and IT consulting. He was previously a senior executive at the Royal Canadian Mounted Police, where he served for 28 years in protective policing operations, integrated intelligence services and corporate management functions.
Mr. Phillips’ work has involved planning the security and facilitation for a number of major world events, such as the 1988 Winter Olympics in Calgary, economic summits, and papal and royal visits to Canada.
Venkat Pothamsetty
Venkat Pothamsetty is a business development manager, Infrastructure Research and Development group in Cisco Systems. He is a noted industrial control systems security expert. He has authored several papers in the area and is the author of the industry first SCADA firewall (http://modbusfw.sf.net) and industry first SCADA honeynet (http://scadahoneynet.sf.net). He acted as a consultant for several owners and operators of industrial control systems on security issues.
Venkat has been working at Cisco for the past 8 years. He started as a security engineer in Cisco's Security Technologies Assessment Team and joined Critical Infrastructure Assurance Group as a research engineer.
Venkat has a MS in computer science from Wright State University and a MBA from University of Texas at Austin.
David Ruhlen
David Ruhlen has 20 years experience in the commercial and industrial building-systems sector with such firms as Honeywell, Siemens and Convergint Technologies. David has played a central role in the development, design and deployment of major converged-security initiatives, including an enterprise-wide integrated security access management project for TELUS. Based in Calgary, he has worked with Oilsands and Utilities clients in helping them to understand the business value of cyber-security solutions. He recently participated in the development of a NERC-based critical infrastructure protection initiative for an Alberta utility. David received his MBA from the University of Manitoba, is a member of ISACA and NERC, and has completed the written requirements for his CISM designation.
Mauricio Sanchez
Mauricio Sanchez is the Chief Network Security Architect for ProCurve Networking by HP, responsible for specifying ProCurve’s ProActive Defense security technology strategy across all product lines. He also assists in the design of security capabilities into ProCurve products and solutions.
Sanchez currently represents ProCurve in both IETF and TCG/TNC standards bodies. In the IETF, he has edited and co-authored a number of standards that improve RADIUS attributes, especially its ability to provision network access control (NAC) policy. In the TNC, he is the lead in defining the IF-PEP interface that resides between a network access server and a policy enforcement device. In addition, in conjunction with researchers from HP Labs, he was pivotal in the design of Virus Throttle technology and its incorporation into ProCurve products.
Sanchez joined ProCurve in 2000 as a Software Development Engineer, designing and developing switch fabric ASIC verification tools. He quickly expanded his focus from the low-level domain to the security domain, leading the design and implementation of several management security protocols included in ProCurve products. Since then, he has gained broad experience in the ongoing effort to meld network and security technologies that together are establishing the next generation in enterprise networking. Prior to ProCurve, he worked on network-attached storage devices at IPG. He also worked as a graduate research student for 3Com while in graduate school.
Sanchez holds a Bachelor of Science degree in Computer Engineering and a Master’s of Science degree in Electrical Engineering from Cal Poly, San Luis Obispo. He is registered as a CISSP and has 11 security-related patents pending.
Bryan Singer
Bryan Singer was named Vice-President of Security Services of Wurldtech in 2007 and is charged with leading the security team focused on improving the overall reliability, efficiency, and security of the systems and networks that operate industrial automation and critical infrastructure worldwide.
Mr. Singer joined WurldtechTM from FluidIQ's where he led the development and implementation of specialized security services for more than 3,000 industrial facilities worldwide, across numerous vertical industries. Prior to joining FluidIQ's, Mr. Singer was the Manager of Network and Security Services at Rockwell Automation. He began his professional career with the US Military focusing on issues such as physical, systems, network security and force protection. Since that time, he has worked in software development in over 25 professional coding languages, worked in UNIX and mainframe systems, supported large scale ERP, MES, LIMS, and SPC implementations, and has spent significant time in cyber security projects focusing on risk analysis, vulnerability testing, penetration testing, risk mitigation strategies, and enterprise architecture and design including technical and policy based countermeasures and remediation strategies.
Mr. Singer is the founding chairman and now co-chairman of ISA SP-99, Industrial Automation and Control Systems Security Standards Committee, a standards body focusing on the security issues of the control systems environment. He also serves on the NERC Cyber-Security Drafting Team and is also a US Technical Expert to multiple IEC standards bodies, a representative to the Idaho National Labs Recommended Practices Commission, a previous board member to the US Department of Homeland Defense's Process Control Systems Forum (PCSF), and is active globally as an industry advocate in industrial security and critical infrastructure protection. Mr. Singer has over 16 years experience working in industrial automation and critical infrastructure sectors - such as Power & Energy, Oil & Gas, Transportation and Water. Mr. Singer has a Bachelors' Degree in Computer Information Systems from Phoenix University, and holds the CISSP and CISM certifications.
Vaclav Vincalek
Vaclav Vincalek is the founder and president of Pacific Coast Information Systems (PCIS) Ltd., a Vancouver-based company that provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America. He has over 25 years of experience in the information technology industry.
In 1995, Mr. Vincalek started PCIS, turning it into one of British Columbia's leading providers of IT solutions for business. His strategic vision, proven management style, keen understanding of business technology and ability to predict and manage technology trends helped him to successfully grow PCIS. He oversees and mentors a talented team of technology and business specialists.
Mr. Vincalek launched Boonbox in 2007 as a division of PCIS, currently offering unique web security, password management and secure data backup solutions. The division was established in response to growing demand from businesses trying to remain competitive while faced with an increasingly complex IT landscape and greater demand on scarce IT resources.
Before founding PCIS, Mr. Vincalek was a Systems Analyst with Process Automation Controls Ltd. in Burnaby, BC, from 1991-1995. He has also worked with the Jones Soda Co. to invent a patented personalized bottle labeling process and developed the overall technical framework and oversaw the coordination of the development teams involved. He also developed BCTV's back-end web system in 1998.
Mr. Vincalek has spent four years in post-graduate university research and has a Masters degree in Electrical Engineering at Czech Technical University. During that time Mr. Vincalek also worked with Nokia in Tampere, Finland and later in Prague, Czech Republic.
Mr. Vincalek speaks at seminars about web security and integrating technology solutions to improve business productivity. He is a member of the Knowledge Management Community of Practice, British Columbia Technology Industry Association (BCTIA) and Academy for Technology company CEOs (ACETECH). He has been recognized by the IBM Systems Group for the work he completed on the HUB International Limited Intranet Development Project.
Mr. Vincalek produces the Pacific Coast Informer, authors a blog about technology trends and is frequently interviewed and quoted by media in programs and articles dealing with the technology industry, such as BCTV News, CBC radio, the National Post, Vancouver Sun, ComputerWorld Canada and BC Business Magazine. He can be reached at [email protected].
- Fourteen years of International and National work experience with IBM Canada as Public Safety Executive.
- Graduate of McMaster University in Hamilton.
- Ten years of experience as a Naval Reserve Officer (Lieutenant)
- Active leader of the Calgary community through five years as a Calgary Police Commissioner and President, Canadian Association of Police Boards. Four years as a Director on the board of the Calgary Chamber of Commerce.
- Currently Founder and Chairman, Global Centre for Securing Cyberspace.
- Recognized by Calgary Inc. Magazine as one of Calgary's Top 40 under 40 in 2005 and recognized by KINSA (Kid's Internet Safety Alliance) as one of their "heroes of the fight" in 2008
Jason Wright
Jason Wright is a Sr. Product Marketing Manager for Fortinet Inc. Through interactions with customers, partners, and sales force members, Mr. Wright defines positioning and go-to-market strategies for Fortinet’s FortiGate and FortiMail product lines.
Prior to this role, Mr. Wright held Product Management and Product Marketing roles with TippingPoint. In these roles, Mr. Wright was responsible for TippingPoint’s go to market strategies, strategic direction, and product requirements.
Prior to joining TippingPoint, Mr. Wright led the Security Technologies practice at market research and consulting firm Frost & Sullivan. Under the title of Industry Analyst and Program Leader, Mr. Wright authored reports and consulted clients on the direction of numerous security technology markets.
Mr. Wright has a Master of Business Administration (with certification in International Business) from the University of the Incarnate Word, as well as a Bachelor of Business Administration (with an emphasis in marketing) from the University of Texas at San Antonio. As noted, Mr. Wright is a Certified Information Systems Security Professional.
Mark Zanotti
Mark Zanotti is CTO of Lofty Perch, where he leads the engineering and assessment efforts for the SCADA and control systems practice, and is part of Lofty Perch's core training team. His expertise spans both the private and public domains, and he has been instrumental in providing support to private sector, law enforcement and government SCADA security initiatives. As a technologist, Mr. Zanotti provides extensive expertise to both transportation and energy sector clients, and has previously built ETL devices for SCADA specific security attacks. Prior to joining Lofty Perch, Mark was involved in several major infrastructure initiatives, as well as being the lead engineer for security threat reduction at BMO's infrastructure projects team.
