Speaker Biographies

Dr. Bill Curtis is an American software and organizational scientist. He is Chief Scientist and Senior Vice President at CAST and Executive Director of the Consortium for Information & Software Quality (CISQ). He is best known for leading the development of the Capability Maturity Model (CMM for Software) and the People CMM in the Software Engineering Institute at Carnegie Mellon University. He co-founded TeraQuest, a provider of CMM-based services, which was sold to Borland Software Corporation in 2005. He has published 5 books, over 150 articles, and in 2007 was elected a Fellow of the Institute of Electrical and Electronics Engineers for his career contributions to software process improvement and measurement.

John Weiler is a leading champion of Federal IT/Cyber Reforms as Managing Director and CIO at the Interoperability Clearinghouse, a DoD chartered non-profit research institute, and Co-Founder of the IT Acquisition Advisory Council, a public/private “do tank” dedicated to effecting the transformation of Federal IT Management, Acquisition and Governance. He is a recognized IT Management leader, with decades of senior IT experience in commercial and defense positions. He also has had major project management with nearly half of the government agencies.

Jeanette Manfra serves as the National Protection and Programs Directorate (NPPD) Assistant Secretary for the Office of Cybersecurity and Communications (CS&C). She is the chief cybersecurity official for the Department of Homeland Security (DHS) and supports its mission of strengthening the security and resilience of the nation’s critical infrastructure. Prior to this position, Ms. Manfra served as Acting Deputy Under Secretary for Cybersecurity and Director for Strategy, Policy, and Plans for the NPPD. Previously, Ms. Manfra served as Senior Counselor for Cybersecurity to the Secretary of Homeland Security and Director for Critical Infrastructure Cybersecurity on the National Security Council staff at the White House.

Rob Joyce is White House Cybersecurity Coordinator and a leading cybersecurity expert in the U.S. Federal Government. Prior to the White House, Rob was the NSA’s “hacker-in-chief,” leading the elite hacking unit, Tailored Access Operations. Rob leads the cybersecurity efforts of each federal agency – civilian and military.

Grant Schneider serves as the Acting Federal Chief Information Security Officer and Senior Director for Cybersecurity Policy on the National Security Council Staff. In these roles, Mr. Schneider leads teams of cybersecurity experts who develop and oversee crosscutting policies to enhance the Nation’s cybersecurity. Mr. Schneider and his staff seek to improve the Nation’s cybersecurity in three ways: enhancing the overall defensive posture of Federal and Critical Infrastructure Cybersecurity; leveraging the expertise of the U.S. Intelligence Community to mitigate threats to Federal cybersecurity; and leading an effective and efficient response to Federal incidents.

Maj Gen Burke E. “Ed” Wilson is deputy assistant secretary of defense for cyber policy, a top Pentagon position. He works with Defense Secretary James Mattis to lead cyber policy for the U.S. Federal Government. General Wilson is retiring from the Air Force as he enters this civilian position. He most recently served as the deputy principal cyber adviser and senior military adviser for cyber policy. Previously, he also served as deputy commander and commander for Air Force cyber operations.

Marc Cohen is a seasoned strategic analytical leader who focuses on creating and delivering successful transformational large-scale marketing, risk and information management initiatives. As Technology Vendor Manager at American Express, Marc developed, implemented and managed the American Express Technology Performance Measurement initiative. He led a process that enabled development teams to hold their IT labor vendors accountable by ensuring robust quality code development to contractual service level targets, resulting in the maximum optimization of over $1B in outsourced labor spending.

Dr. Ron Ross is a Fellow at NIST. His focus areas include information security, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure. His current publications include Federal Information Processing Standards (FIPS) 199 (security categorization), FIPS 200 (security requirements), and NIST Special Publication (SP) 800-39 (enterprise risk management), SP 800-53 (security and privacy controls), SP 800-53A (security assessment), SP 800- 37 (Risk Management Framework), SP 800-30 (risk assessment), SP 800-160 (systems security engineering), and SP 800-171 (security requirements for nonfederal systems and organizations). Dr. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for the development of the Unified Information Security Framework for the federal government and its contractors.

Adam Isles is a Principal at The Chertoff Group, where he helps clients evaluate and mature their security risk management programs. Mr. Isles has managed security services engagements for clients in a number of industries, including financial services, retail, transportation, food and agriculture and utility sectors. Mr. Isles also provides market assessment advice for providers of security products, services and solutions. He was previously Deputy Chief of Staff, U.S. Department of Homeland Security.

Michael Chung is Head of Government Solutions at Bugcrowd, a leader in crowdsourced security testing and “bug bounty” programs. “My career has taken me on an incredible journey. From being a commissioned officer in the Navy and serving in Operations Enduring and Iraqi Freedom, to Apple to the Pentagon, I’ve spent the better part of my life following and homing in on my passion. That’s what brings me here, to Bugcrowd,” he says. Mr. Chung spent the last year running the “Hack the Pentagon” program for the Department of Defense.

Robert Martin, CSSLP and Senior Principal Engineer at MITRE, spends the majority of his time working with industry on the CWE and CAPEC security standardization initiatives and with the Industrial Internet Consortium. For the past 24 years, Martin’s efforts focused on the interplay of risk management and cybersecurity. Martin is a frequent international speaker on the various security and quality issues surrounding technology systems, has published numerous papers on these topics, authored over a dozen ITU-T X-series Recommendations, and chairs the OMG Structured Assurance Cases Metamodel Task Force. Martin joined MITRE in 1981 with a B.S. and M.S. in EE from RPI, later earning an MBA from Babson College. He is a member of the ACM, AFCEA, NDIA, the Open Group, and the IEEE Computer Society.

Professor Herb Krasner is “Texas IT Champion” and recently retired from the University of Texas at Austin. He was the Director of Outreach Services for the UT Center for Advanced Research in Software Engineering (ARiSE) and founder and CTO of the UT Software Quality Institute (SQI). As a systems excellence consultant, his mission, spanning five decades, has been to enable the development of superior software intensive systems, and to stamp out poor quality software, wherever found. Mr. Krasner is active in Texas state legislature IT improvement initiatives.

Brian E. Finch is a public policy partner with Pillsbury Winthrop Shaw Pittman LLP with extensive regulatory and government affairs advocacy experience. Mr. Finch is recognized as a leading legal authority on matters related to cyber security, including the legal and policy challenges associated with the consequences of companies suffering a cyber attack, as well as the steps that can be taken to help mitigate the risk of attack as well as post-event litigation. He regularly advocates on behalf of companies seeking to ensure that federal agencies have sufficient funding for contract vehicles in which they participate.

Jeff Barksdale is Principal Security Advisor at Underwriters Laboratories (UL). The UL Cybersecurity Assurance Program (UL CAP) aims to minimize risks by creating standardized, testable criteria for assessing software vulnerabilities and weaknesses. This in turn helps reduce exploitation, address known malware, enhance security controls and expand security awareness. UL CAP relies upon the UL 2900 set of standards, developed with input from major stakeholders representing government, academia and industry. Both UL CAP and the UL 2900 series of standards build upon UL’s longstanding expertise in safety science, standards development, testing and certification.

Jose Arrieta is the deputy assistant secretary for acquisition and senior procurement executive at the Department of Health and Human Services. “There are few people in the federal acquisition community who are on a higher trajectory than Jose Arrieta,” remarks Jason Miller at FederalNewsRadio. Previously he served as the GSA’s director of the Office of IT 70 Schedule Contract Operations. Mr. Arrieta is known to reject the risk averse culture of the government and is not afraid to take on challenges. Read: “GSA experimenting with blockchain to cut contracting time” on FederalNewsRadio.

Chad Sheridan is the CIO of the Agriculture Department’s Risk Management Agency (RMA). In this role, he is responsible for all information systems that support the Federal crop insurance program, a program that covers commodities and livestock with a total annual liability of over $113 billion. At RMA, Chad has transformed the agency’s IT program to embrace agile development and devops while leading the effort to establish an action-oriented and collaborate CIO Council within USDA. Chad is helping to lead IT Modernization COEs as part of the roll-out of the Modernizing Government Technology (MGT) Act.

Rod Turk is the Acting Chief Information Officer (CIO) for the Department of Commerce. Prior to being named Acting CIO, he was the Chief Information Security Officer (CISO) and Deputy Chief Information Officer. In this role, he managed and had oversight over the Department’s compliance with the Federal Information Security Management Act (FISMA) and implementation of IT security best practices. He and his team manage Department-wide cybersecurity initiatives, programs, and monitoring at DOC, including Enterprise Security Operations Center (ESOC), risk assessment of the information technology owned or operated on behalf of DOC.

Sanjeev “Sonny” Bhagowalia is Senior Advisor on Technology and Cybersecurity in the Commissioner’s Office of the Bureau of the Fiscal Service at the U.S. Department of the Treasury as of the start of Fiscal Year 2018. Prior to this role, he served for three years as Deputy Assistant Secretary for Information Systems and CIO at Treasury. Sonny was the “first-ever” CIO for the State of Hawaii reporting to the Governor between 2011-2014 and  served as the Governor’s Chief Advisor on Technology and Cybersecurity. He has served in various senior executive CXO leadership roles while at GSA; U.S. Department of Interior; and the FBI.  He has also served at a Chief Engineer level at the Boeing Company for 14 years supporting various U.S. Government clients.  He has led IT modernization efforts in various capacities in his 33-year career.