Kevin Kampman covers identity management, security, risk, and privacy issues for cloud, enterprise, business-to-business and consumer-facing environments. With Gartner for 14 years, Mr. Kampman has more than 30 years of experience in the IT industry. His career includes positions with AT&T, Burton Group, Digital Equipment Corp., Control Data Systems, NCR and TRW. He has been involved in leadership roles in business automation, application design and development, system engineering and integration, networking, messaging and collaboration, directory services, and identity management for government, commercial, cross-industry and educational initiatives. He has participated in single- and multi-organization programs from a principal, management, research and consulting perspective. He has successfully managed engineering and consulting teams in the accomplishment of diverse program objectives.
6th Annual CAI Security Symposium Speaker Profiles
Patrick Gray joined Cisco Systems as its Principal Security Strategist after serving as the Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also comes to Cisco Systems after twenty years of service with the Federal Bureau of Investigation. Upon his retirement from the FBI in November 2001, he joined Internet Security Systems and was one of the creators of the X-Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X-Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first-hand knowledge of the hacking community, its aims and methodologies as they attack government, ecommerce, energy and financial entities relentlessly.
Prior to joining Internet Security Systems, Gray served as a Special Agent with the Federal Bureau of Investigation for twenty years and has served in Baltimore, Maryland, Daytona Beach, Florida, Washington, D.C. and Atlanta, Georgia. Gray was also assigned as a Supervisory Special Agent at FBI Headquarters, Washington, D.C. in the Intelligence Division where he was responsible for global counterintelligence investigations. While serving in the Washington, D.C. area, Gray was seconded to the National Security Agency where he was responsible for an FBI group that provided operational support to the Intelligence Community. He was transferred to Atlanta in 1988 to assume Supervisory Duties for the FBI’s Drug and Violent Gang Program in Georgia. In 1994, he assumed the duties as the Supervisor of the Technical Services Squad and served as the Acting Assistant Special Agent in Charge of the FBI in Georgia in 1996 and 1997 during the time of the spree of terrorist bombings at Centennial Olympic Park and two subsequent bombings at two women’s clinics in Alabama and Georgia.
Gray was assigned as Supervisor of the Special Operations Group in 1994 which ultimately morphed into one of the FBI’s first regional Cyber Crime Squads; and was a member of the FBI’s elite Computer Assistance Response Team as a Forensic Examiner.
He has investigated cases involving financial institutions, health care providers, public sector agencies, commercial businesses and colleges and universities. He was also assigned to the investigation of the September 11 attacks. He was the Coordinator of the Atlanta Chapter of InfraGard, an alliance between the public and private sectors for the sharing of information regarding technology security issues. He grew the Atlanta Chapter of InfraGard into the largest chapter nationally. He continues to work closely with the FBI and other U.S. Government agencies. Gray is also an advisor to the National Infrastructure Advisory Council for the Department of Homeland Security.
Gray is also a board certified Homeland Security professional by the American College of Forensic Examiners International; is a member of the Association of Certified Fraud Examiners; the Information Systems Audit and Control Association; InfraGard Atlanta; the Atlanta Chapter of the Information Systems Security Association, and the International Information Systems Forensic Association. He has lectured at Colleges and Universities around the country. He has spoken at numerous technology events around the world and has been quoted in numerous newspapers, magazine articles and periodicals and makes regular cable television appearances.
Gray is a former Marine having served in Vietnam.
Breakout Session Speakers
Don Bogert, Solutions Architect, HP
Don Bogert is a Solutions Architect for HP TippingPoint, part of HP Enterprise Security. With more than 15 years of IT experience, Don has spent the last seven years in various security roles. As a consultant, Don performed penetration testing, social engineering exercises, and security reviews for companies and institutions of all sizes in various commercial, financial, government, or education markets. Don also spent more than two years performing security assessments at colleges and universities across the United States.
Don has a Bachelor's Degree from Drexel University in Information Systems, and recently graduated Norwich University with a Master's Degree in Information Assurance and Forensics. Don holds an active CISSP certification, is a member of the Philadelphia chapter of InfraGard, and a member of Upsilon Pi Epsilon, an honor society for computing and information studies.
Martin Bos, Senior Security Assessor, Accuvant
Martin Bos is a senior security assessor with the Accuvant LABS enterprise assessment team and has five (5) years of experience in the information technology industry. Martin specializes in black-box penetration testing, social engineering, physical security testing and enterprise network security assessments. Martin also has extensive knowledge in performing wireless assessments. Martin Bos is a core developer of the Backtrack-Linux project and one of the founders of Derbycon.
Dr. Frank Braun is an industry engagement faculty member and assistant professor in the Department of Business Informatics at NKU. He specializes in information security governance, project management and business intelligence. Dr. Braun has over 20 years of executive level information systems management and consulting experience. Prior to joining the faculty Frank held CIO positions with United Dairy Farmers and Klosterman Baking Company and was the general manager for the IBM North America equipment evaluation program. He is a founding board member of the Entrepreneurship Institute and the Center for Applied Informatics (CAI) at Northern Kentucky University. Dr. Braun is also the faculty coordinator of the NKU UpTech Innovation Lab which integrates student scholars within regional informatics oriented entrepreneurial ventures.
Joe DeSantis (MCSE, ITIL v3 Foundations) is an Incident Response Senior Consultant at SecureState. Joe’s responsibilities include managing client engagements for SecureState’s Incident Response Team, performing Incident Response, Disaster Recovery and Business Continuity gap analysis with remediation plans, and assessing clients live Incident Response procedures. Prior to joining SecureState, Joe worked as an Incident Management Analyst Senior at a top five automobile insurance company.
Jon Garon is an attorney and professor of informatics, entertainment, intellectual property, and business law. He has extensive practice experience in the areas of entertainment law (including film, music, theatre, and publishing), data privacy and security, business planning, copyright, trademark, and software licensing.
Professor Garon is the inaugural director of the NKU Chase Law + Informatics Institute, dedicated to promoting thoughtful public discourse on the regulation and use of information systems. His teaching and scholarship often focus on business innovation and the development of best business practices regarding the exploitation and effectiveness of the information and data systems in business, health care, media, and entertainment, and the public sector.
Professor Garon has written numerous books and articles, including THE INDEPENDENT FILMMAKER’S LAW & BUSINESS GUIDE TO FINANCING, SHOOTING, AND DISTRIBUTING INDEPENDENT AND DIGITAL FILMS (A Cappella Books, 2d Ed. 2009); OWN IT – THE LAW & BUSINESS GUIDE TO LAUNCHING A NEW BUSINESS THROUGH INNOVATION, EXCLUSIVITY AND RELEVANCE (Carolina Academic Press 2007); and ENTERTAINMENT LAW & PRACTICE (Carolina Academic Press 2005) (supplement 2012).
Immediately prior to joining Chase, Professor Garon served as dean and professor of law at Hamline University School of Law in St. Paul. He was professor of law from 2003-2011, Dean of the Law School from 2003-2008 and Interim Dean of the Graduate School of Management in 2005-06. Before Hamline, Professor Garon taught entertainment law and copyright at Franklin Pierce Law Center in Concord, New Hampshire and Western State University College of Law in Orange County, California.
Professor Garon has served as committee member and board member for numerous regional and national nonprofit organizations, including the American Bar Association, Section of Business Law Cyberspace Committee, American Bar Association, Section of Legal Education, Academic Administration Committee, Park Square Theatre, Jewish Community Center of Orange County (past president), United Jewish Fund of St. Paul, Orange County Media Alliance, New Hampshire Film Commission (past Chairperson), and Minnesota Film and Television Board.
Professor Garon remains of counsel to the law firm of Gallagher, Callahan and Gartrell which he joined in 2000. He is admitted to practice law in California, New Hampshire and Minnesota.
Justin Hall has fifteen years of experience in the information technology field and has spent the last seven focused on information security. Mr. Hall is currently a security architect for CBTS, a technology services provider in the Cincinnati area - consulting with the firm's enterprise customers in developing vulnerability management, incident response, and endpoint & network defense programs. He is a frequent speaker at information security community events, a SANS mentor, and holds a GCIH, GCFA and GPEN.
Since joining SIS in 1989, Mike has served various roles including Client Executive, AS/400 Brand Manager, Director of Sales & Marketing, VP of Sales and finally VP of Brand Development. He is currently responsible for leading the development of the company’s IT-as-a-Service (ITaaS) strategy, culminating with the launch of the new SIS Managed Solution Center, a tier 3 Data Center at the Lexington corporate headquarters office.
Mike took a sabbatical from SIS in 2001 to pursue an entrepreneurial passion for work in healthcare imaging. In 2006 he returned to IT and ultimately to SIS. He started his career in marketing research for Host Communications after graduating from the Gatton College of Business & Economics at the University of Kentucky.
Mike grew up with the Cincinnati Reds, but has lived in Lexington for over 32 years. He and his wife of 23 years have four children who play an active role in Mike’s love for baseball, the University of Kentucky, golf and the outdoors.
Prior to beginning his academic career, Professor Jack B. Harrison spent almost twenty years as a practicing litigator and trial attorney. Over the years, he has repeatedly being identified in Best Lawyers in America in the areas of Mass Tort Litigation / Class Actions - Defendants and Product Liability Litigation - Defendants. Throughout his practice, Professor Harrison represented clients in the areas of product liability defense, employment defense in class actions and collective actions alleging violations of Title VII and the Equal Pay Act, administrative and regulatory proceedings, and appellate litigation. In his practice, Professor Harrison managed many cases where discovery issues related to electronic data was central. Professor Harrison was a partner at Frost Brown Todd through 2009 and then moved his active litigation practice to Cors & Bassett. Professor Harrison joined the faculty of the Salmon P. Chase College of Law in 2011, where he teaches courses related to the civil litigation and trial process.
Nate currently works for CBTS where he is part of the security team for a very large client. He is an active member of the Infragard Digital Forensics Working Group. In his spare time he enjoys the great outdoors, reading, making video games, and of course, spending time with his wife.
Craig Hoffman focuses his practice on complex business disputes, as well as data privacy, information security and social media. Mr. Hoffman has successfully represented a variety of interests in complex commercial litigation matters in state and federal courts, including contract disputes, construction delay claims, insurance coverage and premises and product liability claims. He has also represented companies in class action litigation arising from data breaches and alleged violations of federal privacy laws and regulations.
Chris Kimmel is a security consultant within the Research and Innovation Practice at SecureState. Chris's responsibilities include developing, adapting, and imagining methodologies and capabilities for unknown, dynamic or challenging environments. Chris also works closely with SecureState's Incident Response Team to manage and facilitate the response and readiness capabilities of an organization.
Eric Milam, Senior Security Assessor, Accuvant
Eric Milam is a senior security assessor on the Accuvant LABS enterprise assessment team with over fourteen (14) years of experience in information technology. Eric has performed innumerable consultative engagements including enterprise security and risk assessments, perimeter penetration testing, vulnerability assessments, social engineering, physical security testing, wireless assessments and extensive experience in PCI compliance controls and assessments. Eric is a project steward for the Ettercap project as well as creator and developer of the easy-creds and smbexec projects.
Jim Niemes is a Management Consultant with extensive experience leading strategic change initiatives with public and private sector clients. He has held management positions in engineering, finance, tax and international strategy. Mr. Niemes has led global business transformation programs for multi-national clients (Royal Dutch/Shell, Carrier and Quintiles) and Six Sigma business transformation initiatives at GE Capital and NASA Kennedy Space Center.
Nick Ritter is the IT Sr. Director responsible for Systems Infrastructure and Global Cyber Security for Siemens PLM Solutions. Nick’s teams run the global infrastructure for a large software development business unit. Nick founded the Global Cyber Security Team that is charged with detecting and analyzing sophisticated cyber-attacks. The GCST has been recognized by outside organizations, including the US Government, as being a best-in-class cyber defense team.
Retired Maj. Tom Sammel is the Security Systems Senior Manager for the Incident Response consulting team at Dell SecureWorks. He has more than 18 years of experience in information technology, including nine years in security.
Sammel served as a U.S. Marine for more than 24 years. His military assignments, prior to joining Dell SecureWorks, included tours with Joint Task Force – Global Network Operations, and the Marine Corps Network Operation and Security Center. He has led multiple response operations in the military and commercial sectors against hacktivists and nation-state threats.
Sammel holds a Bachelor of Science in chemistry from the State University of New York at Stony Brook and a Master of Science in information technology from the University of Maryland.
Curtis Scribner is an attorney in the Global Privacy and Digital Legal group at Procter & Gamble. He represents and advises P&G on legal, privacy and compliance issues surrounding its various types of digital projects. His work includes advising on online and mobile marketing, social media, commercial transactions with digital vendors and internal IT projects. Before joining P&G, Mr. Scribner spent time in private practice, working in Shearman & Sterling’s New York City office. He also served as a legal extern with Judge Herman J. Weber, United States District Court, and was a fellow with the Rosenthal Institute for Justice. Mr. Scribner earned his J.D. from the University of Cincinnati College of Law and his B.A. from Xavier University.
James Walden is an Associate Professor of Computer Science in the College of Informatics at Northern Kentucky University. He has a Ph.D. from Carnegie Mellon University, and he worked as a senior software engineer at Intel. He has 18 years of experience in software security, including designing and building secure software as well as researching how to measure and predict vulnerabilities in software. His research focuses on applying empirical software engineering techniques to software security problems in the web and mobile application spaces. He worked with SANS to develop their GIAC Secure Software Programmer (GSSP) certification and worked with MITRE and SANS to develop their Top 25 Most Dangerous Software Errors listings.
Aaron Woody is an expert in information security with over 14 years experience across several industries including financial, retail, medical, and more. His experience includes securing some of the largest enterprises in the world through proven methods and forward thinking in information security. Currently, Aaron is a Solutions Engineer for a leading information security firm, Accuvant, Inc. based in Denver, CO. He is an active instructor teaching hacking and forensics and is the author of an upcoming security title with PacktPub. Aaron maintains a blog www.n00bpentesting.com and can also be followed on twitter at @shai_saint.
P: 859.572.7610 - Griffin Hall Suite 330, Nunn Drive, Highland Heights, KY 41099 - firstname.lastname@example.org