3rd Annual IMI Security Symposium - Speaker Profiles
Robert A. Andrews II, CISSP
Robert Andrews is co-founder of P3 Strategic, a forensics investigation, assessment and training firm. He currently is CTO and lead investigator. Currently Robert Andrews manages complex multinational investigations requiring expertise is technology, law, and forensic procedure. He has managed investigations in over 20 countries around the world. Robert A. Andrews II is a security consultant and trainer as well. Mr. Andrews has managed multi national vulnerability assessments and remediation efforts.
Currently, Mr. Andrews is the lead network forensic instructor at the United States Secret Service National Computer Forensic Institute in Hoover Alabama. Mr. Andrews was previously the lead instructor and program coordinator of the IT Security and Forensics Associate Degree program at Pittsburgh Technical Institute. His service experience includes working with several Fortune 500 companies and governmental agencies at the local, state and federal levels. His experience also includes teaching high level security certification programs, CISSP and Cisco boot camp classes around the nation.
Mr. Andrews has been a technical editor for and has collaborated on several IT certification manuals for Course Technology and McGraw-Hill. He has also been the Key Note Speaker at many National Information Technology Conferences.
Frank Braun
Dr. Frank Braun is an industry engagement faculty member in the department of Business Informatics at NKU. He specializes in IT governance, IT security, IT strategy and Project leadership. Dr. Braun has over 20 years of executive level IT management and consulting experience. His research domains include information security, business continuity planning, knowledge management and organizational leadership. He earned his B.S. from Miami University and M.B.A. from Xavier University. He recently received his doctorate degree in management from Case Western Reserve University.
Tiffany Braun CISA CISSP
Tiffany Braun, Information Security Officer (ISO) at Spirit of America National Bank (SOANB), joined Spirit of America National Bank in September of 2005. Prior to joining SOANB, she worked as the Vice President of Information Systems and Information Security Officer for First Bank of Kentucky in Fort Mitchell, KY.
Tiffany is a Certified Information Systems Security Professional (CISSP) and a Certified Information Systems Auditor (CISA). She has a Bachelor’s of Science from the School of Public and Environmental Affairs at Indiana University, Bloomington, a Masters of Information Systems and a Masters of Accountancy from Northern Kentucky University. She has one year of continuing studies in the Executive Doctorate of Management program from Case Western Reserve University, where she focused on research in Business Continuity and Disaster Recovery Planning. Tiffany is a Business Informatics Adjunct Professor in the College of Informatics at Northern Kentucky University.
Kevin Gallagher
Kevin Gallagher is an Assistant Professor in the Business Informatics Department at Northern Kentucky University. He holds Ph.D. and MS degrees in Management Information Systems from the Weatherhead School of Management at Case Western Reserve University in Cleveland, Ohio. Through efforts lead by Dr. Gallagher, the College of Informatics at Northern Kentucky University recently completed an extensive study of IT security policies, practices and performance. The study collected information from over 500 organizations nationwide representing a wide variety of industry sectors and organization sizes. Dr. Gallagher will present the results of this study and approaches organizations can take to improve security at this year’s Security Symposium.
Patrick Gray
Patrick Gray joined Cisco Systems as its Senior Security Strategist after serving as the Director of X-Force Operations, Office of the Chief Technology Officer, Internet Security Systems, Inc. (ISS). Gray also comes to Cisco Systems after twenty years of service with the Federal Bureau of Investigation. Upon his retirement from the FBI in November 2001, he joined Internet Security Systems and created the X-Force Internet Threat Intelligence Center and thereafter was Director of the Penetration Testing and Emergency Response Teams until his promotion to the X-Force R & D Team. As a result of his service with the FBI, and the Internet Threat Intelligence Center, he has first-hand knowledge of the hacking community, its aims and methodologies as they attack government, ecommerce, energy and financial entities relentlessly.
Prior to joining Internet Security Systems, Gray served as a Special Agent with the Federal Bureau of Investigation for twenty years and has served in Baltimore, Maryland, Daytona Beach, Florida, Washington, D.C. and Atlanta, Georgia. Gray was also assigned as a Supervisory Special Agent at FBI Headquarters, Washington, D.C. in the Intelligence Division where he was responsible for global counterintelligence investigations. While serving in the Washington, D.C. area, Gray was seconded to the National Security Agency where he was responsible for an FBI group that provided operational support to the Intelligence Community.
He was transferred to Atlanta in 1988 to assume Supervisory Duties for the FBI’s Drug and Violent Gang Program in Georgia. In 1994, he assumed the duties as the Supervisor of the Technical Services Squad and served as the Acting Assistant Special Agent in Charge of the FBI in Georgia in 1996 and 1997 during the time of the spree of terrorist bombings at Centennial Olympic Park and two subsequent bombings at two women’s clinics in Alabama and Georgia.
Gray was assigned as Supervisor of the Special Operations Group in 1994 which ultimately morphed into one of the FBI’s first regional Cyber Crime Squads; and was a member of the FBI’s elite Computer Assistance Response Team as a Forensic Examiner. He has investigated cases involving financial institutions, government agencies, commercial businesses and colleges and universities. He was also assigned to the investigation of the September 11 attacks. He was the Coordinator of the Atlanta Chapter of InfraGard, an alliance between the public and private sectors for the sharing of information regarding technology security issues. He grew the Atlanta Chapter of InfraGard into the largest chapter nationally. He continues to work closely with the FBI, other U.S. Government agencies, the Department of Homeland Security and the White House.
Gray is also a board certified Homeland Security professional by the American College of Forensic Examiners International; is a member of the Association of Certified Fraud Examiners; the Information Systems Audit and Control Association; InfraGard Atlanta; the Atlanta Chapter of the Information Systems Security Association, and the International Information Systems Forensic Association. He has lectured at Colleges and Universities around the country. He has spoken at numerous technology events around the world to include Gartner Sector 5, Networld Interop, the IT World Congress, CIO Summit, GE Access, Forbes and others. He has been quoted in numerous newspapers, magazine articles and periodicals and makes regular cable television appearances.
Gray is a former Marine having served in Vietnam.
Nick Hoffman
Nick Hoffman is an incident handler on a specialized security team dealing with the advanced persistent threat. He heads up reverse engineering, forensics, and intrusion analysis.
Hetal Jasani
Dr. Hetal Jasani is an assistant professor in the Department of Computer Science at Northern Kentucky University. His research interests include mobile and wireless networks, distributed systems and network security. He has published many publications in refereed journals and conference proceedings and given presentations at a variety of conferences. He is a professional member of various technical organizations such as ACM, IEEE and ASEE.
Dr. Jasani received the Ph.D. from Florida International University in 2006. He also worked as assistant professor at Michigan Technological University before joining NKU. At NKU, he teaches graduate and undergraduate classes in the area of computer networks and network security. He has chosen academic career since he believes that by teaching he can contribute towards community development.
Brian Klenke
Brian Klenke is an incident handler and Intelligence cell lead on a specialized security team dealing with the advanced persistent threat. Brian holds a Masters of Science in Information Assurance and has been working in the security industry for 10 years.
Kevin L. McLaughin
Assistant Vice President for Information Security & Special Projects
Kevin L. McLaughlin began his career as a Special Agent for the Department of Army. He was responsible for investigating
Felony crimes around the globe. He has had many careers over the years, including being a Police Officer in Kissimmee Florida,
an Investigator for Mastercard/Visa, a Middle School teacher, a Director at Kennedy Space Center (where he worked with Fred
Hayes, James Lovell, Armstrong, Sheppard, etc.), the President of his own company, and an IT Manager and Senior Information
Security manager with the Procter & Gamble (P&G) company. Kevin has also been an adjunct since 1992. While at P&G
Kevin created
one of P&G’s augmentation outsourcing teams in India. Kevin and Quinn Shamblin (a member of Kevin’s UC InfoSec team) designed
and implemented this India team and it won a global Gold Service award from Atos-Origin and has acted as a model for countless
corporate relationships since. Kevin joined the University of Cincinnati in April of 2006 with the responsibility to create an
Information Security program and build a team of Information Security professionals. He is responsible for all aspects of
Information Security Management, including but not limited to Strategic planning and the Architecture and Design of Information
Security solutions.
Marco Morana
Marco Morana serves as a leader of the OWASP Cincinnati Chapter where he is actively involved in evangelization of web
application security through presentations at local chapter meetings as well as outside the USA. Marco is also an active contributor
to OWASP projects: he is currently contributing to write the OWASP threat modeling methodology for the source code review guide and
the latest version of the OWASP security testing guide. Besides contributing to OWASP, Marco works as Technology Information Security
Officer for a large financial organization with key roles in defining the web application security roadmap and activities,
documenting security standards and guidelines, lead security assessments for software security as well as training software
developers and project managers on software security and information security processes.
In the past, Marco served as senior security consultant and independent consultant where his responsibilities included
providing software security services for several clients in the banking, telecommunication, computers and financial business sectors.
Besides security consulting, Marco had a career in the software industry as security technologist with responsibility to design and
to develop business critical security software products for several FORTUNE 500 companies as well for the US Government (i.e. NASA).
Marco's work on software security is referred in the 2007 State Of the Art report by the Information Assurance Technology Analysis
Center (IATAC). For his computer security work on S/MIME secure email for NASA in 1999 Marco received the Space Act Award and a patent.
Marco's strategic work on application and software security is widely published on In-secure magazine, Secure Enterprise, ISSA
Journal and the C/C++ Users journal. Marco posts on software security strategies on his
blog.
Nipul Patel
Nipul Patel is an Assistant Professor of Computer Networking at Purdue University, North Central Campus. He has authored
numerous papers related to Network security, outsourcing security, and cloud security, and has been published in various journals.
Along with these articles, he has presented at various networking topics at conferences like, ASEE, IACIS, IEMS and IIRB
(New Delhi, India).
Patel develops and teaches undergraduate courses at PNC and offers a variety of network security workshops.
He has developed numerous courses including Computer Operating Systems, Computer Networking, Open Source Networking,
Advanced Computer Networking, Network Security, and IT Project Management.
Prof. Patel also serves on the advisory boards for Brown Mackie College, Ivy Tech State College and AK Smith Carrier Center.
He was appointed to Indiana Toll Road Authority by Late Governor Frank O’Bannon as a technical consultant. He is also
the president of Delta Solutions, a company specializing in governmental security analysis. He served as a Wireless Security
Analyst and Auditor for Lake County Law Enforcement and network analyst for Lake County Government Complex as well as North Township
and Calumet Townships.
Prof. Patel has a MBA from Purdue University. He also holds various certifications including, MCSE, CCNA, and RHCE.
Prior to teaching at PNC, he was a Visiting Lecturer of Computer Networking at Purdue University, Calumet Campus.
Quinn R. Shamblin
Quinn R. Shamblin served as an Officer in the US Navy, teaching Nuclear Power Plant system theory, design, construction, safety and
operations to the students of the Navy´s Nuclear Power School. He moved from classroom teaching to become the school’s Director of
Multimedia Development. Quinn left the Navy for Proctor and Gamble where he worked as one of a team of three on the development,
deployment and support of a global data transport system. During the early days of team augmentation outsourcing to India, Quinn worked
with Kevin to form and manage a very successful team that won a global service award and has acted as a model for countless
relationships since. From there he moved into a role as special projects manager for the contract Governance team in the relationship
between P&G and HP. He has worked as a senior architect delivering business process automation solutions based on services-oriented
architecture. Quinn joined the UC InfoSec Team in 2006 and is responsible for managing team operations, conducting investigations,
awareness & education and special projects. Quinn is active in the information security community, he served for 2 years as an officer
in the Ohio chapter of the HTCIA (High Technology Crime Investigators
Association) and is a regular contributor on a forensic blog
run by SANS.
S. Srinivasan, Ph.D.
Srinivasan is a Professor of Computer Information Systems and Director of Information Assurance Group in the College of Business at the University of Louisville.
He joined U of L in 1987. He started the Information Security program in the Computer Information Systems department in 2003 and
successfully guided it to achieve NSA/DHS designation as a National Center of Academic Excellence in Information Assurance Education.
Srinivasan's research interests are in Information Security and he has published several papers in both Mathematics and Computer Science.
He heads the InfoSec program development at the University of Louisville and coaches the university’s Cyber
Defense team. Currently he concentrates his teaching in Information Security and Databases. He volunteers his time extensively
for public education causes.
Evan Tegethoff
As Director of Risk and Compliance Management for Accuvant, Evan provides practice leadership, methodology development and oversight for all aspects of project delivery. His specific areas of expertise include regulatory compliance, security program development, information security policy and compliance automation. Mr. Tegethoff has been in the field of information security and compliance since 1995 and has been a highly active member in the information security community by serving as a representative to the INCITS CS1 Group, the US technical advisory group to the ISO Cyber Security Standards, and reviewing and voting on standards such as ISO 17799 and ISO 27001. He has published articles on security and compliance in numerous trade publications and resources including Wall Street and Technology, Managed Healthcare Executive and CIO.com in addition to speaking at a number of industry events, including the RSA Security Conference, ISSA symposiums, CIO forums and many others.
Marius Truta
Traian Marius Truta, Assistant Professor, Computer Science, has been with NKU since August 2004. He teaches Web and Database Administration; Computer Concepts and Applications; Introduction to Computer Information Technology; Data Privacy and Anonymity, several Programming classes and Database Management classes, among others.
He earned a bachelor's degree in computer science in 1998, where he ranked first in the department, and a master's degree in 1999, both from Babes-Boylai University in Cluj, Romania. He taught for its department of Computer Science from 1997-1999. Truta has a PhD in computer science from Wayne State University in Michigan, where he also taught from 1999-2004.
His primary research interests are data privacy and anonymity, data mining, statistical databases and disclosure control.
James Walden
James Walden is an Assistant Professor of Computer Science at Northern Kentucky University. He is the author of a number of papers on software security and has given talks and workshops on secure programming and software security at a variety of conferences. He teaches graduate and undergraduate classes in information and software security at NKU and offers regular software security workshops to professionals through NKU's Infrastructure Management Institute.
Dr. Walden received his Ph.D. from Carnegie Mellon University in 1997. He then worked at Intel as a software engineer, with a focus on security sensitive applications, for five years. Prior to coming to NKU, he was a Visiting Professor of Computer Science and Engineering at the University of Toledo.