CyberCrime Symposium - 2016 Speakers & Sessions

In our current cyber threat environment, we have to break down silos and take an integrative approach in order to protect our companies, communities, and countries. The theme of our 2016 CyberCrime Symposium was Cyber Convergence - coming together so that we can be more resilient.

Keep scrolling to browse our speakers and their sessions.  You can download the available presentations individually below, or download all presentations in a .zip file by clicking here.


Regina Phelps

Emergency Management Expert, Educator and Author

Regina Phelps is an internationally recognized thought leader in the field of emergency management, pandemic and contingency planning. Since 1982, she has provided consultation and speaking services to clients in four continents. She is founder of Emergency Management & Safety Solutions (EMSS), a consulting and training firm. EMSS is 100% woman owned firm. A partial listing of clients include: Northern Trust, LexisNexis, Whole Foods Market, McAfee, Duke University, the World Bank, International Finance Corporation, Microsoft, Liberty Mutual, AEGON, Wellmark, Stanford University, VISA, Principal Financial, Caltech Institute, Wells Fargo, Sentry Insurance, MasterCard, PG&E, International Paper and American Express.

Regina's publications include:

Cyber Breach! Designing Incident Resiliency Exercises

Every month we read about the latest, the greatest, or “the most significant cyber breach ever.” A cyber incident affects every aspect of the business, and has become one of the most pressing issues in crisis and business continuity management today. The goal of this session is to demonstrate the value of conducting cyber incident exercises. You will discover how a cyber incident exercise is different from other exercises and learn the eight critical elements of a successful cyber exercise. Most importantly, Regina will share with you how to design and implement an excise that will enhance your organizational resiliency.


Ira Winkler, CISSP

CyberExpert, Educator, and Author

Ira Winkler, CISSP is President of Secure Mentem, co-host of The Irari Report, and ComputerWorld columnist.  He is considered one of the world’s most influential security professionals, and has been named a “Modern Day James Bond” by the media.  He did this by performing espionage simulations, where he physically and technically “broke into” some of the largest companies in the World and investigated crimes against them. Then told them how to cost effectively protect their information and computer infrastructure.  He continues to perform these espionage simulations, as well as assisting organizations in developing cost effective security programs.  Ira also won the Hall of Fame award from the Information Systems Security Association, as well as several other prestigious industry awards. Most recently, CSO Magazine named Ira a CSO Compass Award winner as The Awareness Crusader.

Ira began his career at the National Security Agency, where he served as an Intelligence and Computer Systems Analyst.  He moved onto support other US and overseas government military and intelligence agencies.  After leaving government service, he went on to serve as President of the Internet Security Advisors Group, Chief Security Strategist at HP Consulting, and Director of Technology of the National Computer Security Association.  He was also on the Graduate and Undergraduate faculties of the Johns Hopkins University and the University of Maryland.  Mr. Winkler was recently elected the International President of the Information Systems Security Association, which is a 10,000+ member professional association.

Ira's publications include:

Implementing Gamification and Other Creative Security Awareness Methods

If we’re going to take hacking seriously, what needs to happen is far more sophisticated data-handling techniques behind the walls we erect. This is where privacy professionals can step into the breach (pun intended), working hand in hand with IT and cybersecurity professionals to identify and inventory data, make sure it’s all useful and necessary, and then most importantly, make sure that data is virtually useless to the outside world should the hackers get in.



Christina Ayiotis, Esq., CRM

Topic: Cybersecurity Advocate and Cross-Pollinator

Christina Ayiotis, Esq., CRM, an internationally-recognized leader in cyber, privacy, data protection, and electronic discovery, serves as Co-Chair of the Georgetown Cybersecurity Law Institute and as a Member of both AFCEA International’s Cyber Committee and The Cybersecurity Canon Committee. She taught Information Policy at George Washington University and served as Deputy General Counsel—Information Governance, at CSC, a global technology services provider. She also led global programs at Booz Allen Hamilton, EYI, and Deloitte Touche Tohmatsu.

She served on the Boards of ARCS MWC, Fairfax Law Foundation, ARMA NOVA, Hellenic American Women's Council and Women’s Bar Association of DC. She earned a Zertifikat Deutsch als Fremdsprache from Goethe Institut and studied French at Alliance Française, Paris. A magna cum laude graduate of Virginia Commonwealth University (BS- Biology/ BA-Philosophy; Minors- Mathematics/French; University Honors), she earned a Juris Doctorate from Marshall-Wythe School of Law at the College of William & Mary. She is the extremely proud Mom of a 19-year-old (Viterbi Dean’s List Senior) Trojan at University of Southern California.

Getting and Staying CyberSmart: Resources and Breaking CyberBread

Understanding how to properly protect valuable information assets in today’s data-driven, interconnected global economy often involves working with multiple parties. The Cybersecurity Canon, a listing of vetted books, offers resources for context in this ecosystem. Given the exponential speed of change in cybersecurity, continuous learning is the only viable strategy to stay CyberSmart. Such learning can come from written resources, but also must include active human collaboration. This session will enable you to strategize about how to create the network and knowledge to stay ahead of the threat.



Chris Poulin

Research Strategist
X-Force at IBM

He is an engineer and entrepreneur, having built and run a nationally respected information security consulting firm, which provided services from Fortune 500 companies to small-and-medium business. With 25 years in information technology and security, he's successfully managed hundreds of projects in practically all industries, bringing a balance of technical skills and management experience, as well as unique experience from his time in the Department of Defense intelligence community.

Chris is a Research Strategist for X-Force at IBM, where he leads IBM's security strategy on connected vehicles and IoT.  His current passion is the intersection of digital security and the physical world. Want someone to hack your car? I'm your man. Planes, trains, and ships too. How easy is it to turn a smart building into an igloo with no escape hatch? I'll find out if you let me. Unlock all the doors on a prison block from hundreds of miles away (you did know many of them are computer controlled, right?) Pshaw. Then we'll figure out how to secure them against those attacks. Oh, and I pick locks in my spare time.

The Internet of Threats: Billions of Ways the IoT Poses an InfoSec Challenge

Many IoT devices are hidden from view and pose a threat to your IT systems and even their physical safety — and that of the humans that tend to them. You may not own the HVAC system or the elevators in your building, but you’re going to want to connect them to your Exchange server. And that new connected car in the parking lot that doesn’t seem to be dangerous to your data could well be the newest means of exfiltrating data. In his session, Chris will present use cases that break down the barriers between IoT devices and IT assets — and explain why they’re inevitable — and present strategies to prepare for the inevitable rise of SkyNet.



Christopher Elisan

Principal Malware Scientist

Christopher is a seasoned reverse engineer and malware researcher. His long history of digital threat and malware expertise, reversing, research and product development started at Trend Micro as one of the pioneers of TrendLabs where he honed his skills in malware reversing. He then built F-Secure’s Asia R&D where he spearheaded projects in vulnerability discovery, web security and mobile security. After F-Secure, he joined Damballa as their resident malware subject matter expert and reverse engineer. He speaks at conferences around the world and frequently provides expert opinion about malware, botnets and advance persistent threats for leading industry and mainstream publications.

Christopher's publications include:

Demystifying a Malware Attack

The media reports different malware attacks, different lamentations from those affected, and different opinions of industry experts. What is lost in the conversation is the background: how are these attacks started, what are the different recipes of successful attacks, and who are behind them. Christopher will present an inside look at what goes on in an attack and the different technologies and people involved.



Gary Glover

Director of Security Assessment

Gary Glover is the Director of Security Assessment at SecurityMetrics and holds QSA (Qualified Security Assessor), PA-QSA (Payment Application Qualified Security Assessor), CISSP (Certified Information Systems Security Professional), and CISA (Certified Information Systems Auditor) security certifications. Gary has worked in the IT security industry as a QSA for over 10 years.  Before that, Gary spent 10+ years in as a software engineer at Novell, McDonnell Douglas, and other startups. Gary is the author of two US patents, and received a Masters of Science degree in Mechanical Engineering from Brigham Young.

Compromising Merchants: A Live Hacking Demo

Merchant data is continually under attack. But how? What makes them vulnerable? The Live Hack Demo helps technical and non-technical audiences understand how easily unprotected credit card data can be stolen. This demonstration covers past compromises, hacking methodology, live hacking examples, and tips to implement the PCI Data Security Standard.


Don Ulsch

Sr. Managing Director, Cybercrime & Breach Response
PricewaterhouseCoopers LLP

A specialist on cybercrime, Don rejoined the PricewaterhouseCoopers LLP in 2014 and is a Senior Managing Director in the US Cybercrime & Breach Response practice. Working with many well-known corporate brands, as well as law enforcement and the intelligence community, he has led many complex cyber breach investigations and advised executive management on breach management strategy and mitigation execution. His cases have included the compromise of regulated personal information, as well as intellectual property and trade secret theft and fraud. Don uncovered one of the largest cases of fraud and trade secret theft in U.S. history, which involved several large publicly traded companies. The case was referred to the U.S. Department of Justice for prosecution.

Don is the Chair of the American Bar Association Criminal Justice Section Cyber Crime and Privacy Subcommittee. He has appeared on ABC News and Fox News as a cybercrime and breach analyst. He served as a national security advisor to DaVinci Code author Dan Brown.

Don's publications include:

The Trusted Insider Threat

Statistically, regardless of the size of your company, an information breach will originate with a trusted insider. That trusted insider may be an employee, a contractor, or even a third-party vendor. Because insiders are, in fact, “trusted,” they pose a special threat. Using case histories, Don will discuss various companies that were breached by trusted insiders, and what you can do to mitigate the risk to your organization.


Peter Van Valkenburgh

Research Director
Coin Center

Peter is the Director of Research at Coin Center, the leading non-profit research and advocacy group focused on the policy issues facing cryptocurrencies like Bitcoin. He is a graduate of NYU Law, as well as a self-taught designer and coder. Peter drafts the Center’s public regulatory comments, and helps shape its research agenda.  He has briefed policymakers and regulatory staff around the world on the subject of Bitcoin regulation. Previously, he was a Google Policy Fellow and collaborated with various digital rights organizations on projects related to privacy, surveillance and digital copyright law.

Bitcoin’s not the Cause of Ransomware, but it’s Raising the Stakes

There are three things that make ransomware possible: breach, encryption, and payment networks like Bitcoin. Encryption and Bitcoin are the “sexy” parts of that trifecta, and accordingly they get most of the media attention. But the root problem is breach and the poor security practices that lead to breach. This talk will look specifically at the rising problem of ransomware, how Bitcoin plays a role in that rise, and — more broadly — how cryptocurrencies are raising the stakes in computer security and computer crime.



Matthew O’Neill

Special Agent
U.S. Secret Service

Matthew O’Neill won the Department of Homeland Security Silver Medal in 2014 and the USSS Special Agent of Year Award in 2013 for his efforts in investigating complex transnational cyber-crime investigations including network intrusions, point of sale terminal compromises, bulk online sale of stolen personally identifiable information, money laundering, bank fraud, counterfeit currency cases, wire fraud, and insurance fraud cases. SA O’Neill joined the US Secret Service in December 1998. Since 2007, he has been assigned to the Manchester, New Hampshire, office.

New England Secret Service Cyber Update

The Secret Service is committed to safeguarding the nation’s critical infrastructure and financial payment systems from cyber criminals. SSA Matt O’Neil will brief us on recent New England cases and investigations and invite questions and observations from attendees.


Kevin McNamee

Nokia Threat Intelligence Lab

Kevin McNamee, the Director of Nokia's Threat Intelligence Lab, is a seasoned IT security professional with more than 30 years of experience. Previously at Alcatel-Lucent he designed their cloud-based malware detection system and was director of Security Research with Alcatel-Lucent's Bell Labs, specializing in the analysis of malware propagation and detection. Kevin has also managed product development of Milkyway's Blackhole Firewall and TimeStep's IPSEC VPN product and was Director of Research & Development for Alcatel's OmniAccess/IPSEC products. He is the primary author of the Nokia Threat Intelligence Report and has had several recent speaking engagements at BlackHat, RSA, SECTOR and (ISC)2.

Malware Activity in Mobile Networks: an Insider’s View

Kevin’s talk will explore the malware that is currently active on the mobile network and will leverage aggregated data from live network deployments of Nokia’s NetGuard EndPoint Security system, a network based malware detection system deployed in mobile carriers covering more than 100 million mobile devices around the globe. He’ll start with a review of real world malware statistics for mobile devices, and then provide an in-depth analysis of specific malware infections, including details on what the malware does, its command and control infrastructure, how it is monetized, and the impact on the network and user.



Jake Kouns

CISO, Risk Based Security
CEO, Open Security Foundation

Jake Kouns is the CISO for Risk Based Security and the CEO of the Open Security Foundation that oversees the operations of the Open Source Vulnerability Database and Data Loss Database. Mr. Kouns has presented at many well-known security conferences including RSA, DEF CON, CISO Executive Summit, EntNet IEEE GlobeCom, CanSecWest, SOURCE, FIRST and SyScan. He holds both a Bachelor of Business Administration and a Master of Business Administration with a concentration in Information Security from James Madison University. In addition, he holds a number of certifications including ISC2’s CISSP, and ISACA’s CISM, CISA and CGEIT. He has also been interviewed as an expert in the security industry by CNN, Information Week, eWeek,, Federal Computer Week, Government Computer News and SC Magazine.

Jake's publications include:

“Cyber” Who Done It? Attribution Analysis Through Arrest History

Arrest history and analysis of data breaches paint an interesting picture of the cybercrime landscape. Jake will present current research and his observations, including who is behind these data breaches and what the demographics are, how many work by themselves versus part of a group, which day of the week are you most likely to be arrested, and how many arrests lead to assisting authorities to arrest others.



Jack Walsh

New Initiatives & Mobility Programs Manager

Jack has worked eighteen years at ICSA Labs, an independent division of Verizon. Currently driving development of programs that test the security of IoT devices, advanced threat defense solutions and all things mobile, Jack’s prior roles included network intrusion prevention systems program manager, anti-spam program manager, and firewall lab technical lead. Prior to joining ICSA Labs, Jack tested commercial products at the National Security Agency.  While there he co-authored the first Firewall Protection Profile. Jack earned his B.S. in Electrical Engineering from Penn State and later earned an M.S. in Computer Science from Johns Hopkins.

Defending Against Unknown Threats

Defending your network from breaches requires a defense-in-depth strategy. Even with all the traditional security defenses, breaches still occur due in part to the fact that there’s been no real answer for new threats. Enter advanced threat defense (ATD) solutions. For 25 years ICSA Labs has performed computer and network security certification testing. Jack will explain how they are testing ATD solutions, the most recent findings, and how you can benefit from ICSA’s ongoing testing and research.



Peter Foster

Executive Vice President and FINEX Cyber Leader
Willis, Tower, Watson

Peter has sixteen years of experience providing risk solutions and strategic advice to large, complex corporations and financial institutions on privacy, network security (cyber) and technology errors, and omissions risks and exposures. In his role as one of the Willis Towers Watson Cyber leaders, he is focused on providing strategic advice and risk transfer services to FINEX’s large financial services, healthcare, retail and defense contractor clients.

Got Coverage? Cyber-Insurance Realities Revealed

Cyber-insurance is an important component of a risk mitigation strategy. Peter will guide us through the intricacies of cyber-insurance including typical coverage features, most common exposures, purchasing process, loss examples, and the claims handling process. This is must know information for every organization!



Don Anderson, Jr.

Federal Reserve Bank of Boston

Don Anderson is the Senior Vice President and Chief Information Officer (CIO) at the Federal Reserve Bank of Boston. In this capacity, he is responsible for the Federal Reserve System’s Internet Cyber and Network Security services and Financial Management Technology services, the Bank’s IT functions, Real Estate Services, and Law Enforcement units. Don is currently a member of the Bank’s Executive Committee and represents the Bank on the System’s CIO committee.

He holds a BS degree from the University of Connecticut and an MBA from Bentley University, is a founding member of the Advanced Cyber Security Center (ACSC), a Board Member of the Boston CIO Leadership Association and Wall Street Technology Association (WTSA) and is an active member of the Dana Farber Leadership Council (DFLC).

Federal Reserve Special Session

A conversation with Don Anderson, Jr., discussing how the Fed is leveraging the cloud for information security.