Hang around IT security long enough and several of the same names keep popping up. With good reason. They have both vision and influence and they aren't afraid to use them.
Employing an “active defense” strategy into cyber intrusions, Dmitri Alperovitch (left) seeks to revise outdated laws so as to empower the private sector to enact efficient self-defense in today's cyber world. In August 2011 while at McAfee, he uncovered Shady RAT, Aurora and Night Dragon, game-changing cyberespionage intrusions into dozens of businesses suspected of originating in China.
A software engineer by training with stints at Cisco and Juniper, industry veteran Nawaf Bitar is currently an SVP of vSphere at VMware. Prior to his talk at last February's RSA Conference, he told SC: “As an industry we must change our approach to fighting cybercrime. Successful attacks occur daily and we ought to be outraged.” He warned the audience in San Francisco that apathy was eroding privacy and issued a called for a more stringent focus on protecting data.
Joyce Brocaglia is the president and CEO of Alta Associates, a leading tech search firm. Often sourced in the press and a frequent speaker at industry events, Brocaglia is recognized for her market insight and for urging students to find mentorship programs and her job applicants to be forward-thinking and capable of articulating technical issues and business terms to executives.
In an environment that primarily measures achievement in net sales or visibility, it's particularly rewarding for us to call out the work of an organization that can prioritize ideals – particularly privacy protection in our new age of digital connectivity. The nonprofit Electronic Frontier Foundation (EFF) takes on those who hold the reins – whether in government or industry – large, intimidating forces which, and can often, abuse their privilege. The EFF is a champion of individuals and new technologies often caught up in legal quagmires owing to uninformed authorities and antiquated laws codified before the advent of digital capabilities.
Fight for the Future is an advocate for net neutrality and privacy protections in the age of digital commerce. The nonprofit group takes on government bureaucracies and large corporations which seek to slow down and censor the internet, campaigned against the Stop Online Piracy Act and PROTECT IP Act two years ago, pushed for increased privacy protections on the internet following revelations about the scope of the NSA's data gathering, and set up the Internet Defense League so as to be prepared as liaison should the need arise in the future for further actions to promote causes related to copyright legislation, online privacy and censorship.
Ron Gula (left), CEO/CTO at Tenable Network Security, got his start conducting penetration tests at the National Security Agency and was the original author of the Dragon Intrusion Detection System. When Enterasys Networks acquired Network Security Wizards, where he was CTO, he put his expertise in network security monitoring to work helping financial, government, service providers and commercial firms. Before founding Tenable in 2002, he “helped to develop one of the first commercial network honeypots.”
As director of the Cyber Statecraft Initiative at the Atlantic Council, Jason Healey says he has to be influential, to have an impact on policy and practice. His Washington, D.C.-based think tank promotes constructive leadership and engagement in international affairs. Healey is a staunch advocate for government taking itself out of the leading role to allow the private sector – which has greater agility and subject-matter expertise – to fix the chronic onslaught from malware and other threats.
In October, cyberintelligence firm iSight Partners discovered a bug, dubbed Sandworm Team, in the Microsoft Windows OS. The ongoing cyberespionage intrusion is believed intended to gather intelligence on the Ukraine crisis and other nation-state issues.
U.S. Rep. Zoe Logren (D-Calif.) is one of the strongest legislative champions of government oversight and transparency and a defender of the current state of the internet. In 2011, she led congressional opposition to the Stop Online Piracy Act. A fighter for strong net neutrality rules, this year she sponsored an amendment to stop the NSA from searching the private communications of citizens, and to prohibit the NSA from weakening security protections in devices and software for unwarranted surveillance purposes.
Rhonda MacLean has spent more than 30 years in IT security. Before establishing her own risk management consulting firm MacLean Risk Partners, LLC, she served as sector coordinator and chairperson of the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security, and was global chief information security officer for Barclays and before that the global leader of Bank of America's Corporate Information Protection Group. She sits on several boards, and has earned a slew of industry awards recognizing her contributions.
Jeff Moss, formerly The Dark Tangent, founded the Black Hat and DEF CON conferences, two of the most cutting-edge computer security conferences. He has been a go-to guy for government, law enforcement and corporations seeking insight on everything from cyber attacks from China, email threats and the recruitment of hackers into legitimate professions.
Larry Ponemon (left) is the chairman and founder of the Ponemon Institute, a think tank that conducts independent research into privacy and data protection practices. A widely circulated columnist and source, he has presented keynotes and presentations at conferences worldwide (often by piloting his own plane).
If you don't recognize Marcus J. Ranum, chief of security at Tenable Networks, by name, you most certainly will know his work. He is hailed as an early innovator in firewall technology and the implementor of the first commercial firewall product. The list of “groundbreaking” security offerings that he's designed includes the Gauntlet firewall, NFR Network Flight Recorder intrustion detection system, the TIS firewall toolkit and the DEC Seal. He's sharpened his security system design and implementation expertise consulting with Fortune 500 companies and various governments.
Selected by this magazine as one of the Top 20 Security Industry Pioneers and a Top 5 Security Thinker, Winn Schwartau continues to provoke audiences with his views on everything from cyberwarfare to privacy to hiring nontraditional but qualified people for security positions. The struggle, he said at SC Congress NY in October, is to see beyond appearance, gender or hacker background that were formerly a red flag for the hiring office.
Forty-thousand Twitter followers can't be wrong. Whether as an author, blogger, columnist, editor, researcher, chief research analyst, senior fellow or a number of other positions in the field, Richard Stiennon has been an untiring advocate for strategies to combat cybercrime. The founder of industry analyst firm IT-Harvest is often acknowledged as an outstanding communicator of technical matters to broad audiences and is a go-to authority on internet security and cyberwarfare (and a trusted prognosticator of what's to come).