Featured Speakers - Winter 2008 SSIF Storage Security Summit
Keynote Speaker
Steven W. Teppler
CEO, TimeCertain
Steven W. Teppler is an attorney, inventor, and the CEO of TimeCertain, LLC,
an information security solutions company. He founded TimeCertain in 1999
after having confronted first-hand the evidentiary issues presented by
challenge-prone digital data content. Mr. Teppler, a litigator who has
practiced law since 1980, is admitted to the bars of New York, the District
of Columbia and Florida. Mr. Teppler is a member of the Information Security
Committee of the American Bar Association, a co-author of the ANSI X9F4
trusted timestamp guideline standards for the financial industry, a founding
member of the Information Assurance Consortium, and a member of the Sedona
Conference Workgroup 1.
Mr. Teppler writes about and lectures to the legal, auditing and
information security communities about evolving theories of computer
generated information and evolving theories of liability, practice and
evidence in an electronic data universe. He also advises private and public
sector clients about risk, liability, and compliance issues unique to
electronic data generation, alteration, transmission and archiving.
Mr. Teppler is a member of the Florida Bar Professional Ethics Committee,
and contributed to Advisory Opinion 06-02 (Metadata Mining). Mr. Teppler’s
recent publications include: Spoliation in the Digital Universe; The SciTech
Lawyer, American Bar Association, Fall 2007, Life After Sarbanes-Oxley – The
Merger of Information Security and Accountability (co-author) 45 Jurimetrics
J. 379 (2005); Digital Signatures Are Not Enough (co-author); Information
Systems Security Association, January 2006; State of Connecticut v. Swinton:
A Discussion of the Basics of Digital Evidence Admissibility (co-author),
Georgia Bar Newsletter Technology Law Section, Spring 2005; The Digital
Signature Paradox (co-author), IETF Information Workshop (The West Point
Workshop) June 2005; Observations on Electronic Service of Process in the
South Carolina Court System, efiling Report, June 2005. Mr. Teppler is also
a contributing author to an upcoming American Bar Association book working
titled “Foundations of Digital Evidence” (publication expected February
2008).
Mr. Teppler received his Bachelor of Arts in Political Science Summa Cum
Laude from the City College of New York, Phi Beta Kappa, and received his
Juris Doctor from the Benjamin N. Cardozo School of Law in New York
City.
Featured Speakers
Roger Bouchard, BCSD, BCSM, CISSP, is the Worldwide
Security Practice Lead at Brocade. Mr. Buichard has been in the
computer industry since 1978 with a wide range of experience from
programming, analysis, consulting, education and management. He has taught
IT security courses since 1994 and has been focused exclusively on the
storage industry since 1996. Prior to joining Brocade in December 2000, he
was the Director of Professional Services for the storage practice of a
major storage solutions reseller in Canada. Mr. Bouchard has been a Subject
Matter Expert (SME) on Security for Brocade since 2002. . He has
developed and delivered several SAN Security Audits and Hardening
engagements across North America and written SAN Security whitepapers.
Roger Cummings is Senior Principal Software Engineer in
the Advanced Technology Standards group of the Symantec CTO Technology
Group. Mr. Cummings served on the SNIA Technical Council for four
years and co-chaired the Security Technical Work Group in SNIA for many
years. He was also the primary organizer behind the 1st SNIA
Storage Security Summit in 2002. Mr. Cummings is considered one of
the foremost experts on the history and current state of data encryption,
and his entertaining talks have won many awards, including Top
Speaker at the SNW Spring 2007
conference.
At Symantec, Mr. Cummings participates in the development of new
technologies and advanced products, and represents Symantec in a number of
industry bodies developing standards. He is Chair of INCITS Task Group
T11.5, is active in INCITS committee T10, and he also participates in a
number of IETF Working Groups and in the Trusted Computing Group.
Prior to joining Symantec (who acquired VERITAS Software in July 2005), Mr.
Cummings spent four years at Distributed Processing Technology (DPT) as
Director of Emerging Technologies (DPT was acquired by Adaptec in 1999). At
DPT, he participated in the development of the industry’s first board-level
hardware RAID controller to support both SCSI and Fibre Channel device
interfaces. Prior to DPT, he spent seven years at StorageTek, working on the
development of new high-speed tape technologies, disk arrays, and optical
interfaces. He was also Chair of INCITS Technical Committee T11 (responsible
for the standardization of Fibre Channel) from its inception in 1993 thru
1998. Mr. Cummings has as total of more than 30 years experience in the
computer industry in the UK, Canada and the United States.
Mr. Cummings holds a B. Sc (Eng) from Queen Mary College, University of
London, United Kingdom. He has published more than twenty articles in a
variety of publications, from Infostor to Laser Focus World, and is the
author of two booklets in the SNIA Technical Tutorial Series - "Storage
Network Security" and "Storage Network Management.”
Vincent Franceschini is the Chairman
of the Storage Networking Industry Assocation and Senior Director of Future
Technologies for Hitachi Data Systems, reporting directly to HDS
Corporation’s Chief Technology Officer. In the HDS role, he is
responsible for defining the future directions of HDS Data Networking
solutions on a worldwide basis and for selecting the key future technologies
and solutions that HDS will market. Mr. Franceschini is also Hitachi Data
Systems' primary representative to leading Industry Associations work groups
such as the Storage Networking Industry Association (SNIA), serving as a
Board director of SNIA between 2001 and 2005, and elected Vice-Chairman
of the Board in 2002 and 2003, Treasurer of the SNIA Executive Committee in
2004, and Chair in 2006 and 2007. Mr. Franceschini now leads a new
emerging initiative at SNIA to define the role of the Storage Industry in
the Grid solutions space.
Eric Hibbard, CISSP, ISAAP, ISSEP, CISA, is the SSIF
Storage Security Summit Chair and currently the Senior Director, Data
Networking Technology in the Office of the CTO for Hitachi Data Systems. He
is responsible for developing and leading the execution of Hitachi Data
Systems’ (HDS) storage security strategy and he serves as the principle
storage security architect.
Within SNIA, Mr. Hibbard is the Chair
of the Security Technical Working Group (TWG) as well as a member of the
Storage Security Industry Forum (SSIF), the Data Management Forum (DMF), the
Storage Management Initiative Technical Steering Group (SMI TSG), and
several TWGs (e.g., Information Lifecycle Management, Management Protocol,
and Fixed Content Aware Storage). He is also the Chair of the Security Track
for SNIA tutorials and a key author of several SNIA whitepapers and reports,
including: “Introduction to Storage Security”, “SNIA Storage Security – Best
Current Practices (BCPs) v2.0”, “Encryption of Data At-rest – A Step-by-Step
Checklist”, and “Standards Relevant to Storage Security”.
Mr.
Hibbard is active in both storage and security standardization, where he is
currently the Vice Chair of IEEE P1619 Security in Storage Work Group (SISWG), which focuses on storage-based
encryption and key management services, as well as serving as a member of INCITS/T11 (Fibre Channel), INCITS/CS1 (Cyber Security), IETF, W3C,
the Trusted Computing
Group, and the Distributed Management
Task Force (DMTF). In addition, he participates in the IEEE Critical
Infrastructure Protection Committee (CIPC), the Information Systems Security Association
(ISSA), the Information Systems Audit and Control Association (ISACA), and
the Computer Security Institute
(CSI).
Mr. Hibbard currently holds the International
Information Systems Security Certification Consortium (ISC)2 Certified
Information Systems Security Professional (CISSP) certification as well as
the Information Systems Security Architecture Professional (ISSAP), the
Information Systems Security Management Professional (ISSMP), and the
Information Systems Security Engineering Professional (ISSEP) concentration
certifications. He also holds the ISACA Certified Information Systems
Auditor (CISA) and the SNIA Certified
Systems Engineer (SCSE) certifications. He also has over 25 years
experience in information technology, including over 10 years in information
security architecture and management, working for government (DoD, NASA,
DoE), academia (University of California), and industry (Raytheon, QSS
Group, Hitachi Data Systems). His educational background includes a B.S. in
Computer Science and a Certificate of Proficiency in Data
Communications.
Steve Hight is the Director of Strategic
Technology for the sixth largest hospital chain in the nation, Catholic
Healthcare West. CHW has over 50,000 employees and 9,000 physicians treating
over four million patients per year and earning FY06 gross revenue of over
six billion dollars. Hight is responsible for CHW's Information Technology
Architecture Strategy and Planning as well as overseeing strategic IT
projects. Hight has 15 years of experience in IT, with 10 mostly recently in
acute care organizations. The domain IT knowledge of Hight includes such
areas such as Identity and Access Management, Data Storage, Virtualization,
Unix/Linux, Open Source, and Leveraging Technology to Mitigate Regulatory
Compliance Issues. During his years with CHW, Hight spearheaded major
projects in areas such as Datacenter consolidation, open source
technologies, and HIPAA compliance for clinical systems and other critical
systems. Hight has an engineering background with three of the largest
Fortune 500 companies specializing in data storage and identity
management.
Larry Hofer, CISSP, Office of Technology, System
Architect, Emulex, is responsible for architecting industry leading security
solutions across Emulex products. His experience includes secure protocol
applications, application of cryptography, access controls, applications and
system development, security architectures, and storage network
security. Mr. Hofer is an active member of the SNIA Security
Technical Work Group and other standards groups and was a major contributor
to the ANSI T11.3 Fibre Channel Security Protocols Standard (FC-SP). He is a
Certified Information Systems Security Professional (CISSP) and has
completed Department of Commerce training, Stanford Computer Security
Certificate, BSEE and MSCIS degrees. Mr. Hofer is a licensed
Professional Engineer and an IEEE member.
Walt Hubis, Software Architect, LSI Corporation, Engenio Storage
Group, has responsibility for defining secure storage and network
attached storage products and solutions. Mr. Hubis has over twenty
years of experience in storage systems engineering in both development and
managerial positions and has authored several key patents in RAID and other
storage related technologies. Mr. Hubis is currently the Chair of
the Trusted Computing Group Key Management Services
Subgroup. He holds a Bachelor of Science degree in Electrical
Engineering from Colorado State University.
Ethan Miller, Associate Professor, Computer
Science Department, Baskin School of Engineering, University of California
Santa Cruz, is a member of the UCSC Storage
Systems Research Center where he explores issues in file and storage systems
and more generally, operating systems and distributed systems. Professor Miller's current projects
include archival storage systems, file system security, petabyte-scale
storage systems, and file systems for next generation storage
technologies. He is also
interested in storage system benchmarks, algorithms to more efficiently
manage storage, and information retrieval from very large text and
multimedia corpora as well as other problems in computer systems and
security.
Michael Peterson, President of Strategic Research
Corporation and Chief Strategy Advocate, SNIA Data Management Forum has
for 20 years been an energetic leader and catalyst for the storage
industry, publishing insightful books and industry reports, consulting with
the entire industry in business and market development, pioneering IT
research on storage and management practices, creating innovative
conferences, speaking internationally as an industry visionary, forming
industry trade groups, and even developing new solutions and companies. Mr.
Peterson is a founder of the SNIA and was the past president from 1998 to
1999. He is currently Chief Strategy Advocate for SNIA's Data Management
Forum with responsibility for guiding its initiatives (Data Protection,
Information Lifecycle Management, and Long-term Archive & Compliance
Solutions), and market education.
Blair Semple, CISSP, ISSEP, is a SNIA Storage
Security Industry Forum Board Member and Storage Security Evangelist at
Decru, a NetApp company, focused on information security and, more
specifically, storage security. With over 10 years of specific storage
security experience, Mr. Semple is responsible for delivering global
outbound communications on the state of the storage security market,
emerging standards for storage security, “Introduction to Encryption”, the
work being done in the IEEE P1619 and other communities. In addition, Mr.
Semple works directly with Decru/NetApp customers defining the
requirements, challenges and benefits of storage security along with the
value that Decru/Network Appliance solutions bring to this environment
Prior to joining Decru, Mr. Semple was with Kasten Chase in a
variety of roles including Technology Officer and Business Development
Director. From 1996 – 2004 he was the company’s primary interface with
the National Security Agency’s RASP program. Working together with NSA,
Kasten Chase created a multifaceted technology solution that supported over
20,000 users requiring access to classified data via mobile laptops.
The RASP solution included both encrypting PCMCIA modems and the first
laptop security solution certified by NSA to protect classified information.
A large part of Mr. Semple's role involved educating
military, intelligence and other government personnel on aspects of storage
and communications security for mobile users in the U.S., and around the
world.
A physics major at Wilfrid Laurier University in Waterloo Canada, Mr.
Semple has continued his education in information security including
having attained both CISSP and ISSEP certifications - the latter credential
demonstrating competence in the rigorous requirements for information
security engineering and currently held by only 300 or so individuals
worldwide.
David Stevens is the Storage Manager for the Division of
Computing Services at Carnegie Mellon University. In this position, he is
responsible for the institution’s storage area networks and backup services
as well as the employees charged with maintaining the storage and backup
infrastructure. Mr. Stevens has been with Carnegie Mellon since 1998,
and has held a variety of roles, including Systems Manager and Research
Systems Programmer. Mr. Stevens is also an active member of the SNIA
End User Council, and serves as the End User Technical Lead for the Security
and IP Storage Hands-On Labs at SNW conferences.
