Storage Security Summit 2022 Speakers

Don Matthews, President and CEO, NexiTech Inc.

Don Matthews is the founder of NexiTech, Inc., a software development and consulting firm specializing in cyber security and data storage solutions. NexiTech develops software solutions for private sector clients worldwide and for the U.S. Government, including the NAVAIR Presidential Helicopter mission. Our patented Moving Target Defense framework, along with other data storage and cyber security solutions, help clients and customers alike create innovative storage devices and appliances. Contracting and consulting clients include the United States Department of Homeland Security (DHS) and Department of Defense (DoD), Lockheed Martin, Intel, Microsoft, Broadcom, Dell, Mountain Secure Systems, Micron Technology and Western Digital.

Tom Ricoy, Vice President of Strategic Alliances, Cigent Technology Inc.

Tom Ricoy worked in the 90s for the first manufacturers of removable storage and digital media for PCs and digital cameras. Later he started the first Bluetooth manufacturer delivering many of the first wireless solutions globally. He joined Cigent in 2020, the leading secure storage manufacturer providing storage with embedded cyber security. Prior to Cigent he was at Dell in the commercial PC business unit responsible for endpoint cyber security solutions for five years. During his time at Cigent and Dell he has been heavily involved in enabling security solutions for use in the federal government and enterprises.

Miguel Banon, Convenor, CEN/CLC TC13/WG3, Spain

In 2006, Miguel founded Epoche & Espri, a successful Common Criteria and FIPS 140-2 security evaluation and testing laboratory. In October 2017 Epoche & Espri became part of DEKRA, one of the top 4 players in the testing, inspection, and certification industry worldwide. Miguel is the current Convenor of ISO/IEC JTC 1/SC 27/WG 3, CEN/CLC TC 13/WG 3, and member of the Management Board of the CCUF.

Expert in cybersecurity evaluation and certification, regulation, policy and standards development. Designer and developer of cybersecurity evaluation and certification schemes and labs in Europe. Support to major vendors to certify key technologies and products.

Lucy L.Thomson, Esq. CISSP CIPP/US, Founding Principal, Livingston PLLC

Lucy focuses her practice on cybersecurity, global data privacy, and compliance and risk management. Previously a senior engineer and privacy advocate at CSC, a global technology company, she worked on two of the government’s largest technology modernization projects. While at CSC she was appointed a DHS Information System Security Officer (ISSO). A career U.S. Department of Justice trial attorney, she managed and conducted complex litigation in the Criminal and Civil Rights Divisions.

In the American Bar Association (ABA), Lucy is a past chair of the Science & Technology Law Section and a member of the Cybersecurity Legal Task Force. She is editor of the Data Breach and Encryption Handbook and co-editor of the Internet of Things: Legal Issues, Policy, and Practical Strategies. Since 2008 she has been appointed the Consumer Privacy Ombudsman (CPO) in 32 federal bankruptcy cases to protect the privacy of millions of consumers whose personal records were being sold as “assets” and were at risk of identity theft and fraud.  Lucy received a master’s degree from Rensselaer Polytechnic Institute (RPI) and her J.D. degree from Georgetown.

Johann Amsenga, Convenor, ISO JTC 1/SC27/WG 4

Johann has worked in information security for more than 25 years. He started his career in the field at the South African Communications Security Agency (SACSA) and has been working at Armscor for the past 20 years. He has worked on various projects to fulfil information security algorithms and re-engineering open source products to incorporate custom security, including large projects such as the security specification for the Next Generation Network (NGN) of the South African National Defence Force.

Johann is the convenor of ISO JTC 1/SC 27/WG 4, Information technology – Information security, cybersecurity and privacy protection – Security controls and services. WG 4 brings together hundreds of experts from nearly 50 countries to cover aspects related to ICT security; information life cycle, organisational processes, security aspects of trust services; as well as internet security related technologies and architectures. WG 4 is the home of ISO/IEC 27040, Information technology — Security techniques — Storage security.

Apart from information security, Johann has a strong interest in software and systems engineering, and contributes to standardisation in this area through ISO/IEC JTC 1/SC 7 (Information technology – Software and systems engineering). This committee is well known for ISO/IEC/IEEE 12207, Software life cycle processes, ISO/IEC/IEEE 15288, System life cycle processes and ISO/IEC/IEEE 42010, Software, systems and enterprise – Architecture description.

Johann is also the convenor of ISO/IEC JTC 1/WG 13, which addresses standardization in the field of trustworthiness.


Richard Austin MS, CISSP-Retired, AUXC

Before Richard retired, he enjoyed a 50 year career in the computer industry with positions ranging from software developer to storage security architect to cybersecurity consultant and continues to be active in standards development. He earned a MS degree in information systems with a concentration in information security from Kennesaw State University, a DHS/NSA recognized Center of Academic Excellence in Information Assurance Education. He helped develop ISO/IEC 27037 which was the first international standard dealing with digital forensics. He is a Senior Member of IEEE and a Golden Core Member of the IEEE Computer society. He serves as Vice Chair of the IEEE Computer Society Cybersecurity and Privacy Standards Committee and is an active member of the Security in Storage Working Group responsible for developing IEEE 2883. He also holds the CISSP – Retired designation.

Nick Connolly, Chief Scientist, Datacore Software

Nick Connolly is a pioneer of storage virtualisation and the Chief Scientist at DataCore, where his background in real-time computing and multiprocessing led to the creation of a world-class high-performance storage stack on Windows. He holds patents ranging from highly scalable algorithms through to data protection techniques. Recently he has been working on bringing the power and performance of NVMe to Kubernetes.

Fredrik Forslund, Director of IDSC & Vice President, Enterprise & Cloud Erasure Solutions, Blancco

Fredrik Forslund serves as Vice President, Enterprise & Cloud Erasure Solutions for Blancco. He’s also the Director of the International Data Sanitization Consortium (IDSC), where he leads the organization in its mission to educate industry and standards bodies about the permanent eradication of data, clarifying guidelines to ensure compliance with data security and privacy laws, and how to fully enable circular and sustainable IT asset management.

With more than 20 years of Industry experience and a keen eye for streamlining and automating corporate IT security efficiencies, while maintaining compliance with data privacy legislation, Forslund is often regarded as a trusted advisor among large customers and to Government organisations. 

When he’s not guiding customers through data erasure processes, or working with Blancco’s internal teams, he can be found speaking at industry conferences around the globe.

Steve French, Principal Software Engineer - Azure Storage, Microsoft

Steve French is a member of the Samba team, and a Principal Software Engineer at Microsoft (Azure Storage), and long time maintainer (as well as original author) of one of the more active Linux file systems (cifs.ko) and now the new Linux kernel server as well (ksmbd), and a frequent presenter at SMB and storage conferences (including the SNIA Storage Developer Conferences, Vault (Linux Storage Conference), SambaXP, Linux Plumbers Conference and the Linux File System/MM summit). He was formerly chair of the SNIA CIFS Working group and co-author of the SNIA CIFS Specification, and File System Architect for the IBM Linux Technology Center.

David Harriman, Chair PCI-SIG PCIe Protocol Workgroup

Dave started his career at Intel doing design and validation in client chipsets, and through the 1990’s focused on the development and implementation of IO technologies including PCI, AGP, Hub Link.  In 2000 he shifted to focus on IO technology development.  He was one of the original developers of PCI Express (PCIe). He chairs the PCISIG PCIe Protocol Workgroup, and continues to develop and extend PCIe on multiple fronts, including recent work focused on IO security.  Dave was one of the inventors of Thunderbolt, which builds upon PCIe as an IO transport.  He also contributes to the development of USB, and a variety of other IO technologies.  Dave holds more than 130 patents.

Jim Hatfield, Firmware engineer/Standards engineer, Seagate Technology LLC

Jim has been in the storage industry since 1975, working with different types of media (HDD, SSD, optical, tape), interfaces (IBM System/360, SATA, SCSI, NVMe), and storage security. He has been and continues to be a significant contributor to the definition, clarification, enhancement, and promotion of storage sanitization. Since 2005, Jim has been involved in storage security in TCG, and later SNIA, IEEE, and other standards groups. He created the TCG Storage Interface Interactions Specification (SIIS) which is the 'glue' between TCG functions and the real world. Jim has leadership positions in TCG Storage WG (co-chair), and IEEE Security In Storage WG (SISWG chair), SATA-IO (President and chair of the Digital WG), and previously was the chair of INCITS T13.

Brett Henning, Software Architect, Broadcom Inc

Brett Henning is a Software Architect for Broadcom, Inc. He has spent 25 years in the storage industry, working on storage technologies ranging from parallel SCSI to NVMe. Most recently, Brett has worked in the field of security as it relates to firmware, embedded devices, and storage. He participates in standards work with DMTF, TCG, and OCP. Brett holds degrees from Purdue University and the University of Colorado, and is based in Colorado Springs, Colorado.

Basil Hess, Research Engineer, IBM Research Europe

Basil Hess is a Research Engineer at IBM Research Europe. His focus is on preparing the cryptographic infrastructure for the quantum era. He contributes to the NIST PQC standardization process as part of the SIKE submission team. He is also a team member of Open Quantum Safe, the OSS community’s initiative to support the development and prototyping of quantum safe cryptography. Basil holds a PhD in Information Systems and a MSc in Computer Science, both from ETH Zurich.


Eric Hibbard, Director, Product Planning - Storage Networking & Security, Samsung Semiconductor, Inc.

Eric A. Hibbard is the Director, Product Planning – Storage Networking & Security at Samsung Semiconductor, Inc. and a cybersecurity and privacy leader with extensive experience in industry (PrivSec Consulting LLC, Hitachi, Raytheon, Hughes, OAO Corp), U.S. Government (NASA, DoE, DoD), and academia (University of California). He has extensive exerperience architecting and auditing information and communications technology (ICT) infrastructures and solutions involving a wide range of technologies (IoT, cloud, storage, big data, AI, smart cities, blockchain) in organizations throughout the world.

Mr. Hibbard holds leadership positions in standards development organization and industry associations, including ISO/IEC, the InterNational Committee for Information Technology Standards (INCITS), the IEEE Computer Society, the American Bar Association (ABA), the Cloud Security Alliance (CSA), and the Storage Networking Industry Association (SNIA). Hibbard is or has served in an editorship role on the following international standards projects: ISO/IEC 22123 (Cloud computing – Vocabulary/Concepts), ISO/IEC 27031 (ICT readiness for business continuity), ISO/IEC 27050 (Electronic discovery), ISO/IEC 27040 (Storage security), ISO/IEC PAS 20648 (TLS for storage systems), Rec. ITU-T 3500 | ISO/IEC 17788 (Cloud computing -- Overview and vocabulary), and IEEE 1619-2018 (XTS-AES).

Mr. Hibbard possesses a unique set of professional credentials that include the (ISC)2 CISSP-ISSAP, ISSMP, and ISSEP certifications; IAPP CIPP/US and CIPT certifications; ISACA CISA and CDPSE certifications; and CSA CCSK certification. He has a BS in Computer Science.

Jeff Hilland, Distinguished Technologist, HPE & President, DMTF

Jeff Hilland is a Distinguished Technologist at Hewlett Packard Enterprise (HPE) in the CTO organization working on infrastructure management architecture with a focus on servers. Jeff served as VP of Technology for DMTF for 6 years before being appointed President of DMTF. Jeff has served in various leadership roles in DMTF since 2003, including chair of the Executive Committee, Technical Committee, Platform Subcommittee and co-chair of both the Server Management Work Group and the Desktop & Mobile Work Group. Jeff is one of the chief architects behind Redfish and contributed significantly to SMASH & DASH. Jeff also co-chairs the Security Task Force in PMCI. Jeff has spent the last 23 years driving industry standards and has also served in chairing roles in the Gen-Z Consortium, RDMA Consortium and the InfiniBand Trade Association.

Anand Kayande, Sr Principal Software Engineer, Veritas Technologies LLC

Anand Kayande is a technology leader, innovator and collaborator with around 20+ years of extensive experience in product architecture, design, development and delivery of solutions.

Anand is AI, ML evangelist and is involved in driving technology powered products and services, influencing product strategy and productizing ideas. Anand is involved in various universities program mentoring upcoming engineers. Anand is currently located in Pune, India and accompanied by wife and son. On personal front he is health and lifestyle enthusiast.

Fred Knight, Principal Standards Technologist, NetApp Inc. 

Frederick Knight is a Principal Standards Technologist at NetApp Inc. Fred has over 40 years of experience in the computer and storage industry. He currently represents NetApp in several National and International Storage Standards bodies and industry associations, including NVM Express, SCSI (T10), Fibre Channel (T11), ATA (T13), IETF (iSCSI), SNIA, and JEDEC. He has authored documents at NVM Express, SNIA, the IETF, JEDEC, and the INCITS T10/T11/T13 committees . He is also the editor for several INCITS standards and the Convenor for the ISO/IEC JTC-1/SC25/WG4 international committee (overseeing the international standardization of T10/T11/T13 documents). Fred has received several NetApp awards for excellence and innovation and is the holder of several patents. He also received the INCITS Technical Excellence Award for his contributions to both T10 and T11 and the INCITS Merit Award for his longstanding contributions to the international work of INCITS. He also developed the first native FCoE target device in the industry. At NetApp, he contributes to technology and product strategy and serves as a consulting engineer to product groups across the company. Prior to joining NetApp, Fred was a Consulting Engineer with Digital Equipment Corporation, Compaq, and HP where he worked on clustered operating system and I/O subsystem design.

Andres Lagar-Cavilla, Open Compute Project & Principal Engineer, Google

I build and research computer systems. I am the Horizontal Lead for platform Security and the Tech Lead for system software at Google's Technical Infrastructure group. I have led memory management, kernel release, and production mitigation of black swans, including Meltdown and Spectre. I co-founded GridCentric, a virtualization startup, acquired in 2014. From January 2010 to October 2011 I worked in AT&T Labs Research, publishing a number of first-tier academic papers. I got my PhD and MSc from University of Toronto. I got the NSERC Doctoral Prize for 2010, the Eurosys best paper award for 2009, and an NSERC Canada Graduate Scholarship. I got my undergrad in Universidad Nacional del Sur in Bahia Blanca, Argentina

Volker Lendecke, Developer, SerNet GmbH 

Volker Lendecke is a member of the Samba Team and co-founder of SerNet GmbH in Göttingen, Germany

Bill Martin, SSD IO Standards, Samsung Semiconductor Inc. 

Bill has been involved in the storage industry for over 35 years serving on industry consortiums and standards bodies for storage including SNIA, INCITS T11, INCITS T10, INCITS T13, SATA-IO, and NVMe. He has demonstrable skills in gaining industry agreement in a variety of technologies and bringing together competitors for the advancement of the industry.

In addition to his role representing Samsung in SSD IO Standards, Bill currently holds the following industry leadership roles: co-chair of the SNIA Technical Council, Board member of the NVMe Board of Directors, Chair of INCITS T10, and Secretary of INCITS T13.

Bill is: editor of the SNIA Computational Storage Architecture Model; editor of the SNIA Computational Storage API; editor of the SNIA Key Value Storage API; editor of SCSI Block Commands – 5 (SBC-5); and author of numerous proposals to: NVMe, SNIA, INCITS T10, INCITS T13, and INCITS T11.

Bill has received numerous industry recognitions for his contributions to the storage industry over the past decades including: SNIA Volunteer of the Year award 2021, INCITS Gene Milligan award for effective committee management 2016, INCITS Merit award 2013, FCIA Achievement award 2010, INCITS Outstanding Leadership Team award 2007, INCITS Technical Excellence award 2005, FCIA Lifetime Achievement award 2005, and SNIA Outstanding Theme lead for the interop lab 2004.

Dr Ron Martin, Professor of Practice at Capitol Technology University & Vice-Chair IEEE Zero Trust Security Working Group

Dr. Ron Martin is a Professor of Practice at Capitol Technology University, specializing in the functional areas of Critical Infrastructure, Industrial Control System Security, Identity, Credential, and Access Management. 

Dr. Martin maintains professional relationships with a diverse mix of businesses. He serves on the board of directors for many profit and nonprofit organizations, such as the International Foundation for Protection Officers (IFPO), and the Institute of Electrical and Electronics Engineers (IEEE) P2887 - Zero Trust Security Working Group (ZTSWG) as Vice Chair. He is a voting member of the U.S. Technical Advisory Group to the International Standards Organization (ISO), which works to develop and articulate the U.S. position by ensuring public and private sector stakeholder involvement. He is also a member of the Cloud Security Alliance Zero-Trust/ Software Defined Perimeter Expert’s Working Group and the Security Industry Association Standards Committee.

Dr. Martin retired from the U.S. Army in 1999. While on active duty, he served as Military Comptroller, Provost Marshal, Security Manager, and a Doctrine Literature Writer and Instructor. He retired from his service with the U.S. Government in 2011. During his Federal Service, he served with the Department of Commerce and the Department of Health and Human Services as Program Director for the development and implementation of their Identity, Credentialing and Access Management (ICAM) Programs. In between his tours of Federal Service, he also served as a civilian police officer in the Commonwealth of Virginia for five years. Dr. Martin was a member of the Federal Identity, Credentialing, and Access Management (FICAM) Roadmap Development Team, providing FICAM Subject Matter Expertise, advice, and assistance to Federal agencies and organizations engaged in Identity Credentialing activities. Dr. Martin is a former member of ASIS International’s Commission on Standards & Guidelines Commission.

Jason Molgaard, Co-Chair, SNIA Computational Storage Technical Work Group

Jason Molgaard is an experienced storage controller architect having worked for various storage device companies architecting and designing HDD and SSD storage controllers.  Having worked on a variety of controller interfaces, he focuses on optimizing performance, cost, and area of CPU subsystems.  Jason is also co-chair of the SNIA Computational Storage TWG and helps define the Computational Storage standard.  Jason holds a Master of Science degree in Electrical Engineering.

Mahesh Natu, Senior Principal Engineer, Intel Corporation

Mahesh Natu is a Senior Principal Engineer at Intel Corporation working on Datacenter Platform architecture and various industry standards. He is the co-chair of CXL Consortium Systems and Software WG and has been in that role since the very beginning. He has also contributed to DMTF SPDM specifications, UEFI specification and ACPI specification.  

Chandra Nelogal, Distinguished Member of Technical Staff, Dell Technologies

Chandra Nelogal works as a Distinguished Member of Technical Staff at Dell ISG (Infrastructure Solutions Group). His focus area of work covers data storage solutions, security covering aspects of data at rest security and device authentication. He participates in various industry standard orgs such as TCG (DICE and Storage Work Group), DMTF (PMCI and Security Task Force) and SNIA (Security TWG. Chandra is a prolific inventor with 47 granted patents and several patents pending.

Anay Pathak, Advisory Consultant, CTO Ambassador, Dell Technologies

Anay Pathak has 15+ years of experience and has worked with some of the large enterprise organizations & customers as Trusted Advisor providing consulting around IT and creating mindshare around next gen technology trends. He has good industry experience in DC virtualization, public cloud, data management (which includes protection & business continuity), Artificial Intelligence & Cyber Resiliency.

Anay is B. Tech (Honors) in Electrical & Electronics (2006 batch) from Dr. A.P.J. Abdul Kalam Technical University, Lucknow. He is a Merit holder in class 10th and 12th.

He has got couple of IEEE papers in his name & have taken part in various Technical conferences across the world. Anay has also written Technology blogs. He has multiple Industry certifications including – Cloud, Virtualization, Storage & Data Protection.

Anay has delivered multiple workshops around future of AI, Good use of AI and technology/trends around AI & ML with use cases.Other topics of his talks are: Cloud, Technology Trends, Employability Skills, Cyber Resiliency, Data Management.

Part of AI & ML Champions Group and also CTO Ambassador – Office of CTO within Dell. Responsible for Pre-sales, Architecture and Design discussion with Alliance Partners. 

“vExpert” which is a prestigious program run by VMware.

Influencer of the year (2021) award winner, based on knowledge sharing done in 2021. A passionate speaker talking about “Trends on Technology in multiple Industry events and Universities”, loves solving complex business problems.

Scott Phuong, Principal Engineer, Cisco Systems

Scott Phuong is a Principal engineer at Cisco Systems, Inc. He has worked at Cisco Systems, Inc for 13 years and has worked in the server industry for 22 years. At Cisco, he is the software and hardware platform architect focused in the area of management and security. Scott represents Cisco in various work groups in DMTF and TCG. Scott graduated at University of Illinois at Urbana Champaign and is currently based in the San Francisco Bay area.

Doron Pinhas, CTO, Continuity

Doron is an avid Storage and Backup security advocate, and one of the two authors of the recently published NIST special publication titled: “Security Guidelines for Storage Infrastructure”. Alongside continuous research of storage security, threat landscape, and market maturity analysis, he is also engaged in writing, public speaking and information exchanged with leading global organizations.

Doron has over 20 years of experience in data and storage management, mission critical computing, operating system design and development, cloud computing, and networking architecture.

Thomas Rivera, Cybersecurity & Privacy Professional, VMware Carbon Black

Thomas Rivera has over 25 years of experience in data storage architectures, with specialties in data protection and data privacy. Thomas is at VMware Carbon Black, working on advancing Cybersecurity & Data Privacy standards.

Thomas co-chairs the SNIA Data Protection and Privacy Committee (DPPC), and is an active member of SNIA’s Security Technical Working Group. Thomas also serves as the secretary for Cybersecurity & Privacy INCITS Technical Committee, as well as secretary for the Cybersecurity & Privacy Standards Committee within IEEE.

In addition, Thomas is the chair of the IEEE Zero Trust Security Working Group.

Thorsten Stremlau CISSP, Co-Chair, Marketing Work Group, TCG and CTO & Senior Engineering Staff Member, Intelligent Devices Group, Lenovo. 

Thorsten Stremlau is a Senior Engineering Staff Member and CTO within Lenovo’s Intelligent Devices Group PC & Smart Devices business.  He is responsible for technical strategies for devices, software and cloud services globally.  In this role, Thorsten identifies and drives integration of current and future technologies, integrating them into the product development processes, and specifically drives innovation into the security capabilities of Lenovo’s commercial portfolio.

Thorsten has been part of TCG (Trusted Computing Group) from its inception and has helped drive acceptance of the TPM products for security in EMEA and many parts of AP. Thorsten’s career has been dedicated to identifying solutions and strategic implementations for Lenovo’s customers in all aspects of IT.  As an engineer in both IBM and Lenovo for nearly 25 years, his broad experience enabled him to assist thousands of our customers to digitally transform their environments using Lenovo technology.

Thorsten holds a Bachelor in Industrial Manufacturing/Finance and Electrical Engineering.  Thorsten lives in Morrisville, North Carolina with his family.

Konstantin Taranov, Research Assistant ETH Zurich

Konstantin Taranov is a PhD graduate from the SPCL group at ETH Zurich. His research interest is data management in the networked environment. His papers are published in prestigious international proceedings (such as ACM SIGMOD, VLDB/PVLDB, ACM/IEEE SuperComputing, Usenix ATC, Usenix Security, EuroSys). During his PhD studies, he interned at Microsoft research (2017), working on memory allocation for distributed memory systems over RDMA, and at Oracle Labs (2019), working on extending Apache Kafka with RDMA networking.

Yuval Lifshitz, Principal Software Engineer, Red Hat

Yuval Lifshitz works as a Principal Software Engineer at Red Hat. His current focus is enriching the Ceph ecosystem by adding connectivity between the Rados Object Gateway and external message brokers (Kafka, Knative, RabbitMQ, etc.). He also added Lua scripting into the Rados Object Gateway to allow users customized behavior and more ecosystem interactions.

Before that, he worked on Kubevirt - developing networking solutions for virtual machine payloads in k8s/openshift.

Yuval did public speaking in: Kubecon, Cephalocon, OSS Japan, FOSDEM and local events.