HEATHER ADKINS is a 15-year Google veteran and founding member of the Google Security Team. As director of information security, she has built a global team responsible for maintaining the safety and security of Google’s networks, systems, and applications. She has an extensive background in systems and network administration with an emphasis on practical security and has worked to build and secure some of the world’s largest infrastructure. She now focuses her time primarily on the defense of Google’s computing infrastructure and working with industry to tackle some of the greatest security challenges as part of the Defending Digital Democracy project at the Belfer Center for Science and International Affairs at Harvard Kennedy School.
MATTHEW BARRETT leads Cybersecurity Framework activities at the National Institute of Standards and Technology (NIST). Barrett and his team are responsible for establishing and maintaining relationships with both private and public sector (Cybersecurity) Framework stakeholders. Barrett works through those relationships to provide perspective and guidance, as well as gather input on use and evolution of the Framework. To fulfill stakeholder needs, he also collaborates with a variety of NIST cybersecurity programs. Barrett is known for his leadership of NIST’s Security Content Automation Protocol program and support of the Office and Management and Budget’s Federal Desktop Core Configuration initiative (predecessor to U.S. Government Consensus Baseline). Previous to NIST and over the past decade, he served in various executive roles including roles such as president and chief executive officer.
STEPHEN CAUFFMAN is a research engineer with the Community Resilience Program at NIST. He initiated resilience work at NIST in 2011 with funding from the Department of Homeland Security and developed the initial plan for the NIST Community Resilience Program. The program is developing science-based tools to measure resilience at the community-scale and produced the Community Resilience Planning Guide for Buildings and Infrastructure Systems and the Community Resilience Economic Decision Support Guide for Buildings and Infrastructure Systems (https://www.nist.gov/topics/community-resilience). The program is supported by the NIST-funded Center for Risk-Based Community Resilience Planning, a ten-institution team led by Colorado State University (http://resilience.colostate.edu/). Cauffman served as the program manager for the World Trade Center Investigation, led NIST’s study of the performance of
structures following Hurricanes Katrina and Rita, and was a member of the team that studied the collapse of the Dallas Cowboys Practice Facility. He has served as leader of the Structures Group and as deputy chief and acting chief of the Materials and Structural Systems Division.
RICHARD J. DANZIG is vice chair of the board of trustees of the RAND Corporation, a member of the Defense Policy Board and the President’s Intelligence Advisory Board, a trustee of Reed College, a director of the Center for a New American Security, and a director of Saffron Hill Ventures (a European investment firm). Recently he has been a director of National Semiconductor Corporation and Human Genome Sciences Corporation. He has also served as chairman of the board of the Center for a New American Security and chairman of the board of the Center for Strategic and Budgetary Assessments. From the spring of 2007 through the Presidential election of 2008, Danzig was a senior advisor to Senator Obama on national security issues. Danzig served as the 71st Secretary of the Navy from November 1998 to January 2001. He was the Under Secretary of the Navy between 1993 and 1997. Danzig is a member of the Aspen Strategy Group and a senior advisor at the Center for New American Security, the Center for Naval Analyses, and the Center for Strategic and International Studies in Washington, D.C. His primary activity is as a consultant to the Departments of Defense and Homeland Security on terrorism.
DAVID EDELMAN is a director at Citigroup where he has worked for the past 25 years currently holding the title of chief cyber security scientist. Over this period of time, he has held positions in operations, architecture, continuity of business, and information security in locations in the United States and Europe. As an internal entrepreneur, he has created and developed a number of organizations subsequently handing them over to business as usual operations. He is one of the architects of Citigroup’s Internet presence and is the architect of Citigroup’s network component security. He is actively involved in the Financial Services Sector Coordinating Council (FSSCC), the Financial Services-Information Sharing and Analysis Center (FS-ISAC), and the Sheltered Harbor Technology and Security Architecture work stream. He serves as the co-chair of the FS-ISAC’s Cyber Agility Task Force. Edelman is a long time member of the IEEE and the ACM.
BUTLER W. LAMPSON is a technical fellow at Microsoft Corporation and an adjunct professor at MIT. He has worked on computer architecture, local area networks, raster printers, page description languages, operating systems, remote procedure call, programming languages and their semantics, programming in the large, fault-tolerant computing, transaction processing, computer security, WYSIWYG editors, and
tablet computers. He was one of the designers of the SDS 940 time-sharing system, the Alto personal distributed computing system, the Xerox 9700 laser printer, two-phase commit protocols, the Autonet LAN, the SPKI system for network security, the Microsoft Tablet PC software, the Microsoft Palladium high-assurance stack, and several programming languages. He received the ACM Software Systems Award in 1984 for his work on the Alto, the IEEE Computer Pioneer award in 1996 and von Neumann Medal in 2001, the Turing Award in 1992, and the NAE’s Draper Prize in 2004. He is a member of the National Academy of Sciences and the National Academy of Engineering and a fellow of the ACM and the American Academy of Arts and Sciences.
TIMOTHY E. ROXEY is vice president and chief E-ISAC operations officer of the North American Electric Reliability Corporation (NERC). He is responsible for development and execution of key critical infrastructure protection initiatives, such as NERC’s cybersecurity risk preparedness assessment and other continuous risk assessment efforts. Roxey also acts as a key coordination point for North American government officials and is a member of the Electricity Sector Information Sharing and Analysis Center (ES-ISAC) activities. He has 30 years of experience in the nuclear utility industry serving in organizations such as operations, information technology, licensing, and security, among others. Roxey has over 35 years of computer-related experience working in environments from mainframes, minis, and micros to hand-wired special control systems. He has written numerous programs in many different languages. Roxey is a widely recognized leader in the fields of security and infrastructure protection, formerly serving as deputy chair of the Nuclear Sector Coordinating Council and chairman of its Cyber Security Sub-Council. He is presently the private sector chairman of the Industrial Controls System Joint Working Group. Roxey spent over 17 years with Constellation Energy. At Constellation, he was the technical assistant to the vice chairman for security related matters and was involved in a variety of both physical and cybersecurity issues across the entire nuclear sector of the United States. In the realm of physical security, Roxey was involved in reviewing security system architectures for the next generation of nuclear power in America as a member of the various oversight committees. He also served, by invitation, on two presidential commissions helping to prepare guidance for the next administration.
STEPHEN SCHMIDT is vice president & chief information security officer for Amazon Web Services (AWS). His duties at AWS include leading product design, management, and engineering development efforts focused on bringing the competitive, economic, and security benefits of cloud computing to business and government customers. Prior to joining AWS, Schmidt had an extensive career at the Federal Bureau of Investigation
(FBI), where he served as a senior executive. His responsibilities at the FBI included a term as acting chief technology officer, section chief responsible for the FBI’s technical collection and analysis platforms, and as a section chief overseeing the FBI’s Cyber Division components responsible for the technical analysis of computer and network intrusion activities. His Cyber Division oversight included areas of malicious code analysis, computer exploitation tool reverse-engineering, and technical analysis of computer intrusions.
OTHER RECENT REPORTS OF THE COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD
Data Science for Undergraduates: Opportunities and Options (2018)
Decrypting the Encryption Debate: A Framework for Decision-Makers (2018)
Opportunities from the Integration of Simulation Science and Data Science: Proceedings of a Workshop (2018)
Securing the Vote: Protecting American Democracy (2018)
Assessing and Responding to the Growth of Computer Science Undergraduate Enrollments (2017)
Automation Technology and the U.S. Workforce: Where Are We and Where Do We Go from Here? (2017)
Cryptographic Agility and Interoperability: Proceedings of a Workshop (2017)
Emergency Alert and Warning Systems: Current Knowledge and Future Research Directions (2017)
Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions (2017)
Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop (2017)
A 21st Century Cyber-Physical Systems Education (2016)
Continuing Innovation in Information Technology: Workshop Report (2016)
Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop (2016)
Exploring Encryption and Potential Mechanisms for Authorized Government Access to Plaintext: Proceedings of a Workshop (2016)
Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020 (2016)
Privacy Research and Best Practices: Summary of a Workshop for the Intelligence Community (2016)
Bulk Collection of Signals Intelligence: Technical Options (2015)
Cybersecurity Dilemmas: Technology, Policy, and Incentives: Summary of Discussions at the 2014 Raymond and Beverly Sackler U.S.-U.K. Scientific Forum (2015)
Interim Report on 21st Century Cyber-Physical Systems Education (2015)
A Review of the Next Generation Air Transportation System: Implications and Importance of System Architecture (2015)
Telecommunications Research and Engineering at the Communications Technology Laboratory of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)
Telecommunications Research and Engineering at the Institute for Telecommunication Sciences of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)
At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues (2014)
Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020: An Interim Report (2014)
Geotargeted Alerts and Warnings: Report of a Workshop on Current Knowledge and Research Gaps (2013)
Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Future Decision-Making (2013)
Public Response to Alerts and Warnings Using Social Media: Summary of a Workshop on Current Knowledge and Research Gaps (2013)
Limited copies of CSTB reports are available free of charge from:
Computer Science and Telecommunications Board
Keck Center of the National Academies of Sciences, Engineering, and Medicine
500 Fifth Street, NW, Washington, DC 20001