Speakers

Speakers for the event will be added as they are formally confirmed. Listed in order of their presentations.

Joshua Corman | I Am The CavalryVF_CormanCroppedSepia

Joshua Corman is a Founder of I am The Cavalry (dot org) and the CTO for Sonatype. Corman has served key research and strategy roles at Akamai Technologies, The 451 Group, and IBM Internet Security Systems. He co-founded @RuggedSoftware and @IamTheCavalry to encourage new security approaches in response to the world’s increasing dependence on digital infrastructure. Josh’s unique approach to security in the context of human factors, adversary motivations and social impact has helped position him as one of the most trusted names in security. He is an adjunct faculty for Carnegie Mellon’s Heinz College and Advisor to DHS S&T. Josh received his bachelor’s degree in philosophy, graduating summa cum laude, from the University of New Hampshire.

Suzanne Schwartz, MD, MBA | Food and Drug Administrationucm337336

Suzanne Schwartz is FDA’s Director of Emergency Preparedness/Operations and Medical Countermeasures in the Office of the Center Director at CDRH. Initially recruited in 2010 as a Commissioner’s Fellow, she became a Medical Officer in the Office of Device Evaluation, Division of Surgical Orthopedic and Restorative Devices, Plastic and Reconstructive Surgery Branch in August 2011. Suzanne spearheads the InterCenter Wound Healing Working Group and represents FDA in several inter-Agency working groups and integrated program teams for the Public Health Emergency Medical Countermeasures Enterprise for chemical, biological, radiological and nuclear threats. Before joining FDA, she was a full time surgical faculty member at Weill Cornell Medical College in New York City. Prior to that Suzanne was Medical Director & Tissue Bank Director of Ortec International, a startup biotechnology company focused on tissue engineering therapeutic approaches to burns and chronic wounds. Suzanne earned an MD from Albert Einstein College of Medicine in 1988, an MBA from NYU Stern School of Business in 2012, and currently is enrolled in the National Preparedness Leadership Initiative – Harvard School of Public Health & Harvard Kennedy School of Government, Cohort X, December 2012-June 2013.

Margie Zuk | MITREMargieZuk

Margie Zuk is a Senior Principal Cyber Security Engineer at the MITRE Corporation, with over 30 years of cyber security experience. She is currently the Cyber Engagement Lead for Healthcare in the Cyber Security Technical Center, where she leads MITRE’s support to the FDA CDRH on Medical Device Cyber Security. As the Industry Collaboration Department Head for many years, Margie led MITRE’s work in cross sponsor initiatives and cyber partnerships providing expertise in Threat Based Defense, Cyber Threat Intelligence, Security Automation, Software Assurance, Privacy, and Social and Behavioral Science.

Margie led the evolution of the cyber standards work at MITRE from the launch of CVE to the recent structured threat work with STIX and TAXII for DHS. She developed trusted partnerships with senior leaders across government and industry to establish governance models and to evolve the cyber security standards strategy. Prior to this, Margie led MITRE’s support to the National Information Assurance Partnership (NIAP). She was an initial member of the Common Evaluation Methodology Editorial Board, and participated in the development of the US scheme for the Common Criteria.

Margie has a Bachelor of Arts in Mathematics from the College of Mt. St. Vincent and a Master of Science in Computer Science from Stevens Institute of Technology.

Steve Christey Coley | MITREfor online display

Steve Christey Coley is a Principal Information Security Engineer in the Cyber Security Division at The MITRE Corporation, supporting the FDA CDRH on Medical Device Cyber Security.  He likes changing his last name every two decades or so.  Steve was the co-creator and Editor of the Common Vulnerabilities and Exposures (CVE) list and chair of the CVE Editorial Board from 1999 to 2015.  He is the technical lead for the Common Weakness Enumeration (CWE), Common Weakness Scoring System (CWSS), and the community-driven CWE/SANS Top 25 Software Most Dangerous Software Errors.  He was a co-author of the influential “Responsible Vulnerability Disclosure Process” IETF draft with Chris Wysopal in 2002.  He was an active contributor to other efforts including the Common Vulnerability Scoring System (CVSS) version 2, the Common Vulnerability Reporting Framework (CVRF), NIST’s Static Analysis Tool Exposition (SATE), and certain non-public projects involving the assessment of static code analysis tools, and the SANS Secure Programming exams.  His current interests include exploring analogies between epidemiology and information security (e.g. within vulnerability statistics); ensuring that emerging technologies do not repeat the chaotic path to effective vulnerability management that occurred with enterprise software in the 1990s; secure software development and testing; consumer-friendly software security metrics; the theoretical underpinnings of vulnerabilities; improving the exchange of vulnerability information across global regions, emerging industries, and newly-connected technical domains; and making the computer security profession accessible to everybody who seeks a place in it.  He holds a B.S. in Computer Science from Hobart College.

Art Manion | CERT / ISO Project Editor

Art Manion is a senior Member of the Technical Staff at CERT (part of the Software Engineering Institute at Carnegie Mellon University) where he lives and breathes coordinated vulnerability disclosure. Art is also Co-Editor of ISO/IEC 29147 Vulnerability Disclosure and ISO/IEC 30111 Vulnerability Handling Processes.