The distinguished speakers teaching the Yale Cyber Leadership Forum are thought leaders and innovators of cyber security. Drawing from Yale’s own renowned Law School as well as from leadership positions in government and industry, these individuals collectively offer an essential set of strategies and principles to guide our institutions, governments, and businesses, and societies.
Oona A. Hathaway
Gerard C. and Bernice Latrobe Smith Professor of International Law, Yale University
Topics: International Legal Framework; Mapping the Divide/Restructuring the Landscape
Oona A. Hathaway is also Professor of International Law and Area Studies at the Yale University MacMillan Center, on the faculty at the Jackson Institute for International Affairs, and Professor (by courtesy) of the Yale University Department of Political Science. She is a member of the Strategic Planning Committee of the American Society of International Law and the Advisory Committee on International Law for the Legal Adviser at the United States Department of State. In 2014-15, she took leave from Yale Law School to serve as Special Counsel to the General Counsel for National Security Law at the U.S. Department of Defense, where she was awarded the Office of the Secretary of Defense Award for Excellence. Her current research focuses on the foundations of modern international law, the intersection of U.S. constitutional law and international law, the enforcement of international law, and the law of armed conflict. She is a principal investigator on a recent grant awarded by Hewlett Foundation to study cyber conflict. She has published more than twenty-five law review articles, including The Law of Cyber-Attack, and she is currently finishing a book, The Internationalists: How a Radical Plan to Outlaw War Remade the World (with Scott Shapiro), which will be published by Simon & Shuster in 2017.
Richard Domingues Boscovich
Assistant General Counsel, Digital Crimes Unit, Microsoft
Topic: Active Defense - Malware Takedowns and International Cyber-Crime Enforcement - A Public/Private Model
As Senior Attorney on Microsoft’s Digital Crimes Unit, Richard Boscovich leads a team of investigators focused on malicious code and spyware enforcement cases. Based in Redmond, Wash., the team actively analyzes all forms of malware such as botnets, malvertising , scarware and click fraud. His work in the field includes the legal strategies used in the take downs of the Waledac, Rustock and more recently, the Kelihos bot-nets. In addition to analyzing malicious code, the team actively pursues partnerships with others in the industry, as well as law enforcement agencies, and academics in the field.
Staff Director, Senate Armed Services Committee
Topic: What the Republican Congress Has in Store for Cyber
Christian Brose has been the Staff Director of the Senate Armed Services Committee since 2015. He has taken an interest in one of the Pentagon’s toughest issues: how to improve the parlous state of information technology and cyber acquisition.
Department Chair and Grace Murray Hopper Professor of Computer Science and Professor (Adjunct) of Law, Yale University
Topic: Encryption is Not (Quite) a Panacea
Joan Feigenbaum is currently teaching the Law, Technology, and Policy of Cyber Conflict course with Professors Oona Hathaway and Scott Shapiro, and is a co-investigator on a grant from the Hewlett Foundation supporting cutting edge research on the law and technology of cyber conflict. She received a BA in Mathematics from Harvard and a Ph.D. in Computer Science from Stanford. Between finishing her Ph.D. in 1986 and starting at Yale in 2000, she was with AT&T, where she participated very broadly in the company's Information-Sciences research agenda, e.g., by creating a research group in Algorithms and Distributed Data, of which she was the manager in 1998-99.
Head of Cybersecurity Strategy, Illumio
Topic: Reducing Uncertainty with Technology
Nathaniel Gleicher is currently the head of cybersecurity strategy at Illumio, where he heads the company's thought leadership and public engagement and oversees its cybersecurity technology strategy. He is trained as a computer scientist and a lawyer and works at the intersection of technology, policy, and law. He has investigated and prosecuted domestic and international cybercrime at the U.S. Department of Justice, advised the South Korean government on technology policy, and served as director for cybersecurity policy on the National Security Council at the White House. While serving in the U.S. government, he developed policy on key technology and cybersecurity challenges, including encryption, cyber deterrence, international law enforcement coordination, Internet governance, and network security.
Partner, McKinsey Cybersecurity Practice
James Kaplan is a global leader of McKinsey’s cybersecurity practice. He is based in the Firm’s New York office. With more than 17 years of experience at McKinsey and Company spanning a wide variety of Fortune 500 and public sector clients in financial services, healthcare, pharmaceuticals, private equity, and technology, media, and telecom. He is chairman of the board for Cyber Solutions by McKinsey, McKinsey’s startup focused on helping clients assess and act on their cybersecurity and maturity compared to peers. James holds a B.A. from Brown University and an M.B.A. from Wharton.
Samuel J. Palmisano
Chairman, Center for Global Enterprise; Vice Chair, Commission on Enhancing National Cybersecurity; Former Chief Executive Officer, IBM
Topic: Securing and Growing the Digital Economy - Perspectives from the Commission on Enhancing National Cybersecurity
Samuel J. Palmisano is the Chairman of the Center for Global Enterprise, a private, nonprofit, nonpartisan research institution devoted to the study of the contemporary corporation, the management science of the globally integrated enterprise (GIE), global economic trends, and their impact on society. From January 1, 2003, through December 31, 2011, Samuel J. Palmisano was chairman, president and chief executive officer of IBM. He was chairman of the Board from January through September 2012 and served as a senior adviser to IBM until his retirement on December 1, 2012. Under his leadership, IBM achieved record financial performance, transformed itself into a globally integrated enterprise and introduced its Smarter Planet agenda.
Vice President, IT Risk Management & Chief Information Security Officer, Merck & Co., Inc.
Terry is responsible for cybersecurity, policy, compliance, quality/technical assurance, eDiscovery, and business continuity planning for Merck’s IT organization, and is a member of the IT Leadership Team. He also serves as a board member on the SAFE BioPharma Association and the National Health Information Sharing and Analysis Center (NH-ISAC) as well as a member of the Healthcare Industry Cybersecurity Taskforce. Terry began his career as a US Army Officer and served with the 101st Airborne Division, US Forces Korea, the National Security Agency and other units. Upon leaving the service, Terry worked in the consulting industry in a variety of roles. He then spent four years at Johnson & Johnson as the Director, Global Information Security. Terry joined Merck in 2007.
Ira A. Lipman Chair in Emerging Technologies and National Security; Director of the Digital and Cyberspace Policy Program, Council on Foreign Relations
Topic: The Hacked World Order
An expert on security issues, technology development, and Chinese domestic and foreign policy, Segal was the project director for the CFR-sponsored Independent Task Force report Defending an Open, Global, Secure, and Resilient Internet. His book The Hacked World Order: How Nations Fight, Trade, Maneuver, and Manipulate in the Digital Age (PublicAffairs, 2016) describes the increasingly contentious geopolitics of cyberspace. His work has appeared in the Financial Times, The Economist, Foreign Policy, The Wall Street Journal, and Foreign Affairs, among others. He currently writes for the blog, “Net Politics.”
Professor of Computer Science, Yale University
Topic: A Breakthrough toward Hacker-Resistant Operating Systems - CertiKOS
Zhong Shao's research interests include programming languages, compilers, formal methods, and operating systems. He earned his Ph.D. in Computer Science from Princeton University in 1994. During his early career, he was a key developer and author of many key compilation phases used in the Standard ML of New Jersey compiler, and also one of the first to build a type-based intermediate representation in a functional-language compiler. He designed and developed the first production-quality type-preserving compiler for the entire Standard ML 1997 language extended with higher-order modules and was the main architect of the FLINT certifying infrastructure.
Led by Professor Shao, a team of Yale researchers has unveiled CertiKOS, the world’s first operating system that runs on multi-core processors and shields against cyber attacks.
Charles F. Southmayd Professor of Law and Professor of Philosophy, Yale Law School
Topic: Reducing Uncertainty with Technology
Scott Shapiro is currently teaching the Law, Technology, and Policy of Cyber Conflict course with Professors Joan Feigenbaum and Oona Hathaway, and is a co-investigator on a grant from the Hewlett Foundation supporting cutting edge research on the law and technology of cyber conflict. He and Oona Hathaway are currently working on “The Internationalists: How a Radical Plan to Outlaw War Remade the World,” a history of international law as it has evolved from the 17th century through the present. He joined the Yale Law faculty in July 2008 as a professor of law and philosophy.
Associate Partner, McKinsey & Company
Topics: What should be the regulatory framework for IoT regulation?; Mapping the Divide/Restructuring the Landscape
Marc Sorel is an Associate Partner in Cyber Solutions by McKinsey, the Firm’s startup focused on helping clients assess and act on their cybersecurity and maturity compared to peers. Based in the Washington, DC office with more than 5 years of experience at the Firm, Marc serves private, public, and social sector clients on cybersecurity, digital transformation and other technology topics. He helps lead the Solution’s Digital Resilience Assessment and the Firm’s cybersecurity-focused Private Equity service line. Marc holds a B.A. from Yale University and J.D./M.S.F.S. from Georgetown University.
Partner, Andreessen Horowitz; former Deputy Assistant Secretary of Defense for Middle East Policy
Topic: Making Decisions About Cyber Security in a World of Uncertainty
Matthew Spence served as Deputy Assistant Secretary of Defense for Middle East Policy from 2012 to 2015. Spence was the principal advisor to the Secretary of Defense and Undersecretary of Defense for Middle East policy, including Iraq, Syria, Iran, Israel, Egypt, and the Gulf states. He also served on Secretary of Defense Ash Carter’s confirmation and transition team. Spence received the Secretary of Defense Award for Outstanding Public Service. From 2009 to 20012, Spence worked at the White House on the National Security Council as Special Assistant to the President and Senior Director for International Economic Affairs and as Senior Advisor to two National Security Advisors.
Founder, Silicon Harbor Consultants; former Director for International Security Policy, National Security Council
Topic: The Regulatory and Legal Landscape - What Law Governs?
Megan Stifel the founder of Silicon Harbor Consultants, which provides strategic cybersecurity operations and policy counsel. Prior to founding Silicon Harbor Consultants, she was an attorney in the National Security Division at the US Department of Justice (DOJ). She most recently served on detail as a director for international cyber policy in the National Security Council at the White House. In this role she developed and implemented policies in connection with Internet governance, cybersecurity, and cybercrime. She also contributed regularly to information sharing, privacy, and critical infrastructure protection policy development.
Senior Vice President of Emerging Technologies, root9B
Topic: The Technical Threat Landscape
Eric Stride, a 14-year veteran leader in information security, including 12 years in the U.S. Air Force and 5 years at the NSA, serves as Senior Vice President of Emerging Technologies, the research and development arm at root9B. Mr. Stride brings significant technical and command experience throughout the cyber operations domain that include numerous highly technical cyber operations for the Air Force, NSA, and U.S. Cyber Command. Mr. Stride holds a Bachelor of Science in Computer Science from the University of Washington and a Master of Science in IT Management from Colorado Technical University, in addition to possessing numerous industry certifications.
Cyber Security Project Director, Belfer Center, Harvard Kennedy School
Topic: Making Decisions About Cyber Security in a World of Uncertainty
Dr. Michael Sulmeyer recently concluded several years in the Office of the Secretary of Defense, serving most recently as the Director for Plans and Operations for Cyber Policy. He was also Senior Policy Advisor to the Deputy Assistant Secretary of Defense for Cyber Policy. In these jobs, he worked closely with the Joint Staff and Cyber Command on a variety of efforts to counter malicious cyber activity against U.S. and DoD interests.
Associate Partner, McKinsey Cybersecurity Practice
David Ware is an Associate Partner in McKinsey’s cybersecurity practice, and is affiliated with the Firm’s Business Technology and Operations practices. He is based in the Firm’s Atlanta office. With >4 years of experience at the Firm, David serves public and private sector clients, primarily focused on aerospace and defense. He helps lead the Firm’s work on assessing value at risk for cybersecurity. David holds a B.S.B.A. in Management Information Systems and a B.S. in Mathematics from the University of Arizona.
Director of International Relations & Leadership Programs, Yale Office of International Affairs
Topics: Securing and Growing the Digital Economy - Perspectives from the Commission on Enhancing National Cybersecurity; What the Republican Congress Has In Store for Cyber
Edward (“Ted”) Wittenstein works in partnership with faculty, deans, and other key university administrators to advance a wide range of Yale initiatives around the world. He also serves as Executive Director of Yale’s Johnson Center for the Study of American Diplomacy, a program of the Jackson Institute for Global Affairs in collaboration with International Security Studies and the Brady-Johnson Program in Grand Strategy, founded upon the donation of Dr. Henry Kissinger’s papers to Yale. A Lecturer in Global Affairs, Ted teaches undergraduate and graduate courses on intelligence, cybersecurity, and national security decision-making. Ted is a graduate of Yale College and Yale Law School. Before returning to work for Yale, Ted held a variety of positions at the Department of Defense, Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction, Office of the Director of National Intelligence, and the Department of State.
Chief Executive Officer and Founder, Security Scorecard, Inc.
Topic: Reducing Uncertainty with Technology
Dr. Aleksandr Yampolskiy is a co-founder and CEO of SecurityScorecard, the leading security risk benchmarking company. Previously he was a CTO of Cinchcast and BlogTalkRadio. BlogTalkRadio is the largest online radio network averaging over 40 million visitors a month. Prior to Cinchcast, Alex was Head of Security and Compliance at Gilt Groupe companies, responsible for all aspects of IT infrastructure security, secure application development, and PCI compliance. Before that he worked at Goldman Sachs, Oracle, and Microsoft, where he was a lead technologist building large-scale, performant enterprise software focused on IDM, SSO, authentication, and authorization. He’s been cited in New York Times, ComputerWorld, Observer, and other media. He’s a published author and speaks regularly on security and software development processes.