President
John Donovan
Long-time board member of the Silicon Valley ISSA in multiple roles. 20+ years of experience in developing and operating information security, IT, engineering services and business processes. 15+ years of direct Information Security, IT and engineering management experience. Track record of success in all aspects of program development and deployment—program/project management, strategic planning, policy, architecture, analysis, design, development, implementation, and support. Consistently successful in leading world- wide, multi-organization teams in timely delivery of critical projects and programs. Demonstrated track record in developing teams and individuals according to organizational needs. Regular speaker and participant at industry conferences, professional organizations, and customer briefings. Devoted dad, ice skating taxi service, and contemporary arts collector / supporter. Long-time board member and past president of the San Jose Institute of Contemporary Art ( www.sjica.org ) .
Vice President
John Millican
Strong experience in IT information security, personnel management, software and hardware project management, IT support services and help desk management, understanding of all facets of business and bring a value-added orientation to all efforts undertaken. Demonstrated ability to build high performing teams, integrating those teams with other business units and maximizing their contribution to enterprise effectiveness. John was the first person certified by the SANS Institute in the assessment and implementation of the Twenty Critical Cybersecurity Controls.
Treasurer:
Dick Hacking
Senior manager who has experience in both software engineering development and tier-1 enterprise support departments. Worldwide 24*7 team management experience with staff in India and California.
Frequently sought out by senior management for special projects.
Specialties: Security vulnerability advisory process management, ISO29147 process creation, reducing costs through automation, disaster recovery planning, gap identification, follow-up.
Education Director
Ken Voigt
Experience in network security systems, user authentication sysems, and virus protection systems. Integrating and implementing Internet systems and enterprise data networks, using all the current LAN/WAN technologies. He has broad Internet applications experience using UNIX and MS Windows platforms, developing scripts to manage and administer Internet and enterprise data networking facilities. He has excellent product knowledge of CheckPoint/Cisco/Nortel/Foundry/ArcSight/Juniper/F5, and other network /security vendors.
Membership Director
Jean Pawluk
Jean is an executive consultant working with clients on transforming enterprise and security architectures.
With a global focus on strategy, architecture and technology Jean has extensive experience in the high tech, telecom and financial industries alternating between technical and executive leadership roles Jean developed an interest in security and cryptography early in her career developing ATM software and electronic funds transfer networks for the financial industry. She then went on to research and develop new telecom and network technologies at AT&T , GTE/ Verizon and Sprint/United Telephone
Her interest in security was re-awakened when it became obvious that the Internet was totally insecure. She immediately focused on starting new security initiatives at Tandem Computers. Jean created and led several teams to deliver various security & strong authentication solutions to overcome those threats including the first commercial PKI system in the world in 1997 in Singapore.
Jean has an excellent track record of creating innovative strategy and new products, leading multiple, large, cross-functional teams and executing on strategic visions with leading edge solutions in fast paced global financial, telecommunication and high tech enterprise domains.
As Chief Architect of Visa she was responsible for developing the overall global architecture for security and authored the Enhanced Data Protection (EDP) and Global Information Security Plan (GISP) strategies. She was formerly the Chief Architect at Equifax.
Communications Director
Sujeet Bambawale
Leading teams to deliver excellence in risk management and security architecture by driving strategic risk guidance that empowers innovation, compliance and market leadership.
Building the information security organization to reflect, support and enhance the corporate strategy, consumer base, product portfolio and growth curve.
Recording Director
Clayton Dewberry
Do you have seconds to minutes to meet your business continuity plan’s strictest of SLAs for business-critical services running across your physical and virtual infrastructure? Are you experiencing an explosion of structured and unstructured data, grappling with shrinking IT Budgets, and yet required to meet aggressive SLAs? Would you like to automate your Disaster Recovery process and make testing a simple and repeatable process –and give your employees their weekends back?
With my twenty years of experience working with Fortune 1000 companies, grounded in security and service delivery, I use that experience today to help my customers: Address their Data Center information management and availability requirements, and tackle their disaster recovery and backup objectives, so they can meet or exceed their RPO/RTO objectives; Address the explosive growth in structured and unstructured data that requires a different approach to archiving, eDiscovery, and data classification, so they can better manage, and respond to, their data sprawl, and compliance requirements.
I enjoy working with people, learning new approaches to solving complex problems, and sharing that information to help others reach their goals. When I’m not doing that, I focus on my family, and the many splendors available to us living in Northern California.
Please reach out to me if you would like to talk about your experiences and dealing with these critical business issues, have some ideas on new approaches, or have some key objectives that I may be able to help you with.
Chapter Webmaster
Edward Frye
Proven information security leader with over 18 years success in guiding implementation of leading-edge technology solutions that drive business growth in network, systems architecture, configuration management, and systems administration. Effective manager able to foster excellent relationships with team members, upper management, and clients. Extensive experience in cloud computing (MSP, ASP, SaaS) companies in ensuring security without compromising availability or performance.
Directors at Large:
Mark Kadrich
Mark is presently an independent contractor assisting enterprises create secure solutions for mobile, enterprise, and cloud environments.
Mark was the Principal Enterprise Security Architect for Kaiser Permanente. He was responsible for crafting a security architecture that will integrate mobile, SOA, cloud, enterprise, and other emerging technology into a solution that meets the multiple requirements imposed by business objectives, regulatory compliance and member satisfaction.
Mark was the founder and CEO for The Security Consortium, a provider of security testing, validation and assurance services. TSC developed unique and cost effective methods for establishing product and service security baselines.
After the Symantec acquisition of Sygate, Kadrich was responsible for establishing vision and direction for endpoint and network security for the Symantec enterprise.
Mark was senior scientist with Sygate Technologies where he was responsible for developing corporate policies, understanding future security trends, managing government certification programs, and evangelizing on demand.
Mark was CTO/CSO for LDT Systems where he helped develop healthcare related solutions.
Mark was director of technical services for Counterpane Internet Security.
Prior to Counterpane, Mark was director of security for Conxion Corporation where his role was to plot the strategic course of Conxion’s information security solutions.
Prior to Conxion, he was a principal consultant for International Network Services (INS).
Mark was a CISSP for many years and holds degrees in Computer Engineering and Electrical Engineering. In addition to authoring Endpoint Security, he has also been published in TCP Unleashed, ISSA Journal, Publish Magazine, Planet IT, RSA, CSI, and The Black Hat Briefings.
Specialties: Research & Analysis, CSO/CISO, Program Management, Team Building, InfoSec, NetSec, Endpoint Security