Security Superstars 2010: Visionaries

Professors, researchers and thought leaders: These people are pioneers in security and have helped to shape the industry and the technology that keeps companies safe. For more than a decade their insight has driven the conversation around security and risk management.

As a leading network security expert and professor at Columbia University, Bellovin drives new ideas about network security. Bellovin helped created USENET, holds a number of patents on cryptographic and network protocols, and co-authored one of the first books on firewalls named "Firewalls and Internet Security; Repelling the Wily Hacker." He has spent many years at Bell Labs and AT&T Research Labs as an AT&T Fellow.

Cheswick is a firewall pioneer who published a paper on firewall design and coined the term "firewall proxy". He co-authored a book on firewalls with Steve Bellovin in 1994 (mentioned in the previous slide). In the late 1990s Cheswick worked on a project to map the Internet. This work became the core technology for Bell Labs spin-off Lumeta. Today he is at AT&T Research and is currently working in security, visualization and user interfaces.

Denning is a pioneer in information security and is best known for her paper called "An Intrusion Detection Model." She has published four books and 140 articles. Today her research focuses on terrorism and cyberwarfare but her roots go back to cryptography and network security.

Diffie is one of the pioneers of public-key cryptography. In 1991 he joined Sun Microsystems Laboratories and is currently working on public policy aspects of cryptography. Today he is Sun's chief security officer, vice president and is a Sun Fellow.

Geer is best known for getting fired. When he was the CTO of @stake, he co-authored a report that argued the ubiquity of Windows was a threat to national security and was let go as a result. Today he is CISO of In-Q-Tel, a nonprofit venture capital firm that invests in high-tech companies and was created by the CIA. Geer is a leading thinker on the economics of security and risk management.

Neumann has been with SRI's Computer Science Lab since 1971 where he focused on research on networks, trustworthiness, security, reliability, crypto applications and polices, among other issues. He is a Fellow of the ACM, IEEE and AAAS. He is also an SRI Fellow.

Ranum is credited with developing the first commercialized proxy firewall as well as founding one of the first intrusion detection companies in the mid-1990s. He has held leadership positions with a number of computer security companies and built the first Internet e-mail server for the domain.

SANS Institute is the largest source of information security training and certification established in 1989 as a cooperative research and education organization. Today its programs reach more than 165,000 security professionals around the world. It also operates the Internet's early warning system, the Internet Storm Center. Northcutt, Paller and Sachs are frequent speakers providing commentary on the security industry.

Schneier is the official rock star of the security industry with deep knowledge of crytopgraphy and privacy. He is the author of "Applied Cryptography;" "Beyond Fear: Thinking Sensibly About Security in an Uncertain World;" and "Secrets and Lies: Digital Security in a Networked World." Schneier is also a frequent speaker at security events as well as the author of the BlowFish and TwoFish algorithms.

As head and founder of CERIAS, Spafford oversees a think tank that is a part of Purdue University, studying risk management, security awareness, network security, incident detection and response, among other subjects. Under Spafford's tutelage, the university also offers advanced studies in information security and information assurance.