The Ron Knode Service Award is awarded annually to CSA members whose contributions reflect Ron’s passion for volunteerism and embody the spirit for which this award was established in 2012.
2015 Service Award Recipients
Kai Roer provides Fortune 1000 companies worldwide with expertise on how to build and maintain security culture based on his free and open Security Culture Framework. Roer is a bestselling author, speaker and security culture facilitator who believes in the power of volunteerism.
CISO at GMV
Mariano J. Benito is CISO at GMV, a leading Spanish company in the cybersecurity field, and CSA Spanish Chapter task force (CSA-ES CTO). Along his twenty-year long career, he has contributed to the development and implementation of international standards, including ISO 27001 & 22031 at GMV. Mariano J. Benito has also developed a specific focus also on Cloud Computing, Compliance & Governance, being the author of the first security analysis in Spain regarding cloud security (2009) and currently contributing to the deployment in Spain of CSA Guide, CCM, PLA and other local CSA initiatives.
Dr. Said Tabet
Senior Technologist and Industry Standards Strategist in the Corporate Office of the CTO at EMC
Dr. Said Tabet is a member of the Object Management Group Board of Directors and the principal EMC representative to the Industrial Internet Consortium. Said is the Chair of the INCITS CS1 Secure Cloud Computing Ad-Hoc Group, and a member of the US delegation to ISO SC27. He is also a member of the Cloud Security Alliance International Standardization Council, co-Chair of the SME Council and the Cloud Security SLA working group. Said spent over two decades driving and contributing to various international standardization activities including ISO, RuleML, OMG standards, W3C Semantic Web and Rules, Risk and Compliance, GRC-XML, Regulatory Reporting and Supervision, Security and Data protection and Privacy. Said continues to work on challenges around Cloud Computing adoption, IoT, Cloud SLA and security SLA automation, Big Data Analytics and security, cyber security and best practices, Industrial Internet of Things, and Semantic Data Collaboration. He is a regular speaker and panelist at industry conferences and international standards meetings, authors and editor of book series and articles.
Member of the Cloud Security Alliance International Standardization Council, co-Chair of the SME Council Cloud Trust Working Group co-chair, and the Cloud Security SLA working group. Regular speaker and panelist at industry conferences and international standards meetings; author and editor of book series and articles. Co-author of ‘Practices for Secure Development of Cloud Applications’ and ‘CSA Security Guidance Version 3: Domain 4. Recipient of the Ron Knode Award.
Vice-Chairman, CSA Asia Pacific Executive Council
David Siah is actively involved in cyber-security activities in Singapore. He is a member of iDA’s Cyber Security Alliance as well as iDA’s working group on Cloud Outage Incidence Response. He is also a committee member on the Singapore Information Technology Federation’s Security and Governance Chapter and is the Country Manager of Trend Micro. In his capacity, he runs Trend Micro’s business operations in Singapore and is in charge of Trend Labs Singapore—responsible for malware analysis and response.
Chief Engineer focused on Cyber Security Solutions for Leidos
Brian Russell oversees the design and development of security solutions and the implementation of privacy and trust controls for customers. Brian leads efforts that include security engineering for Unmanned Aerial Systems (UAS) and Connected Cars, the design of secure next- generation energy systems (microgrids) and the development of high assurance cryptographic key management systems. He supports the Center for Internet Security as a member of the 20 Critical Security Controls Editorial Panel and also serves as Co-Chair of the Cloud Security Alliance (CSA) Internet of Things (IoT) Working Group.
Chair for India Regional Coordinating Body
Benildus provides senior advisory services in area of Information Technology with a concentration on Information Security and Risk. Currently with Ericsson, Benildus worked in IBM, Fidelity Investment, Comodo etc in a career spanning 14 Years. Benildus is the founder and chairperson of the CSA Bangalore Chapter, one of the biggest chapters for CSA worldwide.
2014 Service Award Recipients
Founder and Director of the CSA Taiwan Chapter
Yi-Lang Tsai is a famous IT commentator and author in Taiwan having published 34 books and many columns in professional IT publications. His works include the research projects for the detection, The Honeynet Project Taiwan Chapter Leader, the analysis and the honeypot related information security technologies and also in the cloud security technologies for industry, government and academy. He is the Director of major security projects and leader of an Information Security Incident Response Team to work for Taiwan Academic Network (TANet) to handing security incident. He is an expert in UNIX/Linux, Windows OS, communication network technology, network security, ISMS, and digital forensics.
Senior Analyst and Researcher at Cloud Security Alliance
Damir Savanovic is a Senior Analyst and Researcher at Cloud Security Alliance. In past Damir worked as Chief Information Security Officer and IT Quality Manager in SKB, Société Générale Group, where he had a key role in planning, organising, managing and controling the functions of information security in the bank. He developed standards, recommendations and guidelines for information security based on ISO 27001 and PCI DSS and before that for quality of IT processes based on COBIT and ITIL frameworks. Before joining Société Générale Group, Damir worked as Information Systems Auditor at Ernst & Young. His field of expertise is information security, cloud computing and assurance. He worked in variety of industries including financial, telecommunications, manufacturing and retail in the Central Eastern Europe. Damir has performed multiple information system audits, security and compliance audits in various banks and financial institutions in the region. With his broad knowledge of information security and understanding of IT and business processes, he is capable of communicating technical topics to business managers. He is very active in the community as board member of CSA Slovenia chapter and ISACA Slovenia chapter. Damir graduated from University of Ljubljana (Slovenia) in Information Technology and holds CCSK, CISM and CISA certifications.
Dr. Alberto Manfredi
Co-Founder and President of the CSA Italy Chapter
Alberto Manfredi supports CSA EMEA in chapter expansion and development. He currently serves as Business Development Manager Smart Solutions with Selex ES, a Defense and Security Electronics Division of Finmeccanica Spa. He has been working in the ICT market since 1993 with a focus on information security in the last 11 years. He is a member of ISC2,ISACA-AIEA, SANS, AFCEA Rome, DFA, ANORC (honorary member) associations.
Executive Director and Secretary General of Cloud Security Alliance (CSA) Japan Chapter, Inc.
Ben T. Katsumi is President and CEO, Information Economy Research Institute, Inc. and former Chief Researcher, IT Security Center, IPA(Information-technology Promotion Agency Japan).
Mr. Katsumi has 20 years of experience in cybersecurity specializing in market analysis, social and international studies, and security management and governance. His career includes 8 years at IPA as a researcher (2005 thru 2013), consultant at several Japanese firms including Ricoh’s subsidiary (2004 thru 2008), director at Symantec Japan (2001 thru 2004).
In 2010 Mr. Katsumi co-founded CSA Japan Chapter, which was incorporated in 2013 where he serves as a board member as well. He is members of Japan Network Security Association (JNSA), JASA Cloud Information Security Promotion Alliance (JCISPA), Japan Society of Security Management (JSSM), and Institute of Digital Forensics (IDF). CCSK, CISA, Information Security Associate Auditor, Certified Information Security Administrator.
He is a frequent writer and a speaker at domestic and international conferences including NIST Cloud Forum & Workshop, IEEE-EMBC, CloudAsia, CloudscapeV, Securecloud, and CSA Congress.
Hitachi Data Systems’ CTO Security & Privacy
Eric Hibbard is Hitachi Data Systems’ CTO for Security & Privacy where he leads the Hitachi product-oriented security strategy activities with an emphasis on data and storage security. He is a senior security professional with expertise in information assurance, privacy, storage, cloud computing, eDiscovery and enterprise ICT. He leverages this expertise and extensive experience in the public and private sectors in leadership roles within the ABA, CSA, INCITS, IEEE and SNIA. Hibbard currently serves as the ISO editor of ISO/IEC 27040 (Storage security), ISO/IEC 27050 (eDiscovery) and ISO/IEC 17788 (Cloud computing). He speaks internationally and is published. Hibbard holds a BSCS along with the CISSP-ISSAP, ISSEP, ISSMP and CISA certifications. – See more at: http://www.rsaconference.com/speakers/eric-hibbard#sthash.dEjfY17n.dpuf
Created the original ‘Top Threats’ to the cloud; co-chair and founder of the SDP Workgroup, where he invented SDP and managed all major activities. Authored numerous blog posts; speaker at numerous events, including CloudBytes presentations. Recipient of the Ron Knode Award.
Founder and CTO of Vidder
Junaid Islam is the CTO and founder of Vidder which provides distributed access control solutions to Fortune 500 companies. Prior to founding Vidder, Junaid founded Bivio Networks which developed the first Gigabit speed software based security platform in the industry. Earlier in his career Junaid helped create networking standards such as Frame Relay, ATM and MPLS while at StrataCom and Cisco.
In addition to his work in the technology industry Junaid has served at the local and national levels. Junaid served as the Human Relations Commissioner of Santa Clara Country (Silicon Valley) from 2002 to 2009. Currently Junaid is the Co-Chair of the Software Defined Perimeter (SDP) research group which supports a number of US national cyber security initiatives.
Co-chair of the SDP Working group; co-author and chief architect behind the SDP specification. Presenter at several events including U.S. Congress 2013, CSA Congress in 2014 and 2015 and CSA Summit Hack-a-thon host. Recipient of the Ron Knode Award.
2013 Service Award Recipients
Dr. Siani Pearson
Principal Research Scientist at HP Labs, Bristol
Dr. Siani Pearson’s current research focuses on accountability, privacy and the cloud and she holds over 50 patents and is author or co-author of well over 100 papers and technical reports in these fields.
Siani received an MA from Oxford University in logic, a PhD in artificial intelligence from the University of Edinburgh and was a Research Fellow at Cambridge University before joining HP in 1994. She is a Fellow of the British Computer Society, senior member of IEEE and a Certified Information Privacy Professional/Information Technology. Siani is currently the scientific coordinator of a major European research project on Accountability for the Cloud (A4Cloud) and is a member of: HP Privacy and Data Protection Board; UK Cloud Security Alliance Chapter board; HP cloud security WG; CSA PLA and OCF WGs; IEEE Transactions on Cloud Computing Editorial Board; UK IEC subcommittee on data principles; numerous programme committees, including being Program Chair of IEEE CloudCom 2014; the steering committees of a number of conferences and advisory boards of several universities and EU projects.
Member of Hong Kong OGCIO Expert Group on Cloud Computing
Antony Ma has over 14 years experience in the IT industry taking roles in different areas including software development, IT auditing and IT security. Antony has professional qualifications including CISSP, CISA, Oracle DBA and BS7799 ISMS assessor. He received a Bachelor degreed in Engineering, then completed a LLM degree in Intellectual Property & Information Technology Law from the Faculty of Law at the University of Hong Kong.
Antony has extensive experiences in financial IT, especially in IT compliance and technology risk management.
Vice President of the CSA Swiss Chapter
Dominik Birk is working as a Information Security Manager for the Zurich Insurance Group in Zurich, Switzerland. Besides that, Birk is leading the the CSA WG “Incident Management and Forensics”, helped establish the German and Swiss local CSA Chapters, and contributed to the CSA Cloud Security Guidance V3.0.
Founder of Cloud Watchmen, Inc.
Sean Cordero brings more than 15 years of information security and IT experience to his current role. As director, information security at Optiv, Cordero provides executive level advisement for the company’s Fortune 50 clients.
Cordero’s prior leadership roles included: President of Cloud Watchmen, CSO for EdFund, CSO for ECMC West, Director of Security and Compliance for Charlotte Russe.
Cordero is a thought-leader and serves as chair of the Cloud Security Alliance’s (CSA) Cloud Control Matrix working group where he drives the development of security standards for cloud computing. Cordero was awarded the 2013 Ron Knode Service Award by the Cloud Security Alliance for his contributions to cloud research.
Cordero is active in the conference speaking circuit where he has presented for CSO magazine, the CSA, the High Technology Crimes Association, Secure360, the University of California, Bsides, and ISACA. Cordero is CISSP, CRISC, CISM and CISA.
Evangelized use of CCM and the CSA Security, Trust and Assurance Registry (STAR) across the industry at conferences, webinars and podcasts. Co-led the development of the CCM and helped drive CCM versions 1.3, 1.4, and 3.0. Recipient of 2013 Ron Knode Award.
Evelyn de Souza
Senior Security Strategist at Cisco
Evelyn is responsible for championing holistic security solutions that address emerging industry trends such as cloud, data center SDN and mobile. She is a strong proponent of building automated, repeatable processes that enable organizations to sustain compliance while optimizing security posture and reducing costs. To this end, Evelyn co-chairs the Cloud Security Alliance Cloud Controls Matrix (CCM) which harmonizes regulations and industry standards to a common framework and according to cloud model to enable reduce audit complexity. Evelyn has a weekly column on WIRED Insights and frequently posts at CloudTweaks, Internet Evolution and 21st Century. Evelyn is also a regular speaker at industry conferences and can be followed on Twitter @e_desouza.
Dr. Nantawan Wongkachonkitti
Head of Marketing APAC
Nantawan serves as the Director of Innovation and Research and was formerly the Director for IT Intelligence Operations Division for Electronic Government Agency (Public Organization), Thailand. She has been working in the computer and telecommunication field for over 14 years. She manages Electronic Government Agency’s Operations Division for all IT Thailand Government. She is currently served as a secretary of CSA, Thailand Chapter which developed Cloud Control Matrix 1.3 on App Store for dual languages (Thai and English) called “Cloud Control Self Assessment”.
2012 Service Award Recipients
Chief Strategy Officer of NSFOCUS
Dr. Liang ZHAO (Richard) manages the research team, strategic planning, and fosters innovations at NSFOCUS. He obtained his B.Sc, M.Sc. and Ph.D degrees from Peking University at 1991, 1994, 1997 respectively. Liang majored physics and fiber-optic communications and has over 15 years of professional experience in telecom and network security areas. He owns certifications of CISSP, ITIL, BS7799.
Prior to his current position, he was the Director of Architect and Security Operations at Lenovo, responsible for the infrastructure architect and information security operations from 2006 to Aug. 2009. Before Lenovo, he worked for Computer Associates as the Principal Consultant at China from 2003 to 2006. From 2000 to 2003, he worked for iS-One as Chief Strategy Officer, responsible for R&D, security consulting service and etc. From 1997 to 2000, he worked for China Telecom, as the chief of network security affairs.
Henry St. Andre
Director of Trust Services for inContact
Henry St. Andre began his career in telecommunication 32 years ago, in 1984 during the break-up and divestiture of AT&T. He served as Director of Operations for over 25 years working for several different regional telecommunications providers and ultimately because the Director of Operations for inContact before being asked to be the Director of Trust Services at inContact, with the mission to create a security team and operations that could support the requirements of inContact, the leading provider of cloud based contact center solutions. inContact recognized very early the importance of security to its cloud customers and as such as Director of the Trust Team, he also took steps to involve inContact in the larger cloud security community by having inContact become a sponsor of the Cloud Security Alliance and engaging actively with the CSA in Subject Matter Expert team and other CSA sponsored activities.
Has served as SME Council co-chair for the past five years; member of several working groups, including the Mobile, SLA, Big Data, Telecom and Cloud Maturity Model; recipient of the 2012 Ron Knode Award.
Working for more than 20 years within the ICT industry, focussing on information security, Bernd’s scope ranges from security management related activities down to a deep, “hands-on” level of understanding of today’s threats and countermeasures.
Working for Telecommunication-, Internet-, Cloud and Technology Service provider, Bernd designed and implemented highly customized security solutions, developed technical blueprints and products, conducted security audits and penetration tests, tested and introduced new technologies, trained employees and customers as well as provided internal and external consultancy at all times. In addition to that he had been part of Cyber Security Incident Response Teams supporting forensics, malware analysis and application vulnerability testing.
His most recent work is focused on security architectures for the software defined (virtualized) future of data centre and network services in a provider environment and as member of the “Office of the CTO” writing strategic technology papers and providing guidance to the executive committee.
As chair of the Telecom Working Group and contributor to variety of research initiatives within the Cloud Security Alliance, as speaker at conferences and writer, Bernd is actively supporting the international research community, promoting security best practice and knowledge. In 2012 he received the Ron Knode Service Award recognizes excellence in volunteerism and is awarded in memory of Ron Knode, a cherished member of the CSA community.
Contributions: Co-chair of the Telecom Working Group; member of the Virtualization Working Group; founding member of the Incident Management & Forensic Working Group and contributor to several of its publications.
Senior Manager Cyber Security at Worldpay
Kevin Fielder has over 15 years IT and security experience across multiple industries encompassing online trading, online supermarkets, banking/finance/insurance. His various roles have included pen testing and security assessments through technical and security architecture to security consulting and innovations.
Current focus includes security strategy, secure design and development, security innovations, software based mobile security, cloud policy and architecture, structured risk assessments, and of course his role as co-chair of the SecaaS working group.
He holds a Bachelors degree in Computing with Human Biology and a Masters in Distributed Systems and Networks, along with various industry certifications such as CISSP-ISSAP, CISSP-ISSMP, C|EH, ISEB enterprise and solutions architecture.
Security and Compliance, MaaS360
David is a seasoned security professional with nearly 20 years of experience in risk management, information security, compliance, and policy development. Throughout his career David has performed risk and vulnerability assessments along with making recommendations on network and system design improvements. David’s career has spanned from traditional hardware based security architectures to cloud technologies and virtual environments.
Currently in charge of security and compliance for MaaS360 by IBM, David has managed projects to get Fiberlink SAS70-Type2 and more recently SOC2 Type II. David also recently led Fiberlink through audits to receive Federal Information Security Management Act (FISMA) authorization from GSA for Fiberlink’s MaaS360 Cloud Service offering. David also lead MaaS360 through the FedRAMP JAB ATO process, becoming the first mobile SaaS companies to be certified under FedRAMP. Fiberlink’s customers range from the SME space to Fortune 500 and Federal customers. David has helped ensure that MaaS360 meets the different requirements from these different types of customers including PCI, HIPAA, SoX, and NIST.
David helped design MaaS360’s cloud architecture model, and is an active member of the Cloud Security Alliance including being a co-chair for their Mobile Working Group and contributor to the development of the CSA Cloud Control Matrix as well as being active in several other working groups. David is also the president of the local chapter of the Cloud Security Alliance in the Delaware Valley. Along with work with the Cloud Security Alliance David is a member of the NIST Cloud working groups including their Mobile working group and CyberSecurity working group.
Prior to Fiberlink David worked as a security consultant performing security assessments and project management for multiple fortune 500 companies including Merck, CIGNA, Campbell Soup, Sanofi-Aventis and Wyeth (later purchased by Pfizer). This included overseeing projects that were involved with mergers as was the case with Rhone Poulenc and Sanofi-Aventis and separations as with CIGNA and ACE. David frequently gives presentations on Cloud and Mobile technologies and has presented for ISACA, ISSA, Cloud Security Alliance, InfraGard and GTRA among others. David received the 2012 Ron Knode Service Award for volunteer services at the Cloud Security Alliance and was awarded the “Most Dynamic Speaker” award at the 2012 annual GTRA Security in Government event. David has also been quoted as a subject matter expert in a number of different publications. David is a graduate from Fairleigh Dickenson University with a Bachelor of Science in Electrical Engineering.
Co-chair of the Mobile Working Group; co-founder of IoT Working Group; contributor to CCM and Subject Matter Expert Working Groups. President of the CSA Delaware Valley Chapter. Contributor to multiple online publications and served as a speaker on behalf of CSA at third-party events, including InfraGard and ISACA.
Dr. Ryan Ko
CSA APAC Research Advisor
Dr Ryan Kok-Leong Ko is Head of Cyber Security Lab and Senior Lecturer at the University of Waikato, New Zealand, Affiliate Faculty Member at Idaho State University, USA, and Asia Pacific Research Advisor for the Cloud Security Alliance.
In 2013, he established New Zealand’s first Master of Cyber Security, and NZ’s first university-led cyber security graduate research programme with the Cyber Security Lab at the University of Waikato. Waikato’s Cyber Security Lab also hosts the NZ Cyber Security Challenge since 2014. Dr Ko is recipient of the University of Waikato’s Early Career Academic Excellence, Nola Campbell Memorial ELearning Excellence, and the 2014, 2015 Faculty Teaching Excellence Awards.
Recipient of the inaugural Cloud Security Alliance (CSA) Ron Knode Service Award in 2012, Dr Ryan Ko has served as a CSA APAC volunteer since CSA’s beginnings, including pioneering research via the formation of the CSA Data Governance Working group, CSA Cloud Vulnerabilities Working Group, and as curriculum and examination co-creator of the (ISC)2-CSA Certified Cloud Security Professional (CCSP).
Dr Ko is principal investigator of the MBIE-funded NZ$12.23 million (incl. GST) STRATUS research project – NZ’s largest scientific research grant in the field of computer science. Dr Ko publishes extensively, in indexed academic journals, ranked computer science conference proceedings, international patents, and most recently, co-edited the book on “The Cloud Security Ecosystem – Technical, Legal, Business and Management Issues” with Elsevier. Dr Ko also leads virtualized server security standardization as a technical committee member of the ISO/IEC JTC 1/SC 27 and SPRING/ IDA IT Standards Committee SPSTC.
Prior to his academic career, Dr Ko was a lead computer scientist with HP Labs, leading security innovation and technology transfers for cloud data provenance solutions deployed across USA, EU and Asia. He serves as a technical advisor and board members to NZ listed companies, startups and international organisations, including the NZX-listed LIC, NYRIAD Ltd, and the INTERPOL. Dr Ko holds a B.Eng. (Computer Engineering) (Hons.) and a Ph.D. with the Nanyang Technological University, Singapore, and is member of the IEEE, ACM and the Royal Society of New Zealand.
Co-founder and chair of the Cloud Vulnerabilities Working Group and the CSA Cloud Data Governance Working Group; spearheaded the formation of the CSA APAC Education Council, contributed to several key research papers; acted as an SME representing CSA in the creation of the CCSP certification.
Ron Knode 1946-2012
Ron Knode was an information security expert and member of the Cloud Security Alliance family, who passed away on May 31, 2012. Ron was an innovative thinker and the author of the CSA Cloud Trust Protocol. Ron was a cherished member of CSA, with endless energy and humor to guide his volunteer contributions.
Ron Knode was a Director in the CSC Trusted Cloud & Hosting business unit, where he served as the consulting Trust Architect for CSC’s cloud services and a strategic advisor to all who are seeking an enterprise payoff by employing secure and trusted cloud services as a part of their enterprise IT architecture. He was also a Research Associate in CSC’s internal innovation think tank, known as the Leading Edge Forum (LEF), and an adjunct associate professor in the graduate school of Applied IT (AIT) at Towson University in Towson, Maryland.
Prior to his selection to the LEF, Ron was a Director in CSC’s Global Security Solutions business unit where he was responsible for the design, provisioning, deployment, and measurement of end-to-end security solutions that support CSC’s commercial and government clients around the world. Along with his operational and architectural duties, Ron served the LEF as the primary researcher and author for a programme entitled Digital Trust. That programme explores the ability of an enterprise to create new value with security services and technologies, rather than attempting only to do an incrementally better job of protecting the enterprise value that already exists. He also published a follow-up report with the ACLI on the application of digital trust in the life and annuity industry.
Ron held bachelor and master’s degrees in mathematics from the US Naval Academy and the US Naval Postgraduate School, and he completed doctoral coursework in computer science at the University of Maryland. He was a Certified Information Security Manager (CISM) in accordance with the standards and qualifications of the Information Systems Audit and Control Association (ISACA). He was also a fully trained Black Belt in Six Sigma quality improvement processes.