The Cotton Cyber Lecture Series

Kevin Stine is the Chief of the Applied Cybersecurity Division in the National Institute of Standards and Technology’s Information Technology Laboratory. In this capacity, he leads NIST collaborations with industry, academia and government to improve cybersecurity and privacy risk management through the effective application of standards, best practices and technologies. The Applied Cybersecurity Division develops cybersecurity and privacy guidelines, tools and example solutions to help address challenges in diverse areas such as public safety communications; health information technology; election infrastructure; smart grid, cyber physical and industrial control systems; and programs focused on outreach to small businesses and federal agencies. The Division is home to several priority programs including the National Cybersecurity Center of Excellence, Cybersecurity Framework, Cybersecurity for IoT, Identity and Access Management, Privacy Engineering and Risk Management and the National Initiative for Cybersecurity Education. View recorded lecture here.

Melissa Hathaway is a leading expert in cyberspace policy and cybersecurity and brings a multi-disciplinary and multi-institutional perspective to strategic consulting and strategy formulation for public and private sector clients, including former Presidents George W. Bush and Barack Obama.

Ms. Hathaway consults governments, global organizations, and Fortune 500 companies on cybersecurity, enterprise risk management, and technology assessment. She helps organizations understand their most critical assets, services and data, and maps cybersecurity risks to the organization’s business, financial and risk objectives, and advises clients regarding industry leading practices, emerging cyber threats, policy initiatives, regulation, legislation, court decisions or other industry matters that may affect their current and future business. To assist clients in such evaluations, Ms. Hathaway developed a proprietary methodology, known as the Cyber Readiness Index – Enterprise Edition (CRI-E), to evaluate and measure an organization’s preparedness levels for certain cybersecurity risks. She applies the CRI-E and provides a compelling and actionable review of an organization’s networked environment and business operations. She has applied the methodology to global companies from diverse industries, including from defense, technology, insurance, financial services, and life sciences sectors.

Ms. Hathaway also advises clients on go-to-market strategies, competitive analysis, merger-acquisition due diligence, and investment opportunities for key leap-ahead technologies and companies in the cyber field. Having served on the board of directors for two public companies and three non-profit organizations, and as a strategic advisor to a number of public and private companies, Ms. Hathaway brings her clients a unique combination of policy and technical expertise, as well as board room experience that allows her to help clients better understand the intersection of government policy, developing technological and industry trends, and economic drivers that impact acquisition and business development strategy in this field.

"Perspectives of an Adversary: My Journey from the Streets to the Cybersecurity Industry"

KNOW your enemy.

The recent onslaught of high profile cyber attacks on Equifax, Yahoo, and the CIA shows just how vulnerable EVERYONE is to being hacked.

All the aforementioned had highly educated staff and an ample budget but they were missing an essential component — they did not “KNOW” their enemy. Knowing the mindset and process of a hacker is the decisive factor in cybersecurity.

Meet Hector Monsegur, the de facto head of Anonymous, who — by himself —breached the cybersecurity systems of major corporations and governments around the globe. The security firms that were responsible for protecting News Corp, PayPal, VISA, Mastercard, Nintendo, PBS and many government contractors all were successfully hacked by Hector.

How is it possible that a lone operator, living in the NY projects, who only completed six months of the 9th grade could do this?

This is the insider knowledge that Hector will share when he speaks to his clients and corporations — his insights have been game changing to the Fortune 500 companies and the US government he has shared his secrets with.

After being caught by the FBI — Hector exchanged his "black hat" for a "white hat" and helped the FBI prevent more than 300 cyber-attacks on systems controlled by the military and NASA.

Hector’s ability to take your team into the mindset of the hacker — in a way that’saccessible to everyone — empowers his clients to be proactive at protecting themselves. He will share his secrets of how hackers choose their targets, why hacking appeals to people, how hacking tools work, and how you and your company can protect yourself from vulnerability.

Monsegur is currently Director of Assessment Services at Rhino Security Labs, with large corporations and governments as his clients, while developing a book and film on his life

Computer Scientist, NIST Fellow

Ron Ross is a Fellow at the National Institute of Standards and Technology. His focus areas include information security, systems security engineering, and risk management. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the development of security standards and guidelines for the federal government, contractors, and the United States critical infrastructure.

Dr. Ross also leads the Joint Task Force, an interagency partnership with the Department of Defense, Office of the Director of National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for the development of the Unified Information Security Framework for the federal government and its contractors.

Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. In addition to his responsibilities at NIST, Dr. Ross supports the U.S. State Department in the international outreach program for information security and critical infrastructure protection. He has also lectured at many universities and colleges across the country including the Massachusetts Institute of Technology, Dartmouth College, Stanford University, the George Washington University, and the Naval Postgraduate School. A graduate of the United States Military Academy at West Point, Dr. Ross served in many leadership and technical positions during his twenty-year career in the United States Army. While assigned to the National Security Agency, Dr. Ross received the Scientific Achievement Award for his work on an inter-agency national security project and was awarded the Defense Superior Service Medal upon his departure from the agency. Dr. Ross is a four-time recipient of the Federal 100 award for his leadership and technical contributions to critical information security projects affecting the federal government and is a recipient of the Presidential Rank Award. He has also received the Department of Commerce Gold and Silver Medal Awards and has been inducted into the Information Systems Security Association Hall of Fame and given its highest honor of Distinguished Fellow. In addition, Dr. Ross has been inducted into the National Cyber Security Hall of Fame.

During his military career, Dr. Ross served as a White House aide and a senior technical adviser to the Department of the Army. He is a graduate of the Defense Systems Management College and holds master's and Ph.D. degrees in computer science from the U.S. Naval Postgraduate School specializing in artificial intelligence and robotics.

Founder and CEO, IronNet Cybersecurity

At IronNet Cybersecurity, as the CEO and President, General (Ret) Keith Alexander provides strategic vision to corporate leaders on cybersecurity issues through development of cutting-edge technology, consulting and education/training. He is reinventing how industries mitigate cybersecurity threats with IronDefense, a patented solution designed to detect and alert on anomalous enterprise network behaviors through ne-tuned analytics. His goal is to bridge communication systems between private and government sectors to create the next level of intelligence sharing and protect the nation against cyber threats on a global stage. 

General Alexander is a four-star general with an impressive 40-year military career, culminating in the role of the Director of the National Security Agency (NSA) and Chief of the Central Security Service (CSS) from 2005- 2014. He holds the distinction of serving in this role longer than any other director. While serving as the NSA Director, he was appointed by Congress to be the first Commander to lead the U.S. Cyber Command (USCYBERCOM). He held this role from 2010-2014, establishing and defining how our nation is protected against cyber attacks. 

As Commander, USCYBERCOM, General Alexander was responsible for planning, coordinating and conducting operations, and defending Department of Defense (DoD) computer networks—as well as the defense of the nation—from cyber threats. As the Director of NSA, he was responsible for national foreign intelligence requirements, military combat support, and the protection of U.S. national security information systems. 

Prior to leading USCYBERCOM and the NSA/CSS General Alexander served as the Deputy Chief of Staff, Intelligence, Department of the Army; Commanding General of the U.S. Army Intelligence and Security Command at Fort Belvoir, VA; and the Director of Intelligence, United States Central Command, MacDill Air Force Base, FL., and the Deputy Director for Requirements, Capabilities, Assessments and Doctrine, J-2, on the Joint Chiefs of Staff. 

Serving as a member of the President’s Commission on Enhancing National Cybersecurity, General Alexander developed key recommendations to create a defensible national cyber architecture to protect national security by promoting rapid innovation and close public-private collaboration while preserving privacy and civil liberties. 

General Alexander is the recipient of the 2016 United States Military Academy (USMA) Distinguished Graduate Award. He holds a BS from the U.S. Military Academy, as well an MS in Business Administration from Boston University; an MS in Systems Technology and an MS in Physics from the Naval Post Graduate School; and an MS in National Security Strategy from the National Defense University.