Advancing Security Resilience - Accelerating Information Sharing
International Association of Certified ISAOs (IACI)
IACI Board of Directors
As IACI's Co-Founder and President/CEO, Deborah supports IACI's mission, goals and objectives including, but not limited to:Global Security Resilience - Ensuring the vision and mission of the International Association of Certified ISAOs (IACI) meets strategic goals and objectives within and across public and private-sector critical infrastructure sectors, government and other communities-of-interest to enable, facilitate, connect and support physical, cyber and cognitive (disinformation, misinformation, malign influence) security intelligence and defensive measures information sharing and coordinated response,, adoption of best practice and education...breaking down long-standing barriers and silos.Recognizing the siloed approach across critical infrastructure sectors, sub-sectors, and the need for other communities-of-interest to benefit from coordinated security information sharing, moving from a reactive to a proactive stance, and to help operationalize the 2015 US Presidential Executive Order 1369 to "Advance Private Sector Cybersecurity Information Sharing" and enable t the 2015 Cybersecurity Information Sharing Act (CISA), Deborah founded IACI. She leads, champions and executes on the delivery of IACI's strategic planning, operations, projects/programs/ initiatives and services defined and developed with IACI's Executive Leadership Team, and in coordination and collaboration the the IACI Global Security Resilience Alliance (IACI's Advisory Council) and IACI Collaborative Partners (Members), and other stakeholders.With Deborah's in-depth experience operationalizing Information Sharing organizations, she assists critical infrastructure owners and operators, government and other communities-of-interest to form an Information Sharing & Analysis Organization (ISAO or ISAC), moving rapidly from concept to operations.Mrs. Kobza is a security resilience leader and strategist with over 25 years of experience including development of public-private partnerships at the national and global level including strategic alignment of business and technology domains to advance critical infrastructure protection information sharing, response, advancing best practice applied research, and workforce education programs. Deborah leads and supports trusted collaboration facilitating open dialogue to drive critical insight and thought exchange linking critical infrastructure stakeholders to define and deliver scalable, flexible and adaptable security resilience solutions.
Prior to IACI:
Deborah founded the National Health Information Sharing and Analysis Center (NH-ISAC) in late 2009 securing recognition by the US Dept. of Health and Human Services (HHS) and U.S. Dept. Homeland Security (DHS), serving as Executive Director/CEO from 2009 -2015. Deborah led connecting public health and private-sector healthcare owners and operators to share cyber threat intelligence.
Deborah founded and served as CEO of the Global Institute for Cybersecurity Resilience leading a public/private partnership to advance cyber resilience.. Efforts included collaboration with NASA/Kennedy Space Center to locate headquarter facilities at NASA/Kennedy Space Center, Florida. Additional consulting support included supporting DHS to develop the "IT Security Essential Body-of-Knowledge (precursor to the NIST Cyber Framework), and then proposed and led development of the "National State Government IT Security Framework" working with pilot states (Florida, New York, California, Michigan, Texas and Minnesota). Deborah supported the NIST National Initiative for Cybersecurity Education (NICE), and contributed to the development of the NIST Cybersecurity Framework,. Other support included government agencies, academia & private industry.
Prior, Deborah provided leadership and expertise to support:
The Florida Dept. of Law Enforcement - Leading a statewide initiative to improve processing of arrest warrants across Florida's 67 counties.
The Florida Dept. of Children and Families - Florida's Statewide Families and Child Abuse Management System, and the Florida Abuse Hotline.
Bristol-Myers Squibb - Formal computer systems validation to support global SAP implementation
Providing Consulting Services to Various Private-Sector Organizations
CGEIT -Certified in the Governance of Enterprise Information Technology
JIEM - Certified in the 'Justice Information Exchange Model'
Global Intelligence Officer
IACI Inteligence Division
As IACI's Global Intelligence Officer, and Member of the IACI Senior Leadership Team, Todd Hillis supports IACI's mission, goals and objectives including, but not limited to:
Global Expert Intelligence - Director of IACI strategic, operational and tactical security intelligence on all intelligence matters, including intel processes, design, implementation and management of the IACINet threat intel information sharing infrastructure, technologies and tools.Directs intelligence operations and leads coordination and collaboration with government (national, state/local/tribal/
territorial, international), military, law enforcement and private-sector organizations within and across critical infrastructure to identify, analyze and share "actionable" threat intelligence and defensive measures supported by coordinated response.Maintains security situational awareness of national and global security events that drive intelligence production. Conducts intel research including undercover work to proactively understand adversary capabilities, operations, plans and targets. Assures that intelligence functions maintain a capability to provide timely and accurate "actionable" intelligence including in-depth research, analysis, evaluation, and integration of open and closed-source resources, and IACINet sensors. Creates new and applies techniques, technologies and creative solutions. Identifies and evaluates possible counterintelligence concerns. Correlates and visualizes that data from various sources. Directs preparation of and delivery of clear, concise, in-depth intelligence analytical all-hazards intel advisories, alerts, reports, encrypted communications, products and services.Intelligence Training -Develops and oversees the execution of IACI's Internal Intelligence Training Program for all IACI Intel personnel, and directs the External Intelligence Training Program for IACI Collaborative Partners. Provides training assistance to national and global stakeholders.
Prior to joining IACI:
Retired from the US Navy, and supporting the public and private-sector across many critical infrastructure sectors and government, Mr. Hillis' 30+ years of experience includes the collection, acquisition, tracking and compromise of internet-based criminal activity; leading investigations, serving as an expert witness for criminal cases; forensics acquisition and examination; perimeter security, operational security; cyber defense analysis and mitigation; threat and vulnerability assessments; penetration testing; secure systems, enterprise security architecture, technology and software development; and best practice recommendation, development, integration, and administration of security policies, procedures and standards.His leadership conducting forensic investigations working with law enforcement agencies nationally and internationally have enabled law enforcement to continue analysis from Mr. Hillis' cyber intelligence findings and build many successful criminal cases against adversaries.
Mr. Hillis has received recognition and awards from U.S. DHS, the Federal Law Enforcement Training Center, Naval Criminal Investigative Services, and the Copernicus Award from the US Naval Institute and AFCEA for contributions to Naval warfare.
He previously served in the roles of Chief Technology Officer for the government and private sector, Principal Secure Systems Engineer for the U.S. Strategic Command (USSTRATCOM) and the U.S. Dept. of Defense, including architecting and winning four DOD Information Assurance Programs still in use today.
In his 20+ year career with the US Navy, Mr. Hillis served as Network Security Officer and Information Systems Security Manager responsible for developing Information System Security Policy for an enterprise network supporting 50,000+ users across three military bases. Engineered and designed a software solution for vulnerability auditing and patching which has been implemented across military services and law enforcement agencies throughout the world, saving the US Navy along $7M. Engineered, developed and managed the government classified (SECRET high) IP network.
EDUCATION & CERTIFICATIONS
Masters+ Education - Information Security and Electronics EngineeringNational Security Agency -INFOSEC Assessment Methodology (IEM Certification)INFOSEC Evaluation Methodology (IEM Certification)
Director, Information Sharing
IACI Intelligence Division
As IACI's Director of Information Sharing, and Member of the IACI Senior Leadership Team, Debra Windle supports IACI mission goals and objectives, including, but not limited to:Prior to joining IACI:Global Security Resilience - Within and across public- and private-sector critical infrastructure sectors, sub-sectors, government and other communities-of-interest, directing facilitation of physical, cyber and cognitive (disinformation, misinformation, malign influence) "actionable" intelligence information sharing derived from open-source and IACI closed-source resources, and IACINet's global threat intelligence infrastructure, IACINet sensors, and security tools and technologies. All-hazards response coordination with national and international government and private-sector stakeholders.Global Security Resilience Common Operational Picture (COP) - Directing providing an all-hazards Common Operational Picture (COP) to reduce security risk supported by a unified Security Command and Control Communications information sharing and secure communications infrastructure. Global focus including human-to-human intelligence curation and analysis, as well as supporting automated/machine-to-machine sharing integration for IACI Collaborative Partners.Using advanced research and analytical techniques, conducting multiple-source intelligence research, analysis and reporting on current and emerging threats, and strategic topics related to all-hazards security risks, Development and production and briefings, advisories, and alerts - tactical, operational and strategic. Data analysis to forecast cybersecurity, cognitive security and geopolitical issues. Research threat actors, groups and events to product short notice analysis and reporting on trending threats.Incident and Emergency Response coordination at the municipal, state and national level. Development and implementation of public- and private-sector and cross-sector cyber exercises in coordination with government homeland security intelligence agencies (DHS, NSA), other federal agencies and international partners.Security Resilience Projects and Programs - Project management support advancing and accelerating global security threat intelligence and defensive measures information sharing and adoption of best practice supported by workforce education.Industrial Control Systems Information Sharing & Analysis Center (ICS-ISAC)Director of Community Engagement (Knowledge Sharing - National and International Level)Webster University, Cyberspace Research InstituteState of Indiana, Indiana Department of Homeland SecurityAdministrator, Automated Critical Asset Management System (ACAMS)Office of the Mayor, City of West Lafayette, IndianaExecutive AssistanceTippecanoe County, IndianaCommunity Emergency Response Team (CERT) CoordinatorCommunications Management at the Government Municipal LevelEducation/CertificationsU.S. Department of Homeland Security (DHS) and DHS FEMA Emergency Management Institute - 17 CertificationsMasters, Homeland Security - Texas A&M UniversityInternational Relations Coursework for Masters - Purdue UniversityBS, Agriculture - Purdue University
Director, Global Security Strategy; Maritime Security
Resilience Alliance & MPS-ISAO
As IACI's Director of Global Security Strategy, and Member of the IACI Senior Leadership Team, Wanda Gordon supportsmission goals and objectives, including, but not limited to:Global Security Resilience - Within and across public and private-sector critical infrastructure sectors, government andother communities-of-interest, enabling, facilitating, connecting and supporting physical, cyber and cognitive (disinformation, misinformation, malign influence) security resilience including security architecture strategic planning,
operations, security tools and technologies, projects/programs/initiatives and services supporting advancing and accelerating global security threat intelligence and defensive measures information sharing, all-hazards response coordination, adoption of best practice, and workforce education.Maritime Security Resilience Alliance (MSRA) - To support advancing MSRA growth and sustainability by providing a Global Security Resilience Common Operational Picture (COP) to reduce security risk supported by a unified Security Command and Control threat intelligence, response, and education infrastructure.
Advanced Manufacturing Security Resilience - Advanced Manufacturing, Industrial Control Systems, and Transportation (Maritime, Aviation, Intermodal). Including the Global Manufacturing ISAO, reducing security risk by unifying the manufacturing industry's current fragmented approach to security resilience. Development, implementation and operationalization of a Global Manufacturing Security Resilience Common Operational Picture (COP) supported by security command and control threat intel and defensive measures information sharing, response, communications, services, support and education.
Wanda Gordon is a distinguished and seasoned technology strategist with over 20 years of demonstrated success in emerging security and security architecture technologies, security frameworks, systems hardening, and optimization, and an expert in network and systems security, analysis of exceptionally complex problems, security architecture, and risk mitigation.She is a leader in her field of information security research, design, training, implementation, documentation, and establishing new guidelines and standards in a multi-dimensional global business. Wanda has a proven record with technology systems, extensive experience with risk evaluations to include vulnerability assessments, forensics, leakage prevention, legal holds, e-discovery, mitigation, and documentation with diverse architecture platforms.Over the years, Wanda has worked and collaborated with all organization levels, including peers, direct reports, contract employees, crew members, officers, executives, and several government agencies. Often responsible for the overall research, planning, direction, and oversight of multiple projects, products, services, and functions, she has worn many hats throughout her career.Prior to joining (IACI), Wanda was the Lead Senior Cybersecurity Architect for Crowley Maritime, covering both enterprise and vessel security. Crowley is one of the largest independent operators of petroleum barges and tankers in the United States. They operate throughout the U.S. and international ports. During her tenure at Crowley, she worked as a liaison with Coast Guard, DHS, FBI, and other government agencies, whilst leading other major Cybersecurity projects and implementations.Before joining Crowley, Wanda worked for CSX, the 3rd largest railroad in the USA, and the 7th largest globally. She was a Systems Engineer and Information Security Specialist (pre-cybersecurity), specializing in optimizing all servers and clusters to maximum performance. She was also the lead technology legal hold and forensics investigator working with InfoSec, legal department, and executives. She was also instrumental in their disaster recovery strategies.Previous to CSX, Wanda worked at AT&T Universal Card/Citibank in the fraud prevention department as a fraud analyst/investigator and later moved to the Human Resources Information Systems (HRIS) department as a Senior Analyst.
She worked on creating and maintaining secure systems and applications for the global multi-billion-dollar company.
Aside from reading and traveling, her interests include standardizing Cybersecurity architecture and making it more accessible and attainable to any business. She represents the alignment of technology, cybersecurity, and automation. She can translate complex technical issues into everyday language that all members of an organization and all business units can understand and agree upon.
Co-Chair, IACI Global Security Resilience Alliance (GSRA) - Private Sector
As IACI's Co-Chair of the Global Security Resilience Alliance (GSRA) for the Private-Sector, Member of the IACI Senior Leadership Team, and Institute Fellow with the International Association of Certified ISAOs (IACI), Illena supports furthering IACI's overarching mission to advance security resilience by accelerating threat intelligence and defensive measures information sharing, adoption of best practice and education. Ms. Armstrong supports execution of and drives current and future initiatives to enable and sustain critical infrastructure protection.
The IACI Global Security Resilience Alliance is comprised of critical infrastructure owners and operators within and across critical infrastructure sectors, government and other communities-of-interest.
Illena Armstrong is a long-time international security, media and business development leader who successfully built and maintained a wide range of award-winning, digitally driven multimedia, intelligence/research and educational offerings offering to serve an array of targeted audiences.
Illena is the President of the Cloud Security Resilience Alliance (CSA), and instrumental in CSA;s continued growth and focus on building a trusted cloud ecosystem.
Prior to joining IACI, she was VP, Editorial at SC Media, a business media brand for the cybersecurity industry. While there, she spearheaded and managed all content strategy and development, as well as played a key leadership role in driving SC's overall business and commercial growth with the support of her teams in the US and UK.
Leveraging years in the cybersecurity industry and brand-building, digital media, editorial, design, website, marketing/PR, social media, event and overall business/commercial experience, she has established a multitude of award-winning digital content and editorial offerings, such as traditional hardcopy/digital editions, virtual events, webcasts, video/podcast programs, physical events and social media streams. Working closely with other brand and sales colleagues, she also created and launched research-based products, single- and multi-tiered custom offerings, and other product lines.
In addition to being named to Cyber Defense Magazine's "Top 25 Women in Cybersecurity" for 2019 , on her watch, SC won more than 40 awards from such industry groups as the American Society of Business Publication Editors, Trade Association Business Publications International, Folio and MIN Online. She has spoken/moderated at several industry events, including the RSA Conference, National Credit Union ISAO Annual Conference, ACCOSCA/CU Difference Tour, SC Congress US and UK, SC RiskSec, Techno Security Conference, a plethora of virtual events/webcasts and others.
Prior to these endeavors, she worked for various newspapers, consumer/business magazines and eldercare journals in New England and the southern United States, at which she received still more honors.
ERNEST McDUFFIE, PhD
Security Experiential Education & Training Institute
As Director of the IACI - Security Experiential Education & Training Institute (SEETI), and Member of the IACI Senior Leadership Team, Dr. McDuffie is leading security resilience workforce education initiatives, and development and delivery of existing and customized education programs and curriculum for critical infrastructure sectors, sub-sectors, government, and other communities-of-interest; apprenticeship programs, Cyberspace Camps at NASA/Kennedy Space Center, FL, and scholarship programs (Scholarship-for-Careers).
After retiring from federal service in late 2014, Dr. McDuffie established The Global McDuffie Group to focus on cybersecurity training and education.
In early 2010 the National Institute of Standards and Technology (NIST) was selected as the lead agency for the National Initiative for Cybersecurity Education (NICE) and identified Dr. McDuffie to be the Lead for the NICE program.In his previous position he had been appointed the Associate Director of the National Coordination Office (NCO) for Networking and Information Technology Research and Development (NITRD) in February 2008. From early September 2009 until early November 2009 he served as Acting Director of the NCO. His appointment as the Associate Director of the NCO comes after joining the NIST as a Computer Scientist in their Information Technology Laboratory, Office of Federal and Industrial Relations.In August 2006, Dr. McDuffie joined the NCO where he served as the Technical Coordinator for the Cyber Security and Information Assurance (CSIA) Interagency Working Group (IWG), Federal Agency Administration of Science and Technology Education and Research (FASTER) Committee of Practice (CoP), and the Software Design and Productivity (SDP) Coordination Group (CG).Prior to joining the NCO, Dr. McDuffie served as the Deputy Director of the Office of Naval Research (ONR) – Science and Technology for America’s Readiness (N-STAR) Initiative. He served as the Lead Program Director for the Federal Cyber Service: Scholarship for Service (SFS) Program at the National Science Foundation (NSF).
He served as an Assistant Professor at Florida State University in the Department of Computer Science where he taught both graduate and undergraduate courses in CS for seven years. Dr. McDuffie has participated in software engineering projects for the U.S. Air Force, the National Center for Atmospheric Research, the Federal Aviation Administration, Lockheed Missiles and Space Company, Los Alamos National Laboratory, and the National Security Agency.
Dr. McDuffie received his Ph.D. and M.S. degrees in Computer Science from the Florida Institute of Technology in Melbourne, Florida.
KENDRA SILER, PhD
Healthcare Security Resilience Alliance
As the IACI - Director of the Healthcare Security Resilience Alliance and Member of the IACI Leadership Team, Dr. Siler is leading advancing 'Collective" Global Healthcare and Public Health Security Resilience by accelerating all-hazards security 'actionable' threat intelligence and defensive measures information sharing and coordinated response, supported by health sector security workforce education.Kendra Siler, PhD is a nationally recognized leader in technologies and policies to support communities' needs, digital security, information sharing and interoperability. Dr. Siler has 20 years of experience in technology architecture design and community capacity for complex healthcare,, transportation and communication issues.Dr. Siler also serves as President/CEO of Community Health IT, Inc. a non-profit organization headquartered at IACI, Kennedy Space Center, Florida. Community Health IT administers the Community & Transportation ISAO, and Population Health ISAO.She was the primary writer of the 2019 Federal award-winning 'Technical Section, Volume 1' of the "Health Industry Cybersecurity Practices" that is widely distributed nationwide by the U.S. Department of Health & Human Services (HHS) to help healthcare organizations of all sizes improve their cybersecurity practices. She is also an appointed expert for the National Academy of Sciences, Engineering and Medicine's Transportation Research Board Panel for Emergency Management in State Transportation Agencies.For Dr. Siler's depth and breadth of work in helping the nation's rural health systems adopt health technologies, she received a 2013 Critical Access and Rural Hospital Champion Award from the head of the U.S. Office of the National Coordinator (ONC). Dr. Siler led the development of one of the first operational community-based Health Information Exchanges (HIEs) for rural and underserved patients. This HIE was appointed by HHS to allow veteran-initiated electronic sharing of their 'MyHealthVet' health records with civilian providers to improve veterans' healthcare access.Dr. Siler is an appointed stakeholder advisor to the White House Office of American Innovation and works in an advisory role to several federal agencies.Dr. Siler received her PhD from the University of Florida Dept. of Microbiology and Cell Science where she specialized in Immunology and Biochemistry. She received a National Research Service Award (NRSA) Fellowship to do post-doctoral research in the Dept. of Neuroscience at the McKnight Brain Institute. During her time at the Institute, she also worked on combining technologies to improve community health and the best ways to protect the privacy and security of centralized data.
International Association of Certified ISAOs (IACI)
IACI Board of Directors
Mike Echols, an IACI Co-Founder joined IACI in 2016 serving on the IACI Board of Directors.Mr. Echols joined IACI after severn years at the U.S. Department of Homeland Security where he focused on public/private partnerships to overcome national security and cybersecurity challenges. Mr. Echols provided leadership that was critical in the creation of the National Sector Risk Assessment for Communications and developed cyber information sharing programs with a membership representing 10% - 50% of the U.S. GDP.Tapped to rollout President Obama's Executive Order 13691 "Promoting Private-Sector Cybersecurity Information Sharing" in February 2015. In 2016, he stood up the DHS two-year funded ISAO Standards Organization that successfully supported a national program for ISAOs.Mr. Echols is for the former NATO representative, Chair of the Network Information Exchange, Chair of the Communications Sector and Designated Federal Official for the President's NSTAC in 2015.Graduate of the University of Maryland, Harvard Kennedy School - National Preparedness Leadership InitiativeMBA - University of MarylandCISSP Certification
International Association of Certified ISAOs (IACI)
IACI Board of Directors
Gene Fredriksen, an IACI Co-Founder joined IACI in 2016 serving on the IACI Board of Directors.Mr. Fredriksen is the CEO and Executive Director of the National Credit Union Information Sharing & Analysis Organization (NCU-ISAO).Mr. Fredriksen has over 35 years of Information Technology experience, with the last thirty-five years focused specifically in the area of Information Security. In this capacity, he has been heavily involved with all areas of audit and security.Prior, Gene served as the Chief Security Strategist for PSCU (Public Service Credit Union), the nation's premier CUSO, supporting the access of over 900 credit unions, providing financial process services or more more than billion transactions annually. In this role, he was responsible for the development of information protection and technologies strategies and outreach programs for the company.His previous roles include Global CISO for Tyco International, VP of Technology Risk Management and Chief Security Officer for Raymond James Financial and advisor on various Cybersecurity Steering Committees for the administrations of George W. Bush and Bill Clinton. Gene has served on the R&D Committee for the Financial Services Sector Coordinating Council of the Department of Homeland Security.He also serves as a Member of the SC Magazine Editorial Advisory Board.In 2018, he was accepted as a Member of the Forbes Technology Council - an invitation-only organization that is an innovative community of senior-level technology executives built for the world's most influential technology leaders.He sits on multiple advisory boards for universities, organizations and security product companies.He attended the FBI Citizens Academy and maintains a close working relationship with both local and federal law enforcement agencies.