adjunct associate professor at the Stevens Institute of Technology. Manferdelli’s professional interests include cryptography and cryptographic mathematics, combinatorial mathematics, operating systems, and computer security. He is also a licensed Radio Amateur (AI6IT). Manferdelli is a member of the National Academy of Engineering (NAE). He holds a bachelor’s degree in physics from Cooper Union for the Advancement of Science and Art and a PhD in mathematics from the University of California, Berkeley.

HYRUM ANDERSON is the director of artificial intelligence (AI) and security at Cisco. Much of his career has been focused on defense and security, having directed research projects at the Massachusetts Institute of Technology (MIT) Lincoln Laboratory, Sandia National Laboratories, Mandiant, as the chief scientist at Endgame (acquired by Elastic), as the principal architect of Trustworthy Machine Learning at Microsoft, and CTO of Robust Intelligence (acquired by Cisco). Anderson co-founded the Conference on Applied Machine Learning in Information Security. He has authored more than 60 peer-reviewed academic publications and co-authored the book Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What to Do About Them. He received his PhD in electrical engineering from the University of Washington, with an emphasis on signal processing and machine learning, and a BS and an MS in electrical engineering from Brigham Young University.

JOSIAH DYKSTRA is the director of strategic initiatives at Trail of Bits. He previously served for 19 years as a senior technical leader at the National Security Agency (NSA). Dykstra is an experienced cyber practitioner and researcher whose focus has included the psychology and economics of cybersecurity. He received the CyberCorps® Scholarship for Service (SFS) fellowship and is one of six people in the SFS Hall of Fame. In 2017, he received the Presidential Early Career Award for Scientists and Engineers from then President Barack Obama. Dykstra is a fellow of the American Academy of Forensic Sciences and a Distinguished Member of the Association for Computing Machinery (ACM). He is the author of numerous research papers, the book Essential Cybersecurity Science (2016), and co-author of Cybersecurity Myths and Misconceptions (2023). Dykstra holds a PhD in computer science from the University of Maryland, Baltimore County.

PAUL ENGLAND is a principal at Datica Research. Previously, he was a distinguished engineer and the manager of a team of researchers and engineers in Microsoft Research. England led or contributed to many of the computer industry’s hardware-based security innovations over the past 20 years. Most notable is the field of trusted and confidential computing: a combination of novel cryptographic operations together with hardware and software environments for secure computation. Trusted computing primitives are

now a feature of most mobile, client, server, and cloud computer systems, and the field remains an area of active research. England also contributed to the design of the first trusted platform module and led the team that developed the current version. He became interested in cyber-resilient systems through his work with National Institute of Standards and Technology (NIST) in developing NIST SP 800-193—Platform Firmware Resiliency Guidelines. Based on this, he subsequently worked with hardware partners and standards groups to develop architectures and hardware and software building blocks to enable secure and high-assurance recovery of devices that have been compromised by malware or misconfiguration. England is a member of the NAE. He received his PhD in condensed matter physics from Imperial College, London.

MARITZA JOHNSON is an expert on human-centered security and privacy with industry, teaching, and research experience. She is currently a principal at Good Research. In prior roles, Johnson was the founding director of the Center for Digital Civil Society at the University of San Diego, a user experience researcher at Google Research, and a technical privacy manager at Facebook. She is also an advisor to Confidencial, Inc. In 2011, her paper “The Failure of Online Social Network Privacy Settings” won the Future of Privacy Forum’s Privacy Papers for Policy Makers Award. Johnson received an MS and a PhD in computer science from Columbia University in 2008 and 2012, respectively, and a BA from the University of San Diego in 2005.

ANGELOS D. KEROMYTIS is the John H. Weitnauer Endowed Chair Professor and Georgia Research Alliance Eminent Scholar at the Georgia Institute of Technology (Georgia Tech). His field of research is systems and network security and applied cryptography. He joined Georgia Tech from DARPA, where he served as program manager in the Information Innovation Office (I2O) from 2014 to 2018. During that time, he initiated five major research initiatives in cybersecurity, managed a portfolio of nine programs, and supervised technology transitions and partnerships with numerous elements of the Department of Defense (DoD), the Intelligence Community, law enforcement, and other parts of the U.S. government. For his work, he received the DAPRA Superior Public Service Medal. Before DARPA, he served as the program director with the Computer and Network Systems Division in the Directorate for Computer and Information Science & Engineering at the National Science Foundation, where he co-managed the Secure and Trustworthy Cyberspace program and helped initiate a number of cross-disciplinary and public–private programs. Prior to his public service tour, Keromytis was a faculty member of the Department of Computer Science at Columbia University, where he founded the Network Security Lab. He is an elected fellow of ACM and the Institute of Electrical and Electronics Engineers (IEEE). He has 63 issued U.S. patents and more than 250

refereed publications. His work has been cited more than 30,000 times, with an h-index of 86 and i10-index of 262. He has founded four new technology ventures and is currently serving as the president for two of them. He is a certified PADI Master Instructor, with more than 800 dives. He received his PhD (2001) and MSc (1997) in computer science from the University of Pennsylvania and his BSc in computer science from the University of Crete, Greece.

WENDY NATHER is the senior research initiatives director at 1Password. She was previously the director of advisory chief information security officers (CISOs) at Duo Security and the research director at the Retail ISAC, where she was responsible for advancing the state of resources and knowledge to help organizations defend their infrastructure from attackers. Nather was also the research director of the Information Security Practice at independent analyst firm 451 Research, covering the security industry in areas such as application security, threat intelligence, security services, and other emerging technologies. Nather has served as a CISO in both the private and public sectors. She led information technology security for the EMEA region of the investment banking division of the Swiss Bank Corporation (now UBS), as well as for the Texas Education Agency. She is the co-author of The Cloud Security Rules: Technology Is Your Friend. And Enemy and Splunk’s Bluenomicon: The Network Defender’s Compendium. She was inducted into the Infosecurity Europe Hall of Fame in 2021. She serves on the board of directors for Sightline Security, an organization that helps provide free security assessment services to nonprofit groups. Nather is a senior fellow at the Atlantic Council’s Cyber Statecraft Initiative and a steering committee member for the IST Ransomware Task Force.

STEFAN SAVAGE is the Irwin and Joan Jacobs Professor of Information and Computer Science at the University of California, San Diego (UCSD). He currently serves as the co-director for UCSD’s Center for Network Systems and as a founding member of the school’s Center for Healthcare Cybersecurity. Savage is known for his work on network security and reliability, cybercrime economics and defense, and the empirical measurement of cybersecurity and cyberinfrastructure. He is a member of the NAE and the American Academy of Arts and Sciences, a MacArthur fellow, an ACM fellow, and is the recipient of ACM’s Prize in Computing and the American Association for the Advancement of Science’s Golden Goose award. He received his PhD in computer science and engineering from the University of Washington and a BS in applied history from Carnegie Mellon University (CMU).

WILLIAM L. SCHERLIS is a professor of computer science at CMU and the special advisor to the Software Engineering Institute, a DoD federally funded R&D center at CMU. He

recently served as the director of DARPA’s I2O, leading program managers in the development of programs in cybersecurity, artificial intelligence, secure software, and information operations. At CMU, he served for more than a decade as head of the Software and Societal Systems Department, which hosts research and educational programs related to software development, security and privacy, Internet of Things and mobility, AI engineering, social network analysis, and related topics. He founded the CMU PhD program in software engineering and led it for its first decade. His research relates to software assurance, cybersecurity, software analysis, and assured safe concurrency. He has led several large research projects, including the CMU NSA Science of Security Lablet and the CMU/NASA High Dependability Computing Project. He served as the program chair for technical conferences, including ACM Foundations of Software Engineering and ACM Partial Evaluation and Program Manipulation. Scherlis has led multiple national studies including the National Research Council study that in 2010 produced the report Critical Code: Software Producibility for Defense. He has testified before Congress on the AI workforce, federal software sustainment, computing technology and innovation, and on roles for a federal chief information officer. He is a Life Fellow of IEEE and a Lifetime National Associate of the National Academy of Sciences. Scherlis received an AB magna cum laude from Harvard University in applied mathematics and a PhD in computer science from Stanford University, with an intervening year in the Department of Artificial Intelligence at the University of Edinburgh as a John Knox fellow.

MARK SEIDEN currently serves as the security advisor to the Internet Archive. He previously held the position of associate in computer science at Columbia University and developed and taught a master’s level operating system security course for the University of California (UC), Berkeley, School of Information. In addition, he is engaged in a DARPA-funded research project with UC Santa Cruz and has offered his expertise in more than 50 criminal and civil cases. With a programming career that spans since the 1960s, Seiden has collaborated with diverse companies and research institutions, making significant contributions to software engineering, network technologies, operating systems, and physical security. In recent years, Seiden served for 15 years in the ICANN Security and Stability Advisory Committee and actively participated in multiple National Academies’ studies addressing technological risk. His noteworthy affiliations include roles at IBM Research, Lucasfilm, Yahoo, Xerox PARC, Bell Labs, Bellcore, and IRCAM. Seiden earned his SM in computer science and electrical engineering from Columbia University in 1981.

WINDOW SNYDER is a security industry pioneer and the CEO and founder of Thistle Technologies. Snyder is the former chief security officer at Square and Fastly. She

previously spent 5 years at Apple responsible for security and privacy strategy and features for OS X and iOS. Other roles include chief software security officer at Intel, chief security something-or-other at Mozilla, and a founder at Matasano, a security services and product company based in New York. Snyder is the co-author of Threat Modeling, a manual for security architecture analysis in software.

MARY ELLEN ZURKO is a technical staff member at the MIT Lincoln Laboratory. She has worked in product development, early product prototyping, and research and has more than 20 patents. She defined the field of user-centered security in 1996 and has worked in cybersecurity for more than 35 years. She was the security architect of one of IBM’s earliest clouds. She was a founding member of the National Academies’ Forum on Cyber Resilience and serves as a Distinguished Expert for NSA’s Best Scientific Cybersecurity Research Paper competition. Her research interests include unusable security for attackers, zero trust architectures for government systems, security development and code security, authorization policies, high-assurance virtual machine monitors, the web, and PKI. Zurko received an SB and an SM in computer science from MIT. She has been the only “Mary Ellen Zurko” on the web for more than 25 years.