Event: Firmware Security Panel

Event: Firmware Security Panel

Date: August 17, 2021 | 1pm | Hybrid

The technology industry seems to be nearing a tipping point. Increasing attacks targeting firmware have already hit the supply chain multiple times. This panel provides a high-level look at firmware security threats and paves a path to identify, verify, and fortify firmware.

After the panel, Eclypsium will host a technical review of recent research and show device security capabilities in the supply chain, vulnerability management, and security operations.

Speakers

Steve Orrin
Steve Orrin

Steve Orrin is Intel’s Federal CTO and a Senior Principal Engineer. He leads Public Sector Solution Architecture, Strategy, and Technology Engagements and has held technology leadership positions at Intel where he has led cybersecurity programs, products, and strategy. Steve was previously CSO for Sarvega, CTO of Sanctum, CTO and co-founder of LockStar, and CTO at SynData Technologies. Steve is a recognized expert and frequent lecturer on enterprise security, He was named one of InfoWorld's Top 25 CTO's, received Executive Mosaic’s Top CTO Executives Award, was the Vice-Chair of the NSITC/IDESG Security Committee and was a Guest Researcher at NIST’s National Cybersecurity Center of Excellence (NCCoE). He is a fellow at the Center for Advanced Defense Studies and the vice-chair of the INSA Cyber Committee. Steve is a member of AFCEA, ISACA, OASIS, and is a co-Founder and Officer of WASC.

Vincent Zimmer
Vincent Zimmer

Vincent Zimmer is a senior principal engineer in the System Firmware Products group at Intel. He has been engaged as a firmware developer for over 25 years and leads the UEFI Security sub team. Vincent has presented at industry events such as the Open Source Firmware Conference, Linux Fest Northwest, Intel Developer Forum, UEFI Plugfest, Open Compute Project Summit, BlackHat Las Vegas, BSides Seattle, Toorcamp, and Cansecwest. Vincent has co-authored many industry standards, including the original EFI interfaces and platform support for the TPM, along with several papers and books, such as Building Secure Firmware: Armoring the Foundation of the Platform.

Mark Doran
Mark Doran

Mark Doran is an Intel Fellow and the chief platform software architect within the System Firmware Products Division for the System Technologies and Optimization Division at Intel Corporation. As lead architect for the Unified Extensible Firmware Interface (UEFI) program and the company's implementation of UEFI, codenamed “Tiano,” he guides industry standards-based firmware development for Intel architecture systems. Mark also serves as president of the UEFI Forum, a non-profit trade organization that develops the primary de jure industry standards for platform firmware.

John Loucaides
John Loucaides

VP of Federal Technology at Eclypsium

John has extensive history in hardware and firmware threats from experience at Intel and the United States government. At Intel he served as the Director of Advanced Threat Research, Platform Armoring and Resiliency, PSIRT, and was a CHIPSEC maintainer. Prior to this, he was Technical Team Lead for Specialized Platforms for the federal government.

Industry Members

Stephen Spry
Stephen Spry

VP / CTO / Sr. IT Consultant at Spry Squared, Inc.

Stephen Spry is a recognized technology and business leader known for crafting strategic visions to achieve IT business and Cybersecurity goals. Stephen offers over 30+ years of IT experience including 15+ years of senior management in cybersecurity, IT architecture, software development, implementation, support, project management, system, and strategic planning. Stephen loves solving complex cybersecurity and technology challenges in the IT, IoT and OT spaces.

Originally from Australia, Stephen move to the USA 20+ years ago to follow the technology bug (still a geek at heart) and is now a US Citizen. Stephen has work in the Telecommunications, Utility, Oil & Gas and Call Center industries where he has overseen large global IT teams. Six years ago, he founded Spry Squared, Inc with his wife, Linda Spry, while on their honeymoon in Australia. Spry Squared, Inc. is a Woman/Minority Owned, Small Business serving various Government agencies including the DoD as well as commercial clients. Spry Squared offers Cybersecurity Services, Managed IT Services, Professional Services, and IT Recruiting. Spry Squared, Inc. is your #1 Firmware Integrity Solution Provider.

Moderator

Armando Seay
Armando Seay

Armando Seay is a Co-founder and Director for the Maryland Innovation and Security Institute (MISI). Armando is also a Director and Technical Program Director for MISI's DreamPort cyber solutions accelerator. Armando leads the critical infrastructure cybersecurity team and tech outreach and partner engagement support functions for MISI and DreamPort. Armando is responsible for engagement across the nation and the globe to connect with thought leaders and disruptors in cybersecurity and to create partnerships with leading companies and academic partners to help find and validate the true efficacy of solutions for the many MISI customers. Armando also leads the development of conferences and training engagement designed to increase cyber awareness on trending or lesser known cyber challenges but to also increase the pipeline of ideas and skill needed to accelerate the cyber mission of the MISI customer base.

Armando leads the Cybersecurity Maturity Model Certification (CMMC) compliance and capabilities acceleration project sponsored by the Department of Defense (DoD). The project entails Armando's leadership of a team and its deep network of technology partners throughout the United States in the testing and evaluation of technology that can be used by the larger segment of the Defense Industrial Base (DIB) which consist of mostly small and medium sized businesses to get on the path towards compliance with the CMMC.

Armando has over 25 years of executive, management, sales, software engineering, network engineering, cyber analytic solutions development. Armando's prior experiences includes Vice President Business Development and Cyber Security for SSI Guardian a leading provider of security training, active shooter and cyber risk assessments and solutions for corporations, government and the education market.