Join us in the studio for rousing commentary, insightful observations, and witty banter as we walk through breaking reports on vulnerability disclosures from around the world. Our three experts will discuss, debate, and dissect the dos and don’ts of vulnerability disclosure. In talk show format, our irrepressible, opinionated, and occasionally controversial pundits will offer legal, researcher, and vendor perspectives on this week’s news in vulnerability disclosure. We’ll provide candid reactions to how various tales of vulnerability disclosures unfolded – highlighting what works, what doesn’t, and what’s likely to get you punched or arrested. Or both. We may not be Emmy-nominated (yet), but we’ll bring you the hottest news and informed reactions from across the coordinated disclosure landscape.
Jen Ellis is the vice president of community and public affairs at Rapid7. Jen’s primary focus is on building productive collaboration between those in the security community and those operating outside it. She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cybercrime and protecting consumers and businesses. She has testified before Congress and spoken at a number of security industry events including SXSW, RSA, Derbycon, Shmoocon, SOURCE, UNITED, and various BSides.
Leonard is Special Counsel for National Security in the Department of Justice’s (DOJ) Computer Crime and Intellectual Property Section (CCIPS) and Head of CCIPS’ Cybersecurity Unit. He joined DOJ’s Terrorism and Violent Crime Section in 1991. In the late 1990’s, he served as Special Counsel and Special Investigative Counsel to DOJ’s Inspector General and supervised sensitive investigations of Department officials and programs. In 2000, he joined CCIPS where he has prosecuted computer crime and intellectual property cases; advised on matters related to searching and seizing electronic evidence and conducting electronic surveillance; and chaired the Organization of American States’ Group of Government Experts on Cybercrime. Leonard has taught courses on cybersecurity and cybercrime at Georgetown Law School and Columbus School of Law in Washington, D.C.
Colin Morgan, Managing Director at Apraciti, is a key thought leader in the Healthcare Cybersecurity Industry and had a nearly decade long stint with one of the largest Healthcare Companies in the world. He’s built product security programs, cyber-engineered medical devices, collaborated with regulatory bodies around the globe, partnered with healthcare delivery organizations and authored industry frameworks. Colin has also held positions at the Central Intelligence Agency and as a contractor for the National Oceanic and Atmospheric Administration.
Tod Beardsley is the Director of Research at Rapid7. He has over 30 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the security research program at Rapid7, is a frequent speaker at industry conferences, is a CVE Board member, and is a contributing author to a number of research papers produced by Rapid7.