The (ISC)² Board of Directors is comprised of information security professionals from around the world representing academia, private organizations and government agencies. All volunteers and (ISC)²-certified, the Board provides governance and oversight for the organization, grants certifications to qualifying candidates and enforces adherence to the (ISC)² Code of Ethics.
Corey Schou, Chairperson, Ph.D., CSSLP, Fellow of (ISC)² (USA)
Professor Corey Schou, PhD., CSSLP, Fellow of (ISC)², is the University professor of Informatics, professor of information systems and associate dean for computer information systems program at Idaho State University in Pocatello, Idaho, USA. He is also director of the National Information Assurance Training and Education Center (NIATEC) and the Informatics Research Institute (IRI). In addition, he is a founder and current Chairperson of the National Colloquium for Information Systems Security Education. Professor Schou was the recipient of the (ISC)² Harold F. Tipton Award in 2001.
Flemming Faber, Vice Chairperson, CISSP (Denmark)
Flemming Faber has been working with information security since 1994. He is a Senior Advisor in the Network Security Division in the Danish Centre for Cyber Security under the Ministry of Defence and is responsible for policy, strategy and international cooperation. Since obtaining the CISSP in 1999, he has worked as a security consultant and information security manager in international consultancy-firms: Ramboll Management, ICL and Protect Data. In 2003, he joined the The Danish National IT and Telecom Agency, a Danish government agency where he was head of the IT-security division until 2009. He was in charge of the information security strategy in relation to the general Danish eGovernment initiatives, the Danish government’s information security awareness campaigns, privacy initiatives and the development of information security standards for Danish government agencies. Mr. Faber was the main architect behind the establishment of the Danish GovCERT in 2009. Since 2006 he has been the Danish government's representative on the board of ENISA, the European Network and Information Security Agency. From 1999 to 2009, Mr. Faber worked with (ISC)²'s international workshop, reviewing CISSP exam questions. He also served as exam supervisor in Europe from 1999 to 2006.
Diana-Lynn Contesti, Treasurer, CISSP-ISSAP-ISSMP, CSSLP, SSCP (Canada)
Diana-Lynn Contesti has 25 years of experience in information security. Currently, she is the Chief Information Security Officer for a Global Fortune 100 company headquartered in Luxembourg. In this role, Diana provides oversight of the Information Security Program and develops standards and guidelines that are used internationally. Prior to joining the Global staff, she provided information security best practices to the local organization, including developing policies, security awareness, forensic investigations, and data classification schemas. Diana has given many presentations on security related to SCADA systems, as well as APT, UNIX security and securing Active Directory. She is a published author of the Official (ISC)² Guide to the SSCP CBK (first edition). Ms. Contesti has been actively involved as an (ISC)² volunteer for the past 15 years. She also championed the Women's Scholarship with (ISC)².
Jennifer Minella, Secretary, CISSP (USA)
Jennifer Minella is currently VP of Engineering and Consulting CISO with Carolina Advanced Digital, Inc. With more than 15 years of experience working in the technology industry, Jennifer's most recent focus is in specialized areas of infrastructure security, including network access control (NAC) and 802.1X, wireless security technologies, industrial security and SCADA. Most recently, Jennifer has provided strategic security consulting for government agencies, educational institutions and Fortune 100 and 500 corporations. In addition to consulting and client project implementations, Mrs. Minella is an author, contributor and trusted media resource for information security topics. Mrs. Minella was a contributing author of the (ISC)² Official CISSP Courseware v9 and a co-author of Low Tech Hacking. Jennifer is also a consulting faculty member of IANS Research, contributing author of technology publications, and a trusted technical advisor to editors and journalists across the U.S.
Steven Hernandez, CISSP, CAP, SSCP, CSSLP, HCISPP (USA)
Steven Hernandez has worked in the information security field for the past seventeen years in a variety of contexts. He has worked on the front lines in operations centers and led research teams attempting to balance security, privacy, and other mission considerations. He has experience in international manufacturing, healthcare, non-profits, and government at the federal, state, and local levels. The greatest strength that he will bring to the Board is the culmination of his experience in organizational strategy, cybersecurity, and business operations. He has had the opportunity to contribute to tactical, day-to-day security operations as well as guide and influence broad security initiatives such as the US government's FedRAMP program across large organizations with international presence. Mr. Hernandez believes that the best security performance and most comprehensive solutions come from collaborative efforts where we combine the right processes, implement the appropriate technology, and train people to solve our most complex problems.
He has volunteered and served (ISC)² for the better part of the past decade. After becoming a member of (ISC)² he was invited, and volunteered, to write exams, serve on the U.S. Government Advisory Board for Cybersecurity (GAB), judge for the Government Information Security Leadership Awards (GISLA) and contribute to its Executive Writers Bureau over the span of almost a decade. Mr. Hernandez is the lead author and editor of the third edition of the (ISC)² Official Guide to the CISSP CBK, the (ISC)² Official Guide to the HCISPP CBK, and several published works about information assurance with international collaboration.
Dr. Meng-Chow Kang, CISSP (Singapore)
Dr. Meng-Chow Kang has been a practicing information security professional for more than 25 years with field experience spanning from technical to management in the various information security and risk management roles and organizations, including the Singapore government, major multi-nationals financial institutions, and global security and technology providers.
Over the years, his experience includes a wide spectrum of information security domains, including policies development and study, awareness and competency training, security architecture design, development, and implementation, security testing, security products research and development, third-parties security management, joint-venture and business partnership security plan and implementation, incident investigation, security operations management, security standards development, ISO/IEC 27001 certification implementation and maintenance, and teaching the CISSP Common Body of Knowledge, and courses on information security management.
Along with his practice, Dr. Kang has been conducting research on information security management. One of the outcomes was the publication of the book, "Responsive Security - Be ready to be secure", by CRC Press in Oct 2013.
Dave Lewis, CISSP (Canada)
Dave Lewis has over 15 years of industry experience. He has extensive experience in IT operations and management. He received his CISSP in 2002. Currently, Dave works in the information security practice for Advanced Micro Devices. Dave is the founder of the popular security site Liquidmatrix Security Digest, Contributing Analyst at Securosis as well as Co-Founder and Director of OpenCERT Canada. OpenCERT is the first non-profit national computer emergency response team that will provide services to users within Canada. Dave is the co-host of the weekly Liquidmatrix Podcast and has spoken at many conferences such as Sector Security Conference, RSA Security USA, SOURCE Boston and EnergySec. Prior to his current role, Dave worked in the finance, healthcare, entertainment, and critical infrastructure verticals. He has worked for a defense contractor as a security consultant to clients such as the FBI, US Navy, Social Security Administration, US Postal Service, and the US Department of Defense.
Greg Mazzone, CISSP (Australia)
Greg Mazzone has over 14 years of leadership experience in IT security issues working in the commercial, consulting and government sectors. He is currently the Director - Security Risk & Assurance for Verizon in Canberra-Australia. Prior to this, Mr. Mazzone worked for KPMG Canberra, and provided ICT security advice to the Australian Government. His work for the Australian Government Attorney-General's Department has included: Director Government E-Security Policy in the Cyber Security Policy Branch, where he provided cybersecurity policy and technology advice during the development of the new Australian Government Information Security Protocol component of the Protective Security Policy Framework; and, as a Director of the CERT Australia section during the establishment of the National Computer Emergency Response Team Australia (CERT Australia). He is also a member on Standards Australia IT Security and Health Information Security committees, and is an active chapter member with OWASP Canberra, Australia.
Allison Miller, CISSP, (USA)
Allison Miller has more than 15 years of experience across the business and technology aspects of information security, with technical expertise in platform security, risk management, and fraud prevention. She currently works in product management at Google, mitigating risks to the Google Ads platform. Previously, Miller was the Chief Operations Officer/Head of Business Operations for Electronic Arts' digital platform including payment operations and the risk/anti-fraud teams. Prior to that, Ms. Miller was Chief Security Officer and Head of Risk Management for the social network Tagged.com; led PayPal's Account Risk & Security team; and was Director of Product/Technology Risk at Visa International.
Ms. Miller is a proven innovator and thought-leader in the security industry, and regularly presents research on risk analytics, cybersecurity, and economics to both industry and government audiences. She is known for her expertise in designing, implementing, and optimizing performance on real-time risk prevention and detection systems running at internet-scale. She has presented internationally at events including the ITWeb Security Summit, Black Hat Briefings, SOURCE Conferences, Nordic Security Conference, BruCon, USENIX/Metricon, SIRAcon, BayThreat and RSA. Ms. Miller is currently President of the Society of Information Risk Analysts (SIRA).
Richard Nealon, CISSP, SSCP, CISM, CISA (Ireland)
Richard Nealon has worked in information security and related disciplines within the financial sector more than 20 years. His current role includes the formulation, management, and reporting of security assurance metrics for an Irish bank. He was one of the first CISSPs in Ireland and has been actively involved as an (ISC)² volunteer for over 10 years. He has a long time involvement with the Irish Information Security Forum (IISF) and is a committee member of the Irish Computer Society Security Professional's Network (ICS SPN). He was awarded the James R. Wade Service Award by (ISC)² in 2010 for his long-time contribution to the organisation in many different roles He was also the first Irish recipient of the COSAC award (2003).
Prof. Howard A. Schmidt, CISSP, CSSLP (USA)
Professor Howard Schmidt - Director Computer Crime & Information Warfare 1994-1997 AFOSI, CISO/CSO 1997-2002 Microsoft Corp. Vice Chairman, President's Critical Infrastructure Protection Board 2002-2003, White House, VP-CISO/Chief Security Strategist 2003-2005, eBay. President & CEO R&H Security Consulting, 2005-2009, President & CEO 2008-2010 Information Security Forum (ISF), Special Assistant to the President & Cybersecurity Coordinator, 2009-2012, White House, 2012-Present, Partner & Co-Founder Ridge, Schmidt Cyber LLC., Executive Director, 2012 to Present, SAFECode.
Freddy Tan, CISSP (Singapore)
Freddy Tan is the Director Product Management, Singapore Telecoms (SingTel) Security Division. His responsibilities include communicating SingTel's security strategy, identifying emerging security trends, and responding with appropriate security products and services. He is also responsible for cultivating relationships with the governments, industry associations and academia to foster a spirit of collaboration and mutual support in Asia. He was awarded the (ISC)² President's Award in 2003 in recognition of his volunteer work with (ISC)² and had served as Chairperson of the (ISC)² Board of Directors for 2012 and 2013 and co-chairperson of the (ISC)² Board of Directors for 2010 and 2012. He had also served as a member of (ISC)² Asia Advisory Board. In 2013, he was appointed as the APAC Strategy Advisor for Cloud Security Alliance (CSA). Freddy is also the President of Security & Governance Chapter, Singapore IT Federation (SiTF) and Vice President and founding member of the Singapore Association of Information Security Professionals (AISP). He also is a resource person for the UN-ESCAP Academy Training for ICT for Development (ICTD) Capacity-Building program where he has delivered an Information Security and Privacy module in Korea and Myanmar. He has over 25 years of experience in information security serving with the Singapore government and six with Microsoft. He has presented on security in Bangladesh, Brunei, Indonesia, Japan, Malaysia, Mongolia, Philippines, Singapore, Sri Lanka, South Korea, Taiwan, Thailand, United States and Vietnam and has also been called upon by media in Bangladesh, Malaysia, Singapore, South Korea, United States and Vietnam for his opinions regarding cybersecurity.
Prof. Hiroshi Yasuda, Dr.E, CISSP (Japan)
Prof. Yasuda received the B.E., M.E. and Dr.E. from the University of Tokyo, Japan in 1967, 1969, and 1972 respectively. Then, he had joined the Electrical Communication Laboratories of NTT in 1972. After served twenty-five years (1972-1997), with the last position of Vice President, Director of NTT Information and Communication Systems Laboratories at Yokosuka, he left NTT and has joined The University of Tokyo. He acted Director of The Center for Collaborative Research (CCR) for 2 years (2003-2005), and he is now a professor in Tokyo Denki University. His study area is applied information technology. He has been involved in works on Video Coding, Image Processing, Tele-presence, B-ISDN Network and Services, Internet and Computer Communication Applications. Now he has started researches on DRM (Digital Rights Management), Network Security and “Kansei” (more human) communication. He is now advocating collaboration between Industries and Academia.
David Shearer, CISSP, PMP, Executive Director
Mr. Shearer has more than 27 years of business experience including the chief operating officer for (ISC)², associate chief information officer for International Technology Services at the U.S. Department of Agriculture, the deputy chief information officer at the U.S. Department of the Interior, and the executive for architecture, engineering and technical services at the U.S. Patent and Trademark Office. Mr. Shearer has been responsible managing and providing services via international IT infrastructures, and he has implemented large-scale SAP Enterprise Resource Planning (ERP) projects. Mr. Shearer has led large geographically separated staffs that support global solutions. Mr. Shearer holds a B.S. from Park College, a M.S. from Syracuse University, management and technical certificates from the U.S. National Defense University, and he is a U.S. federal executive presidential rank award recipient. As (ISC)² Executive Director, Mr. Shearer is responsible for the overall direction and management of the organization.
Debra Taylor, Chief Financial Officer
Ms. Taylor has more than thirty years of business experience including positions as Senior Vice President, Corporate Controller and CFO of the America’s Operations for the former global public company Danka Business Systems PLC. Ms. Taylor has extensive business experience in accounting, finance, acquisitions and mergers. She directed all financial and operational reporting and results along with the re-engineering of the infrastructure and controls of the key business processes at Danka Business Systems PLC. Prior to working with Danka she was the Western Regional Business Manager for Storer Communications, Inc. and Assistant Controller for J. R. Norton Company. At (ISC)² Ms. Taylor is responsible for all financial and management reporting, executing the budgeting process, overseeing investments, all human resource functions, and operating as the Contract Officer. Ms Taylor holds a Bachelor of Arts in Accounting from Michigan State University. She is a former Board Member and Finance Chair of Goodwill-Industries Suncoast.
(ISC)² Press Release - (ISC)² Announces U.S. Federal Government Findings of World’s Largest Information Security Workforce Study
• Read the release
Globb Security - See how the (ISC)² Foundation is helping to protect children online in a video interview with Foundation Director Julie Peeler at the RSA Conference.
• Watch the clip
CIO Review Magazine - (ISC)² Foundation Director Julie Peeler says the growing cloud adoption rate is increasing demand for security pros, based on data from the 2015 GISWS, in CIO Review magazine.
• Read the article
Download to learn more