Logo Board of Directors(ISC)² Board of Directors

The (ISC)² Board of Directors is comprised of information security professionals from around the world representing academia, private organizations and government agencies. All volunteers and (ISC)²-certified, the Board provides governance and oversight for the organization, grants certifications to qualifying candidates and enforces adherence to the (ISC)² Code of Ethics.

 


Directors

 
Wim Remes

Wim Remes, Chair, CISSP (Belgium)

Wim Remes is the manager of Strategic Security Services for Rapid7 in EMEA.  He leverages 15+ years of security leadership experience to advise clients on reducing their risk posture by solving complex security problems and by building resiliency into their organizations. He delivers expert guidance on reducing the high cost of IT security failures, both financially and in terms of brand reputation combining his deep expertise in network security, identity management, policy design, risk assessment, and penetration testing to develop innovative approaches to enterprise security. Before joining Rapid7, Wim was a managing consultant at IOActive and previously has worked as a manager of Information Security for Ernst and Young and as a security consultant for Bull, where he gained valuable experience building security programs for enterprise class clients. Wim has been engaged in various infosec community initiatives such as the co-development of the Penetration Testing Execution Standard (PTES), InfosecMentors, and organizing the BruCON security conference. He has been a featured speaker at international conferences such as Excaliburcon (China), Black Hat Europe, Source Boston, Source Barcelona and SecZone (Colombia). He was also a member of the (ISC)² Board of Directors (2012 until 2014), and chairperson in 2014.
Steve Hernandez 2015

Steven Hernandez, Vice Chair, CISSP, CAP, SSCP, CSSLP, HCISPP (USA) 

Steven Hernandez has worked in the information security field for the past seventeen years in a variety of contexts. He has worked on the front lines in operations centers and led research teams attempting to balance security, privacy, and other mission considerations. He has experience in international manufacturing, healthcare, non-profits, and government at the federal, state, and local levels. The greatest strength that he will bring to the Board is the culmination of his experience in organizational strategy, cybersecurity, and business operations. He has had the opportunity to contribute to tactical, day-to-day security operations as well as guide and influence broad security initiatives such as the US government's FedRAMP program across large organizations with international presence. Mr. Hernandez believes that the best security performance and most comprehensive solutions come from collaborative efforts where we combine the right processes, implement the appropriate technology, and train people to solve our most complex problems. He has volunteered and served (ISC)² for the better part of the past decade. After becoming a member of (ISC)² he was invited, and volunteered, to write exams, serve on the U.S. Government Advisory Board for Cybersecurity (GAB), judge for the Government Information Security Leadership Awards (GISLA) and contribute to its Executive Writers Bureau over the span of almost a decade. Mr. Hernandez is the lead author and editor of the third edition of the (ISC)² Official Guide to the CISSP CBK, the (ISC)² Official Guide to the HCISPP CBK, and several published works about information assurance with international collaboration.
Flemming Faber 2015

Flemming Faber, Treasurer, CISSP (Denmark)

Flemming Faber has been working with information security since 1994. He is a Senior Advisor in the Network Security Division in the Danish Centre for Cyber Security under the Ministry of Defence and is responsible for policy, strategy and international cooperation. Since obtaining the CISSP in 1999, he has worked as a security consultant and information security manager in international consultancy-firms: Ramboll Management, ICL and Protect Data. In 2003, he joined the The Danish National IT and Telecom Agency, a Danish government agency where he was head of the IT-security division until 2009. He was in charge of the information security strategy in relation to the general Danish eGovernment initiatives, the Danish government’s information security awareness campaigns, privacy initiatives and the development of information security standards for Danish government agencies. Mr. Faber was the main architect behind the establishment of the Danish GovCERT in 2009. Since 2006 he has been the Danish government's representative on the board of ENISA, the European Network and Information Security Agency. From 1999 to 2009, Mr. Faber worked with (ISC)²'s international workshop, reviewing CISSP exam questions. He also served as exam supervisor in Europe from 1999 to 2006.
Jennifer Minella 2015

Jennifer Minella, Secretary, CISSP (USA)  

Jennifer Minella is currently VP of Engineering and Consulting CISO with Carolina Advanced Digital, Inc. With more than 15 years of experience working in the technology industry, Jennifer's most recent focus is in specialized areas of infrastructure security, including network access control (NAC) and 802.1X, wireless security technologies, industrial security and SCADA. Most recently, Jennifer has provided strategic security consulting for government agencies, educational institutions and Fortune 100 and 500 corporations. In addition to consulting and client project implementations, Mrs. Minella is an author, contributor and trusted media resource for information security topics. Mrs. Minella was a contributing author of the (ISC)² Official CISSP Courseware v9 and a co-author of Low Tech Hacking. Jennifer is also a consulting faculty member of IANS Research, contributing author of technology publications, and a trusted technical advisor to editors and journalists across the U.S.
Dr Kevin Charest 2016

Dr. Kevin Charest, CISSP, HCISPP (USA)

Dr. Kevin Charest serves as the VP, IT Security and Cyber Defense Operations for UnitedHealth Group. He is responsible for all facets of IT security operations, continuous monitoring, and cyber defense activities across the enterprise. Prior to joining United, he served as the chief information security officer for the Department of Health and Services (HHS). He was directly responsible for the HHS cybersecurity technology portfolio for the department. HHS is the U.S. government's principal agency for protecting the health of all Americans. Prior to joining the federal government, Dr. Charest served in a number of entrepreneurial and senior executive positions in the private sector. His leadership in technology applications, innovation, and security were instrumental to the development of numerous products and services. As a board member for (ISC)², Dr. Charest works across multiple industries and platforms focused on information sharing for cyber defense improvement. Dr. Charest holds a Ph.D. in Cybersecurity from Capella University. He also holds a master's degree in Business Administration from the University of West Georgia and a bachelor's degree in Computer Science from the University of Central Arkansas. Dr. Charest is also a veteran of the U.S. Marine Corps and U.S. Army.
Dr Meng Chow Kang 2016

Dr. Meng-Chow Kang, CISSP (Singapore) 

Dr. Meng-Chow Kang has been a practicing information security professional for more than 25 years with field experience spanning from technical to management in the various information security and risk management roles and organizations, including the Singapore government, major multi-nationals financial institutions, and global security and technology providers. Over the years, his experience includes a wide spectrum of information security domains, including policies development and study, awareness and competency training, security architecture design, development, and implementation, security testing, security products research and development, third-parties security management, joint-venture and business partnership security plan and implementation, incident investigation, security operations management, security standards development, ISO/IEC 27001 certification implementation and maintenance, and teaching the CISSP Common Body of Knowledge, and courses on information security management.  Along with his practice, Dr. Kang has been conducting research on information security management. One of the outcomes was the publication of the book, "Responsive Security - Be ready to be secure", by CRC Press in Oct 2013.
David Kennedy 2016

David Kennedy, CISSP (USA) 

David Kennedy is founder of TrustedSec and Binary Defense Systems. Both organizations focus on the betterment of the security industry from an offense and a defense perspective. He was the former CSO for Diebold Incorporated where he ran the entire infosec program. David is a co-author of the book "Metasploit: The Penetration Testers Guide,” the creator of the Social-Engineer Toolkit (SET), Artillery, and a number of popular open source tools. He has been interviewed by several news entities including CNN, Fox News, MSNBC, CNBC, BBC World News, and Katie Couric. David is the co-host of the social-engineer podcast and on a number of additional podcasts. He has testified before the U.S. Congress on two occasions about the security around government websites. David is one of the founding authors of the Penetration Testing Execution Standard (PTES), a framework designed to fix the penetration testing industry. David is also the co-founder of DerbyCon, a large-scale conference in Louisville, Kentucky. Prior to the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence related missions.
Greg Mazzone

Greg Mazzone, CISSP, IRAP, CISA (Australia)

Greg Mazzone has over 25 years of experience working with technology and control systems, with the last 15 years focussed on ICT security across the commercial, consulting and government sectors. He currently works as a Security Consultant with Ionize, a Canberra based specialist security assessment, advice and training firm. He has formerly had roles as the CISO and IT Security Advisor for a commercial provider of Australian Government Internet gateways, and as a Director in the Australian Government Attorney-General's Department. While at the Attorney-General’s Department his roles covered; Director Government E-Security Policy in the Cyber Security Policy Branch, which included provision of cybersecurity policy and technology advice during the development of the new Australian Government Information Security Protocol component of the Protective Security Policy Framework; and, as a Director of Integration for CERT Australia during the establishment of the National Computer Emergency Response Team Australia (CERT Australia). He is also a member on Standards Australia IT Security and Health Information Security committees, and is an active supporter of the OWASP Canberra, Australia, chapter. He has been a CISSP since 2003 and a longstanding advocate for the role certifications have towards the professional recognition of the IT security industry.
Allison Miller 2015

Allison Miller, CISSP, (USA)

Allison Miller has more than 15 years of experience across the business and technology aspects of information security, with technical expertise in platform security, risk management, and fraud prevention. She currently works in product management at Google, mitigating risks to the Google Ads platform. Previously, Miller was the Chief Operations Officer/Head of Business Operations for Electronic Arts' digital platform including payment operations and the risk/anti-fraud teams. Prior to that, Ms. Miller was Chief Security Officer and Head of Risk Management for the social network Tagged.com; led PayPal's Account Risk & Security team; and was Director of Product/Technology Risk at Visa International. Ms. Miller is a proven innovator and thought-leader in the security industry, and regularly presents research on risk analytics, cybersecurity, and economics to both industry and government audiences. She is known for her expertise in designing, implementing, and optimizing performance on real-time risk prevention and detection systems running at internet-scale. She has presented internationally at events including the ITWeb Security Summit, Black Hat Briefings, SOURCE Conferences, Nordic Security Conference, BruCon, USENIX/Metricon, SIRAcon, BayThreat and RSA. Ms. Miller is currently President of the Society of Information Risk Analysts (SIRA).
Richard Nealon  

Richard Nealon, CISSP, SSCP, CISM, CISA (Ireland)

Richard Nealon has worked in information security and related disciplines within the financial sector more than 20 years. His current role includes the formulation, management, and reporting of security assurance metrics for an Irish bank. He was one of the first CISSPs in Ireland and has been actively involved as an (ISC)² volunteer for over 10 years. He has a long time involvement with the Irish Information Security Forum (IISF) and is a committee member of the Irish Computer Society Security Professional's Network (ICS SPN). He was awarded the James R. Wade Service Award by (ISC)² in 2010 for his long-time contribution to the organisation in many different roles He was also the first Irish recipient of the COSAC award (2003).
Howard Schmidt

Prof. Howard A. Schmidt, CISSP, CSSLP  (USA)

Professor Howard Schmidt - Director Computer Crime & Information Warfare 1994-1997 AFOSI, CISO/CSO 1997-2002 Microsoft Corp. Vice Chairman, President's Critical Infrastructure Protection Board 2002-2003, White House, VP-CISO/Chief Security Strategist 2003-2005, eBay. President & CEO R&H Security Consulting, 2005-2009, President & CEO 2008-2010 Information Security Forum (ISF), Special Assistant to the President & Cybersecurity Coordinator, 2009-2012, White House, 2012-Present, Partner & Co-Founder Ridge, Schmidt Cyber LLC., Executive Director, 2012 to Present, SAFECode.
Freddy Tan

Freddy Tan, CISSP (Singapore)

Freddy Tan is the Director Product Management, Singapore Telecoms (SingTel) Security Division.  His responsibilities include communicating SingTel's security strategy, identifying emerging security trends, and responding with appropriate security products and services.  He is also responsible for cultivating relationships with the governments, industry associations and academia to foster a spirit of collaboration and mutual support in Asia. He was awarded the (ISC)² President's Award in 2003 in recognition of his volunteer work with (ISC)² and had served as Chairperson of the (ISC)² Board of Directors for 2012 and 2013 and co-chairperson of the (ISC)² Board of Directors for 2010 and 2012.  He had also served as a member of (ISC)² Asia Advisory Board.  In 2013, he was appointed as the APAC Strategy Advisor for Cloud Security Alliance (CSA). Freddy is also the President of Security & Governance Chapter, Singapore IT Federation (SiTF) and Vice President and founding member of the Singapore Association of Information Security Professionals (AISP). He also is a resource person for the UN-ESCAP Academy Training for ICT for Development (ICTD) Capacity-Building program where he has delivered an Information Security and Privacy module in Korea and Myanmar. He has over 25 years of experience in information security serving with the Singapore government and six with Microsoft. He has presented on security in Bangladesh, Brunei, Indonesia, Japan, Malaysia, Mongolia, Philippines, Singapore, Sri Lanka, South Korea, Taiwan, Thailand, United States and Vietnam and has also been called upon by media in Bangladesh, Malaysia, Singapore, South Korea, United States and Vietnam for his opinions regarding cybersecurity.
Hiroshi Yasuda

Prof. Hiroshi Yasuda, Dr.E, CISSP (Japan)

Prof. Yasuda received the B.E., M.E. and Dr.E. from the University of Tokyo, Japan in 1967, 1969, and 1972 respectively. Then, he had joined the Electrical Communication Laboratories of NTT in 1972. After served twenty-five years (1972-1997), with the last position of Vice President, Director of NTT Information and Communication Systems Laboratories at Yokosuka, he left NTT and has joined The University of Tokyo. He acted Director of The Center for Collaborative Research (CCR) for 2 years (2003-2005), and he is now a professor in Tokyo Denki University. His study area is applied information technology. He has been involved in works on Video Coding, Image Processing, Tele-presence, B-ISDN Network and Services, Internet and Computer Communication Applications. Now he has started researches on DRM (Digital Rights Management), Network Security and “Kansei” (more human) communication. He is now advocating collaboration between Industries and Academia.

 

Corporate Officers

David Shearer Photo  

David Shearer, CISSP, PMP, Chief Executive Officer  

Mr. Shearer has more than 27 years of business experience including the chief operating officer for (ISC)², associate chief information officer for International Technology Services at the U.S. Department of Agriculture, the deputy chief information officer at the U.S. Department of the Interior, and the executive for architecture, engineering and technical services at the U.S. Patent and Trademark Office. Mr. Shearer has been responsible for managing and providing services via international IT infrastructures, and he has implemented large-scale SAP Enterprise Resource Planning (ERP) projects. Mr. Shearer has led large geographically separated staffs that support global solutions. Mr. Shearer holds a B.S. from Park College, a M.S. from Syracuse University, management and technical certificates from the U.S. National Defense University, and he is a U.S. federal executive presidential rank award recipient. As (ISC)² Chief Executive Officer, Mr. Shearer is responsible for the overall direction and management of the organization.
Wesley Simpson  

Wesley Simpson, Chief Operating Officer

Mr. Simpson has more than 25 years of business experience including positions in IT, product management, policy and procedure development, budgeting, vendor negotiations, and client development and relationships for Turner Broadcasting System, Delta Airlines, Bank of America, IBM and Fidelity Investments. Mr. Simpson has been responsible for leading the development of IT organizations and global services, while also working in the field of software development and digital asset management for various Fortune 500 companies. As COO, Mr. Simpson oversees the operational aspects of contracts with all business partners, collaborates with the Chief Executive Officer and senior management to support (ISC)² programs and services, and is responsible for the development and implementation of a business template for the regional offices. Mr. Simpson holds a B.S. in Accounting from the University of Massachusetts and various technical certifications.
Debra Taylor 2016

Debra Taylor, Chief Financial Officer 

Ms. Taylor has more than 30 years of business experience including positions as Senior Vice President, Corporate Controller and CFO of the America’s Operations for the former global public company Danka Business Systems PLC. Ms. Taylor has extensive business experience in accounting, finance, acquisitions and mergers. She directed all financial and operational reporting and results along with the re-engineering of the infrastructure and controls of the key business processes at Danka Business Systems PLC. Prior to working with Danka she was the Western Regional Business Manager for Storer Communications, Inc. and Assistant Controller for J. R. Norton Company. At (ISC)² Ms. Taylor is responsible for all financial and management reporting, executing the budgeting process, overseeing investments, all human resource functions, and operating as the Contract Officer. Ms Taylor holds a Bachelor of Arts in Accounting from Michigan State University. She is a former Board Member and Finance Chair of Goodwill-Industries Suncoast.
Graham Jackson

Graham Jackson, General Counsel

Mr. Jackson joined (ISC)² in 2013. He serves as an agent for (ISC)² in regards to all legal matters, liabilities and rights. Mr. Jackson’s duties include overseeing domestic and international corporate reporting and compliance with government regulations; the registration and protection of (ISC)² intellectual property; drafting and negotiating transactional documents; managing (ISC)²’s outside counsel and developing strategy for litigation; and overseeing the (ISC)² Board of Directors elections. He also works closely with the business teams to identify positive outcomes for (ISC)² and its members and partners around the world. Mr. Jackson holds a Juris Doctor and Master of Accountancy from Samford University, as well as a B.B.A in Accounting and B.A. in History from the University of Georgia. He is a member of the Florida Bar.