2016 GISLA® Judges
Arthur R. Friedman, CISSP, Program Director, Strategic Mission Integration, Information Assurance Directorate National Security Agency
Mr. Friedman serves as a Program Director at the National Security Agency's Information Assurance Directorate. He is responsible for supporting the principal cyber advisor for Information Assurance for the development and deployment of cybersecurity capabilities in support of national security systems. Prior to November 2014 he served as the Senior Strategist responsible for developing policy and strategy for Identity and Access Management (IdAM). In this role leading the Committee for National Security Systems (CNSS) IdAM Working Group he was responsible for developing policy and implementation guidance in support of Executive order 135897 and the National Strategy for Information Sharing and Safeguarding. He also represented the Agency for the National Strategy for Trusted Identities in Cyberspace (NSTIC) and worked closed with NIST and the Interagency developing guidance for promoting enterprise authorization services. Mr. Friedman is an adjunct faculty member at Towson University and he retired from the U.S. Army Reserves as a Colonel.
Mary Heard, CISSP, CDP, CPA, CISA, CIA, CGFM - Senior Advisor and Chief, Continuous Process Improvement
Mary Heard currently heads the Continuous Process Improvement Program within the Office of Chief Information Officer, United States Department of Agriculture. Previously, she was Acting ACIO for Cyber Security from March 2008 through May 2009 and Deputy ACIO in the Office of Cyber Security. A member of the first cadre of computer specialists in the USDA Office of Inspector General, Ms. Heard returned to USDA in January 2006 from the State Department, Office of Inspector General, where she was responsible for the audits of global IT inspections.
Ms.Heard has a dual certification as both a Certified Public Accountant (CPA) and a Certified Information Systems Security Professional (CISSP). Mary has also worked overseas with the Food and Agriculture Organization of the United Nations.
Mary Heard was born in Northern Virginia where she currently resides. She received her Bachelor of Science Degree in Mathematics and her Master of Business Administration Degree from Virginia Polytechnic Institute and State University. She currently is pursuing a Juris Doctor at the David A. Clarke School of Law, University of the District of Columbia.
Charles L. McGann, Jr., CISSP, CISM, IAM-NSA, Chief Cyber Strategist Cyber and Intel Solutions, CRGT
Charles L. (Chuck) McGann, Jr. is the Chief Cyber Strategist for CRGT a government contractor providing IT and Security services to DOD, Army, USPS, VA among other agencies. In his current role, McGann is working to leverage CRGT capabilities among the Federal Civilian agencies as well as review emerging vendors for possible partnerships for increasing agency support needs. McGann is the former Corporate Information Security Officer for the United States Postal Service (USPS). In this capacity, he had the responsibility of securing an intranet that is one of the largest maintained by any organization in the world with over 145,000 workstations and more than 10,000 servers. The USPS infrastructure encompasses over 600 business applications that support all aspects of business operations as well as movement of the mail. In his 27 years with the Postal Service, McGann held numerous positions, entering as Manager, Information Systems for the Springfield, Massachusetts district, and later served as an acting postmaster, business systems analyst, business project leader, distributed systems security specialist and CIRT manager. McGann holds an MBA from Strayer University, a bachelor’s degree from the University of Massachusetts, and two associate’s degrees from Springfield Technical Community College.
Thomas R. Millar, Chief of Communications, United States Computer Emergency Readiness Team, National Cybersecurity & Communications Integration Center, U.S. Department of Homeland Security
Mr. Thomas R. Millar serves as the United States Computer Emergency Readiness Team’s (US-CERT) Chief of Communications, a role which finds him at the intersection of outreach, awareness, standards development, and technical interoperability initiatives. In this role, Mr. Millar is focused on modernizing US-CERT's approaches to information sharing, knowledge exchange and coordination. Since joining US-CERT in 2007, he has played a significant role in US-CERT's response activities during major cyber events such as the Distributed Denial of Service (DDoS) attacks on Estonia in 2007, the outbreak of the Conficker worm, and the DDoS attacks on major U.S. Government and commercial Web sites in 2009.
Mr. Millar has previously worked as a team lead for intrusion detection and analysis at the FBI’s Enterprise Security Operations Center. Prior to his cybersecurity career, he served as a linguist with the 22nd Intelligence Squadron of the United States Air Force.
Mr. Millar has a Master’s of Science in Engineering Management from the George Washington University.
Leo F. Scanlon, CISSP, Acting CISO, Department of Health and Human Services
Leo F. Scanlon is currently Acting CISO at the Department of Health and Human Services (HHS). In this role, Mr. Scanlon is responsible for information systems security activities by ensuring confidentiality, integrity and availability of systems for the OCIO/OIS and HHS (headquarters operating division). Prior to joining HHS, Mr. Scanlon was director of IT security staff and CISO for the U.S. National Archives and Records Administration (NARA). In addition to Mr. Scanlon’s CISO duties, he served as a NARA observer to the Committee on National Security Systems and participated in the Comprehensive National Cybersecurity Initiative (CNCI) Working Group, the Information Security Identity Management Committee (ISIMC) of the CIO Council and the Cloud Computing and Configuration Management Working Group subcommittees of the ISIMC.
Sunny K. Tuteja, Founder, President, and Chief Executive Officer (CEO), AssurIT Consulting Group, LLC.
He founded AssurIT in 2013 to fill a need for a highly capable, quality conscious, and customer driven Cybersecurity consulting firm. He has several years of experience working hand-in-hand with numerous agencies within the United States Federal Government in order to deliver top-notch service in a variety of functions. He has performed work at all levels – ranging from technical work at the Security Engineer level – all the way up to managing an entire security team of 30+ in order to strategize, implement, and maintain an entire agency-wide Cybersecurity Program.
Mr. Tuteja has held several roles during his career and supported many Government departments and their agencies, including: Department of Commerce (DOC), Department of Health and Human Services (HHS), National Gallery of Art (NGA), Department of Transportation (DOT), National Aeronautics and Space Administration (NASA), Department of Homeland Security (DHS), Department of Justice (DOJ), Broadcasting Board of Governors (BBG), Department of Treasury (DOT), United States Patent and Trademarks Office (USPTO), Federal Aviation Administration (FAA), United States Department of Agriculture (USDA) and General Services Administration (GSA). He led and participated in many Cybersecurity projects within these agencies and left a lasting impression on every Federal IT executive within the Office of the Chief Information Officer (OCIO) that he interfaced with. Mr. Tuteja has been told that he has a knack for listening to his client’s needs and understanding exactly what they need the first time around – thus increasing efficiency and eliminating the need for iterative rework.
Mr. Tuteja graduated from George Mason University earning a B.S. in IT with a concentration in Network Telecommunications & Information Security, as well as a minor in Business. He also holds a M.S. in Information Systems from the University of Miami, and a M.B.A. from the prestigious and nationally ranked Robert H. Smith School of Business at the University of Maryland, College Park. Mr. Tuteja also holds many industry standard certifications including: Certified Information Systems Security Professional (CISSP), Certified Authorization Professional (CAP), Certified Ethical Hacker (CEH), Security +, Network +, A +, Tenable Certified Nessus Auditor (TCNA), and Microsoft Certified Professional (MCP).
Mr. Tuteja was also the recipient of the 2014 (ISC)² U.S. Government Information Security Leadership Award (GISLA). Now in its 11th year, the (ISC)² GISLA program has been recognizing the ongoing commitment of individuals whose initiatives in the areas of technology, process/policy or community awareness have led to significant improvements in the security posture of a department, agency, or the entire federal government.
Dr. Robert (Rocky) E. Young, OSD, CIVPA-C, CISSP-ISSAP/ISSMP, CISM, CHSP, IAM, CHFI, CEH, PMP, CGEIT, CRISC, Professor and Principal Cyber Security Engineer
Dr. Young is currently Principal Cyber Security Engineer at MITRE, and has been a professor at National Defense University since 2002. Prior to that, he was Chief of 11th Wing Information Assurance Office, USAF, providing policy guidance, technical support, and administrative oversight of communication, computer, emission, and information security requirements. Dr. Young spent 21 years in the Air Force and is also a certified physician associate who continues to work in that capacity as a medical provider throughout the DoD. Dr. Young is an expert Cyb3r Security and/or Information Security (INFOSEC), Information Assurance (IA) and Information Operations (IO). He has presented widely on IA issues in healthcare, challenges related to wireless networks, cyber security, and network and systems security principles, safeguards, and practices