Directions to Lexington, Virginia
VMI Post Map 
facebook   twitter  Flicker FORA TV

Mrs. Ronda Dove
Administrative Assistant

P:  (540) 464-7361
F: (540) 464-7396

Center for Leadership & Ethics
VMI, Marshall Hall
500 Anderson Drive
Lexington, VA  24450

Keynote Speaker

Stacey Halota, Vice President, Information Security and Privacy, The Washington Post Company

Stacey HalotaHALOTA (Medium)
Vice President, Information Security and Privacy
The Washington Post Company

Stacey Halota joined The Washington Post Company in 2003. She leads the development and implementation of information security and privacy programs, including Sarbanes Oxley, privacy law, Payment Card Industry compliance and other data protection efforts. Halota has more than 20 years of experience in the information technology, security and privacy field. Before joining The Washington Post Company she served as the federal government and southeast region leader of Guardent (now part of Verisign), a security and privacy consulting and managed security services company. Prior to Guardent, she worked at PricewaterhouseCoopers in the Technology Risk Services consulting practice.

Halota was named Secure Computing Magazine’s 2009 Chief Security Officer of the Year, and was also named 2009 Mid-Atlantic Information Security Executive of the Year (Commercial Category) by the Executive Alliance. She is a Certified Information Systems Security Professional (CISSP), a Certified Information Privacy Professional (CIPP) and a Certified Information Systems Auditor (CISA). 


Rizwan Bhutta, Senior Network Engineer, Old Dominion University

Rizwan Bhutta
Senior Network Engineer
Old Dominion University

Rizwan has been working in the IT field since 2006. He started his career as system administrator for SCO Unix and Windows NT. He feels fortunate to be involved with networking technologies since the beginning of his career. He currently manages the Network Communications engineering team within the Office of Computing and Communications Services at Old Dominion University. He has a BE in Electrical Engineering and an MS in Computer Science, a CISSP member since 2006, and is Cisco certified.

Tom Bowers, Chief Information Security Officer, Virginia Community College System

Tom Bowers
Chief Information Security Officer
Virginia Community College System

Known for his keen insight in translating business risk / requirements into flexible security architecture. Tom is a globally experienced manager, technologist and project manager. He is able to take strategic vision and break it down to actionable project steps.

Tom is known for his ability to mentor his people and build creative, out of the box thinkers. If you're looking for strong leadership, creative problem solving and unique business insight then Tom is your man.

Specialties include risk assessment/management, business enabling strategic security / technology architecture, business focused leadership, global project management

Christopher Crowley, Energy Enterprise Services, LLC (EES) (SANS instructor)

Christopher Crowley
Energy Enterprise Services, LLC (EES)
(SANS instructor)

Crowley has 10 years industry experience managing and securing networks. He has GSEC, GCIA, GCIH (gold), GCFA, and CISSP certification. His teaching experience includes GSEC, GCIA, and GCIH Mentor; Apache web server administration and configuration; and shell programming.

Crowley was awarded the SANS 2009 Local Mentor of the year award, "The Mentor of the Year Award is given to SANS Mentors who excel in leading SANS Mentor Training classes in their local communities.

Vaibhav Dani, Lead Database Administrator, ODU

Vaibhav Dani
Lead Database Administrator
Old Dominion University

Dani has a master's in Computer Science from ODU; is an Oracle Certified Professional (9i, 10g, 11g); Oracle Certified Application Developer; and is a MicroSoft Certified Technology Specialist in SQL.

Dani is Lead Database Administrator at Old Dominion University (ODU), with over 12 years of Database Management and administration experience with a proven background of technical problem solving. Key technical skills include Oracle, SQL Server, MySQL, Postgres database administration, data modeling and application design.

Taz Daughtrey, Senior Software Quality Scientist, Cyber Security and Information Systems Information Analysis Center

Taz Daughtrey
Senior Software Quality Scientist
Cyber Security and Information Systems Information Analysis Center (CSIAC)

Taz Daughtry is a Senior Software Quality Scientist at Cyber Security and Information Systems Information Analysis Center, and a lecturer in the Department of Computer Science at JMU.

CSIAC is a Department of Defense (DoD) Information Analysis Center (IAC), serving the DoD for over 30 years. As an IAC, CSIAC is a Center of Excellence, and technical focal point for information, data, analysis, training, and technical assistance in the software related technical fields.

His scholarly interest include:

  • Scholarship of Teaching and Learning, especially Assessment
  • Software Engineering Standards and Certifications
  • Active Learning Techniques: Role Playing, Simulation, Case Studies
  • Return on Security Investment
Todd Dergenski, CISSP, ODU IT Security Architect, IDM project manager

Todd Dergenski, CISSP
IT Security Architect, IDM project manager
Old Dominion University

Todd has worked at Old Dominion University for 10 years in Information Security and Identity Management. During that time he was the the principal security engineer at ODU for over 6 years. He has served as backup ISO for approximately 5 years, as the Identity Management project manager for 4 years, and is currently the Lead Security Architect for the University

Dan Han, Information Security Officer, Virginia Commonwealth University

Dan Han
Information Security Officer
Virginia Commonwealth University

Dan has been working with the VCU for the past 10 years. He is a versatile IT professional with over 10 years of work experience that spans across multiple functional areas in information technology that include graphics design, website design and management, application development, infrastructure design and management, networking, endpoint management, server management, information security, and project management. In his current role, he focuses mainly on Enterprise Information Security Management.

Dan has a B.S. in information systems, a M.B.A , and a M.S. in information management and assurance from VCU School of Business, In addition to his academic background, Dan also holds 14 industry recognized professional IT certifications.

Dale Hulvey
Assistant Vice President
Information Technology
James Madison University

Dale Hulvey serves as the Assistant Vice President for Information Technology at James Madison University. In this position he provides overall leadership, vision and management of the IT organization consisting of three departments, Computing Support, Information Systems and Technical Services. He has worked in IT at JMU for 25 years in various roles and served as Director, Technical Services in Information Technology prior to being named AVP in 2002. He has led and participated in many IT projects at JMU. Dale has a BS in Computer Science and a MBA from James Madison University.

Lowell Malesky, Enterprise Account Manager, Dell

Lowell Malesky
Enterprise Account Manager

Lowell Malesky first joined SonicWALL in early 2005 to manage all Sales, Marketing, and Business Development activities in the Region with a special focus on the Government and Education markets. Lowell possesses 15+ years of experience in the Networking and Network Security markets, having worked previously for Citrix, Anti-malware vendor Commtouch, BGP Optimization company Sockeye Networks (acquired by Internap), and Load Balancing / SSL Acceleration vendor CyberIQ Systems (acquired by Avaya). During his professional career Lowell has found maximum success by holding firm to the belief that each customer maintains a unique set of needs which should be treated as one’s own by a technology partner. Lowell received a Masters of Business Administration degree from George Washington University, and a Bachelors from George Mason University.

Darren Manners, Lead penetration Tester, SyCom Technologies

Darren Manners
Lead penetration Tester
SyCom Technologies

Darren Manners, lead penetration tester for SyCom Technologies, served 9 years in the Royal Naval Intelligence as a Communication Technician Analyst. Manners worked for 12 years in various security roles with VAR's and education. Certifications obtained include: SANS Cyber Guardian red/blue, SANS GSE (#42), CCIE sec (18929), OSCP, CISSP, and others. Manners has written papers on iPhone backup files for penetration testing and anomaly detection using user agent headers. He is a designer of Sphere of Influence (security visualization tool) and Ice-hole (email phishing tool).

Curtis McNay, Director, IT Security, George Mason University

Curtis McNay
Director, IT Security
George Mason University

Curtis McNay is the Director of IT Security and Information Security Officer at George Mason University. In his 12 years at George Mason, he has held a number of positions including Manager of the Information Technology Unit’s Server Support Group and Senior Technical Advisor for the Information Technology Unit. Prior to George Mason, Curtis worked for nine years at Hospitality Partners, a Washington D.C. based hotel management company, managing network and IT resources.

Natalie Metzger, ODU Middleware Developer

Natalie Metzger
ODU Middleware Developer

Metzger has a master's degree in math with a minor in computer science, obtained from the Albert-Ludwigs-University in her hometown of Freiburg, Germany.

After her graduation Natalie was employed as a software engineer by a small, but rapidly expanding software company that specialized in Geographical Information Systems from the Smallworld company. Natalie was responsible for the development of interfaces to transfer large amounts of data from other GIS programs into the Smallword GIS. After multiple years with that company she moved to the United States.

For 3 1/2 years she's been working for ODU in the field of Identity Management. She is responsible for the further development and enhancement of the ODU proprietary IDM system, MIDAS – Monarch IDentification and Authorization System, which includes a web interface as well as number of processes that run in the background and propagate the identity data to various systems and services that the university provides.

Bryan Miller, Adjunct Faculty, Information Systems and Computer Science, Virginia Commonwealth University

Bryan Miller
Adjunct Faculty, Information Systems and Computer Science
Virginia Commonwealth University

Bryan Miller has over 25 years of Information Technology experience. His education includes a B.S. in Information Systems and a M.S. in Computer Science from VCU. He holds the ISC2 CISSP and is a former Cisco CCIE. He has been a guest lecturer at VCU FTEMS, VA SCAN, ISSA, ISACA and IALR. He is an adjunct faculty member in Information Systems and Computer Science at VCU. He has a published article in the Cutter IT Journal. In August, 2007, he founded Syrinx Technologies, specializing in penetration testing of computer systems, networks and applications.

Jonathon Neel, Information Security Officer, Virginia Military Institute

Major Jonathon Neel
Information Security Officer
Virginia Military Institute

Jonathon Neel is the Information Security Officer at the Virginia Military Institute. He is responsible for developing and managing the Institute’s information security program and its internal information security policies, including risk assessments, business impact analyses, disaster recovery plans, and continuity of operations plans. He is also VMI’s Chief Privacy Officer.

Jonathon comes from a military background, having served for eight years with the United States Army in various technical and leadership roles on various posts, including a one-year deployment to Iraq. He holds a bachelor’s degree in Information Assurance from the University of Maryland University College, and is currently pursuing his master’s degree in Information Security and Assurance at Carnegie Mellon University.

Courtney Oxman, Associate Director for IT Audits, University of Virginia

Courtney Oxman, MS, CISA, CRISC, CIA  
Associate Director for IT Audits
University of Virginia

Courtney Oxman, MS, CISA, CRISC, CIA is Associate Director of IT Audits for the University of Virginia. She also has over 20 years of experience in IT operations and audit in government, education, and the private industry. Previously, she performed and managed IT Audit for West Virginia University and Central BanCompany in Missouri. She also has experience managing quality and contingency planning programs. She has presented a variety of IT audit topics to executive management and boards and looks forward to participating in this presentation.

Shirley Payne is Assistant VP, Information Security, Policy, and Records, University of Virginia

Shirley Payne
Assistant Vice President, Information Security, Policy, and Records
University of Virginia

Shirley Payne is Assistant VP for Information Security, Policy, and Records at the University of Virginia. In this capacity she focuses on the continuous enhancement of information technology policies and security of the university's diverse and decentralized computing environment. She works in partnership with units and individuals across the university to formulate policies, assess security risk, establish strategic direction, provide security education and training, implement security safeguards, track security incidents, develop business continuity plans, and related activities.

She also oversees the university's electronic and physical records management program. She has many years of experience in information technology, most of which has been in higher education.

She holds a bachelor's degree in Computer Science from Winthrop University, a master's degree in Management Information Systems from the University of Virginia, and Certified Information Systems Security Professional (CISSP®) and Certified Risk and Information System Controls (CRISC®) designations.

Darlene Quackenbush, Planning/Info Security Officer, Information Technology, James Madison University

Darlene Quackenbush
Planning/Info Security Officer, Information Technology
James Madison University

Darlene Quackenbush is the Information Security and Planning Officer at James Madison University. She performs a variety of IT security, strategic planning and policy development activities including risk management and incident response, serving as liaison for university and Commonwealth technology policy concerns.

Kevin Savoy, MBA, CISA, CISSP, Director of Hospital and Information Technology Audits, University of Virginia

Kevin Savoy, MBA, CISA, CISSP
Director of Hospital and Information Technology Audits
University of Virginia

Kevin Savoy, MBA, CISA, CISSP, is Director of Hospital and IT Audits for the University of Virginia and is a licensed CPA in Virginia. He has over 20 years of experience in IT operations and audit in government and private industry.

Previously, he was IT Security Audit Director for the Auditor of Public Accounts for the Commonwealth of Virginia. He also spent ten years automating retail and hospital pharmacies for two major pharmaceutical wholesalers. He is a frequent speaker on a variety of IT security and audit topics to professional organizations..

Rich Sparrow, Business Manager, Information Technology, Virginia Polytechnic Institute and State University

Rich Sparrow
Business Manager, Information Technology
Virginia Polytechnic Institute and State University

Rich Sparrow has over 20 years of business management experience. His background, combined with a degree in accounting from Florida Gulf Coast University and a passion for information technology, brings a unique perspective to the VT IT Security Office.

Doug Streit, CISSP, Director, Information Security, and Information Security Officer, ODU

Doug Streit, CISSP
Information Security, and Information Security Officer
Old Dominion University

Doug has been at Old Dominion University for 15 years working primarily as a SysAdmin and systems engineer. For six years he managed the Server Systems Group and during that time coordinated the unification of Intel and UNIX support for the highly centralized IT services provided by the Office of Computing and Communications Services. In the Summer of 2011 he accepted the responsibilities of Information Security and Identity Management at Old Dominion University. Current responsibilities include continued development of in-house identity management services, oversight of a complete Information Security Program and the establishment of a new Records Management Office. Doug enjoys working with a very talented and committed team of developers and security operations administrators within his team at Old Dominion University. He has a BS in Engineering from the United States Naval Academy and is CISSP, MCSE, Linux+, Security+, and CNE certified.