Cybersecurity Leadership Program
Steed Family Professor of the Practice
Professor of the Practice of Cybersecurity Policy
David Hoffman teaches courses on cybersecurity policy at the Sanford School of Public Policy at Duke University. He formerly was the Associate General Counsel, Director of Security Policy and Global Privacy Officer for Intel Corporation. In addition to teaching, Hoffman currently chairs the Civil Liberties and Privacy Panel for the Director’s Advisory Board for the US National Security Agency. He also chairs the board of the Center for Cybersecurity Policy and Law, and serves on the Advisory Boards for the Future of Privacy Forum and the Israel Tech Policy Institute. Hoffman also founded and chairs the board for the Triangle Privacy Research Hub, which highlights and fosters cybersecurity and privacy academic research done in the North Carolina Research Triangle.
Hoffman previously served on the Department of Homeland Security’s Data Privacy and Integrity Advisory Committee and the Board of Directors of the National Cyber Security Alliance. He has also served on the U.S. Federal Trade Commission’s Online Access and Security Committee, the Center for Strategic and International Studies Cyber Security Commission, the Steering Committee for BBBOnline, the TRUSTe Board of Directors and the Board of the International Association of Privacy Professionals. He is the author of many papers and articles on cybersecurity and privacy and has testified to Congress on these topics.
Hoffman has a JD from Duke Law School, where he was a member of the Duke Law Journal. He received an AB from Hamilton College.
In addition to sessions led by Prof. David Hoffman, the program’s director, program participants will have the opportunity to hear from leaders from across the cybersecurity space. The following list provides a selection of some the speakers featured during the program.
Dan Caprio, Co-founder and Executive Chairman at The Providence Group (Washington, DC), is an internationally recognized expert on privacy and cybersecurity. He has served as the Chief Privacy Officer and Deputy Assistant Secretary at the Commerce Department, a transatlantic subject matter expert for the European Commission’s Internet of Things formal expert group, a Chief of Staff for a Federal Trade Commission Commissioner and a member of the Department of Homeland Security Data Privacy and Integrity Advisory Committee. In 2002, Dan was a representative for the United States delegation revising the OECD Security Guidelines that formed the basis for the first White House Strategy to Secure Cyberspace.
Sam Curry, CSO for Cybereason, has over 25 years of IT security industry experience and is a Visiting Fellow at the National Security Institute. Sam most recently served as CTO, CSO and GM at Arbor Networks.
Previously, he spent more than seven years at RSA (the Security Division of EMC) in a variety of senior management roles, including CTO, SVP of Product and Head of RSA Labs. In addition to other media, he is the host of Security All-In, a podcast focused on the personal stories and evolution of security people.
Sam has also held senior management roles at MicroStrategy, Computer Associates, and McAfee in addition to co-founder and first employee of two successful security startups.
From 2007-2013, Dellinger worked as the founding program manager for Data Privacy Day, a globally recognized event designed to raise awareness about privacy and create mechanisms for dialogue, collaboration and privacy solutions among nonprofits, academics, businesses and government entities. She has worked as a privacy lawyer at Intel Corporation, at The Privacy Projects, and at the National Cyber Security Alliance.
Prior to working for Intel, Dellinger worked as a staff attorney for Judge W. Earl Britt in the U.S. District Court for the Eastern District of North Carolina (1998-2007), as a Bristow Fellow in the Solicitor General’s Office in the U.S. Department of Justice (1994-95), and as a clerk for Judge Francis D. Murnaghan, Jr. in the U.S. Court of Appeals for the Fourth Circuit (1993-94). She has also practiced at law firms in Washington, D.C. and North Carolina, and taught Family Law at Duke Law School and Legal Writing at UNC School of Law. Dellinger received her BA in English from Columbia University (’89) where she also focused on Religion and Women’s Studies. She received her JD from Duke Law School (‘93), where she graduated Order of the Coif and was an editor on the Duke Law Journal, and her MA in Humanities/Women’s Studies from Duke University (’93).
Arturo (Art) F. Ehuan is a Vice President at Palo Alto Networks, a global cybersecurity corporation. He was previously a managing director at Alvarez & Marsal, global cyber risk service management practice, an international consulting firm. Art had had cybersecurity leadership roles at USAA, Northrop Grumman Corporation and Cisco Systems. Art has worked with governments and law enforcement in the U.S. and overseas on cybersecurity cases, frequently giving expert testimony in federal, military, and state courts on digital forensics and cybercrime matters. For nearly two decades he has served as a lecturer for the U.S. State Department’s Anti-Terrorism Assistance Cyber Training Program, while also working as a supervisory special agent with the Federal Bureau of Investigation (FBI) and a special agent for the U.S. Air Force Office of Special Investigations. Art has been retained as a cyber expert on prominent data breaches to include Sony Pictures, Target, Anthem, Equifax, Marriott and Capital One.
Jen Ellis is Vice President of Community and Public Affairs at Rapid7. Her primary focus at Rapid7 is on advancing cybersecurity for all by building productive collaboration between those in the security community and those operating outside it.
She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cybercrime and protecting consumers and businesses. She has testified before Congress and spoken at a number of security industry and business events including SXSW, DEF CON, RSA, Derbycon, Shmoocon, SOURCE, and various BSides.
David Faraone is a senior director at Unit 42, leading the North America East Region Consulting Team. He is a highly accomplished cybersecurity consultant with deep expertise serving large organizations in areas such as CISO advisory support, cloud security strategy, network security architecture and design, and Internet of Things security.
Dr. Trey Herr is the director of the Cyber Statecraft Initiative under the Scowcroft Center for Strategy and Security at the Atlantic Council. His team works on cybersecurity and geopolitics including cloud computing, the security of the internet, supply chain policy, cyber effects on the battlefield, and growing a more capable cybersecurity policy workforce. Previously, he was a senior security strategist with Microsoft handling cloud computing and supply chain security policy as well as a fellow with the Belfer Cybersecurity Project at Harvard Kennedy School and a non-resident fellow with the Hoover Institution at Stanford University. He holds a PhD in Political Science and BS in Musical Theatre and Political Science.
Danielle Kriz is Senior Director, Global Policy at Palo Alto Networks. She engages with governments around the world on public policy issues, including 5G security. Kriz previously was Director for Global Cybersecurity Policy at the Information Technology Industry Council (ITI), a Washington, DC-based trade association representing the world’s largest technology companies, and worked in Silicon Valley consulting on government affairs strategies for high-tech and clean-tech firms. She began her career with 10 years in the US government, working on high-tech trade policies and spearheading the government’s work on cybersecurity as it intersects with international trade. She has engaged on government cybersecurity policies around the world including in the Americas, Europe, and Asia.
Jimmie Lenz is an experienced executive, lecturer, and scholar in the field of banking and capital markets. Jimmie is the Director of the Master of Engineering in FinTech and the Master of Engineering in Cybersecurity at the Pratt School, teaching Machine Learning, Blockchain, financial innovation, and financial products and services.
Starting his career as an equity and derivatives trader over 25 years ago, Jimmie found he reveled in fast moving atmospheres that required both strategic thought and the ability to take immediate action. His successes propelled him into a number of senior management roles within the finance community including leading an NYSE broker dealer with foreign and domestic operations, Chief Risk Officer and Chief Credit Officer at a top three broker dealer, and the Head of Predictive Analytics for one of the largest Wealth Management firms in the US. Global financial services firms and exchanges have engaged Jimmie to address issues related to strategy, analytics application, risk mitigation, and business efficiencies. This in-depth understanding of the capital markets industry has allowed him to provide crucial perspectives in foreign and domestic regulatory matters, including the presentation of findings to the Security and Exchange Commission.
Jimmie holds an undergraduate degree from the University of South Carolina, a Master of Science in Finance from Washington University in Saint Louis, and Doctor of Business Administration-Finance from Washington University’s Olin Business School. Jimmie currently serves as the Chairman of Neocova’s Strategic Advisory Board, and on the Board of Directors of Zen Blockchain Foundation. He frequently speaks and publishes on topics leveraging innovation, Machine Learning, Blockchain, and quantitative analysis and has a number of pending patents related to his work.
Karim Lesina was appointed Executive Vice President, Chief External Affairs Officer for Millicom in November 2020. In this role, Karim oversees the group’s Government Relations, Regulatory Affairs, Corporate Communications and Corporate Responsibility functions. His focus is on developing and driving Millicom’s global engagement to support of business objectives and particular responsibility for special situations and reputation strategies.
Before joining Millicom, Karim held the position of Senior Vice President, International External and Regulatory Affairs at AT&T, directing the internal international and regulatory affairs teams, as well as the external and regulatory affairs teams across AT&T and its global affiliates. Before his term at AT&T, Karim was at Intel as the Government Affairs Manager for Europe, Africa and the Middle East. Rounding out a strong portfolio, he acquired extensive agency experience through his work with multinational public relations and communications firms at the commencement of his career.
Karim is an active member in several industries and community organizations, including current service as Board Member of the International Institute of Communications, member of the GSMA Chief Policy & Regulatory Officer Group, and Member of the Meridian Executive Committee Corporate Council. Born in Dakar (Senegal), Karim is an Italian-Tunisian national and has a master’s degree in Economics of Development at the Catholic University of Louvain-la-Neuve, Belgium.
Karim does not hold any Millicom shares.
Limor Shmerling Magazanik is the Managing Director of the Israel Tech Policy Institute. In this role, Limor provides leadership of ITPI, including directing ITPI’s policy agenda; Limor engages policymakers, regulators, academics, and business leaders and convenes multi stakeholder groups for discussion, on Innovation and social goals in areas such as AI, Data Governance, Cybersecurity, Digital Health, E-Government, Fintech, Smart Cities and Smart Mobility. She is a member of the OECD Data Governance Expert Group and initiated the founding of the Privacy Tech Alliance.
Limor comes to ITPI after a decade with the Israel Privacy Protection Authority, as Director of Strategic Alliances and as Director of Licensing & Inspection. She was responsible for administrative enforcement of data protection law over all private sector and public sector entities in Israel and for the enforcement of the Digital Signature law and the Credit Data law. She also represented the authority in international and national enforcement collaborations and testified before parliament committees. She took part in legislation processes from inception to ratification and execution. She founded the Data Protection Forum in the Israeli public administration. She was a founding member of the Government Cloud Computing Committee, a member of the Oversight Committee over the Smart ID and Biometric Identification project, a member of the Investigating Committee: Promoting Competition in the Financial Sector, and a member of the advisory board to the Credit Data Bureaus Supervisor at the Central Bank of Israel.
Prior to that Limor was advisor and Legal Secretary to the Council for Cable & Satellite Broadcasting at the Ministry of Communications. Her previous roles include practicing corporate and commercial law, product management in the high-tech industry and a judicial clerkship. She was also an adjunct lecturer at the Hebrew University Faculty of Law and the IDC Herzliya School of Law, and is a frequent public speaker in academic and business conferences. She earned a bachelor’s in Law, a Master’s in Literature focused on Women and Gender and a Master’s in Public Law, all from Tel Aviv University and is a certified lawyer and a certified privacy professional (CIPP/E, CIPP/US, CIPM).
In 2018 Limor was chosen by Forbes magazine as one of the world’s top 50 women in tech.
Alexander Niejelow serves as Senior Vice President of Cybersecurity Coordination & Advocacy at Mastercard Incorporated and served as its Senior Vice President of Public Policy since February 2016.
Prior to Mastercard, Alex served as director for cybersecurity policy on President Obama’s National Security Council. He served as chief of staff to the U.S. Intellectual Property Enforcement Coordinator, where he helped coordinate the administration’s efforts to develop and enforce intellectual property and patent policies.
Prior to joining the Obama administration, he served as a senior associate at the Pew Charitable Trusts, where he analyzed and provided recommendations on enhancing the security of the global pharmaceutical supply chain. He worked in the litigation department of Paul, Weiss, Rikind, Wharton & Garrison before joining the Department of Homeland Security in 2010 as a senior advisor on international trade policy and operations.
Michael Reiter is a James B. Duke Distinguished Professor of Computer Science and Electrical & Computer Engineering at Duke University. His previous positions include Director of Secure Systems Research at Bell Labs; Professor of Electrical & Computer Engineering and Computer Science at Carnegie Mellon University, where he was the founding Technical Director of CyLab; and Distinguished Professor of Computer Science at the University of North Carolina at Chapel Hill.
Prof. Reiter’s research interests include all areas of computer and communications security, fault-tolerant distributed computing, and applied cryptography.
Samm Sacks is a cyber policy fellow at New America. Her research examines information and communication technology policies globally with a focus on China. She has worked on Chinese technology policy issues for over a decade, both with the U.S. government and in the private sector.
She publishes, testifies, and presents regularly on topics related to the U.S.-China technology relationship and the geopolitics of data privacy and cross-border data flows. She also convenes the U.S.-China Women’s Tech Summit, a private discussion series that aims to promote women’s thought leadership, dialogue, and community over candid conversations on subjects ranging from artificial intelligence to export controls and biotechnology.
Previously, Sacks launched the industrial cyber business for Siemens in Asia, focusing on energy sector cybersecurity markets in Japan, South Korea, and China. Prior to this, she led China technology sector analysis at the political risk consultancy Eurasia Group and worked as an analyst and Chinese linguist with the national security community.
She is a frequent contributor to television, radio, and print media (with appearances on Bloomberg, Marketplace, MSNBC, National Public Radio, PBS NewsHour) and comments in the Financial Times, New York Times, Politico, Washington Post, Wall Street Journal, among others. Her articles have appeared in the Atlantic, Foreign Affairs, MIT Tech Review, and Slate. She has testified multiple times before Congress.
A former Fulbright scholar in Beijing, Sacks holds an M.A. from Yale University in international relations and a B.A. from Brown University in Chinese literature.
Concurrently, Sacks is senior fellow at Yale Law School’s Paul Tsai China Center. She also founded her own consulting practice where she advises corporate clients on China's technology policies.
Ari Schwartz directs Cybersecurity Services for Venable’s Cybersecurity Risk Management Group. In this role, Ari guides the establishment of cybersecurity consulting services for Venable, assisting organizations with understanding and the development of risk management strategies, including implementation of the Cybersecurity Framework and other planning tools to help minimize risk. Ari also coordinates the Cybersecurity Coalition, a group of leading cybersecurity companies dedicated to educating policymakers on cybersecurity issues and promoting a vibrant marketplace for cybersecurity technology solutions.
Prior to joining Venable, Ari was a member of the White House National Security Council, where he served as special assistant to the president and senior director for cybersecurity. As director, Ari coordinated all network defense cybersecurity policy, including critical infrastructure protection, federal network protection, supply-chain efforts, cybersecurity standards promotion, and information sharing. He led the White House’s legislative and policy outreach to businesses, trade groups, academics, and civil liberties groups on cybersecurity and developed new policies and legislation, including development of the Executive Orders on the Security of Consumer Financial Protection, Cybersecurity Information Sharing, and Sanctions Against Individuals Engaging in Malicious Cyber-Enabled Activities. Ari also led the successful White House rollout of the Cybersecurity Framework and the White House Cybersecurity Summit held at Stanford University.
Ari also served in the Department of Commerce, where he advised the secretary on technology policy matters related to the National Institute of Standards and Technology (NIST), the National Telecommunications and Information Administration (NTIA), and the U.S. Patent and Trademark Office (USPTO). He led the department’s Internet Policy Task Force and represented the Obama administration on major Internet policy issues on privacy and security before Congress, at public events, and before the media.
Ari began his career in Washington at OMB Watch. For twelve years, he worked at the Center for Democracy and Technology, including serving as vice president and chief operating officer, and developing legislation and policy related to privacy, cybersecurity, and open government
John Reed Stark is teaching Data Breach Response and Cybersecurity Due Diligence at Duke Law in the spring 2019 semester. He is a cybersecurity and data breach response expert and president of John Reed Stark Consulting LLC, where he quarterbacks teams of technical, compliance and legal experts in data breach, cyber-incident response, digital forensics, security science, cyber risk resilience and investigations for a public and private companies, professional service firms and government agencies. He is the author of The Cybersecurity Due Diligence Handbook, and has published numerous articles and comments frequently in the media on cyber-related topics, including regulation, compliance, risk resilience and incident response. He previously wrote a column for Compliance Week magazine and his blog, “Stark on IR,” can be found on Cybersecurity Docket (where he is also contributing editor).
Stark also serves as an expert in engagements pertaining to technological aspects of investigations, prosecutions and enforcement matters conducted by the SEC, FINRA and the U.S. Department of Justice (DOJ) and aids in structuring and running corporate compliance projects for broker-dealers, investment advisers and other regulated entities. He provides neutral expert testimony in the realm of technology and securities regulation on behalf of individuals and entities, including in opposition to, and on behalf of, the SEC and other government agencies.
Stark’s 20 year career at the U.S. Securities and Exchange Commission included an 11-year tenure as founder and chief of its Office of Internet Enforcement, during which he led an extensive range of substantial and pioneering SEC enforcement actions. During his subsequent tenure as managing director and Washington, D.C. office head at Stroz Friedberg LLC, an international digital risk management firm, he gained an unusual breadth of experience in the realm of technology-related law enforcement and regulation; in cyber-incident response and digital risk resilience; and in leading all varieties of technology-related crisis management. He has received numerous acknowledgements as being among the top securities and enforcement attorneys and data breach response attorneys in the country.
Stark taught a course on law, regulation, cybercrime, and technology at Georgetown University Law School for 15 years and a similar course during Duke Law School’s Wintersession in 2017 and 2018. He has also taught a range of in-service sessions on cybercrime at the FBI Academy in Quantico, Va. Stark received his JD at Duke Law School in 1989 and is a member of the Law School’s Board of Visitors. He received the Law School’s Young Alumni Award in 2004. He received his BA in 1986 from Union College.
Shane T. Stansbury is the Robinson Everett Distinguished Fellow in the Center for Law, Ethics, and National Security and a Senior Lecturing Fellow in Law. Shane served for more than eight years as Assistant United States Attorney in the Southern District of New York (SDNY), where he led some of the office’s most sensitive and noteworthy prosecutions in the areas of terrorism, cybercrime, espionage, money laundering, international public corruption, and global weapons trafficking. Among Shane’s many accomplishments at SDNY were the successful prosecutions of Alfonso Portillo, the former President of Guatemala, for money laundering relating to his receipt of millions of dollars in bribery payments; Minh Quang Pham, a former associate of Anwar al-Awlaki and key operative for al Qaeda in the Arabian Peninsula (AQAP), for terrorism offenses; Xu Jiaqiang, for his theft of highly sensitive source code with the intent to benefit the Chinese government; and Rafael Garavito-Garcia, for his role in orchestrating an international weapons-and-narcotics trafficking scheme that extended to the highest levels of the Guinea Bissau government, including the head of the Armed Forces. Shane served in a number of other capacities at SDNY, including as Acting Deputy Chief of Appeals and as SDNY’s representative in the Department of Justice’s National Security Cyber Specialists Network, a group of prosecutors focusing on cyber threats to the national security. He is the recipient of numerous awards for his work as a prosecutor, including the Attorney General’s Distinguished Service Award and the Federal Law Enforcement Foundation’s Prosecutor of the Year Award.
Prior to becoming a federal prosecutor, Shane was a litigator at WilmerHale where he focused on international litigation and arbitration, foreign anti-corruption investigations, and white-collar criminal matters. He also represented members of Congress and others in defending the constitutionality of the Bipartisan Campaign Finance Reform Act before the Supreme Court. Shane clerked for the Honorable M. Margaret McKeown of the Ninth Circuit Court of Appeals and the Honorable Robert W. Sweet of the United States District Court for the Southern District of New York. He received his J.D. from Columbia Law School, where he was Articles Editor for the Columbia Law Review; his M.P.A. from Princeton’s Woodrow Wilson School of Public and International Affairs; and his A.B. from Duke.
Christopher Steed is the Chief Investment Officer and Managing Partner at Paladin Capital Group. Mr. Steed joined Paladin in 2008, and he currently leads the development and implementation of the Firm’s multi-stage, national security-related investment strategy, particularly in Paladin’s global IT and Cyber Security portfolios. He is also responsible for deal sourcing, deal execution, and portfolio company management, and he has provided board-level oversight for numerous Paladin portfolio companies, including Bugcrowd, CertiVox, Courion, Endgame, Nexidia, PhishMe, and QuantaLife (among others). Prior to joining Paladin, Mr. Steed worked in Merrill Lynch’s Private Banking and Investment Group (PBIG), the ultra-high-net-worth division of its Private Client Group, and he is also a member of the Chartered Alternative Investment Analyst Association (CAIAA), holding the Association’s professional designation with a specific focus on asset allocation and risk management strategies in private equity and venture capital.
Bob Sullivan is a veteran journalist and the author of five books, including New York Times Best-Sellers, Gotcha Capitalism and Stop Getting Ripped Off! He has won the Society of Professional Journalists Public Service Award, a Peabody award, a Carnegie Mellon University CyLab Cybersecurity Journalism Award,
and the Consumer Federation of America Betty Furness Consumer Media Service Award. He spent nearly two decades working at MSNBC.com and NBC News, and he still appears on TODAY, NBC Nightly News, and CNBC. He’s now a syndicated columnist and frequent TV guest. He is also host of AARP’s The Perfect Scam podcast, co-host of the podcast / audio documentary “Breach”, which examines history’s biggest hacking stories, and co-host of the podcast “So, Bob,” which tackles stories about the unintended consequences of technology. His latest podcast is called Debugger, exploring issues at the intersection of technology and democracy, produced in cooperation with Duke University’s Sanford School of Public Policy and the Kenan Institute for Ethics.
He holds a master’s degree in journalism from the University of Missouri and a degrees in history and mathematics from Fairfield University. He is on the advisory board of the University of Georgia journalism school’s Cox Institute for Media Innovation and is a mentor/editor at the Op-Ed Project.
He worked for MSNBC.com/NBC News for nearly 20 years, much of them creating and writing the popular consumer/tech blog The Red Tape Chronicles. Now an independent journalist, he is still a contributor on CNBC.com and NBCNews.com, and continues to appear on NBC TV programs as a consumer and technology expert. He is a syndicated columnist, writing about fraud, scams, and the economy. His stories have also appeared in The New York Times, New York magazine, and on dozens of other sites.