Presentations and Publications

Presentations | Sample Feedback | Publications


Presentations

March 2024

  • “Cyber Attacks, AI Weaponry, & the Future of National Security Policy”, W&M National Security Conference

January 2024

October 2023

September 2023

  • Cyber Security Headlines: Week in Review (September 11 – 15, 2023)
  • “How to Make AI Safer: the Empowering Solutions of W3C Solid”, Solid World

June 2023

  • “Realities of Securing Big Data in the Age of AI”, IaaS Customer Advisory Council

June 2023

  • “Disinformation history and what it means for the future of AI”, Tech Discovery Conference
  • “Collaborating for Breakthroughs: How Corporates and Deeptech Startups Can Work Together”, Tech Discovery Conference

April 2023

August 2022

April 2022

  • “Toward Architecture-Driven Interdisciplinary Research — Learnings from a Case Study of COVID-19 Contact Tracing Apps”, Discussant for the Data Law and AI Ethics Research Colloquium

March 2022

January 2022

October 2021

September 2021

May 2021

April 2021

February 2021

November 2020

  • OWASP for AI: the Open Web AI Security Project”, OWASP OC
  • Panelest for “Virtual Data Privacy Conference on Pandemic Surveillance“, co-hosted by Penn State’s Institute for Computational and Data Sciences (ICDS) and Privacy Innovation Lab of Tomorrow (PILOT), Duke’s Kenan Institute for Ethics and the InternetLab in São Paulo, Brazil

October 2020

  • “AI Auditing”, ISACA SF Fall Conference
  • “Preparing for Data Decentralization and Verifiable Credentials”, ISACA SF Fall Conference
  • Episode 100: Ethics/Discrimination of AI”, Hacker Valley Studio

September 2020

August 2020

  • “Privacy in an Internet Era”, Southeastern Association of Law Schools (SEALS)

July 2020

June 2020

May 2020

April 2020

March 2020

  • POSTPONED // “The Catcher in the AI: Hackers on ‘The Other Side'”, Sleuthfest
  • POSTPONED // “Regulating Technology: Issues and Ethics”, Panelist, Roger Mudd Center for Ethics, Washington and Lee University

February 2020

December 2019

  • POSTPONED // “Dr. Frankenstein Got Wheels: Are we Creating Monsters or Meaningful Mobility?”, Future of AI in Automotive, VDI Wissensforum
  • POSTPONED // “Hype meets reality, opportunities meet ethics: Do we need a morality framework for AI enabled cars and what is really possible?”, Future of AI in Automotive, VDI Wissensforum
  • “Whose AIs Are On Your Data: How Web De-Centralization May Be the Civil Rights Battle of Our Time”, Hackers Next Door

November 2019

  • “Advances in Network Visibility”, IANS Boston
  • “IOT: Who Owns Device Risk Management”, IANS Boston
  • “Getting Control of Container Security”, IANS Boston
  • “Breaking a Failed Vulnerability Management Cycle”, IANS Boston
  • “Vendor Optimization: Thinning the Herd”, IANS Boston

October 2019

  • Keynote: “An Introduction to Solid”, ISACA SF Fall Conference
  • “Auditing AI and Things”, ISACA SF Fall Conference

September 2019

August 2019

June 2019

  • “Getting Control of Container Security”, IANS LA
  • “Prioritizing Privilege Management”, IANS LA
  • “Cutting Through the AI/ML Vendor Hype”, IANS LA

May 2019

  • “How to Recruit and Retain the Best People”, IANS NYC
  • “Vendor Optimization: Thinning the Herd”, IANS NYC
  • “Getting Control of Container Security”, IANS NYC
  • “Breaking a Failed Vulnerability Management Cycle”, IANS NYC
  • “Case Study: How One Company Uses AI/ML”, IANS NYC

April 2019

March 2019

January 2019

November 2018

  • Cybercrime 2020: Revisiting the Future of Online Crime and Investigations“, Georgetown Law and the U.S. Department of Justice
  • “A Practical Guide to Endpoint Protection and UEBA”, IANS Boston
  • “Encryption: The Good, The Bad and The Ugly”, IANS Boston
  • “Securing Hybrid Clouds in a Post-CASB World”, IANS Boston
  • “Advantages and Risks of Containerization”, IANS Boston

October 2018

September 2018

August 2018

July 2018

June 2018

May 2018

  • Security in a World of Intelligent Machines,” Private Event – Invited Lecturer
  • “A Practical Guide to Endpoint Protection and UEBA,” IANS LA
  • “Securing Hybrid Clouds in a Post-CASB World,” IANS LA
  • “Moving to the Cloud: What Works, What Doesn’t and What to Do About It,” IANS LA
  • “Prioritizing Privilege Management,” IANS LA
  • “Machines at Work: Engineering Safety in a Big Data World,” IANS DC

April 2018

  • “Machines at Work: Engineering Safety in a Big Data World,” IANS Seattle

March 2018

  • “Making Cloud Simpler With Security Built-in Instead of Bolt-on,” Ziff-Davis Webinar
  • “Managing Your Mobile Risk Future,” IANS NYC
  • “Encryption – The Good, the Bad and the Ugly,” IANS NYC
  • “Prioritizing Privilege Management,” IANS NYC
  • “Identity: One Cloud Control to Rule Them All,” IANS NYC

January 2018

November 2017

  • “Managing Cloud Security Design and Implementation in a Ransomware World,” MongoDB Europe

October 2017

  • “Safe Shipping With Big Data: Don’t Make It an Oar Deal”, ISACA-SF
  • “Hunting The Unknown With AI”, ISACA-SF
  • “Mission Possible: A DevSecOps Odyssey”, WhiteHat Security Webinar

September 2017

  • “CISO Roundtable on Emerging Issues: Artificial Intelligence,” IANS Philly
  • “Implementing Big Data and SIEM,” IANS Philly
  • “Cloud Access Security Brokers,” IANS Philly
  • “Managing Cloud Security Design and Implementation,” IANS Philly

August 2017

July 2017

June 2017

  • “Managing Cloud Security Design and Implementation in a Ransomware World,” MongoDB World

May 2017

  • “DevSecOps – Security at the Speed of Innovation,” IANS Austin
  • “Effective Threat-Hunting Tactics and Toolkits,” IANS SF
  • “IDAM in the Cloud: A Strategy Session,” IANS SF
  • “Managing Cloud Security Design and Implementation,” IANS SF

Feb 2017

November 2016

October 2016

August 2016

June 2016

February 2016

January 2016

  • “Making Bones About It: Autonomous Drone Discovery of Forgotten Graves,” SF DataKind Meetup

December 2015

  • “Warning, Slippery Road Ahead: Preserving Privacy With Self-Driving Cars,” International VDI Conference – Automotive Big Data
  • “Five Steps to Safer Mobile Collaboration,” Ziff-Davis Webinar on behalf of Dropbox

November 2015

  • “Auditing Big Data: The Ethics of Machine Learning”, SF ISACA Fall Conference
  • “Securing the Internet of Things”, SF ISACA Fall Conference

August 2015

  • “Building Secure Clouds”, VMworld

July 2015

  • “Compliance and Big Data: Can They Coexist?”, IANS Webinar

May 2015

  • “Securing the OpenStack for Fun and Profit,” Cloud Security World 2015

April 2015

November 2014

  • “Practical Cloud Deployments and Secure OpenStack Strategies”, Fast and Secure Conference
  • “New Security Models for IoT”, IoT Expo
  • “Auditing Social Media”, ISACA Edu Panel
  • “Panel: Securing Mobile and BYOD”, ACSC Annual Conference

October 2014

  • “Babar-ians at the Gate: Data Protection at Massive Scale”, IANS Keynote
  • “Auditing an Internet of Things”, ISACA-SF 2014
  • “Auditor Tales from the Trenches of Big Data,” ISACA-SF 2014
  • “Realities of Securing Big Data,” 2014 CS Graduate Student Course, St. Polten
  • “7 Simple Ways to Deal With Serious Risks and Elephantine Security Challenges,” BlackHat EU 2014

September 2014

  • “Regulatory Compliant Cloud Computing and Content Distribution Networks,” IX Taller Internacional, Comision de Regulacion de Comunicaciones, Columbia
  • “Trusted IT: How EMC, VMware, Pivotal and RSA Together Redefine Security,” RSA Summit 2014
  • “The Pizza Box Zombie Mall Bank Accounts of Despair: Why CISOs Love Metaphors,” Yahoo Security Summit 2014

August 2014

  • “Babar-ians at the Gate: Data Protection at Massive Scale,” Blackhat USA 2014
  • “Role of Regulation in Protection – Continuous Diagnostic Monitoring (CDM), PCI, and more,” Blackhat Executive Summit 2014
  • “The Insider Threat and the Cloud: Harsh Reality in the Wake of Recent Security Breaches,” VMworld 2014
  • “Security Analytics: Challenges Opportunities, and New Directions,” UW CSE MSR Summer Institute

July 2014

  • “Cloud Trust Redefined: Eight Essential Steps in a Strong Defense,” RSA Conference Asia Pacific & Japan 2014
  • “How to Hadoop Without the Worry: Protecting Big Data at Scale,” RSA Conference Asia Pacific & Japan 2014
  • “Certificate Management in the Cloud,” BrightTALK Panel 2014

June 2014

May 2014

  • “Baby Got Risk: I like Big Data and I Can Not Lie,” BSidesNOLA
  • “Delivering Big Data, Security at Scale,” SOURCE Dublin
  • “Embracing a Zero Trust Security Model,” Cyphort Meetup
  • “Protecting Big Data at Scale,” CONFidence 2014

April 2014

March 2014

February 2014

January 2014

  • “Data Whales and Troll Tears: Beat the Odds in InfoSec,” ShmooCon

December 2013

November 2013

September 2013

  • “Auditing Big Data for Privacy, Security and Compliance,” ISACA-SF
  • “#HeavyD: Stopping Malicious Attacks Against Data Mining and Machine Learning,” ISACA-SF
  • “Active Defense 2013,” ISACA-SF

August 2013

June 2013

May 2013

  • “Big Data Security: Emerging Threats and How to Predict Them,” SOURCE Dublin

March 2013

  • “Is it Whack to Hack Back a Persistent Attack?” Panel with Trend Micro and CrowdStrike, 2013 RSA Conference, San Francisco
  • “Big Data, Pirates and Bourbon: Secure All the Things,” b:Secure Conference, Mexico City

February 2013

January 2013

  • “Big Data Risk,” Panel with Symantec, NetApp and Astute at ViaWest

December 2012

  • “Defending the Virtual Environment,” Hands-on Workshop, CONSEGI
  • Cyberfall: Active Defense 2012,” CONSEGI
  • “Hybrid Cloud Identity Management,” GigaOM Pro Webinar with Ping Identity

November 2012

October 2012

September 2012

August 2012

  • “Top 5 Considerations for Website Vulnerability Assessments,” Ziff Davis/Symantec Webinar
  • “Mind The Gap: Making PCI Compliance Reality Through Predictive Network Modeling and Visualization,” RedSeal Networks Webinar
  • “vSphere Hardening to Achieve Regulatory Compliance: Better, Faster, Stronger,” VMworld US 2012
  • “Securing a Virtualized PCI Environment Using vShield and vCenter Configuration Manager,” VMworld US 2012
  • “Securing the Virtual Environment: Defending the Enterprise Against Attack,” VMworld US 2012
  • “Encrypt Your Cloud,” RSA China 2012
  • “Message in a Bottle: Finding Hope in a Sea of Security Breach Data,” RSA China 2012
  • Encryption for Clouds,” RSA Europe 2012 Podcast

July 2012

June 2012

May 2012

April 2012

March 2012

  • “Big Data Security, Big Challenges: Start Here”: A Chat with Dave Asprey, VP Cloud Security at Trend Micro, Structure:Data 2012
  • “Data Protection in the Cloud”, TechTarget Webcast

February 2012

January 2012

December 2011

  • “Sharpening the Axe: How to Chop Down a Cloud”, BayThreat

November 2011

October 2011

September 2011

August 2011

June 2011

May 2011

April 2011

March 2011

  • “Cloud Computing: A Multi-Disciplinary View from Technology, Business and Law”, IEEE, Riverbed, Santa Clara University School of Engineering and Leavey School of Business

February 2011

January 2011

  • “vCloud Engineering Update: Monitoring and Logs”, VMware/LogLogic Kickoff

December 2010

  • “Cloud Investigations and Forensics”, RSA Podcast
  • “All Clouds Love Logs. Yes, Logs”, BayThreat, Hacker Dojo

November 2010

October 2010

September 2010

August 2010

July 2010

June 2010

April 2010

  • “Top 10 Security Breaches”, RSA Conference Webcast
  • “Segmentation for PCI Compliance”, Crossbeam San Francisco Executive Briefing

March 2010

January 2010

September 2009

June, 2009

May 2009

April 2009

March 2009

February 2009

January 2009

2008

2007 and earlier

  • “False Voices: the Impact of Culture on Information Security”, Central States Anthropological Society (CSAS) Meetings, April 2007
  • “False Harmony: Racial, Ethnic, and Religious Stereotypes on the Internet”, National Association for Ethnic Studies (NAES) Conference, November 2006
  • “Maintaining Your Organization’s Privacy”, Las Positas Chapter of the International Association of Administrative Professionals (IAAP), July 2006
  • “Maintaining Your Organization’s Privacy”, Annual Education Forum for the International Association of Administrative Professionals (IAAP), June 2006
  • “Manage Identities and Keys for the Retail Risk Model”, Retail Security Forum, November 2005
  • “Retailer Panel — More than One Way to Safety: Practitioners Discuss Their Methodology”, Retail Security Forum, November 2005
  • “Urgent/Confidential — An Appeal for your Serious and Religious Assistance”, Central States Anthropological Society (CSAS) Meetings, April 2004
  • “How to Build your own Information Security Assessment Practice”, Secure IT Conference, April 2004
  • “A Practical Approach to Implementing ISO/IEC 17799”, Secure IT Conference, April 2004
  • “Auditing Technology for Sarbanes-Oxley Compliance” San Jose State University, Information Systems Audit and Control Association (ISACA) Club, August 2003
  • “Should the Government Regulate Corporate Security?” Lighthouse Venture Forum breakfast discussion, June 2003
  • “Urgent/Confidential — An Appeal for your Serious and Religious Assistance”, National Association for Ethnic Studies (NAES) Conference, April 2003
  • “Secure Software Distribution”, Microsoft Certified Professional (MCP) TechMentor Summit on Security, July 2002
  • “Auditing Windows 2000”, Silicon Valley Information Systems Audit and Control Association (ISACA) Chapter Meeting, December 2002
  • “Shintiri: The Secret Language of the Comoros”, Central States Anthropological Society (CSAS), 1984

Publications


Sample Feedback

VMworld Conference 2011 LV: Penetration Testing the Cloud

  • “Excellent! Similar sessions needed,there’s a lot to cover!”
  • “Need more like this.”
  • “Great material, a lot too look into after session.”
  • “The instructor exceeded my expectations. His knowledge of the subject was deep and his passion for it also showed. Great stuff!”
  • “Excellent material. Speaker researched and developed the information exceptionally well. Extremely well presented.”
  • “This had to be one of the best sessions I have had at VMworld.”
  • “Very useful and applicable to my current situation.”
  • “This guy was an awesome speaker.”
  • “Great speaker – good use of real world examples / humor. Kept crowd engaged”
  • “Great speaker. Good insights. Need more speakers with this kind of technical content.”
  • “OVERALL AVERAGE: 4.63”

VMworld Conference 2010 SF: Compliance in the Cloud

  • “Davi’s talk on compliance is a disguise; it’s a fantastic talk on (security) quality & managing risk from an audit perspective #VMworld” — @Beaker (Christopher Hoff)
  • “Great session, incredibly valuable. The speaker did a very impressive job.”
  • “This was one of the better classes.”
  • “OVERALL AVERAGE: 4.23- highest score in [cloud] track!!!”

RSA Conference 2010: Top 10 Security Breaches

  • The Webcast was excellent and I would like to direct several colleagues to sign up and watch it. One of the best I have seen in a long time.
  • Best presentation of the day!
  • Excellent info.
  • Good content.
  • Great material.
  • Very relevant.
  • Best yet. Tells the story. Very effective.
  • Excellent and engaging – delivered exchanged info in highly engaging and funny manner.
  • Excellent, engaging speaker. One of the best I’ve heard.
  • Excellent.
  • Great speaker.