Voltage Security Advisory Board

• Matt Franklin, Professor of Computer Science, U.C. Davis
• Paul Kocher, President, Cryptographic Research
• Eric Rescorla, Chief Scientist, Network Resonance
• Phil Rogaway, Professor of Computer Science, U.C. Davis
• Brian Snow, Former Technical Director, NSA

• Stephen R. Katz, Former CISO, Citigroup
• Paul LeFort, Former CIO, United Healthcare
• Scott Loftesness, Partner, Glenbrook Partners
• Ken Tyminski, Former VP and CISO, Prudential Insurance

Matt Franklin, Professor of Computer Science

Dr. Matt Franklin is an Associate Professor in the Computer Science Department at U. C. Davis, where he has taught since Fall 2000. He has over forty publications on cryptography and security in scientific journals and refereed conference proceedings. He received his Ph.D. in Computer Science from Columbia University in 1994, supported by an AT&T Bell Laboratories scholarship. From 1994 to 2000, he was a research scientist at Bell Labs in Murray Hill, NJ; AT&T Labs in Florham Park, NJ; and Xerox PARC in Palo Alto, CA.

In 2001, Dr. Franklin received a Packard Foundation Fellowship in Science and Engineering, and an NSF CAREER Award. He is on the Editorial Boards of the Journal of Cryptology and the Journal of Computer Security. In 2004, Prof. Franklin was the Program Chair for the annual Crypto Conference in Santa Barbara, CA.

Paul Kocher, President, Cryptographic Research

Paul Kocher is President and Chief Scientist of Cryptography Research. His works include designing numerous cryptographic applications and protocols, including SSL v3.0, the world's most widely used security protocol. In addition to leading the team at CRI that discovered differential power analysis and designed the record-breaking DES key search machine "Deep Crack", he is also credited with discovering timing attack cryptanalysis and co-founding ValiCert, Inc.

At Cryptography Research, he currently leads long-term research projects in areas including tamper resistance, content protection, fraud prevention for financial services, and network security. His work has been reported in forums ranging from technical journals and Scientific American to CNN and the front page of The New York Times.

Paul LeFort, Former CIO, United Healthcare

With more than 30 years of experience in information technology and healthcare, Paul LeFort most recently served as Chief Information Officer for UnitedHealth Group (UHG), a $19 billion healthcare company; there he managed a staff of 3,000 and an annual budget of $450 million. Under his leadership, UnitedHealth Group's IS organization was named by ComputerWorld magazine as one of the "100 best places for IS professionals to work." Mr. LeFort led the growth, acquisition and integration of technology activities as UHG grew to $20 billion in revenue. He has been selected as one of the Premier 100 CIO’s by Computerworld and Forbes recognizes UHG as one of the 28 best users of technology.

He served for 3 years as a large scale Customer Advisor to IBM and on the Board of the Managed Care Executive Group. During 1995 he was a Senior Vice President and CIO for MetraHealth Companies, Inc., which was jointly owned by Travelers Insurance Company and Metropolitan Life and subsequently acquired by UHG. From 1975 through 1994, Mr. LeFort was a Senior Partner at Deloitte Consulting in the Health Care industry. He served over 140 Health Care clients, including managed care organizations, large physician provider groups, hospitals and industry technology suppliers. He performed a variety of projects with a focus on technology usage, operations improvement, strategy and merger and acquisition analysis.

Mr. LeFort received his B.S. degree in Physics/Economics from Boston College in 1962. He is also a Director of The Trizetto Group (NASDAQ:TZIX), Advisor to HLM Opportunities Fund, and an independent management consultant.

Scott Loftesness, Partner, Glenbrook Partners

With over 30 years of experience in information technology—as a senior executive, board member, private investor, consultant, advisor, and CEO mentor—Scott brings extensive operating experience, seasoned judgment and a unique business and technology perspective to his work with Glenbrook. He is an active private investor, member of the board of directors and advisor to a number of companies in the electronic payments, Internet infrastructure, and security markets.

Before founding Glenbrook Partners, Scott was Group Executive Vice President at First Data Merchant Services, where he helped build FDMS into the world's largest credit-card merchant processor. Scott also served as Group Executive Vice President at Visa International, where he was responsible for defining Visa's global payment systems strategies, including Visa's research and development initiatives related to card payments, Internet payments and smart cards. Scott began his career at IBM where he spent over 17 years.

Stephen R. Katz, Former CISO, Citigroup

For over twenty-five years, Steve has been directly involved in establishing, building and directing Information Security and Privacy functions. He is the founder and President of Security Risk Solutions, an information security company providing consulting and advisory services to major, mid-size, startup and venture capital companies. Steve is an Executive Advisor to Deloitte, is on the Board of Directors of nCircle Inc, on the Technology Advisory Board of Phoenix Technologies and is on the Advisory Board of CSO Magazine. Steve is also a member of the (ISC)² Americas Advisory Board for Information Systems Security.

Steve organized and managed the Information Security Program at JP Morgan for ten years. In 1995, he joined Citicorp/Citigroup after the Russian hacking incident. At Citi, Steve was the industry's first Chief Information Security Officer. He spent the next six years directing Citigroup’s global Corporate Information Security Office.

Steve then joined Merrill Lynch as their Chief Information Security and Privacy Officer, where he organized and instituted the company-wide privacy and security program.

Steve has testified before Congress on numerous information security issues, and in 1998 was appointed Financial Services Sector Coordinator for Critical Infrastructure Protection by the Secretary of the Treasury. He was also the first Chairman of the Financial Services Information Sharing and Analysis Center (FS/ISAC), and is an Advisor to the FS/ISAC Board of Directors.

Eric Rescorla, Chief Scientist, Network Resonance

Eric Rescorla is Chief Scientist of Network Resonance, Inc., a networking research and development company in Palo Alto, California and a recognized expert in the field of network and communications security.

In his consulting practice, he has led a number of research and development projects that combined communications security and advanced distributed systems for clients ranging from startups to Fortune 50 companies. He publishes widely in both academic and popular forums and his research has been reported in CNET, the New Scientist, and The New York Times.

Eric is also active in the standards process. He is co-chair of the IETF TLS Working Group and has served on the Internet Architecture Board since 2002. He is also the editor of the TLS and HTTP over TLS specifications, as well as numerous other IETF documents. He is the author of the standard text on SSL/TLS, SSL and TLS: Designing and Building Secure Systems.

Phil Rogaway, Professor of Computer Science, U.C. Davis

Phil Rogaway is a professor in the Department of Computer Science at the University of California, Davis, USA. He is also a regular visitor to the Department of Computer Science at Chiang Mai University, Thailand. Phil studies cryptography, protocols, network security, and the theory of computation. He has done extensive work on the application of encryption algorithms, including authenticated encryption, Variable Input Length ciphers, wide-block ciphers, and the encryption of finite sets.  This work has been applied to solve problems in disk encryption, network traffic encryption, and Format-Preserving Encryption. Recently he has worked to develop an area of "practice-oriented provable security." The aim there is to use theoretically sound techniques, mostly reductions, as the basis for the design and analysis of practical cryptographic protocols. The approach is yielding cryptographic protocols in diverse domains with improved performance and security characteristics.

Phil received an NSF CAREER Award in 1996 for his proposal, Practice-Oriented Provable Security. He is a member of IEEE, ACM, IACR (International Association for Cryptologic Research), and CPSR (Computer Professionals for Social Responsibility).

Brian Snow, Former Technical Director, NSA

Mathematician and computer scientist, Brian taught mathematics and helped found the computer science department at Ohio University in the 1960’s. He joined the National Security Agency in 1971 where he became a cryptologic designer and security systems engineer.

Brian spent his first 20 years at NSA doing and directing research that developed cryptographic components and secure systems. Many cryptographic systems serving the U.S. government and military use his algorithms; they provide capabilities not previously available, and span a range from nuclear command and control to tactical radios for the battlefield. Computer Security and Network Security were major aspects for these systems. He created and managed NSA’s Secure Systems Design division in the 1980s. He has many patents, awards, and honors attesting to his creativity.

His later years at NSA were the model for what it means to be a senior Technical Director at NSA (similar to a Chief Scientist or Senior Technical Fellow in industry); he served in that capacity in three major mission components – The Research Directorate (1994-1995), The Information Assurance Directorate (1996-2002), and The Directorate for Education and Training --NSA’s Corporate University (2003-2006).

He was the first Technical Director appointed at the “Key Component” level at NSA, and the only “techie” at NSA to serve in such a role across three different Directorates.

In all of his positions, he insisted that the actions NSA took to provide intelligence for our national and military leaders should not put U.S. citizens’ persons or rights at risk. He was a leading voice for always assessing the unintended consequences of both success and failure prior to taking action.

Brian graduated from the University of Colorado with a BSc and MA in Mathematics.

Ken Tyminski, Former VP and CISO, Prudential Insurance

Ken is a 32 year veteran of the IT industry with a focus in the area of information security and risk management.

He most recently served as Vice President and Chief Information Security Officer for the Prudential Insurance Company of America.  In this position he was responsible for ensuring that Prudential’s business systems were architected appropriately, implemented securely and protected from malicious outsiders and insiders.   As CISO, he also led Information Security Office for Prudential, which established policies, standards and ensured controls were in place for millions of users, thousands of branches and hundreds of offices across the country and internationally.

Prior to his assignment as Prudential’s first Chief Information Security Officer, Ken held several other prominent positions. While working in the Corporate Technology Services organization he managed the Operations Control Center, overseeing the entire technology operation for the enterprise. Ken has also managed Information Technology Help Desks, IT Controls and Compliance functions, Technology Research and Software Engineering organizations. Throughout his career he has demonstrated his ability to create and manage enterprise scale technical and operational organizations. Ken is well known in the industry as a visionary, strategic thinker and early adopter. He has served on the advisory boards of several companies including Agiliance, Aternity and Citadel Security (now McAfee).

Ken graduated Magnum Cum Laude from Upsala College with a BS degree in Business Administration.  He also has earned a certificate in Electrical Engineering Technology from New Jersey Institute of Technology.