SAFECode Board Members

BLOG	HOME	PUBLICATIONS	MEMBERS
	ABOUT US	MISSION / FAQ	CONTACT
	NEWS & EVENTS	BY-LAWS	RESOURCES
	CONTRIBUTORS	ADVISORY BOARD	BOARD

SAFECode BOARD MEMBERS>

BOARD OF DIRECTORS

  * Brad Arkin
  * Eric Baize
  * Gunter Bitz
  * Bob Dix

  * Steven Lipner
  * Dr. Frances Paulisch
  * Gary Phillips
  * Janne Uusilehto

Brad Arkin - Senior Director, Engineering Security, Standards, Open Source and Accessibility
Adobe Systems Incorporated

Brad Arkin is the senior director of security for Adobe products and services. In his role, Arkin leads the Adobe Secure Software Engineering Team (ASSET) responsible for ensuring Adobe's products are designed, engineered and validated using security best practices, as well as the Product Security Incident Response Team (PSIRT) dedicated to responding to and communicating about security issues. Arkin also oversees the Corporate Standards Group responsible for coordinating Adobe’s involvement with standards bodies such as the International Organization for Standardization (ISO) and the World Wide Web Consortium (W3C), as well as the open source and accessibility teams.

Prior to joining Adobe, Arkin held management positions at StepNexus, Symantec, @Stake and Cigital.

Arkin is currently a board member of SAFECode, the Software Assurance Forum for Excellence in Code. He is also a member of the BSIMM (Building Security In Maturity Model) advisory board, the SAP Security Advisory Board, and the customer advisory boards for security consultancy iSec Partners and security tools vendor Veracode.

Arkin holds a BS in computer science from the College of William and Mary, an MS in computer science from George Washington University, and an MBA from Columbia University and London Business School.

Adobe is changing the world through digital experiences. For more information, visit www.adobe.com.

Eric Baize - Senior Director, Product Security Office EMC

Eric Baize leads EMC’s Product Security Office with company-wide responsibility for product security assurance, covering vulnerability response handling, security development lifecycle implementation and coordination of security certifications. He also represents EMC on SAFECode’s Board of Directors. Additionally, Mr. Baize leads RSA’s product strategy for securing virtual and physical infrastructures.

Previously, Mr. Baize pioneered EMC’s push towards security. He was a founding member of the leadership team that defined EMC’s vision of information-centric security, and which drove the acquisition of RSA Security and Network Intelligence in 2006.

Prior to joining EMC, Mr. Baize held various positions for Groupe Bull in Europe and in the US where he was successively the security architect, product manager and director of security strategy, responsible for the company’s security product line.

Mr. Baize holds a M.S. degree in Computer Science from Ecole Nationale Supérieure des Télécommunications in Brest, France, and is a Certified Information Security Manager (CISM) by the Information Systems Audit and Control Association (ISACA). He is holder of a US patent, author of international security standards and a regular speaker at security conferences in the US and Europe.

Gunter Bitz - Senior Manager Product Security SAP AG

Dr. Gunter Bitz (MBA and CISSP) is responsible for the Product Security Governance and Strategy at SAP AG. This includes testing security strategies to find security vulnerabilities in the software products and to ensure the integrity of the software supply chain.

As Director of SAP’s fraud prevention competence center, Dr. Bitz has developed concepts for financial fraud detection and prevention by means of using IT systems as an automated detection of misconduct.

Previously, he was an information security manager for SAP, where he was responsible for protecting SAP’s intellectual property. Dr. Bitz has also developed and implemented measures to protect SAP from the consequences of industrial espionage.

Dr. Bitz presents his work regularly in front of international audiences such as at the RSA and the Information Security Solutions Europe (ISSE) conferences. He is also a member of several committees for various security conferences.

For more information: https://www.xing.com/profile/Gunter_Bitz

Bob Dix - Vice President, Government Affairs & Critical Infrastructure Protection Juniper Networks, Inc.

Bob Dix is the Vice President of Government Affairs & Critical Infrastructure Protection for Juniper Networks. Mr. Dix is a widely recognized subject matter expert and a leading policy expert in furthering government—especially in industry partnerships to protect this nation’s critical infrastructure.

Mr. Dix has served in senior executive positions in the IT sector. Prior to joining Juniper, he served as the Executive Vice President for Government Affairs & Corporate Development at Citadel Security Software. While with Citadel and continuing at Juniper, Mr. Dix has been active in IT and Telecommunications industry leadership roles.

Among his various roles with Juniper, Mr. Dix serves on the Industry Executive Subcommittee (IES) of the President’s National Security Telecommunications Advisory Committee (NSTAC). Mr. Dix represented Juniper as Chair of the Cyber Security Collaboration Task Force and also participates on several other NSTAC initiatives, examining issues related to national security and emergency preparedness communications.

Dix is active with the Partnership for Critical Infrastructure Security (PCIS), where he is the principal representative of the IT sector, and was elected to the Executive Committee in 2008. Dix has been active in facilitating improved integration of the private sector CI/KR community into the planning and execution of the National Exercise Program, testing our nation’s emergency preparedness, including the TOPOFF, NLE, and Cyber Storm series of National Level Exercises.

Dix also represents Juniper Networks on the National Security Task Force of the U. S. Chamber of Commerce and with TechAmerica. He continues to represent Juniper and participate with the IT-ISAC and the Communications Sector Coordinating Council, and also represents Juniper on the Board of Directors for SAFECode.

Steven B. Lipner - Partner Director of Program Management, Trustworthy Computing Security Microsoft Corporation, Chairman of SAFECode

Steven B. Lipner is Partner Director of Program Management at Microsoft Corp where he is responsible for programs that provide improved product security for Microsoft customers. Lipner leads Microsoft’s Security Development Lifecycle (SDL) team and is responsible for the definition of Microsoft’s SDL and for programs to make the SDL available to organizations beyond Microsoft.

Lipner joined Microsoft in 1999. In late 2001, Lipner and his team devised the strategy of “security pushes” that, as part of the Trustworthy Computing initiative, enabled Microsoft to make rapid improvements in the security of its software and to change the corporate development culture to emphasize product security. The SDL is the product of these improvements, and is widely viewed as the industry’s leading secure software development process.

Before joining Microsoft, Lipner worked for a variety of software vendors and government contractors as a researcher, consultant, development manager and general manager in IT security. Many of the concepts whose development he led form the basis for today’s approaches to building secure systems.

Lipner is coauthor with Michael Howard of The Security Development Lifecycle (Microsoft Press, 2006) and is named as inventor on twelve U.S. patents and two pending applications in the field of computer and network security. He served two terms on the United States Information Security and Privacy Advisory Board and its predecessor. Lipner holds S.B. and S.M. degrees from the Massachusetts Institute of Technology and attended the Harvard Business School’s Program for Management Development.

Dr. Frances Paulisch - Head of the Software Initiative Siemens AG

Frances Paulisch drives cross-company initiatives related to software and to IT security for products and solutions. These activities include strategic topics, best practice sharing, reporting, and training. A main focus of her work is empowering cross-functional teams to work together well over the whole development lifecycle. In particular with a focus on how to realize not only the set of features but also other relevant attributes such as performance, security, scalability etc. At Siemens she has driven the development of a role-based "Software Curriculum" qualification program which is established as one of the global core learning programs at Siemens. Dr. Paulisch has over 20 years experience in software engineering and management areas.

She is also active member of the global software engineering community, playing an active role in various major software conferences such as the International Conference on Software Engineering. She is also Chair of the Advisory Board of the IEEE Software magazine.

She received her doctorate in software engineering at the University of Karlsruhe in Germany and her Masters in Computer Science at Purdue University.

Gary Phillips - Senior Director, Technology Assurance Symantec

Gary Phillips is a Senior Director of Technology Assurance in the Office of the CTO for Symantec Corporation and is a member of SAFECode’s Board of Directors. In his position at Symantec, Mr. Phillips manages a diversity of responsibilities, including open source operations and strategy, product security, interactions with all standards bodies, standards compliance, shared development tool investigations, shared code management, technology control planning and software supply chain management.

Prior to joining Symantec, Mr. Phillips held several senior management and technology leadership positions for Compaq, Schlumberger, Western Geophysical, and Fairchild. He is also currently a member of the Storage Networking Industry Association (SNIA) board of directors, the International Committee for IT Standards (INCITS) executive board, the Software and Information Industry Association software board, and the board of directors for IT-ISAC.

Mr. Phillips earned his Bachelors degree in Computer Science from the Georgia Institute of Technology and attended graduate school at the University of South Florida and the University of Houston.

LinkedIn: http://www.linkedin.com/in/glphillips

Janne Uusilehto - Head of Product Security Nokia Vice Chairman of SAFECode

Janne Uusilehto is the Vice Chairman of SAFECode and he is also the Head of Nokia Product Security for which he is globally responsible for Nokia’s product security development. His team is the overall owner of Product Security and Product Security related education, awareness and process improvement tasks. He started working for the company in 1998.

Mr. Uusilehto first started his career in the ICT industry in 1982 where he worked as an independent software developer and consultant for small businesses. He then started working with security related tasks as an IT Support and Electronic Banking Specialist for several Finnish banks. Mr. Uusilehto was also a member of the Merita-Nordbanken Cash Management Services team who initiated Internet sales portals for Finland in mid 1990’s.

Currently, Mr. Uusilehto is also a member of several Nokia internal security related management boards, Nokia’s main representative to Trusted Computing Group, Chairman of TCG Mobile WG, and Chairman of DIGITALEUROPE mobile Security Issue group.

LinkedIn: http://www.linkedin.com/in/uusilehto