Power Speaker on Enterprise Cyber Security

G. Mark Hardy closes the gap between security issues and Return on Investment (ROI) because he is fluent in business and security issues. He was hand-picked to address the top executives of Fortune 1000 firms across the country in small group settings addressing an enterprise-wide accountability approach to security.

Comfortable in front of large audiences of technologists and at home with C-level executives, G. Mark Hardy can reach your audience effectively every time.

G. Mark Hardy has been providing information security expertise to government, military, and commercial clients for over 25 years. A long-standing industry veteran, he is a perennial speaker at major industry trade shows. As president of National Security Corporation, he directs the efforts of the information security consulting firm he founded in 1988.

Mr. Hardy's professional background includes information security planning and policy development, managing security assessment and penetration teams, data encryption and authentication (including "breaking" commercial cryptographic algorithms), software development and strategic planning for e-commerce, and writing commercial risk assessment software. He has developed information security plans for four U.S. Military commands, and wrote the communications security encryption requirements for an experimental military satellite program.

G. Mark is a founding member and on the Advisory Board of the National CyberWatch Center (www.nationalcyberwatch.org).

Selected Videos of Presentations

Military and Leadership Presentations

• 9/11 Leadership During Crisis - Lessons from Ground Zero, 1 of 2
• 9/11 Leadership During Crisis - Lessons from Ground Zero, 2 of 2

Security and Hacking Presentations

• RVAsec Keynote: Layer 8, (June 4, 2015)
• BSides DC 2015, Security Conference, Keynote: The New Face of Card Fraud
• CarolinaCon 9, How the West Was Pwned (2013)
• ShmooCon 2013, Hacking as an Act of War! (2013)
• DEF CON 18, Tales from the Crypto (audio, 2010)
• ToorCon 12 - Pwning Time, Part 1 of 4 (2010)
• ToorCon 12 - Pwning Time, Part 2 of 4 (2010)
• ToorCon 12 - Pwning Time, Part 3 of 4 (2010)
• ToorCon 12 - Pwning Time, Part 4 of 4 (2010)
• DEF CON 16, A Hacker Looks at 50 (2008)
• Weaponizing Digital Currency, InfoWarCon
• Security in the Cloud, IBM Security
• Defense Strategies for Upping Your Network Security Game (Beyond Trust Software)
• The Few, The Proud, The Privileged: Controlling the Use of Administrator Passwords (Beyond Trust Software)
• Security Intelligence: Better in a SOC Environment (IBM Security)
• They're Everywhere! They're Everywhere! (The Insider Threat in Government Agencies -- Hype or Hope?)
  

Education

B.A, Mathematics, Northwestern University
B.S., Computer Science, Northwestern University
M.B.A, Loyola College of Maryland
M.S.S., Masters of Strategic Studies,U.S. Army War College

Certifications

Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Global Information Assurance Certification Security Leader (GIAC)

Certified Instructor, SANS (2012-present) for the following courses:

• MGT512 - Security Essentials for Managers with Knowledge Compression (5 day course)
• MGT514 - IT Security Strategy, Policy, and Leadership (5 day course)
• MGT305 - Technical Communication and Presentation Skills for Security Professionals (1 day course)
• MGT414 - SANS Training Program for CISSP Certification (6 day course)
• MGT415 - A Practical Introduction to Risk Assessment (2 day course)
• MGT432 - Information Security for Business Executives (1 day course)
• MGT442 - Information Security Risk Assessment (2 day course)
• MGT519 - Information Security Policy In-Depth (2 day course)

Selected Keynotes and Presentations

• "Layer 8: Understanding Politics in Cyber Security, Keynote, RVAsec
• "Disruptive Tactics for Disrupting Terrorist Financial Operations," closing plenary session, INFOWARCON
• "Everybody's Been Hacked: Get Over It and Get On With It!," keynote Seattle WA, 2015
• "Cyber Leadership: How to Win the Battle AND the War," keynote, IBM conference, Toronto CA 2015
• “Securing the Chaos,” (confidential client), Linthicum, MD 2015
• “Complex Challenges in Security,” COSAC, Ireland 2014
• “Manging Security and Risks with Mobility,” 2014
• “Weaponizing Digital Currency,” INFOWARCON 2014
• “How the West was Pwned,” keynote, Security Conference Toronto (SecTor) 2013
• “Battle in the Clouds: Cyberwar Goes Virtual,” COSAC, Ireland 2013
• Cryptography Panel Chair, HACKERS 29 (2013)
• “When Business Processes Fly the Coop,” keynote, Information Security Decisions (ISD) 2013
• “Going Beyond Mobile Device Management: Leveraging NAC for Mobile Devices,” ISD 2013
• “10 Things Executives Should Know About Cybersecurity and Cybercrime,” (Confidential Client), London 2013
• “Enterprise Risk Management,” “Security Policy Development,” “Achieving Security in the Cloud”, “Encryption for the Enterprise,” ISACA 2013
• “Hacking as an Act of War,” COSAC Conference, Ireland 2012
• Other recent presentations include: “Mobile Malware,” “Large-Scale Attack Software,” “Security in IPv6,”
  “Advanced Persistent Threat (APT),” Mobile Tracking for Your Cell Phone,” and “Securing Your Enterprise in the 21st Century”

Selected Security Publications

• "Behind the Curve? A Maturity Model for Endpoint Security," SANS Institute, October 2015 (20 pages)
• "Risk, Loss, and Security Spending in the Financial Sector: A SANS Survey," SANS Institute, March 2014 (28 pages)
• "The Critical Security Controls: What's NAC Got to Do With It," SANS Institute, April 2013 (20 pages)
• "Beyond Continuous Monitoring: Threat Modeling for Real-Time Response," SANS Institute, October 2012 (13 pages)
• "Reducing Federal Systems Risk with the SANS 20 Critical Security Controls," SANS Institute, April 2012 (12 pages)
• "APT Dot Gov: Protecting Federal Systems from Advanced Threats," SANS Institute, October 2011 (13 pages)

See More Publications