Governance: Board of Directors


STI Board of Directors
Directors Representation
Dennis KirbyChairman
Thomas JohnsonVice Chairman
Scott CassityGIAC
Marc NiketasSANS North America Live Training
Richard HammerSTI Alumni
Ronald PhippsHigher Education Community
Dave ShacklefordInformation Security Community
Ed SkoudisInformation Security Community
Lenny ZeltserInformation Security Community
Alan Paller (Non-Voting Member)Ex-Officio Member, STI President

Conflict of Interest Policy

Kirby, Dennis

  • Chairman

Dennis Kirby is a director at the SANS Institute where he oversees the Forensics, Pen Testing, Audit, Application Security, and Cyber Defense curricula along with other operational functions in the company. He is a graduate of the United States Military Academy and served with the 101st Airborne Division for over four years including as Company Commander of a UH-60 Blackhawk Assault Helicopter Company of the 101st Aviation Regiment and served with the 101st Airborne Division during Operations Desert Shield and Storm. His awards and decorations include the Bronze Star Medal, the Meritorious Service Medal, the Army Aviator, Parachutist and Air Assault Badges. He went on to earn his MBA from Harvard Business School and after a stint at John Deere and in investment banking, he took on management roles in two private equity firms focused on control investments to rehabilitate distressed and underperforming middle-market companies. He led acquisitions with an aggregate value of over $1 billion and served on the board of directors of several companies.

Johnson, Thomas

  • Vice Chairman
  • Higher Education Community Representative

Dr. Johnson is Associate Vice President and Chief of Strategic Initiatives at Webster University. Dr. Johnson also serves as co-founder and Chairman of the Board of Directors of the California Sciences Institute, a non-profit-public benefit corporation located in Livermore, California and dedicated to research and science education. He received his Bachelor's and Master's degrees from Michigan State University and his Doctorate from the University of California - Berkeley.

Dr. Johnson has published 6 books, 13 referred articles; holds copyright on 4 software programs and has lectured at the Strategic Studies Institute of the U.S. Army War College. In addition to lecturing at the U.S. Army War College, Carlisle Barracks, he has also lectured at the Federal Law Enforcement Training Center, and numerous universities.

Cassity, Scott

  • Managing Director, GIAC

Scott Cassity, Managing Director of GIAC, provides executive leadership to the Global Information Assurance Certification (GIAC) organization. In this role, Scott provides general management, strategic direction and leadership for GIAC. He is responsible for all aspects of the GIAC organization including financial, marketing, personnel, and operations support. Scott's responsibilities also include internal and external client interaction including the SANS Sales Team, Department of Defense and Enterprise clients.

Scott was previously a principal/partner of a healthcare real estate development and consulting firm. During his tenure with his past company he developed over $70 million of successful real estate projects with his partners and clients. He also initiated or closed real estate transactions in excess of $100 million. His business expertise includes growing new businesses, financial analysis, risk assessment and a genuine interest in new business ventures. Scott has also worked in the securities and healthcare industries.

Scott also serves several non-profit endeavors in his community. He is the current President of ChildHelp of East Tennessee, a children's advocacy organization. Scott holds an MBA from Vanderbilt University's Owen Graduate School of Management, and a BBA from University of Kentucky.

Niketas, Marc

  • Director, SANS North America Live Training

Marc Niketas serves as the Director of North America Live Training (NALT) at the SANS Institute. In this capacity, he is responsible for the successful planning and execution of all in-person/face-to-face training within North America as well as leading and coordinating many of the Go-to-Market aspects (marketing, sales, partnerships). This spans all SANS Training events ranging from the largest National Conferences, to topically oriented Summits as well as Community and Mentor courses. In addition, he leads all SANS programs and partnerships with the Security Provider industry.

Marc began his career as an AH-1 Cobra Attack Helicopter Pilot in a Cavalry Squadron and held various platoon, troop and squadron level roles ranging from Platoon Leader to Executive Officer. After graduate school, he joined Price Waterhouse (later PwC Consulting) as a consultant and led many large process change and systems implementation efforts where he was later promoted to Associate Partner. Upon acquisition by IBM, Marc became a Client Executive where he had overall responsibility for a cluster of key customers in the Aerospace & Defense and Electronics industries.

Marc holds an MBA from Harvard Business School and a BS in Mechanical Engineering (with highest distinction) from West Point

Hammer, Richard

  • STI Alumni

Richard is currently a Technical Staff Member at Los Alamos National Laboratory. He is a senior Network/System administrator, Organizational Computer Security Representative (OCSR), and Information System Security Officer (ISSO) for the Advanced Nuclear Technology group (N-2). He has experience with most operating systems and many programming languages. Network and System security has become a larger part of his job description in the last ten years; Richard attended his first SANS conference in 1998. He is a former high school Mathematics and Computer Science teacher and is currently teaching Networks I&II, Server Configuration, and System Security courses at the College of Santa Fe. He currently holds GIAC GSEC, GCFW, GCIA, GCIH, GCUX, GCNA, and GSPA certifications. He is a former Chair/Vice Chair of the GCFW advisory board and was the first graduate of the SANS Technology Institute (MSISE).

Phipps, Ronald

  • Higher Education Community Representative

Ron Phipps is a Senior Associate at the Institute for Higher Education Policy where he manages projects related to financing of higher education, statewide governance and administration, distance learning and technology, and other topics in the field of higher education policy. Dr. Phipps is the author of the definitive study of distance learning in higher education, Quality on the Line, which addressed benchmarks for success in Internet-based distance education. Dr. Phipps has managed several large-scale analysis projects in support of state higher education agencies and educational institutions in Russia and other countries. Dr. Phipps has almost four decades of higher education experience as a higher education administrator, researcher, and analyst. He previously served as Executive Director of the Alaska Commission on Postsecondary Education and as Assistant Secretary of the Maryland Higher Education Commission, where he conducted and supervised policy analysis, planning, and research.

Shackleford, Dave

  • Information Security Community Representative

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering, and is a VMware vExpert with extensive experience designing and configuring secure virtualized infrastructures. He has previously worked as CSO for Configuresoft, CTO for the Center for Internet Security, and as a security architect, analyst, and manager for several Fortune 500 companies. Dave is the author of the Sybex book Virtualization Security:

Protecting Virtualized Environments, as well as the coauthor of Hands-On Information Security from Course Technology. Recently Dave coauthored the first published course on virtualization security for the SANS Institute. Dave currently serves on the board of directors at the SANS Technology Institute and helps lead the Atlanta chapter of the Cloud Security Alliance. Dave earned his MBA from Georgia State University.

Skoudis, Ed

  • Information Security Community Representative

Ed Skoudis has taught cyber incident response and advanced penetration testing techniques to more than 12,000 cybersecurity professionals. He is a SANS Faculty Fellow and the lead for the SANS Penetration Testing Curriculum. His courses distill the essence of real-world, front-line case studies he accumulates because he is consistently one of the first experts brought in to provide after-attack analysis on major breaches where credit card and other sensitive financial data is lost.

Ed led the team that built NetWars, the low-cost, widely used cyber training and skills assessment ranges relied upon by military units and corporations with major assets at risk. His team also built CyberCity, the fully authentic urban cyber warfare simulator that was featured on the front page of the Washington Post. He was also the expert called in by the White House to test the security viability of the Trusted Internet Connection (TIC) that now protects US Government networks and lead the team that first publicly demonstrated significant security flaws in virtual machine technology.  He has a rare capability of translating advanced technical knowledge into easy-to-master guidance as the popularity of his step-by-step Counter Hack books testifies. Ed earned an M.S. in Information Networking from Carnegie Mellon University, and his B.S. in Electrical Engineering from the University of Michigan, summa cum laude.

Zeltser, Lenny

  • Information Security Community Representative

A seasoned business and technology leader with extensive information security expertise, Lenny Zeltser started his professional journey in a variety of technical InfoSec roles before serving as the national lead of the U.S. security consulting practice at a major cloud services provider. Later in his career he oversaw a portfolio of security services at a Fortune 500 technology company. Today, as VP of Products at Minerva Labs, Lenny designs and builds designs creative anti-malware products. Lenny is also a senior instructor at SANS and the primary author of FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques, a course he designed as an on-ramp into the malware analysis field. The course helps students expand and systematize their approaches to examining malicious software using a variety of techniques.

Along the way, Lenny earned the prestigious GIAC Security Expert (GSE) professional designation, and he currently serves on the Board of Directors of SANS Technology Institute. Lenny holds a bachelor's degree in computer science from the University of Pennsylvania and a master's in business administration from MIT Sloan.

Paller, Alan

  • President, SANS Technology Institute
  • Director of Research, SANS Institute
  • Ex-Officio Member

Alan Paller founded SANS, a professional cybersecurity training school that trains more than 41,000 cybersecurity technologists each year. He is also president of SANS Technology Institute, the nation's first regionally accredited specialized cybersecurity college and graduate school.  Alan edits NewsBites, the twice-weekly curated summary of the most important news stories in cybersecurity, oversees a global program that identifies and celebrates people responsible for remarkable improvement in cyber risk reduction, and chairs the annual RSA keynote panel on the "Seven Most Dangerous New Attack Vectors."

He has testified before the US Senate and House of Representatives and was an initial member of President Clinton's National Infrastructure Assurance Council. He was chosen by President Bush's OMB and the Federal CIO Council as the 2005 Azimuth Award winner, a lifetime achievement award recognizing outstanding service of a single, non-government person to improving federal information technology. In 2010, the Washington Post named him one of seven people "worth knowing in cyber security." Alan co-chaired the DHS Homeland Security Advisory Committee's 2012 Task Force on Cyber Skills and headed the Task Force on Best Practices in Cybersecurity for the FCC Communications Security, Reliability and Interoperability Council and was a member of the NASA Advisory Council.

Earlier in his career Alan helped build one of the first large software companies, took it public, and merged it into a larger company listed on the New York Stock Exchange.  He authored two books, The EIS Book: Information Systems for Top Managers and How to Give the Best Presentation of Your Life and founded the National Computer Graphics Association, the EIS Institute and The Data Warehousing Institute. Even earlier he was the founder and CEO of a mid-sized government contracting organization (AUI) focused on applying computer graphics to problems ranging from flight paths for airports to education and drug funding targeting.  He also founded Econometric Research Associates, a litigation support firm specializing in providing data-intensive expert testimony in major trials. He and U.S. District Court Judge Robert R. Merhige, Jr.  were selected as the faculty for the American Law Institute's national training program on "Direct and Cross Examination of Plaintiff's Expert Witness."  He earned degrees in Engineering and Computer Science from Cornell University and the Massachusetts Institute of Technology and was a registered Professional Engineer.