Steven B. Lipner is a pioneer in cybersecurity with over forty years’ experience as a general manager, engineering manager, and researcher. He retired in 2015 from Microsoft where he was the creator and long-time leader of Microsoft’s Security Development Lifecycle (SDL) team. While at Microsoft, Lipner also created initiatives to encourage industry adoption of secure development practices and the SDL, and served as a member and chair of the SAFECode board.
Lipner joined Microsoft in 1999 and was initially responsible for the Microsoft Security Response Center. In the aftermath of the major computer “worm” incidents of 2001, Lipner and his team formulated the strategy of “security pushes” that enabled Microsoft to make rapid improvements in the security of its software and to change the corporate culture to emphasize product security. The SDL is the product of these improvements.
At Mitretek Systems, Lipner served as the executive agent for the U.S. Government’s Infosec Research Council (IRC). At Trusted Information Systems (TIS), he led the Gauntlet Firewall business unit whose success was the basis for TIS’ 1996 Initial Public Offering. During his eleven years at Digital Equipment Corporation, Lipner led and made technical contributions to the development of numerous security products and to the operational security of Digital’s networks.
Throughout his career, Lipner has been a contributor to government and industry efforts to improve cybersecurity. Lipner was one of the founding members of the U.S. Government Information Security and Privacy Advisory Board and served a total of over ten years in two terms on the board. He has been a member of nine National Research Council committees and is named as coinventor on twelve U.S. patents. He was elected in 2015 to the National Cybersecurity Hall of Fame and holds an appointment as adjunct professor of computer science at the Institute for Software Research, School of Computer Science of Carnegie Mellon University.
Eric Baize is the head of Product Security and Trusted Engineering at EMC Corporation. In his role, Mr. Baize leads EMC’s Product Security Office with company-wide responsibility for all aspects of product security including vulnerability response, security development lifecycle, implementation of common security technology, and supply chain risk management. He also oversees the definition of EMC’s security and integrity practices to protect engineering systems and product code.
Throughout his career, Mr. Baize has been passionate about building security into technology and processes. Since joining EMC in 2002, he played a central role in EMC’s evolution in security and was a founding member of the leadership team that drove EMC’s acquisition of RSA Security in 2006. He later led RSA’s strategy for cloud and virtualization. Prior to joining EMC, Mr. Baize held various positions for Groupe Bull in Europe and in the US.
Mr. Baize also serves as Chairman of the SAFECode board of directors and on the BSIMM board of advisors. He holds a Master of Engineering degree in Computer Science from Ecole Nationale Supérieure des Télécommunications de Bretagne, France. He is a Certified Information Security Manager, holder of multiple U.S. patents, author of international security standards and a regular speaker at security conferences in the US and Europe.