John Biccum is a senior security strategist in Microsoft’s Trustworthy Computing (TwC) group.  John is the founding member of the End to End Trust team, a team Microsoft chartered to help make the internet a more trustworthy place. 

John joined Microsoft’s Information Security group in January 2000.  His first role was determining how to migrate encryption keys from email servers to Certificate Servers.  Other InfoSec roles included PKI architecture, wireless network security, smartcard architecture and deployment, business partner integration, merger and acquisition integration and mobile device integration.

John moved to the Trustworthy Computing group in its infancy.  His focus in TwC is driving the alignment of technology, public policy and economic factors in order to tackle complex societal problems.  About one third of John’s time is spent working with and advising Microsoft product groups and another third is invested working with other companies in the computing ecosystem.  The remaining time is spent working with public policy makers.  John contributed to the Securing Cyberspace for the 44th Presidency recommendations to the incoming Obama administration and the National Strategy for Trusted Identities in Cyberspace effort.  He is presently engaged with the US Government and industry partners on a variety of trust and identity issues.

Panelist:
Bill Kehoe, CIO, King County

William (Bill) Kehoe was appointed as King County’s Chief Information Officer (CIO) and director of the county’s Office of Information Resource Management in July, 2010. Bill comes from the Washington State Department of Licensing (DOL) where he served as the department’s first CIO since 2002.

Roles and responsibilities of the CIO:

Panelist:
John Christiansen
Principal, Christiansen IT Law

John R. Christiansen and Christiansen IT Law serve clients including healthcare organizations, governmental agencies and IT services providers in the Pacific Northwest and throughout the United States.  In addition to private sector clients John currently serves as consultant to the U.S. Department of Health and Human Services Offices of the National Coordinator for Health Information Technology (“ONC”) and Civil Rights (“OCR”), and to the State of Washington Health Care Authority, for matters dealing with health information privacy, security and exchange, and electronic health records. John was also a project leader and Technical Expert for the ONC Health Information Security and Privacy Collaboration (“HISPC”) from 2005 – 2009, and currently serves on the State Health Policy Consortium and is a consultant to the National Governors Association.

John received his J.D. from University of Washington School of Law in 1985 and began focusing on IT law issues in the early 1990s.  He is a frequent national speaker and regularly publishes on healthcare technology issues, and participates in a number of national organizations and boards. He is currently Chair of the American Bar Association’s HITECH Business Associates Task Force, and is past Co-Chair of the ABA’s Committee on Healthcare Privacy, Security and Information Technology and past Chair of its Healthcare Informatics Committee.  John is also an adjunct faculty member of the Information School Masters of Science in Information Management (MSIM) program and Center for Information Assurance and Cybersecurity at the University of Washington.

Panelist:
Ray Pompon, CISSP,
Capital Stream

Ray Pompon is the senior
security officer at HCL
Capital Stream, an
application service provider
for financial institutions.
With nearly 20 years of
experience in network
security, he has been
involved in several major
intrusion cases.

In 2000, Ray worked as
an undercover operative
in the FBI's Operation
Flyhook, which ended
with the apprehension and conviction of two Russian
hackers. For six years, Ray
was president of Seattle
InfraGard, representing the
state in variety of
cyber-security events
and exercises with the
FBI, DHS, and the US
Secret Service. Ray has
written many articles and
white papers on advanced technology topics and is
frequently asked to speak
as a subject matter expert on Internet security issues.
National journalists have
solicited and quoted his
thoughts and perspective
on the topic of computer
security numerous times.
Ray also maintains a security
blog at http://assumebreach
.blogspot.com. For the past four years, Ray has produced
the "Heidi, Geek Girl Detective" (http://planetheidi.com)
web-comic. Ray holds a
Bachelor of Arts Degree in Information Technology from
the University of Hawaii as
well as a Certificate
in Data Communication from the University of Washington. He has also earned industry certifications
in Security, Auditing, Systems Management and Internet Security plus many vendor certifications.

Panelist:
Dan Hitchcock
Senior Program Manager, Microsoft

Dan Hitchcock grew up writing programs in Atari BASIC and wardialing with acoustic coupler modems. He’s spent most of his adult life as an information security specialist, ranging from technical network security to enterprise security architecture and strategy. He has worked with various industries as both a consulting engineer and employee, ranging from small startups to global telecom and media providers, and now works as a Senior Program Manager in the Identity and Access product division at Microsoft. His current focus is on architecture and software development for privacy- and security-preserving identity solutions in the citizen and consumer space.