top of page
CSAW24_Logo_WHITE.png

Workshop  Speakers

IC Layout Security

Dates | Thursday 7 November  9 am - 12 pm

Location | 370 Jay Street, Floor 12, Room : 1201 

Speaker | Luna Tong
Time | 9:00-9:25 am

Topic
|  Calling All Hackers


                                                                          About Luna Tong
Luna is the CEO and co-founder of Zellic, a boutique cybersecurity research and consulting firm. Prior to founding Zellic, she was a vulnerability researcher and reverse engineer, helping found Perfect Blue, the #1-ranked CTF team in 2020, 2021, and 2023.

                                                                          
Abstract of talk
Hacking isn't just about code—it's a way of thinking. We understand how things really work: from bootloaders to bypasses; from side channels to sandboxes. But while we pride ourselves on breaking systems, the biggest ones shaping our world feel untouchable. They aren't. In this talk, we'll explore what I learned building a startup, and why our community has the mindset, skills, and determination to do more than play in sandboxes others have built. The world doesn't just need more hackers finding bugs: it needs us to create and shape the future, bringing our values and ethos where they're desperately needed.

Speaker | Gaurav Kumar Srivastava
Time | 9:30-9:55 am

Topic |  Vulnerability Management: The Unsung Hero of Cyber Defense


                                                                   About Gaurav Srivastava
Gaurav Srivastava is an cybersecurity consultant with a background in vulnerability management, incident handling, and industrial control systems. He holds certifications including Certified Information Security Manager (CISM) and Global Industrial Cyber Security Professional (GICSP) and has experience in areas like vulnerability management, software transparency, incident response. Gaurav earned a Master’s degree in Computer Science from Technical University of Munich, Germany and has worked with organizations such as Siemens for past 7+ years, where he served as a security consultant and research professional. His academic experience includes time as a visiting research scholar at Carnegie Mellon University, where he worked on privacy concerns in Android applications.
                                                                          
Abstract of talk
While often perceived as a routine task, vulnerability management are essential in fortifying cybersecurity defenses. This talk explores how proactive vulnerability management not only identifies potential threats before attackers can exploit them but also strengthens an organization’s security posture. By regularly assessing and updating software, we create an active, ongoing shield against emerging threats. Attendees will gain insight into the latest strategies for effective vulnerability management, learn why this process is vital for resilient cybersecurity, and understand how it can serve as a powerful, proactive defense.

Speaker | Michael Zelinski
Time | 10:00-10:25 am

Topic |  Utility Incident Response


                                                                   About Michael Zelinski 
Michael Zelinski is a military veteran, information technology engineer, and cyber security operations manager with a background in IT and OT systems. Mike has experience ranging from building and maintaining security tools to working in cyber incident response. Mike has worked in fast-paced, complex work environments domestically and overseas with a focus on safety, operational excellence, and a +1-customer experience. In his spare time, Mike enjoys traveling to new destinations and interactive museums/centers – think Spyscape, escape rooms, or Activate. 

                                                                           
Abstract of talk
This presentation conceptualizes incident response as it relates to the utility industry. Throughout the presentation, key components will be discussed such as why incident response is needed, the importance of preparing for an event, how utility incident response has some differences when compared with a formal response, and all the teams that assist in ensuring a successful outcome. The intent is to spread awareness, but to also provide some exposure to the various routes an aspiring cyber security professional could aim for when starting their career.

Speaker | Kanan Vaidya & Liz Vasquez
Time | 10:45-11:10 am

Topic |  Cybersecurity in Action at TIAA


                                                        About Kanan Vaidya & Liz Vasquez
Liz has more than 20 years of experience in information technology and cybersecurity. Implemented application, container and cloud security continuous controls across several Financial Organizations. Ideating and Directing threat prevention and risk mitigation across hybrid enterprise cloud and container platforms and technologies​. Prior to her Cybersecurity roles, Elizabeth was an Application Architect and Software Engineer delivering an Enterprise Payment Solution​. Joined TIAA in 2023 to lead the rapid evolution and further integration of our Cybersecurity controls with our Continuous Pipelines.

Kanan has more than 15 years of experience in information security, IT infrastructure, risk assessments, and cloud security. ​Implemented independent cybersecurity management practices across various technology, retail, and financial organizations.​ Joined TIAA in 2022 as lead cybersecurity governance and risk specialist and is responsible for leading the initiative HAGRID (hyper automated governance and risk identification platform)

                                                                           

 

Speaker | Dan Guido
Time | 11:15-11:40 am

Topic |  The State of AI Security: Myths vs Reality


                                                                        About Dan Guido 
Dan Guido is the CEO and co-founder of Trail of Bits, a cybersecurity firm that partners with high-stakes innovators to secure mission-critical technologies. Under his leadership since 2012, Trail of Bits has grown to over 100 elite engineers, with industry-defining practices in cryptography, AI, and blockchain security. The firm has been a finalist in DARPA’s Cyber Grand Challenge and AI Cyber Challenge (AIxCC), exemplifying its expertise in automated security and AI-driven defenses. Committed to building the world’s best home for security researchers, Dan has fostered a company culture recognized among NYC’s Best Places to Work. In 2023, iVerify—a tool developed to combat mobile spyware—spun out as its own company, empowering users worldwide to secure their mobile devices and their privacy.

Dan is a sought-after advisor to startups, government agencies, and policymakers on matters related to technology and cybersecurity. He serves on the boards of three startups, and he actively shapes cybersecurity policy through collaborations with leading organizations like the Council on Foreign Relations, RAND Corporation, and Harvard University. As the founder of Empire Hacking, he has connected over 1,700 NYC cybersecurity experts, and he created AlgoVPN, a popular self-hosted VPN with over 28,000 stars on GitHub.

Dan holds a bachelor’s degree in Computer Science from NYU Tandon, with a concentration in Information Assurance, and is currently enrolled in Harvard Business School’s Owner/President Management program, where he is one session in. In 2021, Dan was inducted into the prestigious Scholarship for Service (SFS) Hall of Fame by the Cybersecurity and Infrastructure Security Agency (CISA), honoring his extensive contributions to the field. A pivotal role early in his career was as Hacker in Residence at NYU, where he helped establish and grow the university's cybersecurity program, advising students and launching initiatives that connected academia with industry needs. Dan continues to leverage his expertise to inspire future generations in the cybersecurity community.



                                                                 

bottom of page