Key Contributors


Aimee Rhodes

Founder and Editor-in-Chief, Security Current

Aimee Rhodes is Editor-in-Chief at securitycurrent. Previously, Aimee led marketing at several security companies including Corero Network Security, Inc., Xceedium, AlgoSec and Whale Communications Ltd., acquired by Microsoft.  She also served as Vice President of Media and Editorial Content at GenerationA, where she was responsible for launching an Internet-based news and information portal. Prior to GenerationA, Aimee served as a foreign correspondent at the Reuters News Agency out of Israel where she interviewed leading politicians and influencers. Previously, she served as Director of Israel Radio's English News Service, where she was responsible for management and execution of four daily broadcasts, aired locally and internationally. Aimee also worked as an on air news presenter for Jerusalem Online, a globally broadcast current affairs program.

She holds a Masters in Journalism and a Bachelors in Political Science both from Michigan State University.




David Cass

CISO IBM Cloud and SaaS Operational Services

David is the CISO for IBM's Cloud and SaaS Operational Services. At IBM he has global responsibility for all aspects of security practices, processes, and policies across the IBM Cloud SaaS business unit. 

Prior to joining IBM he was CISO of Elsevier where he led an organization of experienced legal, risk and security professionals that provide data protection, privacy, security, and risk management guidance on a global basis.

David has extensive experience in IT security, risk assessment, risk management, business continuity and disaster recovery, developing security policies and procedures. He has played a key role in leading and building corporate risk and governance and information security organizations in the financial sector.

As the senior director of information security risk and governance for Freddie Mac, David rebuilt the risk and governance function. Prior to that he was VP of risk management for JPMorgan Chase, and was responsible for providing an accurate assessment of the current risk management state.

He has an MSE from Penn Engineering and The Wharton School of Business and an MBA from MIT.


David Hahn

CISO Hearst Corporation and "Ask the CISO" Security Current

David is the head of Corporate Information Security and Risk for the Hearst Corporation.  Hearst is one of the world's largest and most diversified media companies with Businesses in Magazines, Newspapers, Television/Broadcast, Business Media, and Ventures including A&E channels and ESPN.

David is helping Hearst innovate and lead into more Cloud computing and moving content to Digital capabilities leveraging the Hearst multiple media outlets in a fast, efficient and secure manner.  

Prior to Hearst, David was at Intuit where he lead the CyberFraud strategy and managed areas in Security Operations, including Cloud with the many product/business groups such as TurboTax, Quicken, Mint, and QuickBooks.

David also spent many years at Wells Fargo Bank, where he headed up all security for, at the time the largest on-line banking site.  

David’s focus and background has been about taking risk based approaches to enable business to grow and innovate. He has an MBA from Golden Gate University and Undergrad from San Jose State University in Business Admin. He has been a CISSP.  


David Sheidlower

CISO Turner Construction

David Sheidlower, CISSP, CISM is the Chief Information Security Officer for Turner Construction, one of the largest construction management companies in the United States. Previously he was CISO at BBDO, the world's most awarded advertising agency.

Previousy he was (CISO) for Health Quest, the Mid-Hudson Valley's largest healthcare system.  David also serves as a member of the State of New York Health Information Network Policy Committee. Prior to Health Quest, he was the Division Information Security Officer within the small business lending division of Wells Fargo Bank—the largest small business lender in the country. 

David writes and blogs on security with a focus on the intersection of cyber security and humanism, something he is uniquely qualified to write on.  His past activities include presenting at the MIS Institute’s Big Data Security Conference, working with the World Health Organization on Functional Health Status Measures and teaching letterpress printing at the Naropa Institute’s Jack Kerouac School for Disembodied Poetics in Boulder, Colorado.

David also blogs at . He holds a Bachelor’s degree from the University of California, Berkeley and a Master’s degree in Health Service Administration from St. Mary’s College of California.


David Sherry

CISO Brown University

David Sherry is the Chief Information Security Officer at Brown University in Providence, RI.  He has institutional responsibilities for all areas of information security and privacy, and plays a key role in the records management program, regulatory compliance, and copyright law. 

Prior to moving to higher education David spent several years in financial services, with responsibilities for enterprise security governance and regulatory compliance, access controls and operations, identity management, and the security awareness program. 

A graduate of Providence College and Northeastern University, with certifications of CISSP and CISM, he is a frequent conference speaker on emerging security topics and best practices, as well as a guest-lecturer throughout the academic year at several New England institutions.


Farhaad Nero 

Vice President of Enterprise Security, Bank of Tokyo-Mitsubishi UFJ, Ltd. 

Farhaad has more than 15 years of Information security experience, many in management roles. In addition to his role at the Bank of Tokyo, Mitsubishi he served as Assistance Vice President at BNP Paribas. Prior to that, he led the Network Services team, with full information security responsibilities, at Time-Warner. He also led the global information security team for a top ten Big Data startup. 

In addition to his vast private sector experience, he has worked in the public sector having served in the US Navy as an Information Assurance Manager (IAM) Level 2 and Division Manager where he developed performance metrics and measurement tools.

He has done deep dives into standards including PCI DSS, ISO 27001/2, SOX, GLBA, and conducted security risk assessments - including vendor security risk assessments both remote and onsite. 

In addition to strategic leadership positions, Farhaad also has solid hands-on technical experience, implementing technologies and processes first-hand. He holds CISSP, C|CISO, and IAM Level 2 (US Department of Defense) certifications.


Hussein Syed

CISO Barnabas Health

Hussein Syed is the Chief Information Security Officer at Barnabas Health, New Jersey’s largest integrated health care delivery system, providing treatment and services to more than two million patients each year.

At Barnabas Health, Hussein is responsible for information security and the organization’s HIPAA compliance and security governance program. Hussein and his team are responsible for information security functions for the healthcare system.

A seasoned Information Technology professional, he has more than 22 years of experience.


Joel Rosenblatt

Columbia University Director of Computer and Network Security

Joel Rosenblatt is the Director of Computer and Network Security, Columbia Information Security Office (CISO).  As Director, Joel oversees the computer security for all systems connected to the Columbia University Network. He is the chairperson of the Security Metrics subcommittee of the Security Effective Practices committee of Educause.

Joel Graduated from Columbia Engineering and went to work for what was then called CUCCA (Columbia University Center for Computing Activities) running the IBM Mainframe systems. He is a member of Infragard and the NYECTF and active in other organizations that he can neither confirm nor deny the existence of.

John. J. Masserini

CSO MIAX Options Exchange

As Chief Security Officer, John is responsible for information security, physical security, and business continuity for the MIAX Options Exchange. A 20-year veteran of the security industry, John is responsible for all information security and risk management strategies, including security architecture, security operations, regulatory compliance, and business continuity.

Prior to joining MIAX, John was the CISO for Dow Jones, overseeing security and risk management for all of the Dow Jones and Wall Street Journal brands for over six years. He has held key leadership positions at several information security market leaders such as VeriSign and Guardent, as well as leading integrators such as EDS and SAIC.

He has been honored as a 2013 Top 10 Breakaway Leader at the Evanta Global CISO Summit ( and as the 2010 ISE Northeast Information Security Executive of the Year by T.E.N. (

John Pescatore 

SANS Institute Director of Emerging Security Trends and "Ask Mr. Security Answer Person" securitycurrent

John Pescatore is Director of Emerging Security Trends at the SANS institute and was a Vice President and Distinguished Analyst at Gartner for 13 years. John has over 35 years of experience in computer, network and information security.

Prior to Gartner, he was senior consultant for Entrust Technologies and Trusted Information Systems and a Security Engineer for the U.S. Secret Service and the National Security Agency.


Randy Marchany 

CISO Virginia Tech, SANS Instructor

Randy Marchany is the Chief Information Security Officer for Virginia (VA) Tech. He is also the director of the VA Tech IT Security Lab, a component of the university's Information Technology Security Office. 

A SANS instructor since 1992, Randy was a co-author of the original SANS Institute Top 10 Internet Threats, the SANS Top 20 Internet Threats, the White House-commissioned SANS Consensus Roadmap for Defeating Distributed Denial of Service (DDoS) Attacks, and the SANS Incident Response Step-by-Step guides. 

He also was part of the SANS Institute's Secure Code project that developed a set of exams to test programmers' knowledge of secure coding techniques. He is a member of the Center for Internet Security development team that produced and tested the CIS Solaris, HPUX, AIX, Linux and Windows2000/XP security benchmarks and scoring tools. 

Randy is a co-author of the Educause "Computer and Network Security in Higher Education" booklet. He is a member of the EDUCAUSE security task force focusing on risk assessment and security metrics. He is one of the founders of the Virginia Alliance for Secure Computing and Networking, a consortium of security practitioners and researchers from VA Tech, University of Virginia, James Madison University, and George Mason University. He also is co-holder of two cyber security patents.​

Randy is a frequent speaker globally at conferences including Educause, SANS, IIA, ISACA, ACUA, International CISO symposium, IEEE, NIST, NY State OIT Security conference, FBI-Infraguard chapters, US Forest & Wildlife Service, Computer Security Conference, Air Force Material Command. ​


Bob Tarzey

Quocirca Director and Key Analyst

Bob Tarzey is a director and key analyst at UK-based Quocirca. His main areas of coverage are IT security, networking, on-demand services and system management and performance.

As with all Quocirca analysts, Bob’s focus is on the big picture working to help businesses understand how they can benefit from a particular IT investment. This often includes looking at the total delivery of IT solutions, rather than specifics. Known for its knowledge of the market based on its primary research, Bob has managed numerous projects at Quocirca targeted primarily at Europe but also covering the USA, Far East, Middle East and Australia.

He writes regular analytical columns and blogs for Computing, Computer Weekly, Tech Republic, Computer Reseller News (CRN), Infosecurity Magazine and IT Director. He has written for The Times, Financial Times and The Daily Telegraph and provides general comment for the UK and European IT and business press. Bob is a regular participant of roundtables with various media bodies and since 2003 has acted as a judge for the CRN Channel Awards. He has also acted as a moderator at end-user and channel forums and regularly presents Quocirca’s research at seminars and webinars including regular appearances for Computing, Computer Weekly and Infosecurity Magazine.

Bob has extensive knowledge of the IT industry. Prior to joining Quocirca in he spent 16 years working for US technology vendors including DEC (now HP), Sybase (now SAP), Gupta, Merant (now Serena), eGain and webMethods (now Software AG).

Bob has a Bachelors of Science in Geology from Manchester University and PhD in Geochemistry from Leicester University.


About Security Current | Privacy Policy | Subscribe to our newsletter