Electronic Pearl Harbor Prophet

Keynote Speaker

Winn Schwartau has lived cybersecurity — and warped minds — since 1983. A pioneer in information security and strategic foresight, his creative and original thinking has shaped decades of predictions about the internet, technology, privacy, and security — many of which proved unsettlingly accurate.

In 1991, Winn coined the term “Electronic Pearl Harbor,” framing the concept of large-scale cyber conflict years before it entered mainstream policy and defense discussions. He is the author of numerous influential works, including the seminal book Information Warfare, which helped define the modern understanding of cyber conflict and national security risk.

Today, Winn focuses on Cognitive Security, the next frontier of defense. In his latest work, The Art & Science of Metawar, he examines how humans must strengthen cognitive defenses against AI-driven reality distortion, disinformation, manipulation, and algorithmic addiction. His work explores how the parallels between silicon and carbon systems offer defenders an existing framework for building mental immunity against information pathogens — at national, enterprise, and personal levels.

Winn currently serves as Director of Special Projects at the Cognitive Security Institute, where he concentrates on the intersection of cybersecurity, cognitive security, ethics, privacy, and global policy. The implications of this convergence, he argues, are profound — and unavoidable.

His most recent book, Analogue Network Security, introduces a time-based approach to justifiable security and has been called “The Best Cybersecurity Book of All Time” by Cyber Defense Magazine. Across his career, Winn has authored or contributed to dozens of books and publications, produced films and documentaries, founded major security initiatives, and helped shape the global security conversation for more than four decades.

Winn is a Lifetime Achievement Award recipient at DEF CON, a Distinguished Fellow of the Ponemon Institute, a Fellow of the Royal Society of the Arts, and an inductee into the ISSA International Security Hall of Fame. He is widely recognized as “the grandfather of security awareness” and “the civilian architect of information warfare.”

Community Connector

“I don’t seek to be well-known, I seek to be worth knowing”

Johnny Xmas, a prominent figure in the Information Security community since 2002, has been a dedicated contributor to public forums, sharing his extensive research and knowledge. Most notably recognized for his pivotal role in exposing the American TSA Master Key leaks (2014-2018), uncovering Venmo stalking vulnerabilities (2018), and being an overall nuisance.

Past experience includes being: Director of Cyber Training at security research firm GRIMM, defending against the automated abuse of web infrastructure with Kasada, and as the Lead Researcher on Uptake’s Industrial Cybersecurity Platform. Before this, he spent many years in the field as a penetration tester, security engineer for a global Fortune 500 retail corporation, and Mainframe auditor and Systems Engineer for several IT asset recovery firms.

Today, Johnny continues to shape and elevate the Information Security landscape with his expertise and contributions as the President of the Burbsec Information Security Network and the Head of Offensive Security for a massive, global manufacturing and agriculture corporation.

The Hacktress

Valerie Thomas is a Principal Security Consultant renowned in the offensive security community as The Hactress. She leads technical consulting and penetration testing engagements, helping organizations uncover critical weaknesses across software, hardware, and physical environments.

Valerie specializes in cyber-physical penetration testing, social engineering, and physical intrusion assessments, with extensive experience in industrial control systems (ICS), SCADA, and operational technology environments — including power, transportation, and other critical infrastructure sectors.

Her work combines technical hacking, physical security exploitation, and human-factor assessment. In practice, she is professionally trusted to break into systems and facilities before real-world adversaries can. Her insights span hardware hacking, bypassing physical access controls, and exposing procedural vulnerabilities that traditional testing often overlooks.

Valerie’s path into security began with a Bachelor’s degree in Electronic Engineering and an instinctive drive to understand how systems really work. She discovered ethical hacking early in her career and built her expertise through hands-on experience, mentorship, and deep engagement with technical communities.

A familiar voice in the security community, Valerie shares practical, experience-driven insight under the handle @hacktress09, contributing to discussions on ICS/OT safety, physical security best practices, and real-world defensive measures.

Valerie is a speaker at major cybersecurity and cyber-physical security events, including DEF CON and the Third Annual Cyber Physical Convergence Forum in Washington, DC (2025), where she brings real-world perspective from hands-on penetration testing across critical infrastructure environments.

The Active Defender

Dr. Catherine J. Ullman is a seasoned security researcher, speaker, and author with more than 25 years of deeply technical experience in cybersecurity. She currently serves as Principal Technology Architect, Security at the University at Buffalo, where she operates at the intersection of digital forensics, incident response, and real-world intrusion investigations.

As a DFIR specialist, Cathy leads incident management, investigative services, intrusion detection, and personnel case resolution within a complex academic environment — where assumptions fail fast and attackers don’t follow playbooks. In parallel, she builds security awareness programs that equip faculty and staff to recognize social engineering threats and communicate and compute more safely in an increasingly hostile digital landscape.

Cathy is a frequent speaker at major information security conferences, including DEF CON and Blue Team Con, and is a recognized voice in the defender community. She is the author of The Active Defender and contributor to O’Reilly’s 97 Things Every Information Professional Should Know, bringing practitioner insight to both the written page and stage.

Outside of work, Cathy’s curiosity runs wide. From researching death and the dead, to hacking systems to make the world more secure, to visiting her adopted two-toed sloth, Flash, at the Buffalo Zoo.