Beau Woods

Beau Woods

Beau Woods

Reformed technologist. Doing what I love, loving what I do.

Bridging the gap between security research and public policy communities to ensure connected technology that can impact life and safety is worthy of our trust.

Bios and photos Twitter archive

Experience

I Am The Cavalry

Cyber Safety Ambassador
August 2013 - Present

Bridge the gap between the hacker and cyber policy communities.

Dependance on connected technology is increasing faster than our ability to safeguard ourselves, in areas impacting human life, public safety, and (inter)national and economic security. Where bits and bytes meet flesh and blood. I Am The Cavalry is a global grassroots organization, working to ensure that connected technologies are worthy of the trust we place in them. Focused on healthcare, transportation, public infrastructure, and home IoT. Safer, sooner, together.

April 2012 - Present

Advise and guide companies on information security, and run a team of consultants around the globe.

Stratigos Security was founded to promote strategic and holistic approaches to security for our clients. This means taking a broad view across the organization, and in the long view, to see how and where security fits into their broader context. That is different than how many information security programs are run – compartmentalized internally and isolated from the organization’s value drivers. Our clients range from Fortune 100 to small local organizations, and span the globe.

CyberMed Summit

Board Member (Treasurer)
November, 2020 - Present

Help organize organizational activities, advise on strategy, and provide oversight of finances.

CyberMed Summit is a 501(c)(3) organization that exists to advance the cause of a clinically-oriented, patient safety-focused cybersecurity culture, enlisting groups of stakeholders too often siloed from one another to collaborate, discuss, and solve challenges that stand in the way of the safe and secure delivery of healthcare.

Atlantic Council

Cyber Safety Innovation Fellow (formerly Deputy Director, Cyber Statecraft Initiative)
January 2016 - Present

Inform industry and public policy about the most urgent cyber security issues impacting our world.

The Atlantic Council promotes constructive leadership and engagement in international affairs based on the Atlantic Community’s central role in meeting global challenges. The Council provides an essential forum for navigating the dramatic economic and political changes defining the twenty-first century by informing and galvanizing its uniquely influential network of global leaders. Through the papers we write, the ideas we generate, and the communities we build, the Council shapes policy choices and strategies to create a more secure and prosperous world.

HumanFirst

Advisory Board Member
September 2019 - Present

Advise management on cybersecurity issues and help develop cybersecurity capabilities.

HumanFirst is building the connected infrastructure to expand access to research and care at home.

Aerospace Village

Co-Founder/Board Member (Treasurer)
January 2019 - Present

Serve as board treasurer, advise on strategy, assist in planning events, and develop the Aerospace Village community.

The non-profit Aerospace Village collaborates with aerospace stakeholders in the aerospace industry, security research commmunity, and the public toward a common goal: safe, reliable, and trustworthy air travel. For too long, negative perceptions and fractured trust on all sides have held back collaboration between the aerospace and security researcher communities that has advanced safety, reliability, and security of other industries. As the traditional domains of aerospace safety and cybersecurity increasingly overlap, we will be safer, sooner, together. The Aerospace Village welcomes those who seek to improve aviation security, safety, and resilience through positive, productive collaboration among all ecosystem stakeholders. We hold events throughout the year, including at DEF CON and the RSA Conference.

Gamayun

Board Member
June 2020 - October 2023

Advise on strategy, direction, fundraising, and operations.

Gamayun is a 501(c)(3) focused on leveraging security research in all its forms and from all sources in order to serve the public good. It will accomplish its mission primarily through the creation and operation of the Computer and Information Security Research Repository (CSIRR - “scissor”).

August 2014 - Present

Lead the I Am The Cavalry and Public Ground tracks.

BSides Las Vegas is a nonprofit organization formed to stimulate the Information Security industry and community by providing an annual, two-day conference for security practitioners and those interested in (or looking to) enter the field. Our event is a source of education, communication, and collaboration. The technical and academic presentations at BSidesLV are given in the spirit of peer review and for the dissemination of knowledge among all specialties. This allows the field of Information Security to grow and continue its pursuit of a world where privacy and security are attainable.

November 2020 - November 2022

Develop relationships between CISA, industry, and the hacker community to protect the COVID response supply chain and other critical infrastructure.

CISA is the nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. CISA is at the heart of mobilizing a collective defense as we lead the Nation’s efforts to understand and manage risk to our critical infrastructure.

Biohacking Village

Board Member/Device Lab Lead
August 2017 - December 2020

Served as board secretary, ran the Device Lab, developed the Biohacking Village community, and co-hosted the White Hats and Lab Coats podcast.

The non-profit Biohacking Village celebrating health ingenuity from DIYBio, Citizen Science, and medical device security. We bring together members of the diverse healthcare, security research, and biohacking communities in a high-trust, high-collaboration environment. Our 2019 DEF CON village saw over 10,000 participants pass through our doors. Our Device Lab featured a fully immersive hospital environment, designed by Cal Poly, a Capture the Flag, run by the Mayo Clinic, and around 10 medical device makers bringing nearly 40 devices for particiants to test for potential cyber safety issues. We hold events throughout the year, including at DEF CON and the RSA Conference.

ICS Village

Founding Member
January 2018 - December 2020

Advised on strategy, assisted in planning events, and developed the ICS Village community.

The non-profit ICS Village equips industry and policymakers to better defend industrial equipment through experiential awareness, education, and training. High profile Industrial Controls systems Security issues have grabbed headlines and sparked changes throughout the global supply chain. The ICS Village allows defenders of any experience level to understand unique failure modes of these systems and how to better prepare and respond to the changing threat landscape, using interactive simulated ICS environments to preserve safe, secure, and reliable operations. The ICS Village brings a compelling experience for all experience levels and types, with IT and industrial equipment, through events, including at DEF CON, the RSA Conference, and Hack the Capitol.

February 2016 - December 2019

Contribute knowledge and experience from the security researcher community.

The eHealth Security Experts Group brings together technical experts on healthcare information systems, cyber security and contingency, with representatives from service providers, healthcare organisations, healthcare authorities, academia and standardisation bodies. This group provides ENISA with the opportunity to listen to experiences, good practices and ideas. The group constitutes an exchange platform for the participants to address important issues relating to the security and resilience of the eHealth systems and infrastructures.

US Food and Drug Administration

Entrepreneur in Residence
February 2018 - January 2019

Serve a one-year term, working on the Precertification Program.

The Food and Drug Administration is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices; and by ensuring the safety of our nation’s food supply, cosmetics, and products that emit radiation. FDA is responsible for advancing the public health by helping to speed innovations that make medical products more effective, safer, and more affordable and by helping the public get the accurate, science-based information they need to use medical products and foods to maintain and improve their health.

Secureworks

Managing Principal Consultant/Solutions Architect
September 2007 - April 2012

Deliver high quality services to clients, design and develop new consulting services, and advise management on business operations.

One of the oldest and largest pure-play information security companies, with over 4,000 customers in 55+ countries, Secureworks provides managed security services through a 24/7 Security Operations Center, security intelligence services through the Counter Threat Unit (CTU)™, and security and risk consulting services.

Projects

Policy @ DEF CON

Policy@DEF CON makes the world better by holding technically literate public policy conversations at the world’s biggest hacker conference that augments the existing community of like-minded individuals.

Lost Policymaker Guide

A tongue-in-cheek travel guide for those new the Hacker community and our conferences. The Lost Policymaker Guides help those in the policy field more quickly gain their footing at hacker conferences, and understand hacker ethos and culture.

Hackers on the Hill

Hackers on the Hill is a semi-regular US Capitol tour for irregulars from the security research community, interested in public policy, guided by congressional staffers who grok tech. These tours often precede events like BSidesDC and Shmoocon.

Supply Chain Sandbox

Initiative in partnership with the RSA Conference Sandbox to promote software supply chain principles through engaging, hands-on activities.

Penn State PILOT Lab

An international community of academic and practitioner experts who work across disciplinary lines on projects of shared interest.

Practical IoT Hacking

“The Definitive Guide to Attacking the Internet of Things”

Information Security Management Handbook, Volume 7

“Chapter 7: Information Security on the Cheap”

Education

Georgia Institute of Technology

Bachelor of Science, Psychology
Spring 2004

The Georgia Institute of Technology is a leading research university committed to improving the human condition through advanced science and technology. Also known as Georgia Tech, is a top-ranked public college and one of the leading research universities in the USA. Georgia Tech provides a technologically focused education to more than 25,000 undergraduate and graduate students in fields ranging from engineering, computing, and sciences, to business, design, and liberal arts.