Thursday, October 20, 2016 - 9 a.m. to 5 p.m.

SUMIT_2016, the 12th annual cyber security conference was held on Thursday, October 20. The Security at University of Michigan IT (SUMIT) is the university’s flagship event for National Cybersecurity Awareness Month.

Hacking and Securing the Internet of Things - Panel Discussion - Recording

Security in Tree City - Panel Discussion - Recording

Security and Privacy in an Age of Terrorism - Panel Discussion - Recording

Hacking the Vote - Dan Wallach - Recording

How to Attend

Rackham Auditorium


Jon Oberheide

CTO & Co-Founder of Duo Security, Inc.


Jon is a well-known security expert and researcher. While his research interests span across the security domain, he has deep expertise in mobile security, cloud security, and malware analysis. Jon attended the University of Michigan for a BS, MS, and PhD in Computer Science, and has held positions at Merit Network and Arbor Networks.

Jon is a well-known security expert and researcher. While his research interests span across the security domain, he has deep expertise in mobile security, cloud security, and malware analysis. Jon attended the University of Michigan for a BS, MS, and PhD in Computer Science, and has held positions at Merit Network and Arbor Networks.

Dr. André Weimerskirch

VP Global Cyber Security at Lear Corporation


André Weimerskirch is VP Global Cyber Security at Lear Corporation. Before that, André established the transportation cyber security group at the University of Michigan Transportation Research Institute (UMTRI), and co-founded the embedded systems security company ESCRYPT which was sold to Bosch in 2012.

André is active in all areas of automotive and transportation cyber security and privacy, published numerous articles in the area of automotive and embedded cyber security, and is co-founder of the American workshop on embedded security in cars (escar USA). André is vice chair of the SAE Vehicle Electrical System Security Committee, and co-chairs the Michigan Mobility Transformation Center (MTC) cyber security working group.

Naim Falandino

Chief Scientist, Director of Engineering, DeepField Networks


Naim is a data scientist, software engineer, and researcher with more than ten years of experience building distributed systems that capitalize on the vast amounts of data and computing power available today. At Deepfield, his expertise in real-time analytics, machine learning, and information visualization are being applied to the largest networks in the world, solving the industry’s most complex problems in network security, performance, and management.

Prior to Deepfield, Naim was a Data Scientist in Ford Motor Company's Systems Analytics Research Group, and Lead Software Architect at Covisint. He holds a MS in Information Science from the University of Michigan, and a BS in Computer Science from Michigan State University.

Matthew Garrett

Principal Security Software Engineer, CoreOS


Matthew Garrett is a security developer at CoreOS, specialising in the areas where software starts knowing a little more about hardware than you'd like. He implemented much of Linux's support for UEFI Secure Boot, does things with TPMs and has found more bugs in system firmware than he's entirely comfortable with.

Alexander W. Joel

Chief of the Office of Civil Liberties, Privacy and Transparency (CLPT) for the Office of the Director of National Intelligence (ODNI)


Alex Joel is the Chief of the Office of Civil Liberties, Privacy and Transparency (CLPT) for the Office of the Director of National Intelligence (ODNI), and reports directly to the DNI. He has held this position for over a decade. CLPT works to ensure that the Intelligence Community carries out its mission in a manner that protects privacy and civil liberties, while providing appropriate transparency. Mr. Joel began his career as an Army lawyer. He then worked as a technology attorney in a Washington D.C. law firm, and as the privacy and technology attorney for Marriott International. Following 9/11, he re-entered public service and worked as an attorney at the CIA before joining ODNI in 2005. He received his law degree from the University of Michigan, and his undergraduate degree from Princeton University.

Manish Karir

Director of Product Management in the Cyber Solutions team at FICO


Manish Karir is currently the Director of Product Management in the Cyber Solutions team at FICO.  Prior to FICO he was the founder and CTO at QuadMetrics, a small startup that pioneered the use of machine learning based analytics for assessing the risk and the security posture of organizations on the Internet.  He has over 15 years of experience in building software systems, and 10 of those were at a large Internet Service provider (Merit Network, Inc.) as the Director of Research, where his work focused on the most challenging problems in cybersecurity, Internet measurement, data collection and analysis. He has a passion for any and all network data and is a strong believer in the power of leveraging data and its analysis for measuring cyber risk. He has also been a Program Manager at the Department of Homeland Security Cyber Security Division.

Earlence Fernandes

PhD Candidate in Computer Security at the University of Michigan


Earlence Fernandes is a PhD Candidate in Computer Security at the University of Michigan, advised by Prof. Atul Prakash. He is working on techniques to build secure and safe networked cyber-physical systems (Internet of Things). He approaches the problem from multiple perspectives including system building, attacks, and measurements. His recent work, a security analysis of the popular SmartThings platform, received the Distinguished Practical Paper Award at IEEE Security and Privacy in 2016.

Margo Schlanger

Henry M. Butzel Professor of Law, University of Michigan


Margo Schlanger, the Henry M. Butzel Professor of Law, is a leading authority on civil rights issues and civil and criminal detention. She joined the Law School faculty in fall 2009; her teaching and research deal with civil rights, prison reform, torts, and surveillance. She also founded and heads the Civil Rights Litigation Clearinghouse. She is the court-appointed settlement monitor for Adams v. Kentucky Department of Corrections, a statewide civil rights lawsuit dealing with conditions of confinement for Kentucky's deaf prisoners. Before starting at Michigan, she had been a professor at Washington University in St. Louis and an assistant professor at Harvard Law School.

In 2010 and 2011, Professor Schlanger was on leave, serving as the presidentially appointed Officer for Civil Rights and Civil Liberties at the U.S. Department of Homeland Security (DHS). As the head of civil rights and civil liberties for DHS, she was the Secretary's lead adviser on civil rights and civil liberties issues; in that capacity, she testified before Congress; chaired the Privacy, Civil Rights, and Civil Liberties Subcommittee of the federal Information Sharing Environment's Information Sharing and Access Interagency Policy Committee; chaired the Interagency Coordinating Council on Emergency Preparedness and Individuals with Disabilities; served on the first U.S. Delegation to the UN Universal Periodic Review; and met with community leaders and groups across America to ensure that their perspectives regarding civil rights and homeland security were considered in the Department's policy process.

Professor Schlanger earned her JD from Yale in 1993. While there, she served as book reviews editor of the Yale Law Journal and received the Vinson Prize for excellence in clinical casework. She then served as law clerk for Justice Ruth Bader Ginsburg of the U.S. Supreme Court from 1993 to 1995. From 1995 to 1998, she was a trial attorney in the U.S. Department of Justice Civil Rights Division, where she worked to remedy civil rights abuses by prison and police departments and earned two Division Special Achievement awards.

Professor Schlanger served on the Vera Institute's blue-ribbon Commission on Safety and Abuse in America's Prisons; she worked as an adviser on the development of proposed national standards implementing the Prison Rape Elimination Act, and testified before the Prison Rape Elimination Commission. She served as the reporter for the American Bar Association's revision of its Standards Governing the Legal Treatment of Prisoners. She has been the chair of the Association of American Law Schools sections on Remedies and on Law and the Social Sciences.

David Medine

Consultant to CGAP (the Consultative Group to Assist the Poor), former Chairman of the Privacy and Civil Liberties Oversight Board


David Medine is a consultant to CGAP (the Consultative Group to Assist the Poor).  Prior to that he served full-time as Chairman of the Privacy and Civil Liberties Oversight Board from May 27, 2013 to July 1, 2016. Previously, Mr. Medine was an Attorney Fellow for the Security and Exchange Commission and a Special Counsel at the Consumer Financial Protection Bureau. From 2002 to 2012, he was a partner in the law firm WilmerHale where his practice focused on privacy and data security, having previously served as a Senior Advisor to the White House National Economic Council from 2000 to 2001. From 1992 to 2000, Mr. Medine was the Associate Director for Financial Practices at the Federal Trade Commission (FTC) where, in addition to enforcing financial privacy laws, he took the lead on Internet privacy, chaired a federal advisory committee on privacy issues, and was part of the team that negotiated a privacy safe harbor agreement with the European Union. Before joining the FTC, Mr. Medine taught at the Indiana University (Bloomington) School of Law and the George Washington University School of Law. Mr. Medine earned his B.A. from Hampshire College and his J.D. from the University of Chicago Law School.

Dan S. Wallach

Professor in the Department of Computer Science and a Rice Scholar in the Baker Institute of Public Policy at Rice University


Dan S. Wallach is a Professor in the Department of Computer Science and a Rice Scholar in the Baker Institute of Public Policy at Rice University. His research interests consider a variety of topics in computer security.

Michael van Lent

President and CEO, Soar Technology


Dr. Michael van Lent leads research and development of artificial intelligence for training and serious games, transitioning research into engineered solutions. Dr. van Lent received a PhD at the University of Michigan in 2000. Prior to receiving his PhD, he worked at the Navy Center for Applied Research in Artificial Intelligence (NCARAI) at the U.S. Naval Research Laboratory. He joined the Institute for Creative Technologies in 2001, where he became the Associate Director for Games Research and a Research Associate Professor in the Computer Science department at USC. Dr. van Lent has participated in the design and development of many immersive training applications including Full Spectrum Warrior, Full Spectrum Command, the Joint Fires and Effects Trainer System (JFETS), and ELECT BiLAT. He serves on various editorial boards and edits IEEE Computer’s Entertainment Computing Column.

Scott Dawson

Vice President for Engineering, Arbor Networks


Scott Dawson drives our engineering-related strategy and programs to define the leading edge of network security and management for today’s network and security professionals. Scott works closely with product management, the Office of the CTO, operations and sales to deliver products to market according to our strategic vision and roadmaps. Since joining Arbor Networks in 2001, he has served in a variety of instrumental roles in engineering and development across multiple product lines. 

Donald Welch, Ph.D.

Chief Information Security Officer, University of Michigan

Panel Moderator

Donald Welch, Ph.D. is the University of Michigan Chief Information Security Officer (CISO). As CISO, Don is responsible for the university's information assurance (IT security, privacy, IT policy, compliance, and enterprise continuity) program, including Ann Arbor, Flint, Dearborn, and the Health System. His charge also includes direct responsibility for ITS Information and Infrastructure Assurance.

Don's background includes executive positions in a wide range of industries, including retail, pharmacy, manufacturing, transportation, and IT services. Since 2006, Don was the president and CEO of Merit Network, a nonprofit organization governed by Michigan's public universities that provides a research and education network computer and related services. He has also been a leader in many national higher education organizations, including the Michigan Governor's Cyber Security Advisory Council and the higher education cybersecurity advisory council to the FBI. In addition, Don was CIO and taught on the faculty at West Point, where he started the Academy's information security program.

During his time at Merit, Don won many awards. In 2010 he was named the "Grant Thornton/Lawrence Tech Leader and Innovator of the Year" as well as one of Michigan's Top CEOs by Corp! Magazine. In 2012 he was honored by the White House as a "Champion of Change" for leading one of the best infrastructure projects funded by the Recovery Act. In 2013, Merit won the 21st Century Achievement Award from the Computerworld Foundation.

Don served for 25 years in the U.S. Army, attaining the rank of Colonel and earning the Legion of Merit for his service. During his time, he has earned the Army's Ranger Tab and Paratrooper Wings.

Don received a B.S. from the United States Military Academy, West Point, New York, a M.S. in Computer Science from California Polytechnic State University, San Luis Obispo, and he earned a Ph.D. in Computer Science from the University of Maryland, College Park.

Don lives in Ann Arbor with his wife Jennifer. His three oldest children are either U-M graduates or students while his youngest cheers for Michigan sports teams. Don coaches youth lacrosse and enjoys playing blues and surf guitar.

Sol Bermann

University Privacy Officer, University of Michigan


Sol Bermann (CIPP) is the university privacy officer and IT policy and compliance strategist. He provides thought leadership in shaping institutional policy and practices and participates in the national discourse on privacy, IT security, and policy issues of strategic concern to higher education. Sol works in close coordination with university IT governance committees and works broadly across the university, collaborates with colleagues at other institutions, participates in leadership positions on national associations such as EDUCAUSE, and sits on various advisory and policy committees. He is a frequent author and presenter on privacy, IT security, incident response, and IT policy, and he is co-author of Information Privacy: Official Reference for the Certified Information Privacy Professional (CIPP).

Prior to joining U-M, Sol was the director of international privacy for Walmart. Before that, he was chief privacy officer for the state of Ohio. He served as associate director of the Center for Interdisciplinary Law and Policy Studies at the Ohio State University Moritz College of Law and taught as adjunct faculty in OSU's international studies program. Sol holds a B.A from Beloit College, an M.A. from the University of Virginia, and a J.D. from the Ohio State University Moritz College of Law.