Board of Directors
Steven B. Lipner – Executive Director, SAFECode
Steven B. Lipner is a pioneer in cybersecurity with over 40 years’ experience as a general manager, engineering manager, and researcher. He retired in 2015 from Microsoft where he was the creator and long-time leader of Microsoft’s Security Development Lifecycle (SDL) team. While at Microsoft, Lipner also created initiatives to encourage industry adoption of secure development practices and the SDL, and served as a member and chair of the SAFECode board.
Lipner joined Microsoft in 1999 and was initially responsible for the Microsoft Security Response Center. In the aftermath of the major computer “worm” incidents of 2001, Lipner and his team formulated the strategy of “security pushes” that enabled Microsoft to make rapid improvements in the security of its software and to change the corporate culture to emphasize product security. The SDL is the product of these improvements.
At Mitretek Systems, Lipner served as the executive agent for the U.S. Government’s Infosec Research Council (IRC). At Trusted Information Systems (TIS), he led the Gauntlet Firewall business unit whose success was the basis for TIS’ 1996 Initial Public Offering. During his eleven years at Digital Equipment Corporation, Lipner led and made technical contributions to the development of numerous security products and to the operational security of Digital’s networks.
Throughout his career, Lipner has been a contributor to government and industry efforts to improve cybersecurity. He currently serves as the chair of the U.S. Government’s Information Security and Privacy Advisory Board (ISPAB). Lipner was one of the founding members of the board’s predecessor and is now serving his third term as a board member. He was elected in 2010 to the Information Systems Security Association Hall of Fame, in 2015 to the National Cybersecurity Hall of Fame and in 2017 as a Fellow of (ISC)2 and to the National Academy of Engineering. He holds an appointment as adjunct professor of computer science at the Institute for Software Research, School of Computer Science of Carnegie Mellon University and is named as coinventor on twelve U.S. patents.
David Lenoe – Vice Chair, SAFECode; Director, Secure Software Engineering, Adobe
David Lenoe is Director, Secure Software Engineering at Adobe. In his role, Lenoe manages the Product Security Incident Response Team (PSIRT) dedicated to responding to and communicating about security issues, as well as the Adobe Secure Software Engineering Team (ASSET) responsible for ensuring Adobe’s products are designed, engineered and validated using security best practices. Lenoe is also responsible for Adobe’s vulnerability information sharing via the Microsoft Active Protections Program (MAPP). Lenoe represents Adobe on SAFECode’s Board of Directors.
Lenoe joined Adobe as part of the Macromedia acquisition in 2004. At Macromedia, Lenoe held several management and engineering positions in the areas of product security, product management and quality assurance.
Lenoe earned a BA in Japanese language and literature from Connecticut College.
Adobe is changing the world through digital experiences. For more information, visit www.adobe.com.
Eric Baize – Chairman, SAFECode; Vice President, Product & Application Security, Dell Technologies
Throughout his career, Eric Baize has been passionate about building security and privacy into systems and technology from design to deployment. He currently leads Dell’s Product & Application Security organization and serves as Chairman of SAFECode.
At Dell, Eric leads the organization responsible for driving enhanced security practices into the lifecycle of all Dell products and internally developed cloud and IT applications. His responsibilities include managing the Secure Development Lifecycle (SDL) and the Product Security Incident Response Team (PSIRT) for the company.
Eric joined Dell through its merger with EMC where he built the highly successful EMC Product Security Office from the ground up. He was also a member of the leadership team that drove EMC’s acquisition of RSA Security, and he helped lead RSA’s cloud and virtualization strategy. Prior to joining EMC in 2002, Eric held various positions for Groupe Bull in Europe and in the US.
Eric has served on the SAFECode Board of Directors since the organization was founded in 2007. He holds multiple U.S. patents, has authored international security standards and is a regular speaker at industry conferences.
Follow Eric Baize on Twitter: @ericbaize
Souheil Moghnie – Technical Director and Security Architect, Norton LifeLock
Throughout his professional career, Souheil Moghnie has been working in the software security domain with hands-on experience on developing, testing, and managing security products. He joined Norton LifeLock in 1999 and then worked at Microsoft for a few years before coming back to Norton LifeLock. Since 2012 Mr. Moghnie has been working as a Software Security Architect, Coach, and a Security Advisor within the Software Security Group and the Norton BU at Norton LifeLock where he co-authored the company’s Secure Development Life Cycle, managed the last company-wide security audit, developed and pioneered security best practices, trained sr. engineers in various areas of software security, and much more.
In addition, Mr. Moghnie is also heading the Encryption Review Board and the Open Source Security Review Board at Norton LifeLock. He also provides instructor-led training within Norton LifeLock in the areas of Threat Modeling, Secure Development, Security Testing, and Security Awareness.
Finally, Mr. Moghnie has a Master’s degree in Computer Science from California State University, Northridge (CSUN), and a Bachelor of Science in Computer Science from University of California, Los Angeles (UCLA). He is also a Certified Information Systems Security Professional (CISSP).
Experienced Security Engineer with a demonstrated history of working in the semiconductors industry. Strong arts and design professional skilled in Embedded Software, Device Drivers, Perl, C++, and Software Design.
Tristan started working for Siemens Corporation in 2005 as an electrical engineer where he was involved in several product developments in the Industrial Automation domain. Throughout his career he worked on improving quality and security of software and hardware.
Since 2018 Tristan has been working as a Software Security Architect and Researcher for Siemens Corporate Technology in Princeton New Jersey.
Tristan earned his bachelors degree from the Technical University in Nuremberg, Germany.
Valecia Maclin – General Manager Engineering, Customer Security & Trust Microsoft Corp.
Valecia Maclin joined the technology leader Microsoft Corp. in 2018. As the General Manager Engineering, Customer Security and Trust, she is responsible for advancing customers’ trust in Microsoft products and services through providing engineering solutions to Microsoft’s Digital Crimes Unit, Law Enforcement and National Security Programs, Government Security Program and corporate-wide security development lifecycle governance. Prior to Microsoft, Maclin spent nearly two decades with Raytheon Co. in Maryland and Virginia. Leadership positions with the technology company included directing large mission critical programs in cybersecurity and national security in support of multiple intelligence agencies; the U.S. Department of Homeland Security; U.S. Department of Defense; and several federal civilian agencies. Respected and recognized in her field, Maclin has been featured on TV and in print, including “Fox Business News,” “Defense News,” “Jane,” and “Dark Reading,” among others. She is often called upon as a spokesperson and panelist on cybersecurity, leadership and developing the next generation workforce.
Maclin has received numerous industry awards and recognitions, including a 2008 Black
Engineer of the Year Award for Professional Achievement from US Black Engineer and Information Technology Magazine published by Career Communications, Inc. She also is the coauthor of an Air Force Academy textbook on project management. Maclin is a graduate of Duke University, with a Bachelor of Science in Engineering in Mechanical Engineering and Materials Science. She also earned a Master of Science in
Management of Technology from the University of Pennsylvania Wharton School of Business.
Additionally, Maclin holds the following professional certifications: PMP; CISSP; ISSMP; GSLC; ITIL; Six Sigma; and Agile SCRUM Master.
Maclin is a transformative leader who is passionate about building the next generation of technology leaders. A board member of SAFECode and former board member of the National Cybersecurity Alliance, Maclin also invests her personal time in STEM initiatives, as well as diversity and inclusion in technology. A native of suburban Washington, D.C., her community involvement includes coordinating the humanitarian efforts of Washington area churches to Africa, as well as regularly supporting the needs of the homeless there. Maclin’s outside interests include traveling, jogging, cooking and reading.
Follow Valecia Maclin on Twitter: @ValeciaMaclin
Megan Cannon - Senior Program Manager, SAFECode
Megan Cannon, Senior Program Manager, Virtual, inc., has worked with SAFECode since 2016, helping SAFECode achieve its mission by providing strategic guidance and operational support to the board of directors and technical leadership council. Before Virtual, Megan worked in higher education and theatre, where she helped children make healthy choices and see through media messages, assisted Batman with crime-fighting, and wrangled elves for Santa at Macy's in NYC. Fun Fact about Megan, she can teach anyone to juggle!
Stacy Simpson - Marketing Director, SAFECode
Stacy Simpson has nearly 20 years of experience helping companies and non-profit organizations in the cyber security industry communicate in a compelling and meaningful way. Stacy combines security industry knowledge with diverse expertise in marketing, public relations, government relations, freelance writing and association management to create industry guidance, communications campaigns, and online/print content that speaks directly to targeted audiences without relying on meaningless buzzwords or incomprehensible tech speak. She has worked with SAFECode since its founding and can often be found brainstorming blog post ideas while running the trails around her neighborhood.