Our Team

As a partner in Delta Risk, Dr. Rattray brings an exceptional record in establishing program strategies for cyber security initiatives across both the government and private sectors. He has led policy formation, operational innovation, and human capital development in a variety of large and medium enterprises in the Department of Defense and U.S. Air Force. Most recently, he was responsible for overseeing information assurance engagement with defense industrial base partners. He has served as a senior security adviser on foreign investments for the U.S. government regarding corporate acquisitions and outsourcing concerns in the telecommunications and information technology sector.

From 2002 to 2003, he was an Air Force Fellow serving on the President's Critical Infrastructure Protection Board. During his tenure he was a key contributor to the President's National Strategy to Secure Cyberspace and served on the White House team for legislation and policy on the establishment of the Department of Homeland Security. He developed the first national cyber security exercise program (Livewire, then Cyber Storm) involving federal, state, and local governments, as well as the private sector. He also established the Cyber Conflict Studies Association to ensure U.S. national efforts were guided by a deeper well of intellectual capital with over 200 individuals from private industry, think tanks, government and academia.

As the Director for Cyber Security on the National Security Council staff from 2003 to 2005, he led national policy development and NSC oversight for cyber security to include the Executive Order on Information Sharing, Homeland Security Policy Directives on Critical Infrastructure and Incident Response, the establishment of cyber security roles for the Department of Homeland Security, and interagency responsibilities in the National Response Plan. His experience at the national level is considerable:

• Orchestrated an interagency, international cyber strategy to include U.S. position in the United Nations, the World Symposium on an Information Society, interaction with ICANN, and in regional forums.
• Directed White House oversight of a $400 million Iraq telecom reconstruction program, establishing a national first responder network and ensuring private sector cellular investment.
• Led national planning to address security issues tied to global risks related to telecommunications and information technology.
• Drove cyber security operational planning and ensured private sector coordination in government continuity and critical infrastructure protection programs as a National Security Telecommunications Advisory Committee member and Interagency National Cyber Response Coordination Group.

Dr. Rattray is a Full Member, Council on Foreign Relations, since 2002, and a member of the Cyber Conflict Studies Association Board; InfraGard National Advisory Board; and the Armed Forces Communications and Electronics Association. He received his Bachelor's Degree in Political Science and Military History from the U.S. Air Force Academy; a Master of Public Policy from the John F. Kennedy School of Government, Harvard University; and his Doctor of Philosophy in International Affairs from the Fletcher School of Law and Diplomacy, Tufts University, with distinction. He is the author of the seminal book Strategic Warfare in Cyberspace.

Mr. Schmidt leverages his extensive experience in the private and public sectors on behalf of Delta Risk clients. He brings unmatched expertise on risk analysis and threat mitigation within the Banking and Finance sectors, having led financial service industry exercise and evaluation development across global enterprises. He personally coordinated the participation of the Financial Services Industry and various federal agencies in a series of nation-wide events - including the ground-breaking Livewire cyber exercise, which was designed to exercise senior level decision-making capabilities in cooperation with the National Security Council (NSC) at the White House, and the Institute for Security Technology Studies at Dartmouth College (ISTS).

Prior to his tenure as the President/CEO of the InfraGard National Members Alliance, Mr. Schmidt served on its Board of Directors and was responsible for reshaping the corporate governance of the 84 private sector entities. He redefined and clarified the nature of the partnership with the FBI to facilitate complementary understandings with a variety of organizations including the Departments of Homeland Security, Treasury, and Commerce.

Before forming Delta Risk, Mr. Schmidt provided portfolio protection to global financial institutions as an Options Trader in energy, treasury, precious metal, currency, grain, livestock, and Dow Jones options, as well as similar index options like the S&P 500, OEX, and SPX at the Chicago Board Options Exchange (CBOE), Chicago Board of Trade (CBOT), and Chicago Mercantile Exchange (CME). During that time, he was a Special Liaison to the Office of the Chairman on computer security (CBOE), working with the National Security Agency (NSA) and several private contractors to develop a coherent strategy for detecting and repelling the systematic breach of CBOE systems. He continues to be an active member of the financial service industry, contributing substantially to government regulatory reassessments and business process enhancements for the Chicago Commodity and Options Exchanges, among other organizations.

Mr. Schmidt is a founding member of the Cyber Conflict Studies Association and continues to aid the organization in achieving goals and objectives that advance strategic-level cyber conflict studies. He received a Bachelor's Degree in Political Science from Valparaiso University, and he holds a Series 7 Certification.

Mr. Fogle is a leader in cyber exercise design and innovation. He developed and executed the first-ever BLACK DEMON network defense exercise for the U.S. Air Force, as well as transitioning it into the Joint exercise BULWARK DEFENDER - DoD's largest cyber defense exercise. His experience includes combining range and simulated infrastructures into large-scale exercises and demonstrations, as well as integrating cyber operations and critical infrastructure protection.

As a partner in Delta Risk, Mr. Fogle brings a unique background. He developed concepts for DoD cyber operations encompassing assessment of vulnerabilities of complex systems and managing inherent operational risks; instituted information sharing forums for harnessing critical infrastructure expertise within DoD, Interagency, and National laboratories; and led efforts to analyze vulnerabilities in and protection of critical infrastructures and related control systems. He has briefed senior decision makers on protection and mitigation strategies for Supervisory Control and Data Acquisition (SCADA) systems, and has conducted advanced research in cyber security and steganography. He authored a thesis on steganalysis - detection of covert digital communications channels - a ground-breaking endeavor at the time which influenced computer forensics for counterintelligence and law enforcement.

He is an experienced trainer and courseware developer for international audiences. He specializes in courses on enterprise risk assessment and risk management, business continuity planning, advanced cyber threats and mitigation strategies, and exercise design and execution.

Mr. Fogle received his Bachelor's Degree in Computer Science from the University of Maryland, and a Master's Degree in Computer Systems - Information Warfare, from the Air Force Institute of Technology. He is an (ISC)2 Certified Information Systems Security Professional (CISSP), a member of InfraGard, and the Association of Contingency Planners.

Jason Healey has worked cyber security policy and operations since 1996—from the White House to Wall Street. In addition to being a world-class cyber defense strategist, he has experience in crisis management, business continuity, and intelligence collection and analysis.

His role in Delta Risk centers around building relationships for the company in the Washington, DC area and using his unique expertise to help our clients' become more secure in cyberspace.

Most recently, he worked for Goldman Sachs in Hong Kong - first as the Asia head of business continuity, then Crisis Manager, overseeing preparation and response for all hazards in Asia including the Sichuan earthquake, terrorist attacks in India, and the 2006 Asia-wide network outages. Earlier in his career, working from New York, Jason was Goldman’s first computer emergency response coordinator and was also the vice chairman of the Financial Services Information Sharing and Analysis Center.

During his time at the White House as Director of Critical Infrastructure Protection, he assisted the President in prioritizing and overseeing the government's efforts in cyber security, resilient telecommunications, and infrastructure protection. Jason helped create and implement Homeland Security Presidential Directive 7, the National Strategy to Secure Cyber Space, the National Response Plan, and the National Infrastructure Protection Plan.

Jason is a founding board member of the Cyber Conflict Studies Association which seeks to create a multidisciplinary discussion of issues related to warfare in cyberspace. He is a Certified Information Systems Security Professional (CISSP), has a Bachelor’s Degree in Political Science from the US Air Force Academy and Master’s Degrees in Liberal Arts (Johns Hopkins University) and Information Security (James Madison University).

Jennifer L. Bayuk, the Security Systems Engineering Program Director, is experienced in virtually every aspect of the field of information security. She specializes in security roadmaps, and is engaged in a wide variety of industries, involved in projects ranging from security architecture to security governance. She has been a Wall Street chief information security officer, a manager of information systems internal audit, a Price Waterhouse security principal consultant and auditor, and a security software engineer at AT&T Bell Laboratories. While in financial services, Bayuk chaired the Securities Industry and Financial Markets Association Information Security Subcommittee and the Financial Services Sector Coordinating Council Technology R&D Committee. Working with the Department of Treasury’s Office of Critical Infrastructure Protection, she coordinated committee activities to support the Department of Homeland Security’s National Infrastructure Protection Plan. Bayuk frequently publishes on IT governance, information security, and technology audit topics. She has authored two textbooks by the Information Systems Audit and Control Association: Stepping through the IS Audit and Stepping through the InfoSec Program. A third book on Enterprise Security for the Executive, Setting the Tone from the Top is written for executive managers with a desire to provide security leadership. Jennifer has also co-edited a collection of works on Enterprise Information Security and Privacy for Artech House and is currently editing a forthcoming collection of works on Cyber Security Forensics for Springer. She has lectured for organizations that include the Computer Security Institute, the Institute for Information Infrastructure Protection, the Information Systems Audit and Control Association, the National Institute of Standards and Technology, and the SysAdmin, Audit, Network, Security Institute. She is a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), a Certified Information Security Auditor (CISA), and Certified in the Governance of Enterprise IT (CGEIT).

Dr. C. Warren Axelrod's career has been predominantly in the information technology, security and privacy areas of financial services firms such as SIAC, HSBC Securities and Pershing. Most recently, he was the Chief Privacy Officer and Business Information Security Officer for US Trust, the private wealth management division of Bank of America.

He is preoccupied with security and critical infrastructure protection issues in the financial services industry, as well as at the national level. He is a member of the FSSCC R&D Committee and contributed to the FSSCC Research Agenda. He represented financial services information security interests at the Y2K command center in Washington, DC during the century date rollover. He is a co-founder of the FS/ISAC (Financial Services Information Sharing and Analysis Center) and served two terms on its Board of Managers. He testified at a Congressional Hearing in 2001 on cyber security and contributed a section in the Banking and Finance Sector's National Strategy for Critical Infrastructure Assurance, published in 2002. He is a member of the Cloud Security Alliance and is a co-leader of the workgroup responsible for updating the sections on application security, portability and interoperability of the CSA Security Guidance for Critical Areas of Focus in Cloud Computing.

Dr. Axelrod received the 2009 Michael Cangemi Best Book/Best Article Award presented by ISACA for his article "Accounting for Value and Uncertainty in Security Metrics," published in the Information Systems Control Journal, Volume 6, 2008. He was honored with the prestigious Information Security Executive (ISE) Luminary Leadership Award in 2007. He received a Computerworld Premier 100 IT Leaders Award in 2003 and a Premier 100 Best in Class award.

Dr. Axelrod has written three books, two of which were on computer management, as well as numerous articles on a variety of information technology and information security topics. His third book is Outsourcing Information Security, published in 2004 by Artech House. He is the coordinating editor of the book Enterprise Information Security and Privacy (Artech House, 2009. Among his recent publications are chapters in Information Assurance in Financial Services, Social and Human Elements of Information Security: Emerging Trends and Countermeasures and the Handbook of Research on Social and Organizational Liabilities in Information Security (IGI Global, 2007, 2008, 2009 respectively). His article "Investing in Software Resiliency" appeared in the September 2009 issue of CrossTalk magazine.

He holds a Ph.D. in Managerial Economics from the Johnson Graduate School of Management at Cornell University, and an Honors Master's Degree in Economics and statistics, as well as a first-class Honors Degree in Electrical Engineering, both from the University of Glasgow, Scotland. He is certified as a CISSP and CISM and acquired NASD Series 7 and Series 24 licenses.

For Delta Risk, Mr. Evans provides adversary perspective and threat knowledge to cyber security initiatives. He contributes strategic advice and forward looking thought to senior DoD executives. Further, he designed a cyber security assessment framework promoting objective evaluations of an enterprise's people, processes and technology, along with a set of metrics to cross-compare enterprise cyber risk. In his role as a trainer, he developed a Domain Name System threat awareness course for an international audience of internet domain registry operators.

Prior to Delta Risk, Mr. Evans led the development of an operational cyber warfare unit in the Air Force. He led efforts to create virtual environments and scenarios for network penetration and target replication for Joint, service and internal exercises / training. He built and delivered technical, hands-on training courses covering offensive and defensive aspects of network security. He has led multiple seminars on various network security topics worldwide. He has led small to medium sized teams in the development of advanced network vulnerability testing capabilities. He has participated in multiple exercises at the Joint and Service levels, executing tasks as the red cell and IO opposition force (OPFOR). He has served as the chief communications engineer for a deployable communications unit and led the unit's transition from legacy equipment to a state-of-the-art mobile communications suite. Prior to his work with the Air Force, Mr. Evans worked at NASA's Jet Propulsion Laboratory designing and developing automated test beds for multiple innovative technologies.

Mr. Evans' academic background includes a BS in Electrical Engineering from the Illinois Institute of Technology, and a MS in Computer Science - Robotics from the University of Southern California. He is a Certified Ethical Hacker (CEH), CompTIA Project +, CompTIA Security+ and CompTIA Network+ certified.

Prior to joining Delta Risk, Mr. Warren led the development of tools and tactics supporting network penetration testing teams in their assessment of the DoD networks. He managed over $10.2M in IT equipment providing an Operational Test and Evaluation network warfare operations range to test future DoD information operations tools and systems. Under his leadership, his range became a premier node on the DoD range infrastructure, able to integrate with geographically distributed resources supporting operations, exercises, and training. He has also led cyber red teams in assessing the operations and security of DoD unclassified networks in support of major Joint exercises.

Early in his career, Mr. Warren was responsible for the information technology infrastructure for enterprises equivalent to small cities. His responsibilities spanned IP-based network and automated office systems, copper and fiber plant infrastructures, and management of multiple telephone switch architectures.

Mr. Warren is an (ISC)2 Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and is CompTIA Security+, CompTIA Project + certified. He received his Bachelor's Degree in Electronic Engineering Technology and his Master's Degree in Management Information Systems from Texas A &M University in College Station, Texas.

Mr. Hernandez brings 15 years of analysis and security experience in the area of Information and Communication Technologies to the Delta Risk team. Prior to Delta Risk, Mr. Hernandez led Operational Security teams performing assessments globally for the DoD. He led efforts to create scenarios and operational requirements based on real world threats in the cyber security domain. He has worked as an Engineering Test Manager in support of tactics development and enterprise information system deployments. During his role as Deputy Project Manager in support of Information Operations his team received Presidential Recognition for their work in cyber security tactics development. In the private sector he has worked as a Business Analyst for financial and telecommunications organizations; where the primary focus was on information security and compliance. He supported network operations and system engineering implementation of new technology for multiple wireless & landline carriers throughout the United States, Germany and Mexico.

Mr. Hernandez has worked as a college professor, instructing courses in Criminal Justice with a focus on Cybercrime. He has also instructed and mentored students through a curriculum created for Cisco, Comptia, and ISC2 certification tracks. Currently he is working on a collaborative effort, creating course content for the DoD in the field of Cyber Security.

Mr. Hernandez is a working group board member for the Business Continuity Institute aiding in the maturation of professional education requirements. He is an advisory board member for Technology Connexus, a non-profit, focused on developing educational and technology alliances in South Texas. He received an MBA in Computer Resource & Information Management from Webster University and currently working towards his Doctorate in Business Administration. He holds the following certifications CISSP, ITIL, MBCI, CompTIA Network+, CompTIA Project+, CompTIA Security +, and ISFS (ISO 27002).