Mark Graff

  • Cybersecurity Visionary
  • Founder Cybersecurity Working Group, World Federation of Exchanges

Mark Graff was one of the first to understand how important it is to keep us safe from cyber attack, and for almost thirty years has defended critical assets – the electrical grid, our stock exchanges, our nuclear weapons facilities, and even a few famous museums. He recently served three years as the Chief Information Security Officer for NASDAQ, and now has returned to private practice as founder and CEO of Tellagraff, LLC.

Mark has briefed the U.S. Congress, the Pentagon, and many of our top national national security installations and corporations, and appeared on CNN, CNN International, CBS and other major networks. Mark has delivered keynote addresses to audiences around the world, from London to Buenos Aires to Qatar. Mark Graff will make your event uniquely informative and memorable.

 

 
  

Add to my speaker list
Mark Graff headshot
Explore Mark Graff's Talks
Expand all >

Mission Impossible: How We Will Keep Ahead of Future Hackers and Spies

Target audience: InfoSec, Technical Summary: The future of malware and adaptive incident response, from a leading visionary in cyber security. How will the bad guys come at us? How will we know, and what will cyber defense look like twenty years or more in the future? Few futurists are asking these ...

Target audience: InfoSec, Technical
Summary: The future of malware and adaptive incident response, from a leading visionary in cyber security. How will the bad guys come at us? How will we know, and what will cyber defense look like twenty years or more in the future? Few futurists are asking these questions. Fewer still have a proven track record of prediction, and the record of success to back those predictions up.

Make It Stop! Five Cyber Security Mistakes You Must Avoid

Target audience: Small/Medium Business Summary: What Small to medium businesses can do to ward off/limit cyber attack. Concrete steps for protecting your enterprise networks, from one of the world’s most experienced cyber defenders. Topics include: how to select and use patch and anti-virus s ...

Target audience: Small/Medium Business
Summary: What Small to medium businesses can do to ward off/limit cyber attack. Concrete steps for protecting your enterprise networks, from one of the world’s most experienced cyber defenders. Topics include: how to select and use patch and anti-virus software; running a good security program; how to respond to an incident; and finding third-party vendors with good cyber hygiene.

Rats in the Attic: Hacker-Proofing Your Home Network

Target audience: General Summary: America’s most experienced cyber defender shows you, step by step, how you can keep pests out of your home network. Every home network in the country these days is either under attack already, or overdue. Learn what you can do to protect you, you loved ones, ...

Target audience: General
Summary: America’s most experienced cyber defender shows you, step by step, how you can keep pests out of your home network. Every home network in the country these days is either under attack already, or overdue. Learn what you can do to protect you, you loved ones, and your assets.
 

See the Asphalt, Not the Road

Target audience: General Summary: What do good attackers and great defenders see that others do not, when they look at a network or a web site? Is there a way for the average person to learn the skill of finding the weak spot in the armor? If both the good guys and the bad guys automate the proces ...

Target audience: General
Summary: What do good attackers and great defenders see that others do not, when they look at a network or a web site? Is there a way for the average person to learn the skill of finding the weak spot in the armor? If both the good guys and the bad guys automate the process of finding security bugs, which side will prevail?

Why Good People Write Bad Code

Target audience: General Summary: Underlying reasons for vulnerabilities in software and other complex systems, and how to avoid them. Where do all these bugs come from – is it stupidity, apathy, a conspiracy? Get the answers from the author of the first-ever book on the subject (Secure Codin ...

Target audience: General
Summary: Underlying reasons for vulnerabilities in software and other complex systems, and how to avoid them. Where do all these bugs come from – is it stupidity, apathy, a conspiracy? Get the answers from the author of the first-ever book on the subject (Secure Coding, 2003), and hear what 40+ years of programming has taught him about security quality.
 

Apes Make Easy Targets

Target audience: General Summary: The Simian risk model, which evolved on the savannahs of Africa, is spectacularly ill suited to make risk decisions on the Internet. Hear about how your brain downplays threats that are located a great physical distance away, and how your risk assessment skills mak ...

Target audience: General
Summary: The Simian risk model, which evolved on the savannahs of Africa, is spectacularly ill suited to make risk decisions on the Internet. Hear about how your brain downplays threats that are located a great physical distance away, and how your risk assessment skills make you an easy target for attackers around the world. Learn how to compensate for these shortcomings to better protect the people and things that are important to you.
 

Learn more about Mark Graff
Biography

America’s most experienced cyber defender, and an acknowledged visionary in the field for decades, Mark Graff is the founder and CEO of Tellagraff, LLC.

Graff is a seasoned Chief Information Security Officer, having filled that role for NASDAQ for three years and Lawrence Livermore National Laboratory for nine. While at NASDAQ, Graff founded and chaired for the World Federation of Exchanges the first international organization of executives responsible for the cyber safety of the world’s stock exchanges. He was named Internet Security Executive of the Year for the Northeast United States in 2014.

Graff has lectured on risk analysis, the future of cyber security and privacy, and other topics before the American Academy for the Advancement of Science, the Federal Communications Commission, the Pentagon, the National Nuclear Security Administration, and many other U.S. national security facilities and “think tanks.” He has appeared as an expert witness on cyber security before both Congress and the Presidential Commission on Infrastructure Survivability, and served as an expert witness on electronic voting machine software for the state of California. In the Nineties he served two terms as chairman of the international Forum of Incident Response and Security Teams (FIRST), the world’s preeminent body of incident response (CSIRT) practitioners.

Graff’s latest book, Enterprise Security Software: a Confluence of Disciplines (Addison-Wesley Professional) explains how to work with software developers and security practitioners to produce integrated security solutions for business. His 2003 work, Secure Coding: Principles and Practices, has been used at dozens of universities around the world to teach how to design and build secure software-based systems.

Graff has recently been seen on CNN, CNN International, CBS and other major networks as a Cyber Security expert. 

Graff holds a B.S. in Computer Science from the University of Southern Mississippi. His base of operations is New York City.