Terry Gold, Founder
Terry is the founder of D6 Research, a vendor-neutral research and advisory firm specializing in the intersect of physical and cybersecurity. His background spans the domains of information security, physical security, and ethical hacking. Over the past 15 years, Terry has built unique methodologies and advised a notable portion of F500 companies in developing strategies to mitigate real-world threats.
At D6 Research, Terry researches the evolution within the physical security industry and producing in-depth reports that inform practitioners with actionable guidance toward transformation. In this role, his focus spans three key areas; 1) analyzing the effectiveness of existing industry practices, 2) understanding demands of next-generation practices, 3) make predictions and build models that validate improvement concepts.
Terry has been one of the most outspoken critics of the physical security industry which has lagged behind its information security counterpart – despite becoming increasingly similar in attack surface and risk profile. He’s brought significant awareness of vulnerabilities, design and practice improvements across the industry; from end users to vendors, to partnering with law enforcement and training white hats.
Through his research and assembly of unique assessment models, he’s led strategy engagements for a storied list of F500 companies in transforming their security programs toward improvement by repudiating generally accepted industry practices. His unique combination of technical and business process skills enables him to focus on measurable outcomes and innovative approaches that move physical security programs from perceived cost centers to an organizational enabler and respected stakeholder.
Terry’s methodology is focused on deconstructing the silo in which physical security has traditionally operated and bring into alignment with CISO and executive stakeholder objectives. His work studies the unique demands of different industries and analyzes how cybersecurity, IT Ops, governance, and related maturity models can be integrated into the physical security paradigm. He spends a significant portion of this time working with the hacker community, building new concepts, and stress testing them in some of the largest companies in the world to validate their effectiveness.
Since launching D6 Research, he’s created a number of industry “firsts” and has made a series of predictions, often times unpopular, that have come to fruition. While currently hot topics, Terry has been developing artificial intelligence, machine learning, and mobility use cases for physical security for the past five years and cybersecurity for over a decade. He’s also built the industry’s first identity convergence concept, expansive threat model, and a series of real-time assessment tools that measure security effectiveness projected outcomes and cost for the most complex of environments.
Before founding D6 Research, he launched a startup with former colleagues called idOnDemand which was the first commercially available cloud-based smart card infrastructure that issued, managed and delivered high-grade secure identity credentials to enterprise organizations. As a member of the executive team, he was key in internalizing the market strategy, customer requirements, service functionality, and delivery of client assessments and implementation across both physical and information security domains. idOnDemand was acquired by Identive Group in 2011.
Prior, at ActivCard, he focused on authentication, access control, and securing assets in both physical and IT security primarily through the consulting, deployment and delivery of large-scale PKI-based smart card solutions, one-time password tokens, and Single Sign-On. At Cloakware, a company focused on helping enterprises effectively manage their super-user and admin privileged audience access credentials, he helped organizations close one of the most dangerous threat vectors.
In 2004, while at Bioscrypt, a leading fingerprint biometric technology company that was focused on providing best-of-breed authentication readers to physical door access points, he was tasked to develop a technical and market strategy to enter into the IT authentication market. He directed what was one of the first commercially available “converged” facility and IT system access solutions that could not only use the same credential across both realms but also grant or deny permissions based on activities in the other environment.
Prior to Bioscypt, he worked for SilverStream Software, an enterprise application integration (EAI) and Web Services pioneer that was later acquired by Novell where his charter was to combine web and identity and web services to integrate disparate systems and deliver optimized user experience for next-generation business automation initiatives.
Terry is frequently published in media and presents at various conferences including DEFCON, DerbyCon, Security BSides, and ISC West. He’s a current board member of Security B Conferences of California, ISC West SIA Education Advisory Member, and SC Awards Judge and former board member of ISSA Orange County.
Chengwei Cheng, Senior IAM Analyst
Cheng has over 15 years of experience in designing, delivering, and managing complex Identity and Access Management solutions, programs and implementations.
Having a broad scope of experience both from technical and business perspectives, Cheng has architected solutions for vendors and client delivery in areas of digital identity management, privileged access, federation, SSO and authentication. His ability to understand technology at a low level but also apply it to the overall ecosystem and market enables him to provide unique, relevant and insightful analysis.
At Hitachi-ID, he was the technology evangelist working with various Fortune 1000 customers to bring identity management projects from proof of concept to production. He also performed research and analysis on the competitive landscape to help define product roadmap.
Prior to prior to working with Hitachi-ID, Cheng managed the identity and access management services offering at IBM as a Global Offering Manager. In addition to offering development, he was responsible for developing much of the knowledge base that consolidated best practices and methodologies for global identity management projects.
Cheng has a BS in Physics from the UCLA, with specialization in applied mathematics and has training in digital forensic analysis and technology management programs.
Josh Chin, Security Vulnerability Expert
Josh Chin is a Founder, and Managing Partner with Net Force, with more than 12 years experience in Cyber Security. Josh’s professional focus is directed at strategic and holistic cybersecurity advisory and digital investigations.
Josh has both managed and executed cyber threat assessments for state government agencies, law firms, and global enterprise organizations. His career vitae include Executive Board Member and Competition Developer with the Western Regional Collegiate Cyber Defense, Administrator, Mentor, Speaker, Lecturer, Information Security and Audit Specialist, and U.S. Cyber Challenge Cyber Camp Advisor. As a frequent speaker, Josh introduces the concept of digital forensics and cybersecurity.
Josh is a graduate of California State Polytechnic University Pomona and holds a Bachelor of Science in Business Administration with a concentration in Computer Information Systems.
