Diana Kelley, Partner

Diana is currently employed full time as the Executive Security Advisor for IBM Security and serves only as an advisor to SecurityCurve.

Diana is an internationally recognized information security expert, speaker, strategic advisor, market analyst and writer. She has over 20 years of IT security experience including: risk management development, compliance advisement, project management, systems and network architecture development and hands-on implementation. In the course of her career she has delivered security advisory services to IBM, Microsoft, the US Government, Intel, Bank of America and Merrill Lynch, Shell, PKWARE, Symantec and CA.

She is an energetic and organized team leader. She has extensive experience as an author of large, detailed research documents and short, timely editorials and blog posts. She understands the non-technical side and is adept at bridging the gap between IT and business constituents. She has a track-record in technical pre-sales support, and innovative sales and marketing strategy development. Diana is known for delivering solutions that are on track, on time and on budget.

Diana founded SecurityCurve in April of 2003 to provide risk-focused advisory services to enterprises and deliver strategic, competitive knowledge to enterprise customers and security software vendors. At SecurityCurve her strategic advisory and delivery clients include: Core Security, Fortify, IBM, Intel (in partnership with Spire Security), Microsoft, PKWARE, Prism MicroSystems, Third Brigade (acquired by Trend Micro), and Veracode.

Prior to returning to SecurityCurve in January 2008, she was Vice President and Service Director for the Security and Risk Management Strategies (SRMS) service at Burton Group. Diana was the Executive Security Advisor for CA’s eTrust Business Unit. At CA she was responsible for advising customers on strategic security solutions and helped guide CA’s security business. She served as the Vice President of Security Technology for Safe3W, Inc (acquired by iPass), a provider of strong, two factor authentication. Representing Safe3W she was actively involved in the Technical Group for NACHA’s Project Action. And she was a security industry Analyst with Baroudi Bloor, a top-tier analyst firm where she delivered strategic advice to, among others, IBM and Psionic (acquired by Cisco.)

Diana was the General Manager of a development group at Symantec Corp and the media spokesperson for the company on the 2000 “Proactive Security Tour”. She was the Vice President of Corporate Development for LockStar and helped the company succeed in being named to the Red Herring “Top 50 Companies in the Digital Universe”. At The Hurwitz Group, Diana was the Senior Security Analyst and provided executive strategy advice to Entrust and other clients. She served as a Manager in KPMG’s Financial Services Consulting practice, where her clients included Bank of America, General Electric, Merrill Lynch, MetLife and The Travelers.

At Dataware Technologies she was the Manager Corporate Systems Administration and was responsible for 9 Internationally distributed sites, and all aspects of Lotus Notes, Novell, Unix, MS Exchange server, firewall and security administration. She has experience in managing penetration testing, conducting security audits and has been certified on a number of security products including the original TIS Gauntlet, IBM RACF Security Administration and HP Virtual Vault.

Diana speaks frequently at major conferences: RSA, WiFi Planet, BlackHat, InfoSec World, NetWorld/InterOp, The Internet Security Conference, and ComDex. She served on the advisory board of the Executive Women’s Forum in 2003 and 2004 and served as Conference Chair for the Mobile and Wireless Security conference for 2003, 2004, 2005 and 2010. She also Chaired the Identity Management Conferences in 2005 and 2006 and the Virtualization Summit in 2006.

Diana has been quoted in publications including NYTimes, TIME,, SCMagazine, Dark Reading,Information Security Magazine and The Wall Street Journal as a security expert. She has authored numerous White Papers and research documents, co-authored Cryptographic Libraries for Developers, published by Charles River Media, wrote the chapter on “PKI and Directories” for the book PKI: A Wiley Tech Brief and contributed articles to Information Security Magazine, ComputerWorld, eSecurity Planet, SC Magazine, CNET, The Journal of Network and System Management, Security Focus inFocus, Security Products Magazine, and was interviewed by WNBC on the topic of Internet security. She served on the Editorial Advisory Board for TechTarget’s Information Security Magazine in 2010 and has been a Faculty Advisor to IANS since 2009.

Ed Moyle, Partner

Ed is a 15+ year veteran of information security as well as an industry-recognized thought leader, advisor, writer, and manager. Ed is currently Senior Security Strategist with Savvis, providing strategy, consulting, and solutions to clients worldwide and a founding partner of SecurityCurve.

Prior to this, Ed was a Senior Manager within CTG’s global information security solutions practice, where he provided C-level guidance across a wide segment of industry, including healthcare, telecommunications, energy, and financial services. Ed was Vice President and Information Security Officer for Merrill Lynch Investment Managers (MLIM,) where he was responsible for coordinating all aspects of information security within the business unit. MLIM (now BlackRock Asset Management) consisted of approximately 2500 employees with over US $500 billion in assets under management. During his tenure at Merrill, Ed also developed firm-wide cryptographic solutions for secure data transfer, secure key management, authentication, and data integrity.

Before joining Merrill, Ed worked within the federal sector for Computer Science Corporation (CSC,) where he consulted to the Department of Defense JCALS (Joint Service Computer Aided Acquisition and Logistics System) program. Ed was responsible for security engineering activities, including platform security, security evaluation activities, and vendor evaluation/deployment activities (e.g. Symantec ESM, vFind, SSH, etc.) Ed was lead developer and manager of R&D at ICT (International Creative Technologies,) where he oversaw all development activities of CyberSignOn™, a biometric single-signon and secure data storage platform. Ed was responsible for all aspects of product design, product development, organization/staffing of all technical teams, and development of product technical strategy.

At Trintech Systems, Ed managed all security activities involving the PayWare™ mAccess product. Ed was responsible for analysis of industry security trends, planning/strategy for application security initiatives, information security governance activities (specifically, refinement of the application security review process,) and gathering of critical marketing/business intelligence. Ed is co-author of Cryptographic Libraries for Developers, and a frequent contributor to the Information Security industry as author, public speaker, and analyst.



%d bloggers like this: