Biography

Short Form

Sarah Cortes, MS, PMP, CISA

Sarah Cortes http://wiki.sarahcortes.is is a senior technologist with extensive experience in information security and cyberstalking. She has helped draft data breach laws, and testified before the Massachusetts legislature and regulatory agencies on numerous occasions regarding data privacy and security. She is a member of the US National Institute of Standards and Technology (NIST) cybersecurity working group (CSWG) on Smart Grid privacy, and a co-author of the NIST publications on legal and technical aspects of Smart Grid Technology Security and Privacy. Sarah was formerly SVP of Information Security for Putnam Investments, a subsidiary of Marsh & McLennan. In this capacity, she oversaw Putnam’s recovery on 9/11 when parent company Marsh McLennan’s World Trade Center 99th floor data center was destroyed. She currently consults for Fortune 500 clients. Sarah works with cyberstalking and electronic surveillance cases and targets in Cambridge, MA, and throughout the US. She is a member of the Board of Directors of Emerge, the first Abuser Intervention Program (BIP), and Employers Against Domestic Violence (EADV).

Longer Form

Sarah Cortes, MS, PMP, CISA

Sarah Cortes http://wiki.sarahcortes.is is President of Inman Technology. She earned her undergraduate degree at Harvard University, and holds an M.S. from Boston University, in Computer Science, Information Security. She is a Doctoral student in the Information Assurance PhD program at Northeastern University’s College of Computing and Information Science. As a Senior Vice President for Security, IT Audit and Disaster Recovery at Putnam Investments, a major global asset management firm and subsidiary of Marsh & McLennan, Sarah oversaw Putnam’s recovery on 9/11 when Marsh & McLennan’s World Trade Center 99th floor data center was destroyed. She also supervised over 65 IT audits per year in that capacity.

A former analyst for the US Department of Energy, she led the National Institute for Science and Technology (NIST) Cybersecurity Working Group sub-team, as co-author of the 2014 NIST: Guidelines for Smart Grid Cyber Security: Vol. 2, Privacy and the Smart Grid, as well as the 2010 volume, that created the security and privacy laws section of the report. She served on the privacy use cases team for two years and has been a member of the NIST cybersecurity working group (CSWG) on Smart Grid privacy for five years. She has recently co-led Northeastern University Law School Legal Skills in Social Context (LSSC) Clinics on Surveillance Law, Privacy Tools, and Tor and Domestic Surveillance, Domestic Terrorism and Privacy and Anonymity Technology, as well as a 2014 MIT Co-Design Studio class at MIT Media Lab on Domestic Surveillance, Domestic Terrorism, Privacy and Anonymity Technology and Tor. She has helped draft data breach laws, and testified before the Massachusetts legislature.

She was on the team that won the first prize a the 2013 World Bank Hack-a-Thon in Washington DC, for developing an application, www.fuerza.is, to help fight cyberstalking, domestic violence and abuse through technology.

Sarah serves on the Boards of Transition House, one of the first domestic abuse shelters, Emerge, the first Abuser Intervention Program (BIP), and Employers Against Domestic Violence (EADV). She works with individuals and organizations to help protect privacy end abuse through technology, surveillance, or any other means.

Sarah is the co-author of an industry leading technical treatise, with Paul Syverson, Aaron Jaggard, Aaron Johnson (US Naval Research Laboratory, Washington, DC) and Joan Feigenbaum (Yale University), entitled “20,000 in League Under the Sea, Anonymous Communication, Trust, MLATs, and Undersea Cables,” Proceedings on Privacy Enhancing Technologies (PETS-15th International Symposium). Volume 1, Issue 1, Pages 4–24, ISSN (Online) 2299-0984, DOI: 10.1515/popets-2015-0002, April 2015. She is also the author of an industry leading legal treatise, “Legalizing Domestic Surveillance: The Role of Mutual Legal Assistance Treaties in Deanonymizing TorBrowser Technology,” To appear in the Richmond Journal of Law and Technology (JOLT), 22 Rich. J.L. & Tech. 1 (2015) (forthcoming). She has presented research at numerous conferences, including PETS, the Privacy Enhancing Technology Symposium at the Royal Tropen Institute in Amsterdam, in July 2014, and at USENIX FOCI, Advanced Computing Systems Association, in Washington DC, in 2013.

Curriculum Vitae