Core Faculty Members

Thomas Rid is Professor of Strategic Studies and the Institute’s founding director. Rid is the author of the acclaimed Active Measures, a sweeping history of disinformation (Farrar, Straus and Giroux, 2020). His previous book, Rise of the Machines, (Norton, 2016), tells the story of how cybernetics, a late-1940s theory of machines, came to incite anarchy and war. His 2015 article “Attributing Cyber Attacks” was designed to explain, guide, and improve the identification of network breaches (Journal of Strategic Studies 2015). In 2013, he published Cyber War Will Not Take Place, now a classic. Thomas teaches Disinformation and Information Security.

Elly Rostoum is the Institute’s associate director, and an adjunct professor at SAIS. Elly is a former U.S. intelligence analyst, and National Security Council staffer at the White House. She is a Hans J. Morgenthau Fellow in U.S. Grand Strategy. Elly’s research examines American national security vulnerabilities of foreign direct investment, with a focus on foundational and emerging technologies in the AI, finance, biotech, and IoT sectors. Elly is an expert on CFIUS governance, and specializes regionally on China and the Middle East. Elly speaks 5 languages, and holds degrees from Bates College, Harvard University, and Stanford University. Elly teaches the National Security and Critical and Emerging Technology Practicum, and a course on Chinese foreign direct investment and US national security vulnerabilities.

Melissa K. Griffith is a Lecturer in Technology and National Security at SAIS, and a Non-Resident Research Fellow at the University of California, Berkeley’s Center for Long-Term Cybersecurity. She works at the intersection between technology and national security, specializing in cybersecurity, semiconductors, and 5G networks with a focus on national risk and resilience models. Melissa holds a Ph.D. and an M.A. in Political Science from the University of California, Berkeley, and a B.A. in International Relations from Agnes Scott College. Melissa teaches Cyber Operations.

Adjunct Faculty Members

John Hultquist leads the FireEye Mandiant Threat Intelligence analysis team. Prior to the acquisition of iSIGHT Partners by FireEye, John led iSIGHT’s cyber espionage practice and was responsible for creating the cyber espionage reporting line. He has over a decade of experience covering emerging threats in cyber espionage and hacktivism and working in senior intelligence analysis positions in the U.S. Before working in cyber security, he worked with information sharing and analysis centers and was involved in counterinsurgency operations in the U.S. Army. John teaches Global Cyber Threats.

Olga Belogolova is a policy manager for influence operations (IO) at Meta, where she coordinates the company’s IO disruptions effort. She has served as an investigator and analyst, identifying, tracking, and disrupting coordinated IO campaigns, and leading work on Russia and Central and Eastern Europe.  Olga previously worked as a journalist, reporting from Washington DC, Russia, Japan, and Jordan. Her work has appeared in The AtlanticNational JournalInside Defense, and The Globe and Mail, among others. Olga holds a Master’s degree in Strategic Studies from the Johns Hopkins School SAIS, and a Bachelor’s degree in Journalism and European Studies from Boston University. Olga teaches Influence Operations in the Digital Age.

Juan Andres Guerrero-Saade is the Sr Director of SentinelLabs, leading the research team at SentinelOne. Juan Andres’ expertise has advanced cyber threat intelligence and analysis methodology, including the discovery of multiple noteworthy threat actors and the development of tools to scale these investigations. Juan Andres’ research and leadership of threat intelligence teams, including at Google, Chronicle, and Kaspersky Lab, have focused on creative approaches to describe complex problems in threat intelligence. His work is the subject of two permanent exhibits at the International Spy Museum, including the “Cyber Infinity Room” and “Moonlight Maze.” He advocates for a global approach to threat intelligence research that emphasizes the benefit of hindsight and technological advancement often referred to as ‘Cyber Paleontology.‘ Juan teaches State Sponsored Operations.

Mary Julia Emanuel is a widely respected Industrial Control Systems Incident Response Analyst. She currently serves in the Threat Hunting subdivision of the Cybersecurity Division at the Cybersecurity and Infrastructure Security Agency (CISA). MJ holds a Master’s degree in Information Security Policy and Management from Carnegie Mellon University. MJ teaches Critical Infrastructure for Threat Intelligence.

Robert Lee is a recognized authority in the industrial cybersecurity community. He is CEO and co-founder of Dragos, a global technology leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments. Robert also serves on the Department of Energy’s Electricity Advisory Committee as the Vice Chair of the Energy’s Grid Resilience for National Security Subcommittee, and is a member of the World Economic Forum’s subcommittees on Cyber Resilience for the Oil & Gas and Electricity communities. Robert testified to the U.S. House of Representatives Committee on Energy and Commerce–Subcommittee on Oversight and Investigations, and to the U.S. Senate Energy and Natural Resources Committee, to advise on policy issues related to critical infrastructure cyber threats. He has also presented at the World Economic Forum Annual Meeting in Davos. Robert began his pioneering work in ICS/OT cybersecurity as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency, where he built a first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure. He went on to build the industrial community’s first dedicated monitoring and incident response class at the SANS Institute (ICS515) and the industry recognized cyber threat intelligence course (FOR578). 

Jason Kikta is a retired U.S. Marine Corps officer, who has served in leadership positions with the U.S. Cyber Command. Jason was previously the Deputy Director for Defensive Cyberspace Operations and later Chief of Private Sector Partnerships at the Cyber National Mission Force. He also served two tours in Afghanistan during Operation Enduring Freedom. Jason teaches Intelligence and Cyberspace.

Jeanette Manfra is the Global Director for Security and Compliance at Google. Previously, she served as the Assistant Director for Cybersecurity for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), where she led the Department of Homeland Security mission of protecting and strengthening the nation’s critical infrastructure from cyber threats. Jeanette was Assistant Secretary for the Office of Cybersecurity and Communications for the National Protection and Programs Directorate. Previously, she served as Acting Deputy Under Secretary for Cybersecurity and Director for Strategy, Policy, and Plans for NPPD. She also served as Senior Counselor for Cybersecurity to the Secretary of Homeland Security and Director for Critical Infrastructure Cybersecurity on the National Security Council staff at the White House. Before joining DHS, Jeanette served in the U.S. Army as a communications specialist and a Military Intelligence Officer. Jeanette teaches a course on the history and evolution of cyber policy.

Gavin Wilde is a senior fellow in at the Carnegie Endowment for International Peace. He previously served on the National Security Council as director for Russia, Baltic, and Caucasus affairs and served in senior analyst and leadership roles at the National Security Agency for over a decade, after several years as a linguist for the Federal Bureau of Investigation. He is a nonresident fellow at Defense Priorities and previously assessed geopolitical risk for multinational corporations as a managing consultant at Krebs Stamos Group, a cybersecurity advisory. Wilde holds a BA in Russian Studies from the University of Utah and graduated with distinction from the National War College with an MS in National Security Strategy. Gavin teaches Information Conflict and International Order.

Lee Foster Lee Foster is the senior vice president of Analysis at Alethea Group, where he leads the company’s team of expert analysts and data science innovation to detect and mitigate online influence operations. He holds Master’s degrees in political science and intelligence and international security and is currently pursuing a Master’s degree in data science. Lee previously worked at FireEye and, before that, in the field of political risk intelligence. Lee teaches Threat Intelligence for Information Operations.

Alex Orleans works at the leading edge of the most sophisticated cyber intrusions across both the public and private sectors. He brings a unique lens of identifying the intersection between traditional intelligence paradigms and modern cyberspace issues. Alex can often be heard proclaiming “Shape, not deter,” his approach to the future of cyber operations.

Ben Read is the director of Mandiant Intelligence’s cyber espionage analysis team. The team he leads tracks and reports on espionage groups from China, Russia, North Korea and many other countries. He was an analyst on the same team at iSIGHT Partners before it was acquired by FireEye in January 2016. Prior to iSIGHT, Mr. Read worked as a special assistant at the National Security Council’s European Affairs Directorate. While there, he supported the numerous presidential trips and meetings including the 2012 NATO Summit in Chicago.

Visiting Fellows

Richard Bach has spent over 30 years in the UK’s national security community in an extensive range of operational and technical roles, and in international relations. Since 2010 his focus has been on cyber security in both the public and private sectors.  Since leaving the public sector in 2016, Richard has co-founded, led and advised a number of tech/security startups. Currently he is a partner with Heligan Group, a UK investment bank which specializes in technology relating to national security, public safety, and the detection and prevention of crime. He is also chairman of a defense and security scaleup. Richard has an MSc in computer and network security.

Camille Francois’ work spans several aspects of cybersecurity, from developing industry-leading programs focused on protecting vulnerable users to detecting information operations. She was previously Chief Innovation Officer at Graphika, where she built and led a team dedicated to exposing and mitigating information operations across platforms. Prior to that, she served as a Principal Researcher at Google. She has advised governments and parliamentary committees on both sides of the Atlantic and investigated Russian interference in the 2016 U.S. presidential election on behalf of the U.S. Senate Select Intelligence Committee. Camille is working with Thomas on a larger project.

PhD Fellows

Sandra Joyce is an Alperovitch PhD Fellow. She is the Executive Vice President of Mandiant, where she oversees intelligence collection, research, analysis, and services for the Mandiant security product portfolio. She previously served in positions in intelligence research, product management, and business development over the course of over 24 years in both national security and commercial industries. As a Lieutenant Colonel in the U.S. Air Force Reserve, Sandra serves as a faculty member at the National Intelligence University.  She holds an MBA from MIT, and four additional master’s degrees in cyber-policy, international affairs, science and technology intelligence, and military operational art and science. Sandra speaks English, Spanish, and German.

Oskar Galeev is an Alperovitch PhD Fellow. His research is concerned with the proliferation of digital control tools in developing countries. Oskar speaks Russian, Chinese, French, and Tatar language. He has previously received a bachelor’s degree in International Studies from Leiden University and a master’s degree in China Studies from the Yenching Academy of Peking University. Prior to joining the Alperovitch Institute, Oskar worked in non-governmental organizations, in academia, and in the telecommunications sector, focusing on the cybergeography of emerging markets.

Simin Kargar is a PhD student under the supervision of Prof. Rid. Her research centers on the synergies between the public and private sectors on cybersecurity and counterintelligence. She studies the emergence of the threat intelligence industry, its contributions to strategic cyber defense, and the implications for national security. Kargar has a background in human rights and emerging technologies and is a Senior Non-resident Fellow at the Atlantic Council’s Digital Forensic Research Lab (DFRLab), where she focuses on information warfare in the Middle East and the policy responses that it calls for. Previously, Simin has worked with a variety of public and private stakeholders on the interrelations of cybersecurity and geopolitics in repressive environments.

Dan O’Keefe is a PhD student at Johns Hopkins School of Advanced International Studies. He is researching online disinformation activities.

Sarah Crawford is a PhD student at Johns Hopkins School of Advanced International Studies.