Neal O’Farrell is widely regarded as one of the longest-serving security and privacy experts, 37 years and counting, and learned early on the value of trust in building a security reputation.
In the late 1980s, while still in his twenties, Neal was awarded the first contract to encrypt Ireland's joint banks national ATM network. That was the same year he helped develop an alternative to the Irish government's aging secure telephone system, and later to an invitation from the Irish Department of Defense to develop a European rival for the NSA's STU 3 ultra secure telephone terminal.
That led to a direct conflict with the NSA, an experience chronicled in his upcoming book The Man from Intrepid.
Neal first became interested in the potential role of ethics in security when he was the only security expert invited to advise the Congressionally-mandated Stock Act panel in 2013 (an amendment to the Ethics in Government Act) empanelled to study the security and privacy implications of greater financial transparency by members of Congress and senior federal employees.
As part of that study, over a period of six months Neal participated in in-depth interviews on national security, privacy, and ethics issues with nearly sixty organizations including the Department of Defense, Department of Homeland Security, Department of Justice, the Office of National Counterintelligence, Office of the White House General Counsel, SEC, FTC, FBI and nearly twenty other executive branch agencies.
Neal is credited with developing the first Data Ethics Workplace Code of Conduct, as well as the first employee data ethics training program. He currently serves as Data Ethics Advocate for a growing number of organizations, promotes the teaching of data ethics at the university and high school level, and is helping to develop data ethics guidelines for the NIST/DHS Smart and Secure Cities and Communities initiative.
Neal is passionate about the importance of educating users to defeat cyber threats, and in 1988 co-hosted with IBM one of Europe's first network security conferences. In 2000 he was appointed the first ever Director of Education for a security company (Zone Labs, now Check Point).
Shortly after that he started building employee security awareness courses, for firms like bebe Stores and Cost Plus World Market, and went on to co-found the Center for Information Security Awareness, a partnership with FBI/InfraGard to provide free employee security awareness training for individuals and small businesses. Neal created the entire course, test, and certification, and that course has since been accessed by thousands of organizations.
In 2001 Neal wrote a series of articles for SearchSecurity.com urging a greater focus on "the human perimeter" as a defense against all kinds of cyber threats. His article "Security Training: A Call To Arms," was selected by SearchSecurity.com as one of the Top 10 Executive Briefings.
That same year, Neal was invited to Chair the first "Cybercrime on Wall Street" conference hosted by the Institute for International Research (IIR). In 2002 he launched Hacademia, a partnership with security publisher Syngress (now part of Elsevier) to turn their collection of Hack Proofing guides into online security training courses. Hackademia is now part of the University of Washington. Neal served as Technical Editor for one of the first in the Hack Proofing series, "Hack Proofing Your Wireless Network."
In 2002 Neal launched the nation’s very first Cyber Secure City, a unique experiment to raise the security awareness of an entire city – residents, businesses, schools, even the Mayor and city council. The program slogan was "Think Security First!", a mantra that is even more important more than 15 years later. Partners in the yearlong initiative included Microsoft, Cisco, McAfee, and AT&T, and received the endorsement of the US Chamber of Commerce, the Department of Homeland Security, and the International Information Systems Security Certification Consortium, Inc. (ISC)².
Neal was also a member of the advisory board of the nation's first Cybersecurity Apprenticeship Program, launched in California in 2016, and is currently a member of the OC3 Education and Workforce Subcommittee, an initiative of the Ohio National Guard, as well as the National Initiative for Cybersecurity Education (a part of NIST) K12 subcommittee.
His most ambitious program so far is Foster Warriors, and a plan to help foster youth and young adults pursue studies and careers in cybersecurity.
Identity Theft Expert
In 2003 Neal was the first expert to train an entire police department in identity theft awareness. He went on to lead the Identity Theft Council, an award-winning non-profit that has assisted thousands of victims of identity theft. Through his work with the Council, Neal has helped set new standards in the way victims of identity theft are treated and supported, and in how law enforcement is trained.
He has worked with hundreds of police departments, Neighborhood Watch groups and community action organizations. He also takes on complex cases referred to him by the FBI and U.S. Secret Service. In 2011 the Council was honored with the 2011 Editors Choice Award from SC Magazine, one of the cyber security industry's most prestigious awards. Previous winners include the NSA.
His book on identity theft has been used by three of the top five U.S. banks to educate their customers on identity theft prevention. Neal is also the Executive Producer of the documentary series In the Company of Thieves that goes inside the world of professional identity thieves, and has appeared on the Discovery Channel's Investigation Discovery series.
Neal is a member of the Online Trust Alliance IoT working group, and in 2015 he was honored as the first ever recipient of the Eigen Award, presented by the International Association of Certified Fraud Examiners at the headquarters of Wells Fargo Bank in San Francisco.
Neal has acted as advisor to numerous security firms including ZoneAlarm (now Check Point), Surf Control (now Websense), Ntru Cryptosystems, Securify, and SiteLock, and identity protection firms like PrivacyMatters, EZ Shield, IdentityGuard, and Credit Sesame. He was an advisor to blockchain startup Civic, one of the first startups to complete a successful Initial Coin Offering (ICO), and is currently an advisor to Adaptable Security, biometrics startup Taliware, and a Fellow of the EP3 Foundation.
Speaker and Trainer
Neal has taught security to numerous audiences including Facebook, Morgan Stanley Smith Barney, Ameriprise, Merrill Lynch, Stifel Nicolaus, US Bank, US Trust, BKR International, the Credit Union National Association (CUNA), and the National Association of Secretaries of State, as well as the Association of Certified Fraud Examiners, the High Tech Crimes Investigators Association (HTCIA), the California Financial Crimes Investigators Association (CFCIA), the California High Technology Crime Advisory Committee (HTCAC), and the International Association of Financial Crimes Investigators.
He has authored more than a thousand blogs and articles on security and privacy and has been quoted in numerous publications around the world including the New York Times, Forbes, Inc., the Wall St. Journal, the Huffington Post, CNN Money, BusinessWeek, USA Today, SmartMoney, CNET, Information Week, the National Law Journal, Today.com, NBC, CBS, CNBC, Fox Business, and the South China Morning Post.
A Deep Background in Security
In the 1980s, at the birth of the cybersecurity industry, Neal was helping governments, banks, and intelligence agencies protect their most sensitive communications. In the mid-1980s, after a phone tapping scandal, he developed a telephone privacy system for the Irish government, and later went on to work with Nokia to incorporate privacy and security into their first generation of cell phones.
In 1988 Neal won the first contract to encrypt Ireland’s entire national ATM network, the same year he installed the first two-factor authentication system in an Irish bank. He also co-hosted with IBM one of Europe’s first network security conferences.
In 1989 he started the Intrepid project, a government supported program to develop a European rival for the NSA’s Secure Telephone System (STU3), considered the world’s most secure, secure telephone system. The result of the project was the launch of Milcode, widely considered the most secure secure telephone of its time. That project brought Neal into direct conflict with the NSA and that story is chronicled in his upcoming book The Man from Intrepid.
Neal also developed Faxcode, the world’s first fully encrypting fax machine, and resulted in his selection as the first Irish entrepreneur to be invited to participate in the Export to Japan study program hosted by the Japanese government.
Neal later went on to work with a number of British defense companies to develop a new generation of telephone privacy and encryption systems, and was the first Irishman invited to visit GCHQ, Britain’s ultra secretive spy center. He also worked with Britain’s largest bank to develop the first generation of voice verification biometrics for the bank’s telephone banking system.
Helen Szterenfeld, Conference and Marketing Manager, BKR International.
"Your messages on cyber security were excellent (and scary) and truly aligned with the needs of the audience. Moreover, your energetic presentation style was infectious. Thanks again for presenting such an enjoyable session."
Debbie Warner, Vice President, Education & Career Services, IMA (Institute of Management Accountants)
“Bottom line? Neal O’Farrell knows what he’s talking about."
Brett "GOllumfun" Johnson, co-founder of the Shadowcrew carder forum and former US Most Wanted Cybercriminal