Dr. Sarah Lewis Cortes FIPCIPP/E (GDPR), CISSP, CIPT, CISM, CISA, CRISChas more than 20 years of global-scale technology experience in domains including information security, privacy, and data management. As a Privacy Engineer in Information Security at Netflix, she is responsible for implementing comprehensive privacy programs. She earned her degrees at Harvard University, studied Forensic Sciences at Boston University Medical School, and holds a PhD in Computer Science, Cybersecurity from Northeastern University, specializing in the darknet, anonymous network communications, privacy and privacy law as well as information security, topics on which she has published extensively.
She conducts training and research with the FBI, Interpol, the Alameda County Sheriff’s Office Digital Forensics Crime Lab, and other LEAs. Prior to undertaking her PhD, Sarah was Sr VP, Security, IT Audit/DR at Putnam Investments, a $1 trillion investment management firm. Before that, Sarah was Sr. VP, Data Center/Security Operations, BNY Mellon/American Express, a $1.6 trillion global investments company.
Sarah has published and lectured extensively on privacy, the darknet, and security, including LISA USENIX and other keynotes. She has implemented numerous computer applications. Together with Department Chair, Boston University School of Medicine, Biomedical Forensic Sciences Dept. and former Cellmark lab director Dr. Robin Cotton et al., Sarah designed and implemented NIST DNA Mixtures Online, with a grant from the US Department of Justice. DNA Mixtures was highlighted in the recent Executive Office of the President, President’s Council of Advisors on Science and Technology (PCAST), Report to the President: Forensic Science in Criminal Courts: Ensuring Scientific Validity of Feature-Comparison Methods.
As part of the NIST Privacy and Security Working Group from 2009-2016, she co-authored the NIST 7628, Smart Grid Security, Privacy Standards in 2010, and the 2014 revision. She conducts training and research with the FBI, Interpol, the Alameda County Sheriff’s Office Digital Forensics Crime Lab, and other LEAs. She has implemented and overseen major security and privacy programs and operations in regulated industries, achieving compliance in SOC2, SOX, PCI and GDPR, and other laws and regulation and IT control frameworks.