Counter Threat Unit Leadership

Barry Hensley, Executive Director - Counter Threat Unit

Col. (Ret.) Barry Hensley leads the Dell SecureWorks Counter Threat Unit (CTU) research team. Hensley has more than 26 years of experience in both information security and intelligence operations.

Before joining Dell SecureWorks, he served as the Director of the Army's Global Network Operations and Security Center. In that capacity, he was responsible for integrating key cyber functions spanning operations, intelligence, resource management and strategic planning across 1.2 million users. Col. (Ret.) Hensley was also the former Director of Operations of Joint Task Force-Global Network Operations (JTF-GNO). JTF-GNO directed the operations and defense of the U.S. Department of Defense Global Information Grid.

Ben Feinstein, Director - CTU Operations

Ben Feinstein is the Director of CTU Operations and Development. He first became professionally involved in information security in 2000, working on a DARPA/US Air Force contract while earning his Bachelor of Science in computer science degree at Harvey Mudd College.

Feinstein is author of RFC 4765 and RFC 4767, and possesses more than a decade of experience designing, implementing and operationalizing security-related information systems. Feinstein has presented his research at Black Hat USA, DEF CON, ToorCon, DeepSec, the U.S. Department of Defense Cyber Crime Conference, and many other events.

Kevin Houle - Director - CTU Threat Intelligence

Kevin Houle leads the Counter Threat Unit team focused on researching and delivering Threat Intelligence to Dell SecureWorks customers. He has been a leader in information technology and security research for more than 20 years. In the early 1990s, he helped launch one of the first commercial Internet Service Providers in the Midwestern U.S. and was a member of the Commercial Internet eXchange. In the late 1990s, he lead the Incident Handling team at the CERT Coordination Center, providing incident response services and threat intelligence information to the global Internet community.

In the 2000s, Houle founded and led CERT’s world-class Malicious Code research team focused on advancing the state of adversarial tradecraft analysis within the Defense, Intelligence, and Law Enforcement sectors of national governments on four continents. He has presented on a range of security topics at forums such as SANS, NANOG, APRICOT, AusCERT, GFIRST, Virus Bulletin, USENIX, FIRST, and RSA.

Don Smith - Technology Director

Don Smith is a leading information security expert who is technical lead for Dell’s EMEA information security practice.  His close ties with Dell SecureWorks’ Counter Threat Unit (CTU) give him unparalleled visibility into the threat landscape as well as effective countermeasures and protective security strategies.

Don has worked in the IT industry for 21 years and joined Dell SecureWorks in 2005. Don was instrumental in the construction of the identity management practice and the evolution of the Managed Security Services portfolio in EMEA. Prior to this, Don was responsible for security architecture and operations for a multi-billion enterprise and took a lead role in successfully integrating 14 acquisitions. Don serves as an evangelist for the Dell SecureWorks CTU in EMEA. He is a recognised subject-matter expert in the area of Identity and Access Management and advises Dell and Dell’s customers globally.

Don Jackson, CTU Senior Security Researcher

Don Jackson has been recognized as a subject matter expert on crime, espionage, and warfare in the cyber domain. He has more than 20 years of experience in information security, software development and IT, with a focus on protecting critical infrastructure and corporate assets from advanced threats. 

Areas of expertise include threat research, intelligence analysis, investigations, digital forensics, malware analysis, and reverse engineering.  His relationships with the security community, various working groups, and government and law enforcement agencies in several countries have enabled him to help bring many cybercriminals to justice. Jackson frequently serves as a media commentator and is regularly asked to share his opinion on CNN, Fox News, ABC and other major media outlets.

Joe Stewart, CTU Senior Security Researcher

Joe Stewart is a well-known security researcher and recognized as a leading malware analyst. He was the first to discover that SoBig was sending spam, the first to detect and document that the Myfip Trojan was stealing intellectual property, discovered and unraveled the Clampi Trojan, highlighted the clues in the Aurora code leading back to China, uncovered the interworkings of the Storm Worm, developed the Conficker Eye Chart, and other achievements.

Stewart is currently focused on Advanced Persistent Threat (APT) research, where he is tracking malware families and tracing them back to their sources.

Brett Stone-Gross, CTU Senior Security Researcher

Dr. Brett Stone-Gross has more than 10 years of experience in computer security. He specializes in malware analysis, reverse engineering, and attack attribution. He has collaborated with many leading security experts to disrupt large-scale cybercriminal operations, including botnets that were used for financial theft, click-fraud, spam and fake antivirus software. Stone-Gross has authored more than 10 publications presented at top computer security conferences, and his work has also appeared in many major news outlets.

Prior to joining Dell SecureWorks, he worked at Lastline, Citrix Online, and the Los Alamos National Laboratory. Brett earned a Bachelor of Science in computer engineering, a Master of Science in computer science, and a Ph.D. in computer science from the University of California, Santa Barbara.