Rapid7 Public Policy

Consumers, businesses, and governments increasingly rely on interconnected and complex technologies. Enabling society to safely reap the benefits of this progress requires strong cybersecurity policies, practices, and awareness. To advance this cause, Rapid7 works with governments, companies, non-profits, and experts to shape policies, standards, and legislation that benefit consumers and defend responsible cybersecurity practitioners.

Rapid7’s public policy mission is part of our strong commitment to supporting the infosec community and advancing smart cybersecurity. Here are some examples of our cybersecurity policy work:

Our Recent Positions

Rapid7 statement on privacy and status of EU-US data transfers post-Schrems II
Summary Context: The Court of Justice of the European Union (CJEU) struck down the EU-US Privacy Shield (Privacy Shield) as a valid mechanism to comply with EU data protection requirements when transferring personal data from the EU to the US. The CJEU continues to view standard contractual clauses (SCCs)...
Raisa Litmanovich
Jul 29, 2020
Read More
Rapid7 joins CFAA brief to the Supreme Court
Rapid7 joined a brief to the US Supreme Court on the chilling effect of the overbroad Computer Fraud and Abuse Act (CFAA) on independent security research. The “friend of the court” brief in the Van Buren v. US case, led by the Electronic Frontier Foundation, was also joined by the Center for Democracy...
Harley Geiger
Jul 13, 2020
Read More
Cybersecurity Vulnerability Disclosure in Trade Agreements
Cybersecurity has now become a feature of modernized US trade agreements, with new cybersecurity provisions in the US-Mexico-Canada Agreement and the US-Japan Digital Trade Agreement. The United States has begun the process of negotiating several additional trade agreements - including with China (Phase...
Harley Geiger
Mar 24, 2020
Read More

Meet the Team

Harley Geiger
Harley Geiger
Director, Public Policy, Rapid7

Harley Geiger is Director of Public Policy at Rapid7, leading the company's policy engagement with a focus on cybersecurity, privacy, computer crime, exports, and digital trade issues. He collaborates extensively with technical experts, trade groups, security researchers, and government officials to achieve workable policy solutions that advance security and protect consumers. Harley serves on the Industry Trade Advisory Committee on Digital Economies (ITAC8) at the U.S. Dept. of Commerce, where he advises on trade policy issues related to the information security industry. Prior to working at Rapid7, Harley was Advocacy Director at the Center for Democracy & Technology (CDT) and Senior Legislative Counsel for U.S. Representative Zoe Lofgren of California. Harley is a licensed attorney, CIPP/US certified, has testified before the U.S. House and Senate, and regularly speaks at events on technology policy.

Jen Ellis
Jen Ellis
Vice President, Community and Public Affairs

Jen Ellis is the vice president of community and public affairs at Rapid7. Jen’s primary focus is on creating positive social change to advance security for all. She believes that it is critical to build productive collaboration between those in the security community and those operating outside it, and to this end, she works extensively with security researchers, technology providers, operators, and influencers, and various government entities to help them understand and address cybersecurity challenges. She believes effective collaboration is our only path forward to reducing cyber attacks and protecting consumers and businesses. She has testified before Congress and spoken at a number of security industry events including SXSW, RSA, Derbycon, Shmoocon, SOURCE, UNITED, and various BSides.

Deral Heiland
Deral Heiland
Principal Security Consultant

Deral Heiland CISSP, serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.

Tas Giakouminakis
Tas Giakouminakis
Co-Founder & Chief Technology Officer

Tas Giakouminakis leads Rapid7’s Office of the CTO, focusing on security research, data science and public policy initiatives to better the security community through open and collaborative engagement. As Rapid7's co-founder and CTO, Tas previously led the development and integration of Rapid7’s award-winning solutions, driving the technical direction to enable customers through quality, simplicity, and innovation. Prior to founding Rapid7, Tas helped form Percussion Software, where he led the development of Percussion's first product. He has also developed software in the security and risk areas for CitiCorp. Tas serves on the Information Systems Technical Advisory Committee (ISTAC) at the U.S. Dept. of Commerce, where he advises on export controls related to information security products.

Tod Beardsley
Tod Beardsley
Research Director, Rapid7

Tod Beardsley is the director of research at Rapid7. He has over 20 years of hands-on security experience, stretching from in-band telephony switching to modern IoT implementations. He has held IT Ops and IT Security positions in large organizations such as 3Com, Dell, and Westinghouse, as both an offensive and defensive practitioner. Today, Tod directs the myriad security research programs and initiatives at Rapid7. He can be uniquely identified at https://keybase.io/todb.