.jpg)
Simin Kargar and Ziauddin Sherkar have been selected to present original research at the 2026 RSA Security Conference in San Francisco.
The RSAC 2026 Conference brings together global cybersecurity professionals to tackle agentic AI–driven threats, cloud and SaaS compromise, and non‑human identity risks. Attending gives Simin and Ziauddin direct exposure to cutting‑edge practices, real‑world case studies, and networking with leading practitioners shaping the future of cyber policy and operations.
Simin Kargar
SAIS PhD Candidate
Simin Kargar is a cyber threat intelligence researcher and cybersecurity policy analyst focused on technology, digital harms, and public private cooperation. She is a PhD candidate in Strategic Studies at Johns Hopkins SAIS and a Senior Non resident Fellow at the Atlantic Council’s Digital Forensic Research Lab, where she examines how governments, industry, and civil society share information, attribute complex cyber operations, and build joint cyber defenses. Simin will be presenting a poster on her doctoral research focused on how the United States has responded to state-backed cyber operations from Russia, China, Iran, and North Korea. Since the early 2010s, Washington has set itself apart by deploying a broad and visible toolkit of statecraft—criminal indictments, sanctions, diplomatic actions, asset seizures, and technical disclosures—to impose costs on its adversaries and signal red lines in cyberspace. Indictments, in particular, remain a centerpiece. But their evolution tells a larger story: U.S. cyber strategy depends on a public-private partnership unlike any other in national security.
Ziauddin Sherkar
SAIS MAIR Candidate
Ziauddin Sherkar is an attorney and graduate student at the Johns Hopkins School of Advanced International Studies whose work sits at the intersection of advanced compute systems and artificial intelligence, informed by a professional background in law. At SAIS, he serves as a Research Assistant on technology and national security, supporting projects on the strategic evolution of the global semiconductor landscape, including mapping China’s semiconductor ecosystem and tracing the history of U.S. semiconductor policy. He has also served as a teaching assistant for International Economics and World Order and Disorder, and is a Frédéric Bastiat Fellow at the Mercatus Center, where he studies how emerging technologies reshape governance through the lens of the Austrian, Virginia, and Bloomington schools of political economy.
At RSA Conference, Ziauddin will present research examining the structural vulnerability frontier AI systems face from distillation-based model extraction. His work analyzes how the probabilistic outputs that enable high-performance machine learning services, such as confidence scores and soft labels, simultaneously expand the attack surface for adversaries who can convert inference access into competitive student models without access to model weights. The research explores how repeated querying and training can transfer foundational capabilities from frontier models at marginal cost, creating a strategic asymmetry between model providers and adversaries. Using Kepler, an interactive distillation attack simulator, the project evaluates real-world extraction dynamics and examines deterrence-oriented countermeasures, including adaptive output perturbations and distillation-surviving watermark signals designed to degrade unauthorized student models while preserving frontier model performance.
I first encountered the RSA (Rivest-Shamir-Adleman) cryptosystem while studying it in depth in Professor Thomas Rid’s Digital Counterintelligence class at SAIS. Around the same time, I happened to see the call for applications to represent SAIS at the RSA Conference. As I read more about the conference and its role in shaping conversations in cybersecurity, it immediately struck me as something of a mecca for people deeply interested in cyber and emerging technology. Given my growing interest in the intersection of AI, compute systems, and security, applying felt like a natural step.
My poster grew out of a highly technical class paper in which I examined model extraction through distillation techniques. Interestingly, I had begun exploring this topic before the most recent public revelations about large-scale distillation attacks came to light. That timing has made the research particularly relevant, and I hope to contribute a perspective on how frontier AI labs and MLaaS providers might recalibrate their response frameworks to address this emerging class of threats.
I am particularly excited about the opportunity to meet and learn from some of the leading practitioners in cybersecurity. I am especially interested in conversations with professionals working on intelligence, security, and red-team functions within frontier AI labs. At the same time, I am looking forward to interacting with the other Security Scholars and building relationships with a cohort of young professionals working across different layers of the compute and security stack. Conferences like RSAC are rare spaces where those worlds come together.
If you come from a non-technical background like I did, the most important step is to actively build technical fluency. SAIS has excellent technology-focused courses and faculty who work directly at the intersection of policy, security, and emerging technology, and students should take full advantage of that ecosystem. It is also important to experiment with independent projects, whether that means building small tools to study real-world vulnerabilities or analyzing technical papers. For instance, for this technical class paper, I coded an attack simulator to simplify the distillation attack pipeline. Finally, do not abandon your original discipline; the most interesting work in cybersecurity often comes from combining technical knowledge with perspectives from law, economics, or international relations.
RSA Conference Q&A with Ziauddin.
Victoria Whitaker, Nicole Timofeevski, Melissa Santa Ana, and Elizabeth Coppes have been chosen to represent SAIS at the 2026 Women in CyberSecurity (WiCyS) Conference.
The annual Women in CyberSecurity (WiCyS) Conference is the premier event to recruit, retain and advance women in cybersecurity, bringing together women from academia, research, government and industry.
Nicole Timofeevski
SAIS MAIR Candidate
Nicole Timofeevski is a multilingual humanitarian and technology policy specialist working at the intersection of cyber resilience, AI, and human rights. She currently works as a research assistant supporting Dr. Melissa K. Griffith's projects exploring national security and technology policy implications around AI and telecommunications. She also serves as a member of the Global Perspectives on AI‑NC3 Dynamics Working Group at the Institute for Security and Technology, contributing expert analysis on how AI is being integrated into nuclear command, control, and communications systems in nuclear-armed states.
Nicole is pursuing an M.A. in International Relations (Technology and Intelligence) at Johns Hopkins SAIS, where she serves on the Executive Board of the SAIS Technology Club. She is the acting President of the Internet Law and Policy Foundry, a global collaborative of early-career Internet law and policy professionals passionate about technology and disruptive innovation. Most recently, Nicole managed cybersecurity capacity-building and defense projects in Costa Rica and Ukraine while at CRDF Global, in partnership with the U.S. Department of State. A UC Berkeley alumna and California native, she brings a wealth of knowledge in cyber, privacy, digital inclusion, and disinformation, with a focus on Latin America, Europe, and Russia. When not working, Nicole spends most of her free time caring for animals and exploring nature.
Melissa Santa Ana
SAIS MIPP Candidate
Melissa S. is a strategic leader at the intersection of cybersecurity, federal service, and international affairs. She serves as an IT Specialist at the Cybersecurity and Infrastructure Security Agency (CISA), where she currently leads strategy, driving long term technology strategies, large scale implementation plans, and cross functional initiatives that enhance operational efficiency and strengthen cybersecurity across federal systems.
Alongside her role at CISA, Melissa is pursuing a Master of Arts in International Public Policy at Johns Hopkins SAIS, building on her background in history and government from the University of Virginia. Previously, she worked as a Senior Consultant at Guidehouse supporting Department of Homeland Security clients with strategic planning, tool development, dashboarding, and cybersecurity focused solutions. She holds both the Project Management Professional (PMP) and Balanced Scorecard Professional certifications, reflecting her depth in project management, performance management, and data driven strategy.
Victoria Whitaker
SAIS MIPP Candidate
Victoria Whitaker is a defense and intelligence professional transitioning from elite Marine Corps service into graduate study at Johns Hopkins SAIS. She previously worked as a Target Digital Network Analyst at Marine Forces Special Operations Command (MARSOC), providing tailored discovery and analytic support and recommending improvements to data processing, standard operating procedures, and training pipelines. Earlier, as a Cryptologic Linguist in the United States Marine Corps, she led SIGINT collection and analysis teams in crisis response and battalion level operations and served as a Marine Corps Martial Arts Program instructor. Victoria is pursuing a master’s degree at Johns Hopkins School of Advanced International Studies, where she is active in Military Affiliated Students of SAIS, the Defense and Intelligence Club, Women in Cybersecurity, and volunteers with CYBERWARCON. She holds a Bachelor of Arts in Political Science and Government from the University of Minnesota and brings strong analytical and research skills to challenges at the intersection of national security, cyber operations, and policy.
Elizabeth Coppes
SAIS MASCI Candidate
Elizabeth C. is a master’s student at Johns Hopkins SAIS concentrating in Strategy, Cybersecurity, and Intelligence. She brings a strong foundation in politics and Russian language from the University of Vermont, where she double majored in Russian and Political Science and later deepened her language skills through Middlebury’s Russian Summer Immersion Program.
Before SAIS, Elizabeth worked as a Field Organizer for the New Hampshire Democratic Party and as a Legal Assistant at a Burlington law firm focused on estate, probate, and litigation, gaining hands on experience in campaigns, constituent engagement, and legal processes. She has also served as a legislative intern in the Vermont House of Representatives, drafting notes, press releases, and research briefs, and supported language learning as a teaching assistant and private Russian tutor. Across these roles, she has developed a blend of political, research, and writing skills that she now applies to questions at the intersection of international relations and cybersecurity.
I joined WiCyS in 2024/2025 as a mentor, which was a super rewarding experience to grow with young leaders looking to pivot into cybersecurity roles. I've always wanted to attend the WiCyS conference and I'm so grateful that SAIS gave me an opportunity to attend and participate this year!
As someone who has often found herself the only woman and the only non-technical person in spaces where cybersecurity strategy or policy is discussed, I am eager to continue breaking into male-dominated spaces and representing my perspectives with confidence and competence.
This is my first time attending WiCyS, and I am excited to join a community of professionals who have found their way into cyber and tech policy through nontraditional pathways. As a career pivoter, it can be intimidating to navigate professional spaces historically dominated by men without grappling with imposter syndrome. That’s why I am grateful to join this incredible network that is committed to facilitating thought leadership, fostering connections, and mentoring the next generation of cyber professionals.
The best advice I’ve heard for (non-technical) students interested in cybersecurity is:
-
Find what subcategory of cybersecurity interests you the most (i.e. red teaming, cloud security, threat intelligence), and what lines up best with the transferrable skills you already have.
-
Do some independent projects on the side to supplement your education and/or certificates. A portfolio that demonstrates knowledge and competence is important.
-
Get to know people, learn about their experiences. Go to cybersecurity conferences like this one!
-
WiCyS Conference Q&A with Melissa, Elizabeth, and Nicole.
