Meet the information security experts…
The following information security professionals serve on our Ask the Experts panel:
Charles Cresson Wood, CISSP, CISA, CISM – Infosecurity Infrastructure IncorporatedCharles Cresson Wood is an author and independent information security consultant based in Mendocino, California. Mr. Wood has over 30 years of information security experience, and has consulted with over 120 organizations, many of them Fortune 500 companies, including a large number of financial institutions and high-tech companies. He has published over 375 technical articles and five books in the information security field, including Information Security Policies Made Easy and Information Security Roles and Responsibilities Made Easy.
Mr. Wood has been Senior North American Editor for the journals “Computers & Security” and “Computer Fraud & Security Bulletin”, as well as a monthly columnist for “Computer Security Alert”. In November 1996 he received the Lifetime Achievement Award from the Computer Security Institute for “sincere dedication to the computer security profession.”
Barry Fergus Jones, CISM, CISSP – Independent Information Security Consultant, Teacher and WriterBarry has over 27 years of experience with information technologies spanning a number of diverse areas, such as: Project management, SDLC Methodology, Standards, Policies and Procedures, QA, BPI, Integrated Problem, Change, Inventory and Configuration Management. Barry has been a principal contributor to the PolicyShield information security policy subscription service. For the last 12 years he has specialized in Information Protection, focusing on Awareness and Education, Policies and Procedures, Qualitative Risk Assessments, Security Architectures and Strategies, Business Continuity, Incident Response, Investigation and Forensics.
Barry has spoken to the CTAC/PERF National Conference on Technology and Policy, CIS’s Annual Conference, the IIA’s annual Information Technology Conference, Florida Telecommunications Association, and the Tampa Bay CIO Council. He is a long-time member of the Florida Association of Computer Crime Investigators (FACCI), and teaches digital forensics in an NSA-certified information security program. With a Master’s belt in Tang Soo Do, and belts in a number of other martial arts, he is also a long time martial arts teacher.
Scott Hayden, CISM, CISSP, CISM, CISA. Scott is an accomplished Information Security professional with over 25 years of practical experience. His specialties include security management, policy development, security assessments, governance, and awareness training. Scott has an extensive background as both a consultant with Fortune 500 companies and as a senior information security officer for Armco Inc. and Mellon Bank. He has done a variety of consulting, policy development and compliance assessment work for Solutionary, NetIQ/Attachmate, and Ernst & Young LLP. At NetIQ/Attachmate, Scott was the lead content specialist for the VigilEnt Policy Center (VPC). Scott is a Certified Information Systems Security Professional (CISSP), a Certified Information Security Manager (CISM) and a Certified Information Systems Auditor (CISA).
Scott has extensive knowledge of regulations and frameworks pertaining to information technology across industry verticals including CobiT, FDIC IT-RMP, FFIEC, GLBA, HIPAA, ISO 27001, NCUA, NIST 800-53, PCI-DSS and many others. In addition to his direct work experience, Scott has contributed to the professional certification of thousands of other practitioners as a member of the CISSP exam committee of the International Information Systems Security Certification Consortium, Inc., (ISC). He has administered CISSP exams to thousands of professionals, has chaired the Exam Administration Committee and is currently a member of the Product Development Committee. For his efforts Scott received the (ISC)2 President’s award in 2003 and 2004,and was honored with a Founders Award during the 20th anniversary celebration in 2009.
Stephen Northcutt – SANS InstituteStephen currently serves as Director of Training and Certification for the SANS Institute.
Stephen is a graduate of Mary Washington College. Before entering the field of computer security, he worked as a Navy helicopter search and rescue crewman, white water raft guide, chef, martial arts instructor, cartographer, and network designer.
Stephen is author/coauthor of Incident Handling Step-by-Step, Intrusion Signatures and Analysis, Inside Network Perimeter Security, SANS Security Essentials and Network Intrusion Detection 3rd edition. He was the original author of the Shadow Intrusion Detection system before accepting the position of Chief for Information Warfare at the Ballistic Missile Defense Organization.
Ben Rothke, CISSP, CISMBen Rothke is a New York City based security consultant with BT INS and has over 15 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, PKI, security and privacy regulatory issues, design & implementation of systems security, encryption, cryptography and security policy development. Prior to joining BT INS, Ben was with AXA, Baltimore Technologies, Ernst & Young, and Citicorp, and has provided security solutions to many Fortune 500 companies.
Ben is the author of Computer Security – 20 Things Every Employee Should Know (McGraw-Hill, 2006), and a contributing author to Network Security: The Complete Reference (Osborne) and The Handbook of Information Security Management (Auerbach). He writes a monthly security book review for Security Management and is a former columnist for Information Security, Unix Review and Solutions Integrator magazines.
Ben is also a frequent speaker at industry conferences, such as CSI, RSA, MISTI, NetSec and ISACA and is a Certified Information Systems Security Professional (CISSP) & Certified Information Security Manager (CISM), and a member of HTCIA, ISSA, ISACA, ASIS, CSI and InfraGard.
David J. Lineman – Information Shield, Inc.David Lineman is president and CEO of Information Shield, Inc. a global provider of information security leading practices. He has 25 years of software, security and information technology management experience, and holds 3 patents on software technology. David has consulting on information security policy development for over 50 organizations.
He is author of Information Protection Made Easy – A Guide for Employees and Contractors, and has written on technology and security issues for diverse publications such as SC Magazine, Windows Security, CRM Magazine, Houston Business Journal, Dell Solutions Magazine, Software Management News, and Harts Oil & Gas Journal. He has also spoken about information security topics on KHOU TV in Houston. Mr. Lineman has both a Masters and Bachelor of Science from the Massachusetts Institute of Technology.