This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Contact Us   |   Print Page   |   Sign In   |   Join Now
Journal Authors 2015
Our Authors


2015 Article of the Year: "Troubling Trends of Espionage"
Ken Dunham

Read the article here.


Randy V. Sabett
Senior Member, Northern Virginia Chapter

Sabett’s Brief; The Cyberbuck Stops Here! What Every Board Member Should Know about His or Her Cybersecurity Fiduciary Duties

Randy V. Sabett, J.D., CISSP, is Special Counsel at Cooley LLP and a member of the Boards of Directors of ISSA NOVA and the Georgetown Cybersecurity Law Institute. He was named the ISSA Professional of the Year for 2013.

Branden R. Williams
Distinguished Fellow, North Texas Chapter

Herding Cats

Branden R. Williams, DBA, CISSP, CISM, is the CTO, Cyber Security Solutions at First Data, a seasoned security executive, and regularly assists top global firms with their information security and technology initiatives.

Geordie Stewart
UK Chapter

Security Awareness

Geordie Stewart, MSc, CISSP, is the Principle Security Consultant at Risk Intelligence and is a regular speaker and writer on the topic of security awareness.

Russ McRee
Senior Member, Puget Sound (Seattle) Chapter


Russ McRee manages the Threat Intelligence and Engineering team for Microsoft’s Online Services Security and Compliance organization. He serves in the Washington State Guard as the Cybersecurity Advisor to the Washington Military Department.

Ken Dunham
Distinguished Fellow, Boise Chapter

Risk Radar; Troubling Trends of Espionage

Ken Dunham, MTE, CISSP, GCFA Gold, GREM Gold, GSEC, GCIH Gold, GSEC, GCIA, has two decades of security experience, currently working for iSIGHT Partners.

Donn Parker
Distinguished Fellow, Silicon Valley Chapter

Donn's Corner

Donn Parker, CISSP, retired, Distinguished Fellow, and information security pioneer.

Luther Martin
Silicon Valley Chapter

Crypto Corner; Important Yet Overlooked Parts of Information Security; Fundamentals of Privacy

Luther Martin is the Vice President, Security at Magic Cube, Inc.

David Willson
Colorado Springs Chapter

Hacking Back in Self Defense: The Methodology of Active Defense

David Willson, CISSP, Security+, a retired US Army JAG officer, is a licensed attorney in New York, Connecticut, and Colorado and focuses on risk management, cybersecurity, reputation protection, and the law.

David Navetta

Sharing Cyber Threat Information: A Legal Perspective

David Navetta, Esq., CIPP/US, is the US co-chair of Norton Rose Fulbright’s Data Protection, Privacy, and Access to Information practice group. David focuses on technology, privacy, information security and intellectual property law.

Utsav Mathur

Sharing Cyber Threat Information: A Legal Perspective

Utsav Mathur, Esq., is an associate in Norton Rose Fulbright’s Data Protection, Privacy, and Access to Information practice group. He serves clients in the banking, retail, energy and shipping industries.

Richard Abbott

Takedown Denied: Unorthodox Tactics in Response to the iCloud Hack; Free/Open Source Forensics Tools

Richard Abbott is an attorney and IT consultant out of Vancouver, Canada. He teaches at the British Columbia Institute of Technology and co-chairs the American Bar Association’s information security committee.

Kyle Bubp
East Tennessee Chapter

Malware and How to Deal with It

Kyle Bubp has over ten years of experience ranging from Windows and Linux systems engineer, network administrator, and security analyst. He has worked for the US DoD, Justice, Energy, and a Berkshire Hathaway subsidiary.

Rhonda Farrell
Fellow, Northern Virginia Chapter

M-A-L-W-A-R-E Model – How to Propagate Success!

Rhonda Farrell, J.D., CISSP, CSSLP, is an associate at Booz Allen Hamilton and a member of the Board of Directors at ISSA International and Northern Virginia Chapter. She also holds an officer position within IEEE and ASQ.

Eve Maler

User-Managed Access: A New Privacy Tool for the IoT Economy

Eve Maler is VP of Innovation & Emerging Technology in ForgeRock, a renowned strategist, innovator, and communicator on digital identity, access, security, and privacy.

Angella Carlisle
Senior Member, Central Alabama Chapter

Privacy and Security: Finding Balance

Angella Carlisle, CISSP, CRISC, has been an information security practitioner for almost 17 years. She has worked extensively in the healthcare space.

Michele Myauo
Northern Virginia Chapter

Get Current & Stay Current with Cybersecurity Trends

Michele Myauo, MS, LSSBB, is a Director of Cybersecurity for Microsoft’s US National Practice. At The George Washington University Michele is a Professor of Engineering Management and Systems Engineering and PhD candidate.

Marcelo Carvalho
Brasil Chapter

Ethics and Privacy: Corporate Ethics Challenges

Marcelo Carvalho, CISSP, CISA, CRISC, has 15 years of information security experience is currently an IS auditor for information assurance security and a IT/IS professor at various universities.

John Ivie

Crypto Corner: Goodbye to Suite B?

John Ivie is a Staff QA Automation Engineer at HP Security Voltage.

John Gray

Panning for a Career in the Department of Defense Cybersecurity Workforce

John Gray, CISSP-ISSEP, PMP, is an information systems security analyst with over 15 years experience in information security and IT. He is employed by the Department of Defense.

Yuri Diogenes
Fort Worth

Information Security Career Path

Yuri Diogenes, MS, CISSP, works for Microsoft as Senior Content Developer for the Enterprise Mobility Team. He is co-author of Windows Server 2012 Security, Forefront TMG Administrator’s Companion, and a Security+ book (in Portuguese).

Ashley Schwartau
Middle Tennessee

My Unexpected Infosec Career Path

Ashley Schwartau is the Creative Director at The Security Awareness Company and has worked in this industry pretty much her entire life. She’s the creator of the 2008 documentary, Hackers Are People Too.

Dan Lohrmann

Career Advice from Top Infosec Professional Leaders

Dan Lohrmann is the Chief Security Officer and Chief Strategist for Security Mentor. While serving in Michigan government, he was named SC Magazine CSO of the Year and Computerworld Magazine Premier 100 IT Leader.

Harrison Bryan

Defensive Use of Social Media

Harrison Bryan is a college student pursuing a BS in Information Technology through Arizona State University Online. He is an active researcher in the field of information security.

Robert Martin
Senior Member, Raleigh

Return on Investment of a Globally Recognized IT Security Certification

Robert Martin, CISSP, has over twelve years of experience in information security specializing in risk management, regulatory compliance, security solutions architecture, security audits, vulnerability assessments, and penetration testing.

Jason L. Stradley
Chicago Chapter

US Healthcare Transformation: Security and Privacy Challenges

Jason Stradley is a security executive and thought leader in the information security sphere. With over 25 years experience, he has assisted many Fortune 500 companies in multiple industries. Jason is currently the Director of Information Security for bswift, a provider of software and services for HR/benefits administration.

Amy Vosters

Important Yet Overlooked Parts of Information Security; Fundamentals of Privacy

Amy Vosters is the Marketing Manager at SOASTA Inc., a SaaS company based in Mountain View, CA, that specializes in mobile- and web-performance test automation and real user monitoring solutions.

Radoslaw Dalewski
Senior Member, Poland Chapter

Secure Software-Defined Networks

Radoslaw Dalewski, CISSP, CSSLP, is an information security consultant at Atos. For more than 15 years he has been involved in various security projects both for processes and infrastructure related..

Gary D. Long
Senior Member, Kansas City Chapter

Navigating and Interpreting the NIST Cybersecurity Framework

Gary D. Long, CISA, CISSP, is an information security professional with over 20 years of combined US and global experience working in the public and private sector in information security consulting, sales, and management.

Ken Munro

Power to the Password

Ken Munro is senior partner and founder of Pen Test Partners LLP, a firm of penetration testers. Ken has worked in the field of information security for over 15 years, enjoys highlighting vulnerabilities, and regularly blogs on everything from honeypots to hacking cars.

Greg Playle

Why We Need to Know Physical Security

Greg Playle, CISSP, FITSP-D, IAM/IEM, C|EH and C|HFI, has over 33 years experience in acquisition, planning, designing, implementing, testing, assessing, and managing integrated IT systems and has over 16 years experience supporting information assurance/computer network defense/mission assurance.

Simon Moffatt
Senior Member, UK Chapter

The Identity of Things: Privacy and Security Concerns

Simon Moffatt has over 13 years information security experience with a specialization in identity and access management. He is currently Principal Engineer at Open Source ISV ForgeRock.

Constantinos Macropoulos

The Militarization of Cyberspace: Implications for the Private Sector

Constantinos Macropoulos holds an MSc in Information Security from Royal Holloway, University of London. He has almost two decades of private-sector experience, working in a diverse range of IT roles.

Keith M. Martin
UK Chapter

The Militarization of Cyberspace: Implications for the Private Sector

Keith Martin is a professor in Information Security and director of the Information Security Group, Royal Holloway, University of London. He is the author of the recently published Everyday Cryptography by Oxford University Press.

Clare Nelson
Capitol of Texas Chapter

Multi-Factor Authentication: What to Look For

Clare Nelson, CISSP, founded strategy and business development firm ClearMark Consulting in 2001. She served on the ISSA Capitol of Texas Chapter board in 2012 and 2013 and is active in the information security community.

Perry Pederson

Adding the How-To to the NIST Cybersecurity Framework

Perry Pederson, C|CISO, is co-founder and managing principal, Langner Group LLC. His public and private career as a strategic cybersecurity thought leader has had just one mission: protect industrial control systems within critical infrastructure from disastrous cyber attack.

Janice Toney
WIS SIG co-chair, Northern Virginia Chapter

M-A-L-W-A-R-E Model – How to Propagate Success!

Janice Toney, PMP, CSM, is a program manager at Time Warner Cable and is an emerging security professional working on her cybersecurity certificate with over 16 years experience in leading IT and financial service projects and programs.

Rajat Swarup
New York Metro Chapter

Point-of-Sale Security, Malicious Software, and EMV

Rajat Swarup is a practice lead at AT&T Security Solutions in the threat a vulnerability management practice based out of Jersey City, New Jersey. Rajat specializes in offensive and defensive information security including penetration tests and digital forensic investigations.

Gary Hinson
UK Chapter

Privacy Metrics

Gary Hinson, PhD, MBA, CISSP, has been working since the 1980s in information risk, security, and IT audit. Following conventional employment in the pharmaceuticals, utilities, IT, engineering, defense, and financial services industries in the UK and Europe.

Ulrich Lang

Bridging the Gap between Privacy Requirements and Implementation

Dr. Ulrich Lang (ObjectSecurity CEO, co-founder) is a renowned thought leader in model-driven security, access control policy, privacy engineering, and cloud/SOA/middleware security.

Eric Munz
Orange County Chapter

Comprehensive National Cybersecurity Initiative

Eric M. Munz, CISSP, is an information security consultant. He holds a strong background in information technology, healthcare services, and risk-based frameworks from ISO 27000, NIST, and SANS.

Rebecca K. Kelly
Orange County Chapter

Comprehensive National Cybersecurity Initiative

Rebecca K. Kelly, PCI-QSA, CISA, began her career in information security in 2011 as a security specialist for a major telecommunications and managed service provider. From there, she has transitioned into consulting and has worked with an array of compliance standards.

Andrea Simmons
UK Chapter

Information Assurance: Adapting to New Metaphors

Andrea C. Simmons, FBCS CITP, CISM, CISSP, M.Inst.ISP, MA, has more than 17 years direct information security, assurance, and governance experience. Her most recent role as CISO for HP Enterprise Security was one of worldwide influence.

Marie A. Wright

Improving Cybersecurity Workforce Capacity and Capability

Marie A. Wright, PhD, is a Distinguished Professor of Management Information Systems at Western Connecticut State University. She has been actively involved in the field of information security for more than twenty-five years.

Dave Shackleford

Your CISSP Is Worthless. Now What?

Dave Shackleford is the owner and principal consultant of Voodoo Security and a SANS analyst, senior instructor, and course author.

Christa Pusateri
Tampa Bay

WIS SIG: Blaze Your Own Trail

Christa Pusateri is a trailblazer, problem solver, entrepreneur, student, coach, storyteller, teacher, adventurer, and above all else a devoted wife and mother. She currently serves as the vice president for the Tampa Bay Chapter.

Mark Anderson

Some Comments on Next Generation Mass Surveillance Architecture

Before entering the private sector in 2014, Dr. Anderson, ACM Dist. Eng., spent 24 years as a cybersecurity researcher and senior executive for the Australian Department of Defence.

Eric H. Goldman
New York Metro

Help Your Users Protect against Family Member Fraud

Eric H. Goldman, CISA, Security+, is an information security professional with experience in financial services and manufacturing. He focuses on human factors and human computer interaction in the realm of information security.

Phillip H. Griffin
Fellow, Raleigh Chapter

Formal Security Protocol Analysis

Phillip H. Griffin, CISM, has over 20 years experience in the development of commercial, national, and international security standards and cryptographic messaging protocols. He has been awarded nine US patents at the intersection of biometrics, radio frequency identification (RFID), and information security management.

Jason Andress
Senior Member, Puget Sound Chapter

Working with Indicators of Compromise

Dr. Jason Andress (ISSAP, CISSP, GPEN, CISM) is a seasoned security professional with a depth of experience in both the academic and business worlds. He has taught undergraduate and graduate security courses since 2005 and conducts research in the area of data protection.

Dorian Deane
Northern Virginia Chapter

Ship of Tools: All the Security Tools in the World Can’t Save You…

Didier Stevens
Belgian Chapter

Wireshark; Malicious Microsoft Office Documents: An Analyst’s View

Didier Stevens (Microsoft MVP Consumer Security, SANS ISC Handler, Wireshark Certified Network Analyst, CISSP, GSSP-C, GCIA, GREM, MCSD .NET, MCSE/Security, MCITP Windows Server 2008, RHCT, CCNP Security, OSWP) is an IT security consultant currently working at a large Belgian financial corporation.

Jonathan Knudsen

Software Supply Chain Management with BOMtotal

Jonathan Knudsen is a principal security engineer at Codenomicon, where he enjoys breaking software. Jonathan is the author of books about 2D graphics, cryptography, mobile application development, Lego robots, and pregnancy. He lives with his wife, four children, and two dogs in North Carolina.

Joel Weise
Distinguished Fellow, Vancouver Chapter

Security in the News; Using a Governance Tool; PCI DSS 3.0 - Taking Stock

Joel Weise has worked in information security for over 30 years. His current research is focused on adaptive security, cloud computing, cryptographic systems, security governance, and security maturity modeling. Joel is a founding member of the ISSA and a member of the American Bar Association.

Jordan Berry

Starting with YARA the Automated Way

Jordan Berry is currently a threat intelligence analyst for FireEye, Inc., on the Intelligence team based out of Washington, DC. He spends his time researching the latest activities from cyber threat groups.

Mark Burnette
ISSA Fellow, Middle Tennessee ISSA Chapter

Data Security: Shifting the Discussion away from Compliance

Mark Burnette, CPA, CISA, CISSP, CISM, CRISC, QSA, is a Partner with LBMC Security & Risk Services. He is a founding director of the Middle Tennessee ISSA Chapter.

David Meltzer
Metro Atlanta Chapter

Securing the Industrial Internet of Things

David Meltzer is the chief research officer at Tripwire. He has been involved in information security for more than 20 years as a security researcher, entrepreneur, and executive.

Rob King

Giles Event Correlation Engine Compiler

Rob King has seventeen years of experience in information security and software development. Over his career he has served as a senior researcher with KoreLogic, Inc., the architect for TippingPoint DVLabs, and contributing editor for the SANS @RISK newsletter.

Mark R. Heckman
Sacramento Valley Chapter

Every Secure System Wants to Be a Reference Monitor

Mark Heckman, PhD, CISSP, has worked in the field of information security for over 30 years as a researcher, developer, and practitioner. He currently is a senior lecturer in the Informatics Cybersecurity Engineering program at the University of Southern California.

Ray Yepes
South Texas Chapter

Profiling in a Digital World

Ray Yepes has more than 19 years of experience as a security professional and criminal investigations examiner. Ray has assisted and advised local and federal government agencies in national security matters and high-profile criminal investigations.

Kris Tanaka
Portland Chapter

Security in the News

Kris Tanaka is the content marketing strategist for SecureWorld Expo and editor of the SecureWorld Post. She formerly served as the events and communications manager for ISSA International.

Mike Davis

Bridging the Gap between Privacy Requirements and Implementation

Mike Davis, CISSP, CISO, received his electrical engineer and M.S.E.E. degrees from the Naval Postgraduate School. He is a  cybersecurity, privacy, and risk management consultant. He is a co-founder and CEO of ACME Cyber Solutions.

Kelley Misata
New England Chapter

Information Security, Privacy, and the Law in Crisis Organizations

Kelley Misata holds a BS in Marketing, an MBA, and is pursuing a PhD in Information Security. Her 17 years of professional successes, along with her experiences as a cyberstalking survivor, drive her research and her passion in information security.

Angella Carlisle
Central Alabama Chapter

Privacy and Security: Finding Balance

Angella Carlisle, CISSP, CRISC, has been an information security practitioner for almost 17 years. She has worked extensively in the healthcare space. Her primary interests include security awareness, identity and access management, and third-party risk management.

Seetharaman Jeganathan

Identity and Access Management: A Shield against Malicious Insiders and Advanced Persistent Threats

Seetharaman Jeganathan, CISSP, has more than 13 years of experience in IT technology security consulting and program management. He mainly focuses on information systems risk assessments, identity and access management solution strategy definition, and implementation of IAM security solutions.

Soumyo Moitra

Analyzing Temporal Patterns in Network Traffic

Soumyo Moitra is a Senior Member of Technical Staff in the Network Situational Awareness Group at CERT, at the Software Engineering Institute, Carnegie Mellon University. He has applied operations research models in a number of areas including policy analysis, telecommunications, and technology management.

Dora Baldwin
Inland Empire

A Transition into Tech

Dora Baldwin is a graduate student pursuing her Master’s of Public Administration with an emphasis in cybersecurity. She is a recipient of the CyberCorps: Scholarship for Service, which is an academic program funded by the National Science Foundation and co-sponsored by the Department of Homeland Security.

Roza Winston
Central Ohio

Outside Looking In

A former paralegal and administrative assistant (an end user personified), Rosa Winston is an aspiring infosec practitioner.

Rhonda Farrell
ISSA Fellow, Northern Virginia

Social Media: A Double-Edged Sword

Dr. Rhonda Farrell, JD, CISSP, CSSLP, is an Associate at Booz Allen Hamilton and a member of the Board of Directors at ISSA International and Nothern Virginia Chapter. She also holds an officer position within IEEE and ASQ.

Steve Conrad
Puget Sound

Turning Social Media Oversharers into Infosec Champions

Steve Conrad is the founder and Managing Director of MediaPro and has extensive experience in improving organizational performance through effective awareness and learning solutions.

Community Search
Sign In


ISSA Thought Leadership Series: The Asset Management Resurgence

2/22/2020 » 2/23/2020
February 2020 ISSA Cyber Executive Forum San Francisco, CA

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information