ABOUT THE AUTHORS

Dr Julie E. Mehan, PhD, CISSP

Dr Julie Mehan is President/CEO of JEMStone Strategies and a Principal Analyst for a strategic consulting firm in the State of Virginia. She has been a career Government Service employee, a strategic consultant, and an entrepreneur – which either demonstrates her flexibility or inability to hold on to a steady job! She has led business operations, as well as information technology governance and information assurance-related services, including certification and accreditation, systems security engineering process improvement, and information assurance strategic planning and programme management. During previous years, she delivered information assurance and security-related privacy services to senior Department of Defense, federal government, and commercial clients working in Italy, Australia, Canada, Belgium, and the United States.

She served on the President’s Partnership for Critical Infrastructure Security, Task Force on Interdependency and Vulnerability Assessments. Dr Mehan is on the SANS Advisory Board, a voting board member for the International Systems Security Professional Certification Scheme (ISSPCS), and chair of the Systems Certification Working Group of the International Systems Security Engineers Association. Dr Mehan also serves as an Associate Professor at the University of Maryland University College, specializing in courses in Information Technology and Organizational Structure, and Ethics in Information Technology.

Dr Mehan graduated summa cum laude with a PhD from Capella University in Organization and Management, focusing her research into challenges facing Chief Security Officers in large government and commercial organizations and the development of a dynamic model of Chief Security Officer leadership. She holds a Master of Arts with honours in International Relations and Law from Boston University and a Bachelor of Science degree in History and Languages from the University of New York.

Dr Mehan was awarded the Meritorious Civilian Service Award for her actions in Bosnia and the Commander’s Award for Civilian Service for her initiatives in establishing the Army’s first Red and Blue Team capability. Dr Mehan was elected 2003 Woman of Distinction by the Women of Greater Washington. In April 2008, Dr Mehan’s book CyberWar, CyberTerror, CyberCrime: A Guide to the Role of Standards in an Environment of Change and Danger was published through IT Governance Publishing. She has also published numerous articles, including, Framework for Reasoning About Security – A Comparison of the Concepts of Immunology and Security; System Dynamics, Criminal Behavior Theory and Computer-Enabled Crime; and The Value of Information-Based Warfare To Affect Adversary Decision Cycles. Dr Mehan is fluent in German and has conversational skills in French and Italian.

She can be contacted at [email protected]

Waylon Krush, CISSP, CISA, CAP

Waylon Krush is currently the Chief Executive Officer (CEO) of Lunarline, Inc, a successful privately held information security (IS)/information assurance (IA) company that provides secure solutions for the federal government, Department of Defense (DOD), Intelligence Community (IC), and Fortune 500 companies worldwide. Mr Krush provides subject matter expertise in identification and authentication (I&A), encryption, secure system design, software assurance, medical device, embedded/wireless device security, and certification and accreditation (C&A) for the Department of Transportation (DOT), DOD and commercial companies.

Prior to becoming the CEO of Lunarline, Inc, Waylon was a senior information security engineer in AT&T’s Advanced Systems Division (ASD), and Chief of the Information Assurance (IA) group for GRC-TSC. At AT&T Mr Krush developed solutions (software and hardware) and provided consulting in DOD and Intelligence Community (IC) architecture, identity management, public key infrastructure, secure knowledge management/sharing and critical infrastructure protection, and intrusion protection.

Mr Krush proudly served seven years in the United States Army in various intelligence/information operation (IO) and security related technical and leadership roles throughout the world. Mr Krush was the lead technical member of the Land and Information Warfare Activity (LIWA) Red Team (US Army Red Team) and developed systems for RF/signal monitoring and analysis systems for various customers worldwide. Mr Krush also served as the technical lead for the Information Systems Security Monitoring (ISSM) group in the US Army. Mr Krush won many military awards and recognition related to computer network operations (CNO) and information operations (IO).

Waylon holds a BS in Computer Information Science from the University of Maryland University College, and is a Certified Information Systems Security Professional (CISSP), Certified Certification and Accreditation Professional (CAP), and Certified Information Security Auditor (CISA). Mr Krush also has over 3000 hours of training from the National Security Agency (NSA) National Cryptologic School (NCS).

Mr Krush has been an active participant in the development of information security and information assurance guidelines and standards to include: NIST SP 800-53A (Identification and Authentication Family), and is currently working with Dr Scott Bernard and Dr Ron Ross on the CIO Counsel Enterprise Architecture (EA) Security and Privacy Profile (SPP) version 3.0.

Waylon is a recipient of the Knowlton Award, DOT Cyber Security Excellence Award, United States Marine Corp Scholastic Leadership Award, Air Force Advanced Signals Award, 718th Military Intelligence (MI) Soldier of the Year, NSA Professional of the Quarter, Voice of America Award, American Legion Award (2 years), and various military/technical awards and honors.