Roberta Bragg (CISSP, MCSE: Security; Security+, ETI Client Server, Certified Technical Trainer, IBM Certified Trainer, DB2-UDB, Citrix Certified Administrator) has been a Security Advisor columnist for Microsoft Certified Professional Magazine for five years, is a Security Expert for SearchWin2000.com, and writes for the “SecurityWatch” newsletter, which has over 55,000 subscribers. Roberta designed, planned, produced, and participated in the first Windows Security Summit, held in Seattle, Washington, in 2002. Also in 2002 at TechMentor San Diego, Roberta gave the first production of “Security Academy,” a three-day hands-on secure network-building workshop, and it was subsequently scheduled for five repeat presentations in 2003. In September and October of 2002, Roberta was an instructor for four sessions of SANS Gold Standard Windows 2000 Training. Roberta has participated in numerous security audits and is a security evangelist traveling all over the world consulting, assessing, and training on network and Windows security. Roberta has served as adjunct faculty at Seattle Pacific University and at Johnson County Community College teaching courses on Windows 2000 Security Design and Network Security Design. Roberta is the lead author of the upcoming MCSE 70-298 Designing Windows Server 2003 Security, and Windows Server 2003 Security Administrators Companion, both from Microsoft Press. She has written on SQL Server 2000, CISSP, and Windows Security for QUE and New Riders.
Mark Rhodes-Ousley (CISSP) has been a practicing security professional for more than ten years. Mark has advised, designed, and installed security technologies and policies for dozens of companies, including Fortune 500 companies such as Clorox and Gap, Inc., large companies such as Sun Microsystems and Hitachi Data Systems, medium-sized companies such as Metricom and Watkins-Johnson, and many small companies such as Napster and Internex. All this experience with companies in different stages of growth leads to a unique perspective on how to manage security for a growing company—where to begin, what to do when moving forward, and how to plan for future growth.
Mark’s focus is strategic as well as tactical. Believing that business processes are even more important than technical configurations, Mark has specialized in defense instead of hacking. Much of the work he has done in the field of information security has been groundbreaking. He has worked with some of the top figures in the industry and has trained others, and some of his security philosophies show up in publications by individuals and companies where he has left his mark. Mark holds certifications from the International Information Systems Security Certification Consortium, known as (ISC)2, Cisco Systems, Security Dynamics, Raptor Systems, Hewlett-Packard, and Digital Equipment Corporation, along with a bachelor’s degree in applied mathematics and electrical engineering from the University of California, San Diego (UCSD).
Keith Strassberg (CPA, CISSP) is an independent security consultant with over seven years of experience in information security. Most recently, he worked as a senior security engineer for a mid-sized technology consulting company. Prior to that, Keith was part of the computer risk management group at Arthur Andersen, LLP. Keith’s professional experiences cover all facets of information security, including, but not limited to, designing and deploying secure infrastructures, implementing firewalls and intrusion-detection systems, performing computer forensic investigations, developing policies and procedures, and performing vulnerability testing.
His publications include authoring Firewalls: The Complete Reference (McGraw-Hill/Osborne, 2002) as well as contributing to other popular books, such as Security Architecture: Design, Deployment, and Operation (McGraw-Hill/Osborne, 2001), and Troubleshooting, Maintaining & Repairing Networks (McGraw-Hill/Osborne, 2002).
Keith has a BS in accounting from Binghamton University, and he can be reached at kstrassberg@yahoo.com