Sample Activities:

• Customer: major law firm.
  Activity: expert witness.
  Advised lawyers on information security aspects of case, delivered expert witness opinions, delivered pre-trial depositions. (Case settled out of court.)

• Customer: U.S. government agency.
  Activity: security consulting.
  Advised government on security of government contractor's operation on behalf of government, advised on draft RFP, audited security of contractor's operation, advised government and contractor on security threats and vulnerabilities and controls to manage the security risk.

• Customer: (multiple) commercial enterprises.
  Activity: CISSP training.
  Prepared and delivered training program to assist clients' employees to study for and pass examination to become Certified Information Systems Security Professionals.

• Customer: U.K. Ministry of Defence.
  Activity: Chief Architect, Security in Open Systems Technology Demonstrator Project.
  Guided a consortium of ten commercial vendors in developing standards for exchange of security data to achieve interoperability among commercial products.

• Customer: U.S. government agency.
  Activity: software security capability analysis.
  Advised government agency on adding specific security properties to an existing product for use in a potentially hostile environment different from its original intended use.

• Customer: commercial enterprise.
  Activity: Security training.
  Prepared and delivered training course to augment security capabilities of network and systems engineers.

• Customer: (multiple) research groups.
  Activity: Security analysis, review, and guidance.
  Advised clients on security research and development projects.