- Security policy and procedure
creation, assessment, and auditing.
- Asset identification and valuation.
- Risk analysis: vulnerability
assessment, threat Analysis, safeguards and compensating controls.
- Disaster recovery: design,
assessment, and audit.
- Physical security and systems protection.
- Software security controls.
- Network security controls: network and
security architectural design; design of intranet, extranet, and Internet access strategies;
backbone and campus network design; secure remote access and VPN.
- Firewalls and web security.
- Anti-virus protection.
- Content protection using encryption, digital signatures and authentication.
- Penetration testing.
University of California, Berkeley
Invited speaker at of over 20 different professional societies, and numerous
Topics are generally IT Security and IT Auditing.