Sam’s CV (Academic)

Profile

  • Successful industry leader, currently running the global security operations of a large multi-national human capital and resource management company. Previously ran a significant team re-engineering the functions that allow people access to almost two-thirds of the Internet (at the time). Led a team that built an enterprise security and support solution for the financial and retail markets. Managed a new UNIX systems solution for major banks. Was on the ground as the fundamental structures of modern Internet tools were developed and was a key integrator of what are now common solutions. Delivered on-time, under-budget solutions while working with the most senior members of the C-suite across industry segments.
  • Acknowledged academic leader on the topic of state-of-the-art information security technologies and tools from government, industry, and open source communities. An award earning academic leader, and strategic consultant on cyber conflict/crime with 2 books, 3 book chapters, 7 peer-reviewed journal articles, 15 conference proceedings, 3 technical editorships, thousands of media impressions, hundreds of briefings, and extensive social media postings. Received a doctoral degree from one of the top information security programs in the world and became a tenured professor at the same institution. Taught, lectured, or briefed at every US war college, most of the military academies and several of the staff colleges, and a few foreign war colleges.
  • Successful senior government leader in the law enforcement, military, and intelligence domains. Over my years of government service led highly complex projects concurrently developing and implementing highly complex security programs. My career started as a local law enforcement officer and I did my first digital forensics case in the 1980s. Led as a chief information security officer (CISO) of a major military command, was the senior intelligence official for cyber threats against the US government’s third largest cabinet department, supported the CIO/CISO of the US government, and worked across all the critical infrastructure sectors including financial and energy sectors. As a senior intelligence official, the impact of teams led shifted the course of the nation. In 2016-2017, testified in front of numerous congressional committees both on camera and in classified settings.

 

Education Completed a doctorate in technology and master’s and bachelor’s degrees in computer science. Continue to seek skills development and certification attainment in information security and digital forensics practices.

  • Purdue University: West Lafayette, Indiana April 2005 to May 2012, PhD College of Technology (Digital Forensics), Dissertation Title: “Cyber warfare as a form of conflict: Evaluation of models of cyber conflict as a prototype to conceptual analysis”, Advisor: Marcus Rogers, GPA 3.68
  • Purdue University: West Lafayette, Indiana June 2004 to August 2004, Information Assurance Graduate Certificate Education
  • Colorado Technical University: Colorado Springs, Colorado July 1998 to February 1999, MS Computer Science Software Systems Engineering, GPA 3.80
  • Huron University: Huron, South Dakota December 1997 to August 1998, BS Computer Science, GPA 4.00
  • Westmar University: Le Mars, Iowa December 1996 to July 1998, BA, GPA 3.80
  • Edison Community College: Fort Myers, Florida April 1994 to May 1996, AA General Studies, GPA 3.59

 

Certifications

  • Security Clearance, DHS Suitability, CI Polygraph
  • Certified Information Systems Security Professional (CISSP), April 2010 to present #367558
  • 50 Ton Inland Master and 50 Ton Near Costal Merchant Mariner Certification (expected November 2021)

 

Awards and HonorsNumerous awards and honors based on the practice of getting involved and taking on challenges

  • DHS Unit Award, Intelligence and Analysis Cyber Division, October 2016
  • US Army Corps of Engineers – Commanders Award for Civilian Service, November 2015
  • Purdue University – Mentored graduate team that took 3rd place US teams (1st place graduate student teams internationally) in the Defense Cyber Crime Center Digital Forensic Challenge, December 2013
  • Purdue University – CERIAS Symposium 2012 Poster session first place award
  • Department of Homeland Security – Science, Technology, Engineering and Math Fellowship – Purdue University Homeland Security Institute January 2008
  • Sun Microsystems – Outstanding Service Provider of the Quarter – Sun Microsystems Q2 January 2002
  • Sun Microsystems – Mid-Americas Partner of the Month – Sun Microsystems March 2001

 

ExperienceOver 20 Years of increasing professional responsibility and experience serving and consulting as a trusted adviser to corporate and government leadership on information assurance and security; digital forensics and incident response; and over 10 years in research and higher education. Leading worldwide recognized subject matter leader on cyber security, digital forensics, and incident response issues with numerous appearances in media and symposia

 

Government Experience

Department of Homeland Security, Intelligence and Analysis: Special Advisor Cyber Division, November 2015 to February 2018

  • As acting Director Cyber Division (Jan 7, 2017 to November 6, 2017), I supervised up to 31 full time all source cyber analysts and was responsible for the complete intelligence lifecycle. I successfully managed the strategic vision, goals, resources, and product/process delivery cycle of organization-wide cyber plans and objectives.
  • Identified security threats and methods of mitigation across the DHS enterprise; Worked closely with FS-ISAC, FS-ARC, and ES-ISAC. Provided contextual and integrated information for selection of security system solutions; Served as the SME for CIFIUS, information technology acquisition, and risk assessor for acquisition programs. Coordinated intelligence activities on various topics across the intelligence community.
  • Closed an 18% production gap between FY16 and FY17 between Q2 and Q4; Increased IIR evaluations by 70%, and brought production in line with expectations, and supported implementation of innovative analytical tools within Cyber Division.
  • Briefed cabinet-level leaders, National Security Council staff, and industry on numerous occasions. Represented DHS I&A during US Congressional hearings/briefings on the topic of alleged compromises of information networks supporting the 2016 Presidential Elections and regarding foreign vendors.
  • Provided subject matter expertise on evaluating information security risks and aligned solutions to the compliance and regulatory regimes for the government or industry such as energy or financial entities; Led intelligence requirements and leveraged DHS-derived data to support the CFO Act agencies, sector specific agencies, and the National Cybersecurity and Communications Integration Center (NCCIC) mitigation and resiliency mission.
  • Administered the creation of this nations first cyber-focused, non-forensic attribution methodology (NFAM) allowing for the leveraging of formerly unused artifacts and accounts to ascribe attribution to malicious activities levied against FED.gov networks; Administered the cyber-focused portion of the binding operational agreement (BOD) in late 2017 upon which guidance to USG trade officers – regarding import and implementation of technologies from foreign nations – was based.

United States Army Corps of Engineers: Cyber Advisor and CISO, January 2015 to October 2015

  • Led the cybersecurity practice within the OCIO at USACE a DoD entity, serving 33K users, with worldwide operations (it would be rated as #108 on the Forbes 500 with over $20 Billion in operations); Had a $700 million information enterprise investment, supporting critical infrastructure, financial, and engineering business lines; Led strategic operations of a matrixed worldwide enterprise cybersecurity solution and implemented numerous statutory and regulatory requirements (FISMA, FITARA, and Clinger-Cohen).
  • As acting Governance and Architecture Chief (90 days), supervised 20 full time employees, and managed executive secretariat of the office of chief information officer (OCIO); Delivered and designed a security architecture and harmonized the implementation strategy to the OCIO strategic plan; Served as the primary stakeholder and coordinator of the OCIO strategic plan, monitoring implementation, structuring reporting, negotiating reports, and managing the support personnel monitoring current status.
  • Organized an agency wide security strategic plan aligning with the OCIO, USACE, and US Army information strategic plans. Provided the vision and strategic direction for the information security policies unique to USACE. Led and served as the signatory authority on security risk assessments, information technology risk assessments, created policies and monitored for adherence to computer, electronic storage device, and communications systems security policies.
  • Led defensive cyber operations (DCO) and coordination of cybersecurity program of record USACE activities with USCC, ARCYBER, and other military, intelligence, and inter-agency partners. Supervised, managed, and consulted with senior USACE and Department of Army implementation of FISMA, DoD versions of FedRamp, NIST RMF, and FITARA via whitepapers and briefings; Led strategic policy development of security activities, incident response, and integrated intelligence practices (Tri-Team Model) across the enterprise.
  • Managed worldwide, cross enterprise collaboration on industrial control systems (ICS) and platform information technology (PIT) initiatives for certification and accreditation; Executed successfully a process for creation of CND-SP, and computer network defense service provider tier 2 capabilities.

 

Academic Experience

Purdue University: Associate Professor August 2012 to January 2015

  • Served as senior professor at the Purdue College of Technology in the Digital Forensics laboratory. This lab is affiliated with the State of Indiana, and CERIAS at Purdue. I led class development and program operations in support of law enforcement activities and fundamental research into embedded systems forensics.
  • University assigned goals for productivity and effort were set at 30% teaching at the graduate level; 50% scholarship at national and international level venues; and 20% service to the university and discipline.

Teaching

  • While mentoring graduate students within the context of a course on transnational crime and conflict, led the development and writing of three threat intelligence reports, targeting different critical infrastructures. This resulted in to date 4 peer reviewed publications.
  • Created new curriculum and courses in the digital forensics field with 5 new digital forensics and incident response courses delivered to students and receiving highly satisfied ratings from students and employers.

Service

  • Increased strategic engagement of students by increasing the number of graduate students year to year and currently advising or on the committee of over 35 masters and doctoral students.
  • Led, managed and mentored a cadre of 30 graduate students while serving as the chair for 12 of them. Graduating approximately 5 a year while decreasing time to matriculation as quickly as the process will allow.
  • Serve on 3 university advisory and governance committees, 4 college or department level committees, while providing leadership within the campus and university system
  • Architected a change in initial set up of the Cyberforensics Laboratory at Purdue through an innovative use of administration controls and information security tools. This resulted in better management of the information assets by decreasing the complexity, halving the cost of set up time for the laboratory, and increasing availability that included the new feature remote access for laboratory users.
  • Worked with DISA, Department of Defense, Department of State and other governmental agencies to evaluate and enhance policy and procedures for computer network defense, and system security.
  • Led international academic engagement sponsoring an international conference on cyber warfare, editing proceedings, providing peer-reviewers, and associated administrative tasks.
  • Increased strategic engagement of students by increasing the number of graduate students year to year and currently advising or on the committee of over 35 masters and doctoral students.
  • Committees
  • Fall 2014 to 2015 Computer Information Technology Department Graduate Curriculum Committee
  • Fall 2014 to 2015 Computer Information Technology Department Undergraduate Curriculum Committee
  • Fall 2013 to 2015 Computer Information Technology Department Election Coordinator
  • May 2013 to 2015 University Military Programs Committee
  • May 2013-2015 University Censure and Dismissal Procedures Committee (regular member)
  • Fall 2012 to 2013 Center for Excellence Research Information Assurance (CERIAS) Strategic Plan Committee
  • Fall 2012 to 2015 Department of Computer Information Technology Graduate Curriculum Committee

Scholarship

  • Increased research output by engaging in information assurance security, digital forensics and incident response applied research individually and with my students. This resulted at this time in 1 book, 1 journal article, 4 conference proceedings, 3 technical reports, 1 technical editorship, 1 amicus brief, and 19 poster presentations.
  • Led research team of 20 students reverse engineering Internet of Things (IoT), Platform Information Technology (PIT), and Industrial Control Systems (ICS) to enable exploitation and forensic investigation.
  • Served as a subject matter expert disseminating in oral presentations information security and digital forensics and applied written research across the discipline presenting to senior government and industry leaders on network security topics. At this point I have presented as a speaker or panelist at 12 events worldwide.
  • Served as subject matter expert with worldwide exposure on information security topics and digital investigations with over 18 appearances on television or in print media.
  • Partnered and or wrote individually to date 10 research proposals, grants, or requests totaling over $30 million in requested funds (my share approximately $3 million), with $211K funded to date.

National Defense University: Associate Professor March 2011 to July 2012

  • Served as a professor teaching mid career and senior career government and military officials information security concepts and classified lessons on cyber conflict. Team taught and taught at a distance numerous information security subjects with excellent reviews by peers and students.
  • University assigned goals for productivity and effort were set at 40% teaching at the graduate level; 20% scholarship at national and international level venues; and 40% service to the university and discipline.

Teaching

  • Implemented information security graduate curriculum designing and delivering enhanced curriculum on information security, enterprise risk management, and classified courses on cyber conflict that were enthusiastically received by senior government leadership.
  • Led curriculum and course delivery of nearly 300 hours of instruction, in person, at a distance, and intensive model as subject matter expert in information security and digital forensics. This was accomplished while teaching introduction to information security, enterprise risk management, security practices and other classified courses to senior government leadership across the interagency.
  • Implemented information security graduate curriculum designing and delivering enhanced curriculum on information security, enterprise risk management, and classified courses on cyber conflict that were enthusiastically received by senior government leadership.

Scholarship

  • Served as senior subject matter expert at the global level representing the Department of Defense numerous times in various ways including teaching abroad at the Swedish National Defense University, NATO in Estonia, and presenting at the Marshal Center in Germany.
  • Presented and or briefed to US government and allied nation groups (HASC, SASC, NATO, etc.) on the topic of information security (FISMA, DIACAP, DIARMF, etc.), associated regulations, pending and current federal and international law (CFAA, SOPA, CIPA, etc.) dealing with digital crime, conflict and information security.

Service

  • Served as a subject matter expert and disseminated written information security and information technology applied research across the discipline orally presenting to senior government and industry leaders on technical topics. I presented as a speaker or panelist at 3 events worldwide.
  • Served as a subject matter expert on the Cyber Security Framework on the NIST Working Group for government leaders.
  • Served as Department of Defense subject matter expert with worldwide exposure on information and network security topics and digital investigations with Office of Secretary of Defense approved appearances on and off the record in print media.
  • Committees
    • February 2012 – Presented Google Applications Environment – Presented Enterprise Risk Management Course as delivered in Google Application Environment to senior leadership
    • July 2011 to 2012 Cyber Studies Group
    • March 2011 to 2012 University Research Council (Alternate)

Purdue University Calumet: Associate Professor August 2003 to March 2011

Promoted from assistant professor to associate professor August 2008

  • Created and built a curriculum from the ground up. The program was split with half the faculty going to the business school and my section of the faculty retained in the College of Technology. This reconstituted faculty built numerous courses, a new degree program, an accreditation package, and I led or participated extensively in all activities.
  • University assigned goals for productivity and effort were set at 60% teaching at the graduate and undergraduate level; 20% scholarship in regional and national level venues; and 20% service to the university and discipline.

Teaching

  • Led three iterations of multi-course, multi-discipline applied undergraduate research coursework spanning two semesters of each iteration on applied topics 1) virtualization of information technology laboratories; 2) Answering the Navy Marine Corps Intranet request for proposal; 3) Evaluating and assessing the MITRE CVE within a taxonomical and syntactical framework.
  • Created new undergraduate degree curriculum and courses in the information technology and network security field, and over 25 new undergraduate information technology courses delivered to students focusing on network security, virtual private networks, operating systems, and digital forensics.
  • Architected an upgrade and system wide overhaul of the laboratory environment. Utilizing ITIL and ISO best practices for information technology projects and created 4 new laboratory rooms thus enhancing student experience through recordable lectures, portable environments, and flexibility to staff and faculty through access anywhere at anytime.

Scholarship

  • Increased research output by engaging in applied research individually and with my students. This resulted in 1 book, 6 journal article, 9 conference proceedings, 5 technical reports, 2 technical editorships, 1 amicus brief, and 3 poster presentations.
  • As a subject matter expert on systems security, I disseminated information security and information technology applied research in written and oral forms across the discipline presenting to senior government and industry leaders on technical topics. I presented as a speaker or panelist at 4 events worldwide.
  • Partnered and or wrote individually 4 research proposals, grants, or requests totaling over $660K in requested funds, with $617K funded (my credit approximately $224K).

Service

  • Through progressively more responsible positions, and elected to the position of faculty senate chair by my peers (considered dean level). I dealt with grievance procedures, system (state) wide issues for faculty, over saw various budget concerns, and interacted with faculty, administrative and political leadership at the regional, state, and national level achieving significant peer support across the state in various projects.
  • Applied myself as a faculty leader serving at a senior level on the campus as vice-chair of the faculty senate from 2008-2009, the chair of the faculty senate 2009-2010, and the inter-campus presidents council representative between all Purdue and joint Indiana University/Purdue Campuses.
  • Committees
    • Fall 2010 Friday University Lecturer Cyber conflict and other hazards of modern technology
    • Fall 2010 to Spring 2011 Chair of the Student Affairs Committee
    • Fall 2009 to Spring 2010 Chair of the Purdue Calumet Faculty Senate
    • Fall 2008 to Spring 2009 Vice Chair of the Purdue Calumet Faculty Senate
    • Fall 2008 to Spring 2011 Faculty Senate Agenda Committee
    • Fall 2008 to Spring 2009 Curriculum and Educational Policy Committee (CEP)
    • Summer 2008 to Fall 2008 University Portal Content Advisory Committee
    • Fall 2007 to Spring 2009 Faculty Grievance Committee
    • Fall 2007 to 2009 The CTIS Oversight Committee

Industry Experience

Harley-Davidson: Deputy CISO (February 2023 to January 2024)

Scope: Coordinated, evaluated, and created cybersecurity strategy for the top five brands in the world with dealers in over 100 countries and with a diversified portfolio of vehicle manufacturing across five countries, banking and finance, and apparel globally.

  • Led the development and maturation of the organization’s cybersecurity program, ensuring the protection of critical information assets.
  • Provided strategic leadership and oversight for the information security function, collaborating with cross-functional teams to align security initiatives with business objectives.
  • Created and aligned the security awareness program across multiple geographies.
  • Built relationships with internal stakeholders, external partners, and industry groups to enhance information security capabilities.

 

UKG: Vice President of Security, (July 2021 to December 2022)

Scope: Coordinated, collaborated, and owned creating a resilient security posture for SaaS software company.  Protecting the business of a human resources software company with operations in over 35 countries, while keeping 13K employees, $2.5 billion a day in transactions, and over 500 million human resource records secure.

  • Defended $22+ Million budget, right-sizing budgets, negotiating capabilities, overseeing resource allocations, determining portfolio and project scope, and setting scope programs of record from ideation through retirement.
  • Enhanced security by identifying and aligning operational security requirements across the enterprise as per business needs, while containing costs and maintaining PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR, and various other compliance frameworks.

Ultimate Software DBA UKG: Senior Director Security Operations (Feb 2018 to July 2021) $315,000 base + 20% personal goals bonus (cash/RSU’s) +20% corporate goals bonus (cash/RSU’s)

Scope: Supervised, and motivated 65-person team comprised of, infrastructure and engineering support (OPS), global security operations center (SOC), (cyber) threat intelligence (CTI), identity and access management (IAM), and physical security (PS) protecting corporate data centers, private and public cloud environments, and across the scope of cloud activities (SaaS, PaaS, IaaS, etc.).

  • Implemented ISO, and the NIST Cyber Risk Management Framework. Applied the MITRE ATT&CK framework, to align security operations processes across business units.
  • Enhanced strategic understanding and business alignment through the creation of the policy, plans, procedures, playbooks, governance, reporting structures for enterprise-wide security program, and engaging stakeholders and building coalitions across the enterprise.

NCR Corporation: Senior Consultant 1 – August 2000 to August 2003

  • Led a strategic level information technology integration program, successfully delivering innovative remote services technology and information security system solutions at over 250 customers of Sun Microsystems. These efforts resulted in consecutive awards for partner of the month and partner of the quarter from SUN.
  • Served as corporate cyber security subject matter expert on innovation, process improvement, and technical solutions to integrated information systems problems; Led development of corporate security and awareness programs for several clients; Served as the Chief Information Security Officer as a managed service provider; Increased business region wide.

Litton/TASC (Now just TASC): Senior Member Technical Staff – September 1999 to April 2000

  • Led enterprise architectural review of information technology solutions with an information security perspective, while making policy recommendations and responses to agency-level directed program requirements; Served as the Chief Information Security Officer and Information Security Officer.
  • Led incident response and disaster recovery planning efforts for military customer while focusing on information security efforts to secure numerous critical information system assets on the customer site.

MCIWorldcom (Contracted Services): Senior Program Manager – February 1999 to September 1999

  • Led coalition of public and private partners as network remediation leader in the customer premise program, providing global situational awareness while successfully determining impacts to over 270K customers’ worldwide. Set business requirements and implementation plans for budget decisions on an approximate $65 million, 9-month long project, resulting in an on budget early delivery.
  • Developed strategic security incident response team program coordinating actions and responses across the matrixed global enterprise comprised of over 130 matrix-reporting project managers and engineers, and with over 1000 vendors/contractors managed at a global level.

Law Enforcement and Military Experience Seven years experience in law enforcement with various duties and titles, three years military experience transferring from Washington State National Guard to the United States Marine Corps

Tippecanoe Prosecutors Office: Special Investigator, Pro Bono, 15 hours a week,  February 2014 to January 2015

  • Primarily a part time support role providing digital evidence recovery services as a sworn law enforcement officer. Within the job duties are those considered to be a crime scene investigator (CSI) and subject matter expert supporting the prosecutors office.
  • Increased laboratory capability and enhanced processing capacity by documenting standard operating procedures for handling of digital forensics evidence.
  • Led large highly complex digital investigations where up to a dozen evidence types (disks, phones, tablets, etc.) had to be correlated with log data (cell phone towers, application utilization, routers, etc.) and reports produced.
  • Utilized cutting edge tools towards the forensic recovery of digital evidence utilizing Forensic Took Kit, Autopsy/Sleuthkit, and approximately 45 other digital forensics tools.

Pierce County Sheriff Department: Corrections Officer -August 1989 – December 1993

  • Managed special projects dealing with computers and shift work assessment for corrections bureau chief providing written reports on findings and suggestions for course of action.
  • Detailed to provide physical security for in custody pre-trial and convicted prisoners providing courtroom surveillance and protection to municipal and country courtroom staff.
  • Provided transport services for medical and mental health care to in-custody defendants and convicted prisoners while also providing armed and unarmed response to critical situations within the correctional custodial environment.
  • Conducted independent investigations and suspect interviews of in custody prisoners while maintaining records and contact information for possible criminal charges.

Kitsap County Sheriff Department Corrections Officer – October 1987 – August 1989, $36K a year

  • Detailed to provide physical security for transport of in custody pre-trial and convicted prisoners while providing courtroom surveillance and protection to municipal and country courtroom staff.
  • Conducted independent investigations and suspect interviews of in custody prisoners while maintaining records and contact information for possible criminal charges.
  • Maintained appropriate custody of physical and digital evidence while investigating possible criminal conduct within the custodial environment.

Suquamish Tribal Police Officer – January 1987 – October 1987, $9 an hour, 16 hours a week

  • Performed police patrol function while maintaining safety, security, and threat mitigation within the community under the auspices of a Federal Bureau of Indian Affairs contract for law enforcement services.
  • Independently conducted investigations of misdemeanor and felony crimes while maintaining appropriate documentation pursuant to criminal charges within the constraints of Suquamish v. Oliphant.
  • Detailed to provide fisheries and wildlife law enforcement functions under treaty obligations and federal statues related to the Judge Bolt fisheries decision.

 

Military Service

United States Marine Corps: September 1984 – October 1986, E4

  • Military Occupational Specialty- Small Missile Systems Technician.

Washington State Army National Guard: June 1983 – August 1983, E2

  • Military Occupational Specialty- Tank Driver

 

Publications and Presentations

Book

  1. Devost, M., Dion, M., Healey, J., Gourley, B., Liles, S., Mulvenon, C., Pitts, H., Rattray G., “Addressing Cyber Instability”, Cyber Conflict Studies Association, 2012
  2. Liles, S., ed. “Proceedings 9th International Conference on Cyber Warfare and Security: Purdue University West Lafayette, Indiana, USA 24 – 25 March 2014”.

Book Chapter

  1. Liles, S., “A unified generational warfare model”, The Handbook of 5th Generation Warfare, 2010
  2. Liles, S., “The issues of non-state actors and the nation state”, Threats in the Age of Obama, 2009
  3. Liles, S., Kamali, R., “Information Assurance and Security Curriculum Meeting the SIGITE Guidelines”, Handbook of Research on Social and Organizational Liabilities in Information Security; 2008

Journal

  1. Kambic, Liles, S., Ellis, W.,Non-State: Cyber Power in ONG?”, Journal of Information Warfare, Volume 13, Issue 3
  2. Borton, M., Liles, S., Liles, S. “Cyberwar Policy”, The John Marshall Journal of Computer & Information Law, Spring 2010, pp 303 – 324
  3. Borton, M., Liles, S, “Active defense of corporate information systems”, IO Journal, May 2010
  4. Wozniak, J., Liles, S. “Political and technical roadblocks to cyber attack attribution”, IO Journal, Inaugural Issue, April 2009
  5. Liles, S., A review of Software Forensics by Robert Slade, Journal of Digital Forensic Practice. 2008.
  6. Liles, S., Kamali, R., “An Information Assurance and Security curriculum implementation” The Journal of Issues in Information Systems and Information Technology Volume 3, 2006
  7. Kamali, R., Liles, S., Jiang, K., Nicolai, B., “A Curriculum Model Based on the SIGITE Guidelines” Journal of Information Technology Education, Volume 5, 2006.

Amici Curiae

  1. United States of America, Plaintiff-Appellee, Andrew Auernheimer, Defendant-Appellant. Appeals from the United States District Court for the District of New Jersey, Case No. 11-CR-470, Judge Susan D. Wigenton
  2. United States v. Ray Andrus, On Appeal from the United States District Court for the District of Kansas,” Brief of Amici Curiae Computer Forensics Researchers and Scientists”, August 2007

Conference Proceeding

  1. Fowler, S., Liles, S., “Medical data breaches”, The 2014 IAJC/ISAM Joint International Conference, September 25 – 27, 2014, Orlando Florida
  2. Liles, S., Kambic, J., “Cyber Fratricide”, Fifth Annual International Conference on Cyber Conflict, Cooperative Cyber Defence, Center of Excellence, June 3 – 6, 2014, Tallinn Estonia
  3. Kambic, Liles, S.,Non-State: Cyber Power in ONG?”, International Conference on Cyber Warfare and Security, Purdue University, March 24 – 25, 2014, West Lafayette, IN
  4. Liles, S.J., Poremski, E., Liles, S., “Fusion of Malware and Weapons Taxonomies For Analysis”, International Conference on Cyber Warfare and Security, Purdue University, March 24 – 25, 2014, West Lafayette, IN
  5. Liles, S., Dietz, J.E., Rogers, M., Larson, D., “Applying traditional military principles to cyber warfare”, Fourth Annual International Conference on Cyber Conflict, Cooperative Cyber Defence, Center of Excellence, June 5 – 8, 2012, Tallinn Estonia
  6. Uzubell, S., Liles, S., Jiang, K., “An Analysis of the Common Body of Knowledge of Software Assurance”, SIGITE, October 7 – 9, 2010, Central Michigan University, Midland MI
  7. Liles, S. ”Cyberwarfare: A form of low-intensity conflict and insurgency”, In proceedings Conference on Cyber Conflict, Cooperative Cyber Defence, Center of Excellence, June 16-18, 2010, Tallinn Estonia
  8. Liles, S., “Cyber warfare compared to fourth and fifth generation warfare as applied to the Internet”. In proceedings of International 2007 International Symposium on Technology and Society: Risk, Vulnerability, Uncertainty, Technology and Society, June 1 – 2, 2007, University of Nevada Las Vegas
  9. Rosco, R., Rogers, M. Liles, S., “Breaking Down Stereotypes: A Call for an ontological Model”. In proceedings of the Hawaii International Conference on System Sciences Hilton Waikoloa Village Waikoloa HI January 3 – 6, 2007
  10. Liles, S., Kamali, R., 2006. “An Information Assurance and Security curriculum implementation”. In proceedings of International Informing Science + Information Technology Education joint Conference (Manchester, England, UK, June 25 -28 2006).
  11. Kamali, R., Liles, S., Winer, C., Jiang, K., and Nicolai, B. 2005. “An implementation of the SIGITE model curriculum”. In Proceedings of the 6th Conference on information Technology Education (Newark, NJ, USA, October 20 – 22, 2005). SIGITE ’05. ACM Press, New York, NY.
  12. Liles, S., “A vendor neutral wide area networking course” American Society for Engineering Education 2005 Illinois-Indiana Sectional Conference (Northern Illinois University, DeKalb, Illinois, USA April 1-2, 2005)
  13. Liles, S., “A vendor neutral local area networking course” American Society for Engineering Education 2005 Illinois-Indiana Sectional Conference (Northern Illinois University, DeKalb, Illinois, USA April 1-2, 2005)
  14. Liles, S., “Distance Education II Collaboration With Industry: Utilizing Software To Build Community and Foster Communication”, ASEE CIEC 2005, February 24-25, 2005

Technical Editor

  1. Chapple, M,, Seidl, D., Liles, S., (ed) “Cyberwarfare: Information operations in a connected world”, Jones and Bartlett, 2015
  2. Barrett, D., Kipper, G., Liles, S., (ed) “Virtualization and Forensics: A digital forensic investigator’s guide to virtual environments”, Syngress 2010
  3. Bolt, S., Liles, S., (ed) “Xbox Forensics”, First Edition, Syngress 2010

Invited Speaker

  1. Panelist – “Lost lessons of cybersecurity over the last decade”, Naval War College, November 17th -19th, Newport RI (virtual)
  2. Panelist – “Cyber and economics”, Naval War College, December 7, 2016, Newport RI
  3. Speaker – “Critical Infrastructure”, AFCEA Round Table, October 27, 2014, Arlington Virginia
  4. Speaker – “Attribution and Cyber Campaigns”, Naval War College, October 13, 2016, Rhode Island
  5. Speaker – “Incident response to a breach: Right of boom you find ashes”, George Washington University, April 19, 2016
  6. Speaker – “ICS Breach, what to do after oh no, frameworks and issues of IM/IT” University of Maryland Baltimore College, ,April 13, 2016
  7. Speaker – “Cyber risks to critical infrastructure” National Defense University, Information Resources Management College, April 1, 2016
  8. Speaker – “Comparison of approaches to national cybersecurity (North America)”, Regulatory and technical aspects of information security in cyberspace, Bishkek, Kyrgyz Republic, December 4-5, 2014
  9. Speaker – “Digital forensics in the age of the Internet of things: Challenges and opportunities”, University of Central Florida EECS Colloquium, Orlando Florida, November 21, 2014
  10. Panelist – “Toaster Wars of 2025 – Addressing Embedded Device and Internet of Things Security Before it is Too Late!”, FedCyber 2014, Tysons Corner, VA, November 5, 2014
  11. Speaker – “Threat trends to the enterprise”, Indianapolis, IN, October 20, 2014
  12. Speaker—“Digital forensics and the Internet of Things”, SecureWorld Expo, October 1, 2014, Indianapolis, Indiana
  13. Panelist – “Higher Education Panel for Hackers”, DerbyCon, September 27, 2014, Louisville, Kentucky
  14. Speaker – “Threat intelligence and digital forensics”, CERIAS Seminar, Purdue University, September 24, 2014, West Lafayette, Indiana
  15. Speaker – “Threat intelligence for the incident responder”, hosted by OpenDNS, S4Iresponder Conference, September 19, 2014, San Francisco, CA,
  16. Panelist – “Securing the Internet of things”, hosted by CyberTech, I Am the Cavalry, and BuildItSecure.ly at BlackHat, August 5, 2014, Las Vegas, NV
  17. Panelist – “Cyber incident response”, hosted by Indiana Office of Technology, Infragard of Indiana Conference, July 31, 2014, Indianapolis, IN
  18. Panelist – “Sharing incident data while under attack”, 15th Annual Information Security Symposium at CERIAS, March 26 – 27, 2014, West Lafayette, Indiana
  19. Panelist – “The future of cyber warfare”, Alexander Hamilton Society, Duke University, October 3, 2013
  20. Speaker – “Cyber security with a global perspective”, Pugwash Conference, Purdue University, April 20, 2013
  21. Speaker – “Cyber as a form of National Power”, Institute for World Politics, Center for Culture and Security, Washington DC, November 9, 2012.
  22. Speaker – “Considerations of defense in depth”, Dynamic defense workshop, Sandia National Laboratory, September 5th & 6th, 2012, Albuquerque New Mexico
  23. Panel – “Tips and opportunities in graduate school”, University Symposium and Open House, Sandia National Laboratory, August 1-2, 2012, Albuquerque New Mexico
  24. Panel – “Military Operations in Cyberspace”, Fourth Annual International Conference on Cyber Conflict, Cooperative Cyber Defence, Center of Excellence, June 5 – 8, 2012, Tallinn Estonia
  25. Presented – “Cyber Threats” National War College Alumni Meeting, Naples Florida, March 2, 2012
  26. Presented – “Cyber Threats” First Cavalry Alumni Meeting, Springfield Virginia, February 18, 2012
  27. Panelist – “Managing Cyber Risk through Recovery Driven Resiliency”, Fort Lesley J. McNair, Washington DC, February 14, 2012
  28. Taught – Enterprise Security Strategies” Swedish National Defence University, Stockholm Sweden November 10 to November 19, 2011
  29. Presented – “Federal Government Privacy Day: Future technology challenges to privacy”, Fort Lesley J. McNair, Washington DC, October 15, 2011
  30. Taught – “Cybersecurity for Information leaders” Swedish National Defence University, Stockholm Sweden, September 16th – September 23rd 2011
  31. Presented – “Cyber Threats”, Senior Executive Seminar, John G. Marshall Center, Garmisch Germany, September 8, 2011 http://www.marshallcenter.org/mcpublicweb/en/component/content/article/4-cat-mc-news/944-senior-leaders-discuss-threat-of-cyber-war.html?directory=58
  32. Moderator – “Cyber Security Threats” Spy Museum, Washington, DC, May 18, 2011
  33. Panelist – “Cyber Conflict at the Operational Level”, Cyber Conflict Studies Association, Washington DC September 21, 2010
  34. Panelist – “Cyberwarfare and non-state actors”, Conference on Cyber Conflict, Cooperative Cyber Defence, Center of Excellence, Tallinn Estonia, June 16-18, 2010

Poster Presentation

  1. Alaskandrani, F., Liles, S., “South Korea ICT Index Leader Cyber Assessments”, 15th Annual Information Security Symposium at CERIAS, March 26 – 27, 2014, West Lafayette, Indiana
  2. Curnett, B., Liles, S., “Implementing Bayesian Statistics from an Analysis of Competing Hypothesis Framework”, 15th Annual Information Security Symposium at CERIAS, March 26 – 27, 2014, West Lafayette, Indiana
  3. Curnett, B., Liles, S., “Saudi Arabian Policy on Cyber Capabilities”, 15th Annual Information Security Symposium at CERIAS, March 26 – 27, 2014, West Lafayette, Indiana
  4. Sitarz, R., Liles, S., “Technological Impact of Criminal Enterprises: The impact of Cloud Computing”, 15th Annual Information Security Symposium at CERIAS, March 26 – 27, 2014, West Lafayette, Indiana
  5. Arthur, K., Liles, S., “France’s cyber defense capabilities”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  6. Ellis, W., Liles, S., “Forensic evidence in Apache’s CloudStack (a work in progress)”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  7. Ellis, W., Liles, S., “Israel: An assessment of cyber capabilities”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  8. Horner, M., Liles, S., “Cyber warfare capabilities of Brazil”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  9. Horner, M., Liles, S., “International legal implications for cloud computing”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  10. Jensen, T., Liles, S., “Open-source analysis of the cyber warfare capability of North Korea”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  11. Johansen, K., Liles, S., “UK leads world cyber race”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  12. Katz, E., Liles, S., “Cloud Forensics: An investigation into imperfect virtualization (work in progress)”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  13. Katz, E., Liles, S., “Cyber warfare capabilities analysis: Brazil”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  14. Kambic, J., Liles, S., “SaaS incident response: Evidence provenance in a cloud service”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  15. Kambic, J., Liles, S., “Cyber conflict capabilities assessment: Islamic republic of Iran”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  16. Lee, B., Liles, S., “Applying the OSCAR forensic framework to investigations of cloud processing”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  17. Lee, B., Liles, S., “Canada’s cyber warfare capabilities”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  18. Park, G., Liles, S., “Digital forensics evidence acquisition in cloud storage service: Examining and evaluating tools and techniques”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  19. Silla, C., Liles, S., “Approaches for acquiring data from flash memory of cellular phones”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2013, Purdue University, West Lafayette, Indiana
  20. Liles, S., Rogers, M., Dietz, J., Larson, D., Raskin, V., “Cyberwarfare as a form of conflict: Evaluation of models of cyber conflict as a prototype to conceptual analysis”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2012, Purdue University, West Lafayette, Indiana
  21. Liles, S. “Risk assessment in an information centric world: Threats, vulnerabilities, countermeasures and impacts (a work in progress)”, CERIAS Annual Information Security Symposium, April 3rd – 4th 2012, Purdue University, West Lafayette, Indiana
  22. Uzubell, S., Liles, S., Jiang, K., “Software Assurance in Academia”, SIGITE, October 7 – 9, 2010, Central Michigan University, Midland MI
  23. Liles S,, Rogers M,. “Cyber warfare as low intensity conflict”, CERIAS Annual Information Security Symposium, 2008, Purdue University, West Lafayette, Indiana
  24. Bingham N., Dark M., Liles S., Mislan R., Rogers M., Rose M., Wedge T., “Digital Forensics Learning Objects”, CERIAS Annual Information Security Symposium, 2006, Purdue University, West Lafayette, Indiana

Technical Publication

  1. Crimmins, D., Falk, C., Fowler, S., Gravel, C., Kouremetis, M., Poremski, E., Sitarz, R., Sturgeon, N., Zhang, Y., Liles, S., “U.S. Bank of Cyber: An analysis of Cyber Attacks on the U.S. Financial System”, May 2014, CERIAS TR 2014-3
  2. Al-Askanrani, F., Amos, E., Beckman, J., Boreddy, N., Curnett, B., Martinez, C., Misata, K., Sharevski, F., Vargas, H., Liles, S., “Invisible Attacks on the maritime shipping and transportation industry”, December 2013, CERIAS TR 2013-8
  3. Kambic, J., Aurthor, K., Ellis, W., Horner, M., Jensen, T., Johansen, K., Lee, B., Liles, S., “Crude Faux: An analysis of cyber conflict within the oil and gas industries”, June 2013, CERIAS TR 2013-9
  4. Liles, S., Kovacik, S., & O’Day, D. “Proposed Methodology for Victim Android Forensics”, Retrieved January 31, 2011 from http://viaforensics.com/?fid=Proposed-Methodology-for-Android-Forensics.pdf, November 2010
  5. Liles, S., Larson, D. “A Gap Analysis for the Indiana Department of Homeland Security District One Law Enforcement”, Purdue University Calumet and Indiana Department of Homeland Security District 1, December 2009
  6. Kamali R., Liles S., Winer C., “Report on the programs in Computer Information Sciences South Suburban Community College”, April 2007
  7. Dark M., Liles S., Rose M., Rogers M., “Computer Forensics: Introduction to Computer Forensics Law”, Purdue University, West Lafayette, IN, July 2005
  8. Dark M., Liles S., Rose M., Rogers M., “Computer Forensics: Computer Forensics Principles”, Purdue University, West Lafayette, IN, July 2005

Research Monographs with Undergraduates

  1. Chavez, A., Liles, S., “Green Data Center Practices”, Louis Stokes Alliance for Minority Participation, under graduate research project, Spring 2010
  2. Numerous “Navy Marine Corps Intranet Project” Spring 2008,
  3. Numerous, “Network Architecture & Design; Virtualized Network Design for Computer Information Technology Department”, Summer 2006, 271 Pages
  4. Numerous “Highly Available Highly Mobile Instantly Deployable Wireless Network”, Fall 2005, 145 Pages

Selected Media Appearances

  1. December 13, 2014 The Week Staff, “The mechanized future of warfare”, The Week, (http://theweek.com/article/index/273431/the-mechanized-future-of-warfare)
  2. September 3, 2014 Tobin Harshaw “Google Car? I want a self-driving fighter jet” Bllomberg (http://www.bloombergview.com/articles/2014-09-03/google-car-i-want-a-self-driving-fighter-jet)
  3. June 19, 2014 Diane Easterbrook “MRAPs ready to fight crime”, Al Jazeera American News, (http://america.aljazeera.com/watch/shows/live-news/2014/6/mraps-ready-to-fightcrime.html)
  4. March 26, 2014 Teresa Mackin “Cyber forensics expert gives insight into plane investigation”, WISHTV8 (http://wishtv.com/2014/03/26/cyber-forensic-expert-gives-insight-into-plane-investigation/)
  5. January 31 2014 AP “Yahoo email breach what can users do?” AP Television New York
  6. January 27. 2014 Tanya Spencer “Michaels stores investigating possible data breach”, RTV6, (http://www.theindychannel.com/news/local-news/michaels-stores-investigating-possible-data-breach)
  7. January 5, 2014 John Hendren, “Inside the deep web” Al Jazeera America, (http://america.aljazeera.com/watch/shows/live-news/2014/1/inside-the-deep-web.html)
  8. December 6, 2013 Amanda Hamon, “Purdue team receives high honors in international digital forensics challenge”, (http://www.purdue.edu/newsroom/purduetoday/releases/2013/Q4/purdue-team-receives-high-honors-in-international-digital-forensics-challenge.html)
  9. December 2, 2013 David Delong, “Staying safe online during the holidays”, (http://www.wlfi.com/news/staying-safe-online-during-the-holidays)
  10. November 24, 2013 David McNally, “Comparing the technology of today to that of 50 years ago in the JFK assassination” <link pending>
  11. October 9, 2013, Ed Krayewski “Autonomous killer drones could be the future”, Reason (http://reason.com/blog/2013/10/09/autonomous-killer-drones-could-be-the-fu)
  12. October 8, 2013, Joshua Foust, “Ready for this? Lethal Autonomous Robot Drones”, Defense One, (http://www.defenseone.com/technology/2013/10/ready-lethal-autonomous-robot-drones/71492/)
  13. October 4, 2013, Tony Shan, “Alexander Hamilton Society hosts event on cyber warfare” Duke Chronicle, (http://www.dukechronicle.com/articles/2013/10/04/alexander-hamilton-society-hosts-event-cyber-warfare)
  14. June 24, 2013, Sina Kashefipour, “Data, Forensics, and the Use of Cyberweapons” The Loopcast, (http://www.theloopcast.com/2013/06/24/data-forensics-and-the-use-of-cyberweapons/)
  15. May 15, 2013, Richard Essex, “Companies using smartphone data to track shoppers”, WTHR (http://www.wthr.com/story/22265762/companies-using-smartphone-data-to-track-shoppers)
  16. May 14, 2013, Joshua Foust, “The liberal case for drones”, Foreign Policy, (http://www.foreignpolicy.com/articles/2013/05/14/a_liberal_case_for_drones?page=full)
  17. April 24, 2013, Kent Erdahl, “Twitter increasing security after hack”, FOX59 (http://fox59.com/2013/04/24/twitter-increasing-security-after-hack/#axzz2RQgv4iqi)
  18. February 27, 2012, Bob Segall,Cell phone warning: Deleted personal information often left behind”, WTHR (http://www.wthr.com/story/21419450/cell-phone-warning-deleted-personal-information-often-left-behind)
  19. February, 7, 2012, Adam Elkus, “Competition in cyberspace: Responding to the proliferation of information-based weapons”, Armed Forces Journal, (http://www.armedforcesjournal.com/2013/01/12842322)
  20. February, 4, 2013, Mark Clayton, “Cybersecurity: how preemptive cyberwar is entering the nation’s arsenal” Christian Science Monitor, (http://www.csmonitor.com/USA/Military/2013/0204/Cybersecurity-how-preemptive-cyberwar-is-entering-the-nation-s-arsenal)
  21. November 26, 2012, David McNally, “Cybershopping can have security risks”, WTHR Channel 13 Indianapolis, (http://www.wthr.com/story/20190387/cybershopping-can-have-security-risks)
  22. July 2012 Eric Beidel “iCollege Takes Nation’s Cybersecurity Leaders back to School”, National Defense, (http://www.nationaldefensemagazine.org/archive/2012/July/Pages/iCollegeTakesNation’sCybersecurityLeadersBacktoSchool.aspx)

 

MS Thesis Advisees

  1. Marcus Thompson, An exploratory forensic acquisition and analysis of digital evidence on the Amazon Kindle, April 2014
  2. Mark Lohrum, Analysis of Android update packages as a method to load forensic utilities and malicious applications to an Android device, April 2013

 

MS Directed Project Advisees

  1. Mathew Borton, Assessment of legal issues in cyberwar, April 2010
  2. Nickolas Bakker, Data center for information technology networking courses, April 2010
  3. Justin Verburg, Evaluating an Internet protocol version 6 implementation in a small business, April 2010
  4. Susan Uzubell, Software assurance: An analysis of the common body of knowledge and dissemination strategies, April 2010
  5. Matt Van Bodegraven, Testing and validating Crowbar for law enforcement agencies, April 2010

 

PhD Dissertation Committee

  1. Cory-Khoi Quang Nguyen, Industrial control systems (ICS) & Supervisory control & data acquisition (SCADA) cybersecurity of power grid systems: Simulation/modeling/cyber defense using open source and virtualization, August 2014
  2. Dannie Stanley, Improved kernel security through code validation, diversification, and minimization, December 2013

 

Grantsmanship and funding

  1. Summer 2014 CERIAS/Northrop Grumman (Purdue PI, unfunded), $150,000
  2. Fall 2013 BAA with Drexel, (Purdue PI, unfunded), $207,185, 33%, confidential source
  3. Fall 2013 Center for Cloud Security and Forensics, (Co-Pi, unfunded), 50% $381,235, NSA and Century College
  4. Summer 2013 Computer Research Alliance, (Co-PI, unfunded) 25%, $23,200,000, Army Research Laboratory
  5. Spring 2013 Chemical Restoration of Damaged and Corroded Hard Drives (PI, unfunded) 50%, $710,825, Health and Human Services, Department of Homeland Security
  6. Spring 2013 Department of Energy Lab Equipment Donation $201,000 Sonic Laser Microscope, (PI, awarded) 100%, Department of Energy – Fermi Labs
  7. Spring 2013 IAVO Software Donation $1,990,000 (Gift In Kind, co-recipient, awarded) 20%
  8. Spring 2013 US Department of Energy – Cybersecurity for the Electricity Sector: Detecting and Preventing Manipulation in the Smart Grid $3,887,048.00 (Co-Pi unfunded) 20%, US Department of Energy
  9. Spring 2013 Support of Cyber Operations Curriculum for the United States Navy, $433,295.60 (PI, unfunded) 25%, Department of the Navy
  10. Spring 2013 Purdue College of Technology Seed Grant $10,000, (PI, awarded) 50%, College of Technology Purdue University
  11. Spring 2009 Unclassified report examining the capabilities of the Peoples Republic of China to engage in cyber war $42,960 (unfunded) 100%, US China Econ & Sec Rev CMSN, Unfunded
  12. Spring 2008 Department of Homeland Security career development fellowship $56,000, (PI, awarded), 100%
  13. Fall 2006 Internal Purdue equipment grant for laboratory virtualization approximately $450,000 (PI, awarded), 50%
  14. Fall 2004 Cisco Information Assurance Group equipment gift in kind valued at $111,000 (PI, awarded) 100%

 

Committees, Commissions, Directorships, Memberships, Volunteer

2020 to Present Board of Directors Gamayun a 501c3

2009 to 2018 Intelligence and National Security Alliance

2008 to 2017 Committee Member, NATO Cooperative Cyber Defence Centre of Excellence, Conference, Tallinn, Estonia

2012 to 2017 Reviewer for Transactions on Information Forensics & Security

2014 to 2017 Member of the IT/Multimedia Scientific Area Committee within the Organization of Scientific Area Committees (OSAC)

2014 to 2017 American Academy of Forensic Science Digital and Multimedia Section

2013 to 2017 Editorial Board Member, Journal of Forensic Investigation

2012 to 2016 Member of USACM (required to stop while in a policy position at DHS)

  • Digital Government Committee
  • Privacy and Security Committee (2015 split into separate committees)

2008 to 2016 – Committee Member, International Conference on Information Warfare and Security

2007 to 2017 Small Wars Journal/Council moderator and reviewer

2003 to 2016 – Member of ACM (Association for Computing Machinery)

2012 to 2014 – Research Faculty: Cyber forensics, Center for Education and Research in Information Assurance and Security, CERIAS, Purdue University

2003 to 2014 – Member of SIGITE  (Special Interest Group Information Technology Education)

2003 to 2013 – Member of IEEE-Computer Society (Institute of Electrical and Electronics Engineers)

2013 Reviewer for “The Dutch National Science Foundation (NWO)”

2013 Reviewer for “Workshop on research for insider threat (WRIT)”, San Francisco, CA

2012 – Track Chair, Small Scale and Digital Devices, International Conference on Digital Forensics & Cyber Crime

2010 Editorial Advisory Board for Dark, M. J. (2011). Information assurance and security ethics in complex systems: interdisciplinary perspectives. Information Science Reference.

2009 Reviewer for Digital Forensics and Cyber Crime: First International ICST Conference, ICDF2C 2009, Albany, NY USA September/October 2009.

2007 to 2010 – ISO/ANSI TAG TC 223 “Societal Security” subject matter expert technology representing the United States

 

Evidence of Teaching Purdue University

Core Questions            5-Strongly Agree 4-Agree 3-Undecided 2-Degree 1-Strongly Disagree

  1. The instructor is professional, organized and knows the subject well.
  2. The instructor is on time and well prepared for each class meeting.
  3. The instructor’s course materials (excluding the textbook) are helpful.
  4. The instructor employs effective teaching methods and techniques.
  5. The instructor demonstrates how to apply concepts & methodologies.
  6. The instructor presents sufficient and relevant examples.
  7. The instructor relates course material to industry.
  8. The instructor has a good working relationship with students.
  9. The instructor knows how to guide students to solve problems.
  10. The instructor provides sufficient tests or assignments.
  11. The instructor’s tests or assignments are relevant to the subject.
  12. The instructor gives valuable feedback on each student’s performance.
  13. The instructor treats students consistently
  14. The instructor provides individual assistance when asked.
  15. The instructor provides help and suggests ways for students to improve.
  16. The instructor motivates me to do my best work.
  17. The instructor explains difficult material clearly.
  18. The instructor is effective in instruction.
  19. The instructor makes the objective of each class clear to me.

Spring 2014

Course/Section #S #R 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CIT58100 CFT 9 8 4.6 4.5 4.5 4.1 4.6 4.6 4.6 4.4 4.4 4.1 4.5 3.7 4.6 4.6 4.5 4.4 4.5 4.5 4.3
CIT58100 EMF 8 5 4.6 4.2 3.4 4 4.4 4.6 4.6 4.6 4.5 4 4.4 3.6 4.6 4.8 4.6 4.6 4.4 4.3 4.2

 

Fall 2013

Course/Section #S #R 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CIT58100 CFT 9 9 4.1 4.1 4.3 3.7 4.0 4.3 4.6 4.0 3.8 4.3 4.6 3.3 4.6 4.1 4.1 4.1 4.2 4.4 3.8
CIT58100 CFM 7 7 4.6 4.1 3.9 3.9 3.9 4.6 4.6 4.0 3.9 4.4 4.3 3.4 4.3 4.1 4.4 4.0 4.1 4.1 4.0

 

Spring 2013

Course/Section #S #R 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CIT58100 CFT 8 8 5.0 5.0 4.7 4.4 4.8 4.8 4.8 4.8 4.5 4.4 4.5 3.5 4.5 4.8 4.3 3.9 4.4 4.5 4.4
CIT58100 CFF 2 2 4.5 4.5 4.5 4.0 4.0 4.0 4.0 4.5 4.5 4.5 4.5 4.5 4.5 4.0 4.5 4.5 4.5 4.0 4.5

 

Fall 2012

Course/Section #S #R 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CNIT49900 7 7 4.0 4.8 4.0 3.8 4.1 4.3 4.9 4.8 3.8 4.0 4.6 3.6 4.4 4.3 3.9 4.1 3.9 4.8 4.3
CIT58100 CFC 8 8 4.9 5.0 4.5 4.3 4.8 4.8 4.9 4.8 4.5 4.3 4.6 3.8 4.4 4.9 4.6 4.5 4.6 4.4 4.4

Evidence of Teaching National Defense University

Comment: The iCollege at National Defense University has a formal method of student assessment of teaching. The teaching strategy is team teaching where professors teach specific lessons in a seminar environment. Out of respect for fellow faculty I will not report results in public.

Evidence of Teaching Purdue University Calumet

Core Questions            5-Strongly Agree 4-Agree 3-Undecided 2-Degree 1-Strongly Disagree

  1. My instructor creates an atmosphere highly conducive to learning.
  2. My instructor’s explanations are especially clear.
  3. Assignments are relevant, interesting, and well integrated.
  4. My instructor has stimulated my thinking.
  5. My instructor seems well prepared for class.
  6. My instructor stimulated interest in the course.
  7. Overall, I feel I have learned a great deal in this course.
  8. I would enjoy taking another course from this instructor.

Fall 2010

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 200-32625 25 18 4.44 4.22 4.61 4.66 4.44 4.44 4.17 4.33
ITS 450-33712 14 13 4.75 4.15 4.15 4.61 4.53 4.38 4.30 4.30
ITS 452-34171 17 16 4.68 4.31 4.43 4.62 4.56 4.75 4.75 4.68
ITS 470-32637 17  16 4.5 4.5 4.37 4.62 4.56 4.5 4.5 4.43

Spring 2010

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 200-63869 19 12 4.25 3.91 4.16 4.41 4.33 4.33 4.00 3.75
TECH581-05-65432 12 11 4.63 4.81 4.72 4.81 4.63 4.72 4.72 4.81

Fall 2009

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 200 – 32625 19 13 4.38 4.07 4.23 4.38 4.23 4.00 4.30 4.38
ITS 470 – 32637 13 10 4.2 4.00 4.4 4.5 4.30 4.50 4.40 4.30

 

Spring 2009

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 454 – 62862 10 10 4.5 3.9 4.4 4.9 4.7 4.4 4.7 4.7
ITS 472 – 63859 8 7 5 4.71 4.71 5 4.85 5 4.71 5
TECH581N – 64902 9 8 4.87 4.25 4.62 5 4.75 4.75 4.87 4.75

Fall 2008

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 452 – 34171 14 13 4.76 4.53 4.15 4.61 4.69 4.46 4.61 4.69
ITS 470 – 32637 13 13 4.83 4.58 4.75 4.83 4.83 4.83 4.58 4.91
TECH581 – 34463 9 6 4.83 4.5 4.83 5 4.83 5 4.83 4.83

Spring 2008

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 350 – 64328 16 14 4.93 4.69 4.30 4.92 4.84 4.84 4.84 4.84
ITS 472 – 63859 15 11 5 4.45 4.90 4.90 4.81 4.81 4.90 4.81

Fall 2007

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 200 – 32625 25 17 4.17 4 4.11 4.52 4.52 4.17 4.29 4
ITS 430 – 32817 9 8 3.62 3 4 4.12 3.87 3.87 4 4
ITS 470 – 32637 15 13 4.15 3.92 4.07 4.23 4.15 4.15 3.84 4.23

 

Spring 2007

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 170 – 62982 20 12 4.50  3.76  3.69 4.69 4.30  4.10  3.90  4.10
ITS 270 – 62991 15 12 4.26 3.86 4.20 4.40 4.33 4.33 4.20 4.06
ITS 356 – 62988 14 12 3.42 3.50 3.42 3.50 3.42 3.42 3.50 3.40
ITS 372 – 63450 20 16 4.56 4.25 4.06 4.37 4.5 4.31 4.25 4.25

Fall 2006

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
ITS 135 – 32638 20 16 4.56 4.47 4.13 4.56 4.53 4.67 4.60 4.25
ITS 170 – 32643 14 12 4.86 4.43 4.79 4.86 4.86 4.79 4.86 4.79
ITS 270 – 32629 12 10 4.70 4.20 4.40 4.70 5.8 4.56 4.40 4.40

Spring 2006

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 103 – 61806 20 12 4.40 4.30 4.20 4.60 4.60 4.20 4.20 4.40
CIS 287 – 61038 12 8 4.50 4.60 4.00 4.70 4.60 4.30 4,00 4.50
CIS 445 – 61103 12 12 4.90 4.70 4.90 4.90 5.00 5.00 5.00 5.00

Fall 2005

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 287 -31465 9 8 4.50 4.00 4.00 4.50 4.50 4.00 5.00 4.00
CIS 315 -31388 10 3 5.00 4.00 4.00 5.00 4.00 5.00 4.00 5.00
CIS 420 -31399 7 4 4.00 4.00 4.00 4.50 4.50 4.50 4.50 4.50
CIS 457 -31517 14 7 5.00 5.00 5.00 5.00 5.00 5.00 5.00 5.00
CIS 445 -31403 11 8 5.00 4.50 5.00 4.50 5.00 4.50 4.50 4.50
CIS 451 -32264 7 5 5.00 5.00 5.00 5.00 5.00 5.00 5.00 5.00

Spring 2005

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 315 – 61073 15 14 4.90 4.80 4.90 4.90 4.90 4.90 4.90 4.90
CIS 420 – 61600 14 14 4.90 4.50 4.90 4.80 4.80 4.90 4.80 4.70
CIS 445 – 61103 12 12 4.80 4.60 4.80 4.80 4.90 4.90 4.90 4.80

 

Fall 2004

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 310 – 31467 13 13 4.90 4.80 4.90 4.90 4.90 4.90 4.90 4.90
CIS 420 – 31399 9 9 5.00 4.40 4.90 4.90 4.80 5.00 4.80 5.00
CIS 445 – 31403 18 14 5.00 4.60 4.60 4.70 4.90 4.60 4.60 4.90

 

Spring 2004

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 286 – 61037 12 7 3.70 4.00 4.10 3.50 3.40 3.50 3.50 3.70
CIS 310 – 61072 16 15 4.70 4.60 4.60 4.80 4.80 4.80 4.70 4.90
CIS 315 – 61073 15 14 4.80 4.60 4.70 4.90 4.70 4.80 4.70 5.00
CIS 420 – 61600 8 7 4.80 4.80 4.80 4.90 4.90 5.00 5.00 5.00

 

Fall 2003

Course – Section # Students # Responses Core 1 Core 2 Core 3 Core 4 Core 5 Core 6 Core 7 Core 8
CIS 140 – 32809 24 16 4.40 4.10 4.10 4.30 4.80 4.50 4.60 4.60
CIS 310 – 33206 18 14 4.50 4.30 4.40 4.50 4.50 4.30 4.50 4.60
CIS 315 – 33066 18 14 4.80 4.80 4.80 4.80 4.80 4.90 4.90 4.90

Courses taught at Purdue University

CNIT 58100 CFM Cyber forensics of Malware As software can be found in most advanced technology and not all software is good it is important to have knowledge of forensic analysis of software. This course provides the processes and strategies of analyzing software in a forensically sound way. The course includes various aspects of examining hostile or adverse software that are of interest in forensic investigations.

CNIT 58100 CFM/EMF Cyber Forensics of Mobile and Embedded Devices Consumer technologies are rapidly moving forward with items integrating processing, storage, and transmission into their base functionality. The enterprise issues with bring your own device has rapidly expanded requirements on forensics investigators to address a plethora of mobile device types. Whether it is the automobile black box or a home thermostat there are various elements of interesting evidence possible to be gained. As a simplistic example the wireless home thermostat tracks when there is activity in a house. The forensic possibilities of being able to attribute presence via the thermostat or geo-location by a cellphone are of interest to forensics investigators. This is a classic example of a device as a witness. The embedded and consumer device pantheon is developing as an important area of forensic science.

CNIT 58100 CFF Cyber forensics of file systems  The plethora of strategies to store information in different formats continues to expand. This course examines the various media and strategies of storing information and the processes of documenting the collection, imaging, and processing of forensic evidence. Topics include file formats, file systems, hardware, and software involved in forensic investigation. The overall pattern of forensic evidence in file systems will be examine along with the acquisition, analysis, and reporting of evidence artifacts found in file systems.

CNIT 58100 CFC Cyber forensics of cloud and virtual environments There are various architectures of virtual and cloud technology environments placing different emphasis on storage, transmission, and processing of information. The student will develop skills and abilities in evaluating the patterns of evidence within this domain. This course examines the identification and acquisition of digital evidence, residing on hosts or in transmission between hosts, from different network topologies, and protocols. This course will also examine the techniques or processes by which information can be hidden, exposed, examined, and processed in a forensics manner. The fundamental principles of forensics are applied to virtual operating environment and networks.

CNIT 58100 CFT Cyber conflict and transnational cyber crime This course will examine the spectrum of conflict from crime through cyber warfare. Specific case studies of transnational cyber crime and organizations engaged in such activities along with cyber conflict at the nation state level will be detailed in depth. Students should expect an examination of the effects and outcomes of cyber conflict and how society reacts. This course will engage in a maturing dialog of what the role of government, industry and citizens are in a newly defined trans national domain.

Graduate Courses taught in iCollege/IRMC at National Defense University

Information Assurance and Critical Infrastructure Protection (6203) This course provides a comprehensive overview of information assurance and critical information infrastructure protection. Information assurance of information assets and protection of the information component of critical national infrastructures essential to national security are explored. The focus is at the public policy and strategic management level, providing a foundation for analyzing the information security component of information systems and critical infrastructures. Laws, national strategies and public policies, and strengths and weaknesses of various approaches are examined for assuring the confidentiality, integrity, and availability of critical information assets.

Enterprise Information Security and Risk Management (6206)  Course Manager This course explores three themes, based on the Certified Information Security Manager® (CISM®), critical to enterprise information and cyber security management areas: information security risk management, information security/assurance governance, and information security/assurance program management. Examining the concepts and trends in the practice of risk management, the course analyzes their applicability to the protection of information. Information security/assurance governance is illuminated by exploring oversight, legislation, and guidance that influence federal government information security/assurance. The course explores the challenges of implementing risk management and governance through enterprise security/ assurance program management. This includes enterprise information and cyber security strategies, policies, standards, controls, measures (security assessment/metrics), incident response, resource allocation, workforce is- sues, ethics, roles, and organizational structure.

Information Operations and National Security in the Information Age (6207) Prerequisite: Secret Clearance is required This course examines the essential paradigms and concepts of Information Operations (IO), Information Assurance (IA), and Strategic Communication (SC). It explores the technological revolution and the information component of national power, and examines that component in the National Security Strategy in light of the nature of the interconnected age; existing national policy; organizational transformation; and equities involved in IO, IA, and SC and information as a strategic environment. The course concludes by exploring the new paradigm of national security in the Information Age and the need for an information strategy to support the National Security Strategy.

Information, Warfare, and Military Strategy (6202) Prerequisite: Secret Clearance is required. This course examines key considerations for the planning and conduct of information operations at the theater and strategic levels. The course emphasizes inter-agency and international considerations in the planning and conduct of Information Operations (IO). Students examine selected non-U.S. approaches to the strategies for and uses of the full spectrum of information operations by current and potential global competitors and adversaries. They examine strategic legal implications and considerations and the use/misuse of IO strategies against an adaptive adversary. The course concludes with a snapshot of current U.S. military IO strategies.

Cyber Security for Information Leaders (6201) This course explores concepts and practices of defending the modern net-centric computer and communications environment. The course covers the 10 domains of the Certified Information System Security Professional (CISSP®) Common Body of Knowledge (CBK®). It covers a wide range of technical issues and current topics including basics of network security; threats, vulnerabilities, and risks; network vulnerability assessment; firewalls and intrusion detection; transmission security and TEMPEST; operating system security; web security; encryption and key management; physical and personnel security; incident handling and forensics; authentication, access control, and biometrics; wireless security; virtual/3D Worlds; and emerging net- work security technologies such as radio frequency identification (RFID) and supervisory control and data acquisition (SCADA) security. The course also defines the role of all personnel in promoting security awareness.

Terrorism and Crime in Cyberspace (6215) This course explores the nature of conflict in the cyber realm by focusing on two major Internet-based threats to U.S. national security: cyber terrorism and cyber crime. The course examines who is undertaking these cyber activities, what techniques they use, and what countermeasures can be adopted to mitigate their impact. The course provides a risk management framework to help information leaders leverage the benefits of Internet technologies while minimizing the risks that such technologies pose to their organizations.

 

Undergraduate courses taught at Purdue University Calumet

ITS 135 Operating Systems Technologies: This course covers operating systems concepts, applications, administrative activities, installation, customization, maintenance, security, and other topics.

ITS 170 Networking Technologies: This course covers routing and switching, physical layer, foundations of networking, security, application considerations, network management, and other topics.

ITS 200 Ethical and Legal Issues of IT: This course covers professional communications, social context of computing, teamwork concepts and issues, intellectual properties, legal issues in computing, organization context, professional and ethical issues, responsibilities, privacy and civil liberties, and other topics.

ITS 250 Fundamentals of Information Assurance: (Prerequisite ITS 170 and ITS 135) This course covers security mechanisms, fundamental aspects, operational issues, policy, attacks, security domains, forensics, information states, security services, threat analysis, vulnerabilities, and other topics.

ITS 350 Systems Assurance: (Prerequisite ITS 250) This course covers the implementation of systems assurance with computing systems. Topics include confidentiality, integrity, authentication, non-repudiation, intrusion detection, physical security, and encryption.  Extensive laboratory exercises are assigned.

ITS 352 Disaster recovery and planning: (Prerequisite ITS 350) This course covers risk management and business continuity. Topics include disaster recovery strategies, mitigation strategies, risk analysis, and development of contingency plans for unexpected outages and component failures.  Extensive laboratory exercises are assigned.

ITS 354 Information Assurance Risk Assessment: (Prerequisite ITS 350) This course covers industry and government requirements and guidelines for information assurance and auditing of computing systems. Topics include risk assessment and implementation of standardized requirements and guidelines.

ITS 356 Securing Wireless Systems: (Prerequisite ITS 250) This course covers the implementation of secure wireless systems and computing systems. Topics, intrusion detection, physical security, communications security, and encryption with wireless systems.  Extensive laboratory exercises are assigned.

ITS 372 System Administration and Management: (Prerequisite ITS 330) This course covers system performance analysis, benchmarking, acceptance testing, security strategies, file systems analysis, auditing, server roles, and best practices.  Extensive laboratory exercises are assigned.

ITS 430 Systems Programming: (Prerequisite ITS 340) This course covers multiple platform scripting tools and script development for customization of systems features, batch operations, and automated system management.  Extensive laboratory exercises are assigned.

ITS 450 Software Assurance: (Prerequisite ITS 352) This course covers defensive programming techniques, bounds analysis, error handling, advanced testing techniques, detailed code auditing, and software specification in a trusted assured environment.   Extensive laboratory exercises are assigned.

ITS 454 Assured Systems Design and Implementation: (Pattern 2 hours lecture, 2 hours lab, 3 hours credit)(Prerequisite ITS 450 and ITS 452) This course covers the design and implementation of assured systems in an enterprise environment. Topics include hardening of operating systems, choice of platforms, design criteria within the assured systems domain.  Extensive laboratory exercises are assigned.

ITS 470 Large Scale High Performance Systems: (Prerequisite ITS 370 and ITS 372) This course covers topics in grid computing, managing computing clusters, distributed processing environments, storage area networks, and large computing environments.

ITS 479 Topics in Networking: (Prerequisite ITS 470) This course covers special topics and emerging technologies in networking.

ITS 480 Project Development and Management: (Prerequisite ITS 350 or ITS 360 or (ITS 370 and ITS 372)) This course covers the planning, design, selection, and project management of information technology systems. The course contains the development of requirements, configuration of hardware and software, management of the procurement and implementation process, performance requirements, contract negotiations, and legal issues within a comprehensive project.

ITS 490 Senior Project/Undergraduate Research: (Co requisite ITS 459, or ITS 469, or ITS 479) This capstone course brings together the different domains of Information Technology. The course contains topics of distributed application development, networking, information assurance and security that integrate around an unconstrained problem of substantial complexity with an undefined solution and the implementation of the design solution

Graduate courses taught at Purdue University Calumet

OLS 590A/B Foundation in Homeland Security Studies (With Dr. Dean Larson): Course will use an interdisciplinary approach to address the fundamental issues related to preventing, mitigating, preparing for, responding to, and recovering from major catastrophic events, both intentional and unintentional, that threaten the security and well-being of private and public sector resources and infrastructures. Contents will explore the characteristics of security and how personal and corporate perspectives of security vary; identification of assets and assessing cost/benefits of protecting them; conducting risk assessment and risk management; crisis decision making; current emergency management resources and response infrastructures; best practices in emergency management and risk and crisis communication; business continuity; and the importance of a collaborative response through application of team building skills. Real world case studies will be examined including the 9-11 attacks and Hurricane Katrina. Invited presentations by external experts in the field of homeland security will be included and career opportunities in the field discussed.

TECH 581E Computer Information Technology Security Topics: This course covers a variety of information security and security topics in general.

TECH 581N Information Security Management: This seminar course will address current issues in trust in information systems intra-organizationally, inter-organizationally, nationally, and internationally. Topics include: industries affected, security management, risk assessment models, standards and regulations, information security policy, and select topics in operations security. Information security is a ubiquitous issue; it cuts across all industry sectors (critical infrastructures such as finance, transportation, utilities, energy, and telecommunication; manufacturing, service, etc), it cuts across several different job functions (executives and managers, IT, accounting, audit, users, etc.) and disciplines (computer science, law, computer engineering, management, economics, sociology, psychology, accounting, etc.) within those various sectors, and across borders.

Tech 581M Distributed Computer Forensics: Distributed computer forensics is a poorly defined area of the computer forensics discipline. This course is an examination of the various technologies described as distributed computer forensics.

TECH 581T Networking Security: Advanced conceptual and technological aspects of network security for voice and data networks.

Tech 581W Computer Network Operations: Computer network operations is the description of various activities including auditing and actively evaluating network security. It spans the areas of computer network attack, computer network exploitation, and computer network sabotage. This course will examine the relevant tools, techniques, skills, methods, ethics, and associated principles of computer network operations from a red teaming perspective. This course has a laboratory component.

Tech 581-07 Computer Forensics: This course covers the techniques used in the forensic analysis of computerized systems for gathering evidence to detail how a system has been exploited or used. Extensive laboratory exercises are assigned.