Expert Options
he following security experts served on the panel convened by and the CIO Institute to discuss what agencies should do to protect their data and systems from intrusions:
Government Executive
Government Executive- Jeff Johnson, national operations
director, Internet Security Systems Inc. ISS is the acknowledged leader in vulnerability analysis and a rising star in real-time intrusion detection. Its tools are used by the majority of federal organizations that test for vulnerabilities from networks. - Robert Kane, president of Intrusion Detection, now a division of Security Dynamics. Kane's real-time Security Monitor was recently chosen by the State Department's Bureau of Consular Affairs to monitor network traffic into State Department facilities around the world, and the Kane Security Monitor is one of the most widely used vulnerability analysis tools for Windows NT Systems.
- Stephen Northcutt, senior security analyst, Naval Surface Warfare Center, Dahlgren, Va. Northcutt's team operates the most effective intrusion-detection and analysis capability in the government, as measured by the number of new intrusion signatures found. He also led the effort that developed the only public-domain intrusion-detection capability, available at www.nswc.navy.mil/ISSEC/CID.
- Paul Proctor, chief technical officer of Centrax. Centrax is a new entrant in the intrusion-detection market offering comprehensive tools for Windows NT environments.
- Eugene Schultz, trusted adviser, Global Integrity Solutions, Science Applications International Corp. SAIC has one of the most respected independent vulnerability testing organizations in the United States.
- Kurt Zeigler, chief technical officer of AbirNet, now a division of Memco. AbirNet's real-time intrusion-detection product is popular for monitoring smaller networks because of its low cost, ease of use and ability to look for viruses and malicious Java code as well as more traditional attack signatures.