M. E. Kabay, PhD, CISSP-ISSMP
CTO & MSIA Program Director, School of Graduate Studies
Associate Professor of Information Assurance, Division of Business & Management
Norwich University, Northfield, VT 05663 USA
mkabay@norwich.edu / Ph. +1.802.479.7937 / Web: http://www2.norwich.edu/mkabay

---

M. Kabay began learning assembler at age 15 and had learned FORTRAN IV G at McGill University by 1966. In 1976, he received his PhD from Dartmouth College in applied statistics and invertebrate zoology. Until 1979, he was a university professor in applied statistics. In 1979, he joined a compiler team for a new 4GL and RDBMS in the U.S., being responsible for developing the statistical syntax, writing the parser, error traps and code generation for statistical functions in the command language. Kabay joined Hewlett-Packard in 1980 and became a performance specialist, winning the Systems Engineer of the Year Award in 1982. After a few years working in a large service bureau as operations manager, he formed his own company in 1986. Kabay has specialized in consulting and training for systems performance, systems operations, and systems security. Kabay was Director of Education for the National Computer Security Association (later ICSA and then TruSecure) from 1991 to January 2000. He was Security Leader for the INFOSEC Group of AtomicTangerine, Inc. from January 2000 to June 2001 and joined the faculty at Norwich University as Associate Professor in the Department of Computer Information Systems in July 2001. In January 2002 he was appointed program director of the Master of Science in Information Assurance program in the Online Graduate Programs at Norwich < http://www3.norwich.edu/msia >. In January 2004 he also became the program director for the undergraduate Bachelor of Science in Computer Security and Information Assurance at Norwich. In January 2005 he became the Chief Technical Officer of the School of Graduate Studies.

Dr Kabay has published over 850 articles in operations management and security since 1986. He has written security columns for Computer World, Network World, Computing Canada, Secure Computing Magazine, NCSA News, Information Security Magazine and several other trade magazines. He currently writes two columns a week for Network World Security Strategies Newsletter < http://www.networkworld.com/newsletters/sec/ >. He completed a college textbook, The NCSA Guide to Enterprise Security: Protecting Information Assets, published by McGraw-Hill in April 1996. He was the technical editor of The Computer Security Handbook, 4th Edition published by Wiley in 2002 and is now working with editors Sy Bosworth and Eric Whyne on the 5th Edition due for publication in Spring 2008.

He attained the status of Certified Systems Security Professional (CISSP) in 1997 and the status of Information Systems Security Management Professional (ISSMP) in 2005. He won the Best Paper Award at the 16th National Computer Security Conference in 1993 for his submission, Social Psychology and INFOSEC: Psycho-social Factors in the Implementation of Information Security Policy. He was inducted into the ISSA Hall of Fame in December 2004.

Kabay led the International Delegation of Computer Security Experts to China organized by the Citizen Ambassador Program in April 1994. He was the Program Chair for the First and Second International Conferences on Information Warfare in Montreal in 1993 and 1995 and was the organizer of the NCSA/ICSA Symposia: Interdisciplinary Perspectives on Information Security at the National Information Systems Security Conferences. Kabay was invited to lecture several times on computer security at the U.S. Army War College and also to the chiefs of the counter-intelligence services of NATO in Germany in 1995. He was invited to a meeting of the President’s Commission on Critical Infrastructure Protection in Washington in 1997 and was invited to address INFOSEC specialists at NATO HQ in Brussels in March 2000. He serves as the program chair for the annual Graduate Security Conference at Norwich University and is a frequent speaker at professional conferences.

His special areas of research are INFOSEC policy, education and awareness; information warfare; cyberspace law; computer security incident response team management; and information assurance education.