Interview with Security Gurus Sean Smith and John Marchesini

This is the next blog in the continuing series of interviews with top-echelon and renowned professionals. In this blog, I interview Sean W. Smith and John Marchesini, World Renowned International Authorities/Authors in Security.

Enjoy!
Stephen Ibaraki, FCIPS, I.S.P., MVP

Interview:

• Background
• Key lessons and tips from their book
• Thoughts on industry trends
• Key lessons from their own experiences
• Challenges and stories
• Top recommended resources

About Sean W. Smith

Professor Sean Smith has been working in information security - attacks and defenses, for industry and government - since before there was a Web. As a post-doc and staff member at Los Alamos National Laboratory, he performed security reviews, designs, analyses, and briefings for a wide variety of public-sector clients; at IBM T.J. Watson Research Center, he designed the security architecture for (and helped code and test) the IBM 4758 secure coprocessor, and then led the formal modeling and verification work that earned it the world's first FIPS 140-1 Level 4 security validation. In July 2000, Sean left IBM for Dartmouth, since he was convinced that the academic education and research environment is a better venue for changing the world. His current work, as PI of the Dartmouth PKI/Trust Lab, investigates how to build trustworthy systems in the real world. Sean was educated at Princeton (A.B., Math) and CMU (M.S., Ph.D., Computer Science), and is a member of Phi Beta Kappa and Sigma Xi.

About John Marchesini

Dr. John Marchesini received a B.S. in Computer Science from the University of Houston in 1999 and, after spending some time developing security software for BindView, headed to Dartmouth to pursue a Ph.D. There, he worked under Professor Sean Smith in the PKI/Trust lab designing, building, and breaking systems. John received his Ph.D. in Computer Science from Dartmouth in 2005 and returned to BindView, this time working in BindView's RAZOR security research group. He conducted numerous application penetration tests and worked closely with architects and developers to design and build secure systems. In 2006, BindView was acquired by Symantec and he became a member of Symantec's Product Security Group, where his role remained largely unchanged. John recently left Symantec and is now the Principal Security Architect at EminentWare LLC.

Comments

• Anonymous
  May 15, 2008
  Good data here. Are they speaking at conferences?

• Anonymous
  May 19, 2008
  Great information and very interesting... so how can we get some more of this data out broader?

• Anonymous
  May 28, 2008
  Good questions. I have sent your questions to Sean and John and their publisher and pinged them about speaking at the Sector conference. Thank you, Stephen