FISSEA Logo
January 1, 2006
  
   
 

2008 - 2010 FISSEA Executive Board

Term 2007-2009 --

Susan Hansche,
Nortel/U.S. Department of State

John Ippolito,
Allied Technology Group, Inc.

Conference Chair --
Louis Numkin,
Retired IRS

Loyce Best Pailen,
University of Maryland University College

Mark Wilson,
NIST

Term 2008-2010 --

FISSEA CHAIR --
 Emma Hochgesang-Noffsinger,
HQ Air Force,CIO Support Directorate

Maria Jones,
US Department of Labor OSHA

Richard Kurak,
NASA IT

Gretchen Morris,
Wyle Information Systems/NASA IT

Prof. V. L. Narasimhan,
Western Kentucky University

Cheryl Seaman,
National Institutes of Health

 


2008 - 2010 Executive Board Biographies:

SUSAN HANSCHE, CISSP-ISSEP:

    Ms. Susan Hansche, CISSP-ISSEP, is the director of Information Assurance Training Programs for Nortel Government Solutions in Fairfax, Virginia. She has over 18 years experience in the training field and has specific expertise in designing, developing, and implementing Information Assurance training programs for Federal agencies. For the past ten years the focus of her professional experience has been with information system security and building training programs that provide organizations with the expertise necessary to protect their information technology infrastructures. An additional expertise is in the understanding of the Federal information system security laws, regulations, and guidance required of Federal agencies. She is the lead author of “The Official (ISC)2 Guide to the CISSP Exam” (2004), which is a reference for professionals in the information system security field studying for the Certified Information System Security Professional (CISSP) exam. Her second book “The Official (ISC)2 Guide to the ISSEP CBK” (2006) is a comprehensive guide to the Information Systems Security Engineering Model for designing and developing secure information systems within the federal government. Ms. Hansche has written numerous articles on information system security and training topics and has given many presentations at conferences and seminars.

EMMA HOCHGESANG-NOFFSINGER

    Ms. Emma A. Hochgesang-Noffsinger, Chief Information Officer Support Division, Information Management Directorate, Headquarters United States Air Force, the Pentagon, Washington, District of Columbia has distinguished herself in a multiple Air Force assignments. Ms Hochgesang-Noffsinger began her Air Force career in 1970 as an active duty member of the United States Air Force assigned to the Communications Squadron at March Air Force Base, Riverside CA. Ms Hochgesang-Noffsinger transitioned to the civilian workforce in 1982, moving from Contracting to Administration directorates and serving in various positions prior to selection as the Director, 78th Air Base Wing, Information Management Division. Ms. Hochgesang-Noffsinger is known and respected as innovator and leader in managing electronic information and information management systems. She accepted appointment as Director of the Air Force Records Management Program in March 2003 where she developed the first Air Force Records Management Strategic and Tactical Plans to address electronic records and expedite an overdue move of records management into the 21st Century. Cited for her technical expertise and leadership developing, integrating, and implementing information systems, she was selected to lead implementation of Records Management in the Enterprise Information Management system. Ms Hochgesang-Noffsinger is credited with shaping strategy and policy while driving standards, governance, innovation, and architectures for Air Force information systems. Her distinctive accomplishments culminate a distinguished career to her current position as Senior Policy Manager, Headquarters Air Force (HAF) Information Technology Plans and Policy, Headquarters Air Force Chief Information Office (CIO), Office of the Administrative Assistant to the Secretary of the Air Force (SAF/AA), Washington, D.C. Emma has a plethora of experience in information management/technology, strategic and tactical planning, acquisition, data management, requirements development, and logistics and a strong background in statistical and program analysis. A catalyst for transforming business processes using technology enhancements and process re-engineering, she currently manages the FISMA Program for HQ Air Force offices, serves as an information technology subject matter expert specializing in information technology, acquisition practices and procedures, policies, and plans relating to Automated Information Systems (AIS) and Clinger-Cohen Act requirements. Her position in the Headquarters Air Force Chief Information Officer Directorate, Office of the Administrative Assistant to the Secretary of the Air Force (SAF/AA), requires that she provide advice to senior leadership in the Air Force and DoD on major information technology programs with national scope, interest, and significance and critical enterprise-wide programs. She has broad experience with federal government and commercial technologies, best practices and technology trends, Agile Combat Support and Expeditionary Aerospace Force missions. Senior Advisor to the HAF CIO and liaison between Air Force and DoD leaders, she is a frequent speaker at government and industry forums on IT program management, business case development, performance management, business process improvement, architecture, standards, integration and interoperability.

JOHN IPPOLITO, CISSP:

    John Ippolito received a BS degree in Information Systems Management, University of Maryland, 1970. Mr. Ippolito has more than 35 years experience in project management and in design, implementation, and evaluation of large-scale information systems. He has worked with almost every major type of computer and operating system. His Technical experience includes in-depth knowledge of computer and communications security and risk management and risk avoidance. He is a recognized expert in the application of Federal IT security law, policies, and guidelines and has served as an expert witness. He frequently participates on government-industry IT committees and has provided support to a variety of Federal agencies over his 35-year career. He is experienced in the design and review of systems and computer facilities. Mr. Ippolito helped develop and implement FISMA-compliant IT security programs for several federal agencies including the Nuclear Regulatory Agency and the Corporation for National and Community Service. He also participated with the Forum of Federal Computer Security Managers which wrote the guidelines for development of IT security plans that ultimately became NIST Special Publication 800-18 and was a named author of NIST Special Publication 800-16. During his government service, he assisted GAO in its initial efforts to standardize the audit/review procedures for IT systems.

    Mr. Ippolito is a frequently requested speaker at government and non-government forums, presenting a variety of technical and managerial topics such as designing Internet based applications, selecting the right contract vehicle for IT services, quality assurance and configuration management approaches in client/server environments, and training needs of IT users and professionals. Mr. Ippolito was named Federal Information System Security Educator of the Year for 1997.

MARIA A. JONES

    Maria Jones is a fourth-generation native Washingtonian with seven years of federal computer security program management experience, more than fifteen years of experience in Information Technology, and more than ten years training and education experience – all in the federal sector. Since 2001, she has managed the security program of the Department of Labor’s Occupational Safety and Health Administration (OSHA). Under the title of OSHA Computer Security Point-of-Contact, she has been deeply involved in agency compliance efforts across the entire spectrum of the seventeen security control families. Key areas of focus have included, but have not been limited to, system security planning, risk assessments, privacy impact assessments, system categorization, FIPS 199 categorization, contingency planning and testing, vulnerability scans and assessments, penetration testing, certification and accreditation of 100% of the agency’s major information systems, annual computer security awareness training, and annual role-based training for employees with significant security responsibilities.

    About five years ago, she launched a pilot online role-based security training program, using what was then Transportation’s Virtual University (later renamed Office of Personnel Management’s GoLearn/Karta program). Over a two-year period, they expanded the effort to DOL-wide use. For the past four years, she has been an active participant on the DOL Computer Security Awareness Training (CSAT) Focus Group. The group designed, developed, and implemented the annual awareness training for more than fifteen thousand federal employees and contractors. For the past two years, her agency has achieved 100% completion of CSAT. Annually, she leads a variety of workshops and short courses on security topics, such as Continuous Monitoring, Security Self-Assessments, Plans of Action and Milestones (POA&Ms), and Incident Response and Reporting.

    From 1997-2000, she served as OSHA’s Y2K Coordinator, leading the effort to develop and test Business Contingency & Continuity Plans (BCCP) for all OSHA National Office business units, and all regional and area offices nationwide, providing leadership and coordination of the BCCP remote access deployment, preparing briefing materials for the Assistant Secretary, designing the OSHA Emergency Communications Center, tracking and reporting on Y2K fix efforts across agency systems, and operating the ECC with her director during the Y2K rollover period .

    As an Employee Development Specialist and Management Analyst at OSHA, she designed, developed, and delivered variety of training and support services to OSHA employees at all levels, including Senior Executives, Professionals, Mangers and supervisors, and administration, clerical and technical employees. For three years, she served as the training expert to OSHA’s Integrated Management Information System Field Support Team to design and deliver microcomputer training and support services to OSHA field offices and to State offices (over 160 offices over a three-year period). She helped with the design of a comprehensive training plan and schedule for nationwide deployment, and helped to design, develop, and present an 8-day operator’s course, a 2-day manager’s course, and a 1-day course for compliance officers. In addition, she co-authored manuals for the training courses, conducted pilot sessions in Florida, Tennessee and Georgia, and conducted on-site follow-up sessions across the country and in the Virgin Islands to solve problems related to the system, workflow, and change management.

    For several years, she has been a regular attendee of the NIST Federal Computer Security Program Manager’s Forum meetings, as well as the annual NIST 2-day offsite. Maria has been a member and “sometimes” attendee of the annual FISSEA Conference. And, for the past ten years, she served on the Executive Board of the Baptist Education Congress of D.C. and Vicinity. Each year they offer a week-long congress of multiple classes for all age groups. They usually have 1,500 – 2,000 delegates attend the classes each year.

    Maria Jones has a passion for books, schooling, and world travel. She has visited six of the seven continents, and has an eye on Antarctica to make it seven of seven. She attended five universities and colleges. Maria earned a B.A. degree from the George Washington University and an M.S. degree from Indiana State University. She is a certified Project Management Professional (PMP) who is preparing to sit for the Certified Information System Security Professional exam.

    Her interest in participating on the FISSEA Executive Board is three-fold:

    1. She would like to be a part of a FISSEA effort to help agencies and their managers and employees address the pesky problem of “significant security responsibilities”.
    2. She believes that training and education is critical not only to get the box checked for good FISMA scores, but more importantly, to change the thinking and behaviors of the masses to protect our information assets. Just applying technology will not get us to where we need to be.
    3. She believes a continued, strong federal presence on the FISSEA Executive Board is vital to the survival of its mission and to the service it is intended to render to make a difference in federal agencies.

RICHARD KURAK

    Richard is currently the Project Manager of NASA’s IT Security Awareness and Training Center (ITSATC). In this position, his team is responsible for acquiring, developing, and deploying the IT Security Training capabilities for NASA’s civil service and contractor workforce. Prior to taking on this role, he served as the Acting IT Security Manager for NASA’s Glenn Research Center. He managed the IT Security Program for NASA’s field Center in Cleveland, OH, and was responsible for the technical and programmatic IT security activities of the Glenn Research Center. This included reporting and compliance as mandated by OMB and FISMA. He has also served as the Deputy IT Security Manager. In this role, he was responsible for the Technical IT Security Program which implements and operates the firewall, IDS, incident response, and remediation aspects of IT security within the Center. Richard’s overall understanding of IT security, which has been developed over more than 20 years of service, coupled with his recent position as head of NASA’s ITSATC make him an excellent candidate to participate on the FISSEA Board.

GRETCHEN ANN MORRIS, CISSP:

    Mrs. Gretchen Ann Morris has fifteen years teaching and troubleshooting experience on a variety of software packages and hardware configurations. She has a solid and diverse background in computer software/hardware, electronics troubleshooting, training, course development, and management. Most recently, she has seven years experience with on-line course development. Training difficult concepts is her area of expertise. She has a Bachelor of Applied Science in Resource Management degree from Troy State University, and a Master of Arts degree in Biblical Counseling from Trinity Theological Seminary. She is a CISSP and earned the Master Training Specialist designation while serving as a Navy Instructor. In her current position with WYLE Information Systems as a Consultant II, she is a vital part of the NASA IT Security Awareness and Training Center team which supports over 55,000 users across the Agency.

PROF. V. L. NARASIMHAN

  • Renowned researcher and academic in security
  • Fellow of IEEE, ACS, BCS, IEAust & other professional bodies
  • Member (Technical) of ISO & ANSI
  • Editor of several journals in security and other areas
  • Involved in a number of industrial projects with large security and other organizations
  • Extensively lectures on technical and professional issues of security

LOUIS NUMKIN, CISM:

    Louis Numkin retired as an Information Technology Specialist (Security) in the FISMA Program Office of the Mission Assurance and Security Services organization of the Internal Revenue Service. As Team Lead for the Security Awareness and Training Team, his duties related to security awareness, training, education, and the like. Prior to IRS, he provided many facets of computer security for the Nuclear Regulatory Commission (as part of the team which earned the first ever FISMA "A" grade in 2003) and the General Services Administration's FTS2000 before that. Numkin's Bachelor's Degree in Business Administration and Masters Degree in Technology of Management (majored in Management Information Systems and Computer Systems) are from the American University. He has also received his Certified Information Security Manager professional certification from ISACA. Louis provides computer security awareness sessions on request from various Federal Agencies and conferences, schools (elementary through high school), senior citizen centers, and social organizations. He volunteers as a Red Cross Blood Donation Coordinator, Elections Judge, and an AARP Tax Counselor for the Elderly. Retired from the US Army Reserves as a Sergeant Major, he has also served as Worshipful Master of his Masonic Lodge, and is a National Committee Chair as well as President of Walter Reed Chapter of the National Sojourners, Inc. After editing the Federal Information Systems Security Educators' Association (FISSEA) News and Views for several years he was elected Chair of the FISSEA Exec Board in 2004, again in 2005, and was honored to receive the cherished FISSEA Educator of the Year Award for 1998.

DR. LOYCE PAILEN, DM, CISSP:

    Dr. Loyce Best Pailen is the Director for the Center for Support of Instruction (CSI) at the University of Maryland University College (UMUC). CSI is responsible for delivering rich media learning objects to the online environment and for working with faculty to assist with classroom setup, course design, and quality assurance. Previously, Dr. Pailen was the Assistant Academic Director for the Information Systems Management (IFSM) discipline responsible for the undergraduate security and Information Assurance curricula. She has experience in supporting students, faculty, and staff; developing courses, coordinating course design and implementing instructional technology with specific emphasis on, security, distance education and virtual laboratories.

    Dr. Pailen came to UMUC in 2002 after working at The Washington Post Company for over 20 years in various programming, management and directorial positions in newspaper and corporate information technology. Her duties included responsibilities for selecting and implementing hardware, software, business applications and telecommunications services and disaster recovery analysis and planning. One of Dr. Pailen’s major contributions was to implement an enterprise-wide shared services initiative resulting in leveraging the collective buying power of subsidiaries for computer technology and telecommunications service acquisitions.

    Dr. Pailen has studied at UMUC at the undergraduate and graduate levels and completed her doctoral degree as a member of the first cohort in the UMUC Doctor of Management -- Technology and Management program as an Orkand Fellow. Dr. Pailen holds several technology-related industry certifications most recently receiving her certification as a Certified Information Systems Security Professional (CISSP). Dr. Pailen has incorporated her academic and corporate backgrounds to provide valuable educational opportunities for sharing knowledge and experiences. Dr. Pailen and her husband Leroy are avid tennis players and compete regularly in various leagues and tournaments.

CHERYL SEAMAN:

    Cheryl Ann Seaman is a Captain in the United States Public Health Service. She holds a BS in Nursing from the University of Maryland, and an M.P.H from The Johns Hopkins School of Hygiene and Public Health. She is responsible for all aspects of the NIH-wide information security training program. Cheryl has developed award-wining security courses, the code of which has be requested by entities throughout the world. She also serves in other major security roles related to oversight, policy development, incident response, and other review activities of the NIH Information Security Program. Prior to joining the NIH security team in 1998, Cheryl was the NIH Privacy Act Officer. Throughout her career, she has had extensive experience as a trainer and presenter, and has always had a special interest in creating novel approaches to traditional training. During her over 28 years at NIH, she has served in a variety of management positions in clinical, research and administrative environments and understands the importance of tailoring training (practical and relevant strategies) so as to engage the intended target audience.

MARK WILSON, CISSP

    Since coming to NIST in 1992, Mark has worked on computer security program management issues, including program management reviews, vulnerability analyses and other risk management issues, and security awareness and training.

    Mark served as Editor for NIST Special Publication (SP) 800-16 - Information Technology Security Training Requirements: A Role- and Performance-Based Model - published in April 1998. He is a co-author of another NIST Special Publication (SP 800-50) - Building an Information Technology Security Awareness and Training Program - published in October 2003. He also co-authored NIST Special Publication 800-100 – Information Security Handbook: A Guide for Managers – published in October 2006. He is currently leading a team that is updating SP 800-16. He is also currently serving on the Information Systems Security Line of Business (ISS LOB) Tier 2 Role-based Training Working Group.

    Mark also serves as the NIST Liaison to the Federal Information Systems Security Educators' Association (FISSEA), has served on the FISSEA Executive Board for six years, including two years as the Assistant Chair of the Board, and is currently the Chair of the Executive Board.

    Mark came to NIST from Norfolk, Virginia where he worked for ten years in the computer security field for two U.S. Navy organizations. He earned a B.A. in political science from Old Dominion University in Norfolk in 1983. Mark is a native of New Jersey and is a U.S. Navy and Vietnam Veteran.

 

Last updated: September 2, 2008
Page created: October 27, 2006
 
 
 
Disclaimer Notice & Privacy Policy
Send comments or suggestions to FISSEA Membership
NIST is an Agency of the U.S. Commerce Department's Technology Administration