Peter Stephenson, CPE, CISSP, CISM, FICAF, is the Director of Research for QinetiQ Trusted Information Management and a writer, consultant and lecturer in information protection for large-scale computer networks. He has lectured extensively on network planning, implementation, technology and security and has written or co-authored 14 books (including foreign language translations) and several hundred articles in major national and international trade publications. He has lectured and delivered consulting engagements in eleven countries plus the United States.
Mr. Stephenson began his information security career as a U. S. Navy cryptographer in 1965, and has worked with computer and network communications and security since the early 1970s. He was the director of technology for the global security practice of Netigy Corporation and was the Managing Partner for the Intrusion Management & Forensics Group, LLC, a specialized security technology consulting firm, prior to joining QinetiQ Trusted Information Management as director of research, the position he now holds. Prior to joining Netigy, Mr. Stephenson operated his own information security consulting practice for over 15 years.
He is the developer of the Intrusion Management model, an operational model for information protection, as well as structured methods for vulnerability assessment, and standards-based security architecture requirements engineering. He developed the end-to-end approach to digital incident investigation and the Digital Forensics Process Language (DFPL). Mr. Stephenson holds a BSEE and currently is a PhD candidate (degree expected summer 2003) at Oxford-Brookes University in Oxford, UK where his research involves structured investigation of information security incidents in complex computing environments. Mr. Stephenson is an adjunct professor in the Master of Science in Information Assurance program at Norwich University and an adjunct instructor in information security at Walsh College. He currently is designing a graduate level digital forensics program for Walsh.
He is a member of the ISSA, an associate member of the Association of Certified Fraud Examiners, and holds the professional designations Certified Professional Engineer (CPE), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) and is a Fellow of the Institute for Communications, Arbitration and Forensics in the UK (FICAF).
Implementing Internet Security: Survey Your Own Security Requirements, Risks, and Advantages