About
KRvW Associates was founded in 2003 as a small,
highly-specialized, consulting and training company. Our
principal goal is to provide our customers with the best
guidance and consulting available, by building upon our
years of experience as hands-on Information Security
practitioners.
As such, all KRvW Principal Consultants have world class
backgrounds in Information Security, having worked at many
of the most respected organizations in the world, including
Carnegie Mellon University, the United States House of
Representatives, the United States Department of Defense,
and Network Solutions. Each has demonstrated an ability to
lead and directly contribute to enterprise-level
Information Security projects, from small one-off design
efforts through some of the largest projects in the
technology world.
Biographical Sketch -- Kenneth R. van Wyk,
CSIH, Principal Consultant and Founder
Ken is a CERT® Certified Computer
Security Incident Handler, as well as an
internationally recognized information security expert
and author of the popular O'Reilly and
Associates books, Incident Response and
Secure Coding: Principles and Practices, as
well as a monthly columnist for eSecurityPlanet. Among
his numerous professional roles, Ken is a Visiting
Scientist at the Software
Engineering Institute at Carnegie Mellon
University, where he is a course instructor and
consultant to the CERT® Coordination Center.
Ken has previously held senior information security
technologist roles at Tekmark's Technology Risk Management
practice, Para-Protect Services, Inc., and Science
Applications International Corporation (SAIC). Ken was also
the Operations Chief for the U.S. Defense Information
Systems Agency's DoD-CERT incident response team, as well
as a founding employee of the CERT® Coordination Center at
Carnegie Mellon University's Software Engineering
Institute.
Ken has previously served as the Chairman and as a member
of the Steering Committee for the Forum of Incident Response and Security
Teams (FIRST), a non-profit professional
organization supporting the incident response
community. He currently sits on their Steering
Committee and Board of Directors. He holds a
mechanical engineering degree from Lehigh University
and is a frequent speaker at technical conferences,
including S3, CSI, ISF, and others FIRST.
For Ken's full resumé (in PDF format), click here. Additionally,
Ken's personal web site can be found here.
Biographical Sketch -- Richard F. Forno,
Principal Consultant
Richard Forno is an internationally-recognized security
professional whose career in information assurance centers
around security program development and management,
incident response operations, security awareness, and
emerging trends analysis. His career highlights include
helping build the first incident response and computer
crimes investigation program for the United States House of
Representatives and serving as the first Chief Security
Officer at Network Solutions, where he designed and managed
the global information assurance program for one of the
Internet's most critical infrastructures (the InterNIC). In
recent years, he has provided independent strategic
consulting services to military and commercial clients on
assorted critical infrastructure protection and information
warfare projects. He also remains an active advisory board
member at several innovative and successful technology
companies.
In 2001, Richard developed (and delivered) American
University's first modern course on information security
and conducted monthly lectures on information warfare at
the National Defense University in Washington, DC from
2001-2003. He is a founding member of the Academic Advisory
Board for Northern Virginia Community College's Information
Security Program and also participated in the 2000 White
House Office of Science and Technology Policy Information
Security Education Research Project.
Both a technologist and student of national security
studies, Richard is a frequent lecturer at assorted
government, industry, and academic symposia. Along with
several articles, he is the author of The Art of
Information Warfare (1999), Incident Response: Planning
& Management (2001), and the nonfiction Weapons of Mass
Delusion: America's Real National Emergency (2003).
Richard holds undergraduate and graduate degrees from the
American University and Salve Regina University, and is
also a graduate of Valley Forge Military College and the
United States Naval War College.
His professional affiliations include the National Military
Intelligence Association (Past President, Potomac Chapter)
and the Regional Computer Forensics Group.
For Rick's full resumé (in PDF format), click here.