About

KRvW Associates was founded in 2003 as a small, highly-specialized, consulting and training company. Our principal goal is to provide our customers with the best guidance and consulting available, by building upon our years of experience as hands-on Information Security practitioners.

As such, all KRvW Principal Consultants have world class backgrounds in Information Security, having worked at many of the most respected organizations in the world, including Carnegie Mellon University, the United States House of Representatives, the United States Department of Defense, and Network Solutions. Each has demonstrated an ability to lead and directly contribute to enterprise-level Information Security projects, from small one-off design efforts through some of the largest projects in the technology world.


Kenneth R. van Wyk, CSIH, Principal Consultant and Founder
2007-09-KRvW-portrait3
btn_viewmy_160x33


Information Technology
Expert Witness





Ken is a CERT® Certified Computer Security Incident Handler, as well as an internationally recognized information security expert and author of the popular O'Reilly and Associates books, Incident Response and Secure Coding: Principles and Practices, as well as a monthly columnist for Computerworld. Among his numerous professional roles, Ken is a Visiting Scientist at the Software Engineering Institute at Carnegie Mellon University, where he is a course instructor and consultant to the CERT® Coordination Center.

Ken has previously held senior information security technologist roles at Tekmark's Technology Risk Management practice, Para-Protect Services, Inc., and Science Applications International Corporation (SAIC). Ken was also the Operations Chief for the U.S. Defense Information Systems Agency's DoD-CERT incident response team, as well as a founding employee of the CERT® Coordination Center at Carnegie Mellon University's Software Engineering Institute.

Ken has previously served as the Chairman and as a member of the Steering Committee for the Forum of Incident Response and Security Teams (FIRST), a non-profit professional organization supporting the incident response community. He currently sits on their Steering Committee and Board of Directors. He holds a mechanical engineering degree from Lehigh University and is a frequent speaker at technical conferences, including S3, CSI, ISF, and others FIRST.

For Ken's full resumé (in PDF format), click here. Additionally, Ken's personal web site can be found here.


Richard F. Forno, Principal Consultant

Richard Forno is an internationally-recognized security professional whose career in information assurance centers around security program development and management, incident response operations, security awareness, and emerging trends analysis. His career highlights include helping build the first incident response and computer crimes investigation program for the United States House of Representatives and serving as the first Chief Security Officer at Network Solutions, where he designed and managed the global information assurance program for one of the Internet's most critical infrastructures (the InterNIC). In recent years, he has provided independent strategic consulting services to military and commercial clients on assorted critical infrastructure protection and information warfare projects. He also remains an active advisory board member at several innovative and successful technology companies.

In 2001, Richard developed (and delivered) American University's first modern course on information security and conducted monthly lectures on information warfare at the National Defense University in Washington, DC from 2001-2003. He is a founding member of the Academic Advisory Board for Northern Virginia Community College's Information Security Program and also participated in the 2000 White House Office of Science and Technology Policy Information Security Education Research Project.

Both a technologist and student of national security studies, Richard is a frequent lecturer at assorted government, industry, and academic symposia. Along with several articles, he is the author of The Art of Information Warfare (1999), Incident Response: Planning & Management (2001), and the nonfiction Weapons of Mass Delusion: America's Real National Emergency (2003).

Richard holds undergraduate and graduate degrees from the American University and Salve Regina University, and is also a graduate of Valley Forge Military College and the United States Naval War College.

His professional affiliations include the National Military Intelligence Association (Past President, Potomac Chapter) and the Regional Computer Forensics Group.

For Rick's full resumé (in PDF format), click here.


Sean Eidemiller, Principal Consultant

Sean is an experienced software engineer and former security consultant in the Washington, DC area. He holds a degree in computer science from Millersville University in Pennsylvania. Sean is currently working for Eloqua at their corporate headquarters in Vienna, VA (USA), where he and a team of developers are rebuilding the company's flagship SaaS product on the cutting-edge SproutCore framework.

Previously, Sean was a software security consultant at Cigital, Inc. There, he was the primary developer on a contract to build a credit card encryption engine for Marriott International. The software that Sean wrote is currently running in production at Marriott hotels all over the world.

Sean has extensive experience in many modern programming languages (Java, JavaScript, Ruby, Objective-C, C#) and software security best practices.

For Sean’s full resumé (in PDF format), click here.