| |
 |
|
|
|
Imrey, Lee
FINCA International
Washington, District of Columbia
|
|
|
 |
|
|
| |
| | Lee Imrey is a technology executive specializing in information security and privacy. He began work as a programmer on government contracts while in high school 30 years ago. He has focused exclusively on information security and privacy for the last 18 years. He is currently head of Information Security, Business Continuity and Disaster Recovery for a leading microfinance company, serving 1.7 million clients on five continents, managing nearly $1B in loans and savings. He develops strategy and manages execution of a global security program, while helping subsidiaries in 22 countries maintain compliance with local information security and privacy regulations. He is active in the information security community, having served as Chair of the ISSA (Information Systems Security Association) International Committee on Professional Ethics, Chair of the I-4 (International Information Integrity Institute) Membership Advisory Board, and in industry groups including the (ISC)2 Government Advisory Board and the ASIS IT Security Council. He has been recognized for several industry certifications, including CISSP (Certified Information Systems Security Professional), CIPP (Certified Information Privacy Professional), CISA (Certified Information Systems Auditor), and CPP (Certified Protection Professional). Prior to his work in the financial sector, he was chief information security officer (CISO) for AIM Healthcare; information security officer for UnitedHealth Group (UHG), a Fortune 15 company; information security architect for the United States Department of Justice; and information security specialist for (ISC)2. In these roles, he has developed and documented strategies, policies, and standards; managed strategic, tactical, and technical programs; developed and delivered technical and business training; and served as a subject-matter expert on information security. Before he began teaching information security, he worked in IS/IT and information security for telecommunications, retail, and consulting organizations. He studied computer science at Carnegie Mellon, and earned his MBA at the University of Chicago Booth School of Business. He joined ACM in 1999, and has been writing reviews for Computing Reviews since 2002. |
| |
| |
|
Date Reviewed |
|
| |
1 - 10 of 11
reviews
|
|
|
|
|
|
|
|
 Network reconnaissance, attack, and defense laboratories for an introductory cyber-security course
Greenlaw R., Phillips A., Schultz J., Stahl D., Standard S. ACMSE 2013 (Proceedings of the 51st ACM Southeast Conference, Savannah, GA, Apr 4-6, 2013) 1-6, 2013. Type: Proceedings
Anyone setting up a hands-on cybersecurity training course should read this paper. Greenlaw and associates describe a clear set of learning objectives, and the steps they took. While there are several components missing from their desc...
|
Nov 3 2014 |
|
|
|
|
|
|
The economics of information security and privacy
Böhme R., Springer Publishing Company, Incorporated, New York, NY, 2013. 315 pp. Type: Book (978-3-642394-97-3)
Information security and privacy are political hot buttons, and more so as we become, personally and as a society, increasingly dependent on IT. From Heartland Payment Systems to Target to community health services, barely a day goes b...
|
Sep 26 2014 |
|
|
|
|
|
|
Firewall placement in cloud data centers
Lee S., Purohit M., Saha B. SOCC 2013 (Proceedings of the 4th Annual Symposium on Cloud Computing, Santa Clara, CA, Oct 1-3, 2013) 1-2, 2013. Type: Proceedings
This paper addresses the question of how many firewalls are required to secure data flows between an arbitrary number of virtual machines in a data center. While the problem is both relevant and timely, the paper fails to conclusively ...
|
Jul 21 2014 |
|
|
|
|
|
|
Open source centric information security lab development
Crowley E. Information technology education (Proceedings of the 6th Conference on Information Technology Education, Newark, NJ, Oct 20-22, 2005) 57-63, 2005. Type: Proceedings
This paper discusses how new technologies can be used in a training lab for the field of information security, and how the lab can facilitate learning in the learning modes described in Kolb’s experiential learning model (con...
|
Jun 29 2006 |
|
|
|
|
|
|
Automatically detecting deceptive criminal identities
Wang G., Chen H. (ed), Atabakhsh H. Communications of the ACM 47(3): 70-76, 2004. Type: Article, Reviews: (2 of 2)
Wang, Chen, and Atabakhsh suggest an algorithmic approach to revealing criminals’ use of deceptive identities, through analysis of the intentional discrepancies in personal data (name, address, social security number, and so ...
|
Dec 16 2004 |
|
|
|
|
|
|
Fighting the spam wars: a remailer approach with restrictive aliasing
Gburzynski P., Maitan J. ACM Transactions on Internet Technology 4(1): 1-30, 2004. Type: Article
Gburzynski and Maitan set out to provide an economical solution to the growing problem of spam, or unsolicited commercial email, on the Internet. Their intent is to design a solution that works within the constraints of the current sim...
|
Nov 15 2004 |
|
|
|
|
|
|
Disaster recovery planning: preparing for the unthinkable (3rd ed)
Toigo J., Prentice Hall Professional Technical Reference, 2002. 512 pp. Type: Book (9780130462824), Reviews: (2 of 2)
is perhaps a misnomer. This book encompasses the whole of business continuity planning, a broader field addressing the maintenance, and if necessary, resumption of business processes for an enterprise, prioritized by the criticality of...
|
Nov 25 2003 |
|
|
|
|
|
|
The code book: the science of secrecy from ancient Egypt to quantum cryptography
Singh S., Delacorte Press, New York, NY, 2003. 263 pp. Type: Book (9780385495325)
This is a superb text. It is both comprehensive and accessible, which is an infrequent combination. It introduces the reader to cryptography and cryptanalysis, subsets of the broader field of cryptology, which might be loosely referred...
|
Oct 23 2003 |
|
|
|
|
|
|
Cyberlaw: text and cases (2nd ed.)
Ferrera G., William ., Lichtenstein S., Reder M., South-Western Thomson Learning, 2000. 464 pp. Type: Book (9780324012972)
Technologists are not part of the target audience of this book, and neither are law students, strangely enough. It was developed as a course book for the business professional, as an introduction to the critical concepts of both domest...
|
Sep 3 2003 |
|
|
|
|
|
|
The economics of information security investment
Gordon L., Loeb M. ACM Transactions on Information and System Security 5(4): 438-457, 2002. Type: Article, Reviews: (2 of 3)
Gordon and Loeb’s paper is well timed. As businesses suffer from the economic uncertainties of the 21st century, management is looking for ways to contain costs while continuing to meet fiduciary responsibilities. This requi...
|
Mar 4 2003 |
|
|
|
|
|
| |
|
|
| |
|
|
