Our Experience
Four individuals who
managed information security operations and implemented key information security
programs at a Fortune 15
Company founded CyberEnsure in January 2004.
Collectively
the four principals of the firm have over 40 years of
Information
Security experience and over 100 years of experience in IT-related
fields. This includes:
- Planning,
deploying, and operating of one of the largest corporate
Information Security Programs in the country
- Practical
knowledge in all aspects of Information Security
-
Network Security (firewalls, remote access, penetration
testing, IDS)
-
Host Security & Access Control
-
Virus and Malware Protection
-
Creation of Policy and Practices
-
Computer Intrusion Response & Vulnerability Management
-
ISO 9000 implementation
- A
proven track record
-
Institution of “defense in depth” virus
protection and patch management programs in large telecommunications
firm
-
Successful dial-in modem compliance program
-
Facilitation of Senior Executive Steering Committee
- Certifications
-
Partners are Certified Information Security Managers
-
Team members have CISSP and MCSE certifications
Principals:
Tom
Scurrah
Ken Brophy
Harry Zwiselsberger
Byron Stump
Tom
Scurrah, Managing Director
Tom
has over 30 years experience in information technology operations,
development, and information security. As Executive Director,
Tom managed the desk-side services and information security
organizations for the IT organization in Verizon’s Domestic
Telecom group, the single largest component of Verizon Communications.
Tom created and conducted quarterly meetings of the Verizon
Executive Security Council, the information security governance
body for the corporation. As co-chair of the Information Security
Council, a team of security professionals representing all
of Verizon’s business units, Tom help construct the 2002-2003
Verizon Information Security Plan. Consisting of four key
strategies and 17 programs, the plan increased perimeter protections,
eliminated unsecured modems, expedited the application of
security patches, and increased the number of third-party
penetration tests.
Prior
to joining Verizon, Tom was founder and president of The Ennismore
Company, a firm which combined information technology and
quality management disciplines. The firm specialized in developing
performance, productivity, and customer satisfaction metrics
for the IT function of Fortune 500 companies.
Tom
has presented to a number of organizations, including the
American Society for Quality Control, the Data Processing
Managers’ Association, and the International Quality
and Productivity Center. Tom has also published articles on
computing effectiveness for Information Week and has authored
a chapter entitled “Strategic Planning for Information
Systems” in R.L. Nolan’s Managing The Data Resource.
Tom
is a Certified Information Security Manager (CISM). He holds
a BA from Amherst College and a Master of Science degree in
management from M.I.T.
Back
To Top
Ken
has an extensive background in Information Security. Before
helping to form CyberEnsure, LLC, he was the Director of Information
and Network Security (INS) for Verizon Communications, and
its predecessor – Bell Atlantic. In that capacity, Ken
was accountable for managing all aspects of the Verizon’s
IT Information Security programs including network security
(firewalls, intrusion detection, remote access), host security
(ACF2/RACF); virus and malicious software protection; and
vulnerability management (wardialing, vulnerability scanning).
His staff consisted of 70 managers and security specialists.
Ken’s ability to successfully manage InfoSec functions
and staff was based on hands-on experience. He had previously
spent several years as a senior programmer/analyst providing
mainframe security software support for a CA-ACF2 environment
that spanned several dozen mainframes in multiple datacenters.
He has experience with incident response methodologies, security
policy/practices, and contingency planning.
Immediately before becoming the director of INS, Ken had been
the manager of its critical “Network Security” component.
In that capacity, he oversaw the initial deployment of firewall
technology at Bell Atlantic.
Ken
has presented at both the TheTraining Co.’s Techno-Security
Conference and Computer Associates’ CA World
conference. He has participated in Infraguard, Information
Security Forum (ISF), and Bellcore symposiums.
Ken
is a Certified Information Security Manager (CISM). He holds
a BS in Business Administration from Columbia Union, and a
Master of Science degree in Information & Telecommunications
Systems from Johns Hopkins University.
Back
To Top
Harry
co-founded CyberEnsure, LLC after 22 years in IT, the last
13 of which were in Information Security.
Most
recently, Harry was a Senior Manager in Verizon’s (formerly
known as Bell Atlantic) IT security organization, with responsibilities
in areas including firewall support, secure e-mail delivery,
intrusion detection(IDS) deployment and management, CIRT response
team, network security reviews, and compliance monitoring
for international outsourcing. Prior to that, through most
of the 90’s, he was manager of the organization directly
responsible for Verizon’s mainframe security infrastructure.
Harry
was directly involved in the creation of Verizon’s network
security architecture. He represented Verizon on various committees
working on integration of large disparate networks.
Harry’s
background for this work was 15 years of solid IT experience,
first as an Cobol Programmer, in which capacity he got his
first InfoSec experience by being on the team that selected
and implemented the first large scale general purpose access
control system (CA-ACF2) for New Jersey Bell, one of Verizon’s
predecessors. In addition, Harry was instrumental in developing
the first security policy for the then named New Jersey Bell
and worked to develop the support infrastructure required
to manage the CA-ACF2 product effectively from an administrative
perspective.
Harry holds a CISM certification and
has participated in a variety of industry forums. He has presented
at the Computer Associate’s annual international conference
on 5 different occasions, and was an active member and participant
on the East Coast – ACF2 User group.
Back
To Top
Byron
co-founded CyberEnsure, LLC after 30 years in IT, the last
13 of which were in Information Security.
Most
recently, Byron was a Senior Security Consultant in Verizon’s
IT security organization, with responsibilities in areas including
security policies, application controls, risk assessment,
and issue analysis. Prior to that, through most of the 90’s,
he was manager of various computer security groups, the names
and scope of which evolved along with the growing field.
Byron
was directly involved in the creation of three generations
of InfoSec policies for Bell Atlantic and Verizon, and authored
or contributed to a number of supporting practices and methodologies.
From 1990 to 1997, he represented Bell Atlantic in the TSARS
organization, a collaborative group formed at ATT’s divestiture
to further the cause of information and network security among
the new Regional Bell Operating companies.
Byron’s
background prior to this included 17 years of other IT experience,
first as an MVT/MVS Systems Programmer, in which capacity
he got his initial InfoSec experience by being on the team
that selected and implemented the first large scale general
purpose access control system (CA-ACF2) for New Jersey Bell;
and later as manager of tech-support groups in areas such
as MVS Performance & Tuning, Capacity Planning, and Artificial
Intelligence.
He
participated in a variety of industry forums and symposia
as speaker, panelist, and organizer. He has presented at FOSE,
and either presented or chaired technical tracks at the annual
Bellcore/RBOC Computer, Network & Information Security
Symposiums. Byron Co-Chaired the symposium hosted by Bell
Atlantic in 1996 in Baltimore’s Inner Harbor.
Byron
holds CISSP, MCSE(NT) and CISM certifications, along with
a BS in Math from Bucknell University and a Master of Science
degree in Computer Science from the New Jersey Institute of
Technology. He was a member of the inaugural (1986-87) class
of Bellcore’s prestigious year-in-residence Technical
Internship Program (TIPB), and in 1995 was awarded the title
Distinguished Member of Technical Staff. Byron is a
member of HTCIA, ISACA and ACM.
Back
To Top
