Stephen Cobb, CISSP

Professionally speaking, I'm a technology evangelist with subject matter expertise in information security, data privacy, email, online marketing, and publishing.

Career Details

As someone who has experienced being recruited by an employer that found me via LinkedIn, I always point people to my profile on LinkedIn whenever I am asked for a quick snapshot of my career. 

What I'm Working on These Days

I work for ESET, a global Internet security company focused on antivirus. I am based in San Diego where the company has its North America headquarters. My title is Security Evangelist which means, among other things, I do a lot of work on the ESET Threat Blog.

I do some traveling to represent ESET at conferences and other events, but most of the time you will find me in Little Italy, where I live with my partner, Chey Cobb, author of Network Security for Dummies and a former Technical Security Officer for the National Reconnaissance Office, one of America's largest and most secretive intelligence agencies. Chey and I worked together to create much of the curriculum for the Master of Science in Information Assurance program at Norwich University, Vermont, an NSA-designated Center of Excellence in Information Assurance Education.

Over the years I've been a 'serial entrepreneur' with a track record of successful business development in several sectors. My main focus has been maximizing the benefits of information technology to businesses, governments and communities, through innovation and the reduction of IT-related fraud and risk. I've been an active participant in, and founder of, a number of successful startups. For example, I helped create email authentication technology that was beta-tested by Microsoft in 2002 and anti-spam technology that bought by Symantec in 2004 and is now widely deployed in Symantec enterprise network security appliances. 

In the last ten years I have worked on several different projects. Along with Mike Cobb, Pete Hayes of Quadrant, and Michael Miora of ContingenZ, I did an information security strategy review for one of largest companies in Europe. I also produced an independent documentary by director Jeremy Dean which was nominated for the NAACP Image Award for best documentary film of 2009 (now available online at Amazon). And I worked on IMCD, the innovative business backup program developed by Michael Miora and Mike Cobb which should be coming to your local office supply store soon.

Prior to that I served as Chief Security Executive for a leading provider of wired and wireless broadband to hotels and conferences that was named as the third fastest-growing technology company in North America on the 2004 Deloitte Technology Fast 500 list (iBAHN/STSN). Also, I am an Adjunct Professor of Information Assurance at Norwich and a few years ago created a graduate course on Business Continuity Management in partnership with noted incident management expert, Michael Miora.

From 1995 to 1997, I served as Director of Special Projects for the National Computer Security Association where I was involved in advancing the testing and certification of anti-virus and firewall products (NCSA later became ICSA Labs and TruSecure). While at NCSA, I played a key role in the widespread adoption and advancement of firewall technology, producing the widely-distributed NCSA Firewall Policy Guide and the NCSA Firewall Buyer's Guide.

In 1997, I co-founded InfoSec Labs, an information security consultancy, with Michael Miora, David Brussin, and Vincent Schiavone. InfoSec Labs was acquired in 1999 by Rainbow Technologies (now Safenet).

In 2001, I co-founded ePrivacy Group where I helped develop ground-breaking email technology such as Trusted Sender and SpamSquelcher, the world's first anti-spam router (which later became the TurnTide Anti-spam Router acquired by Symantec and incorporated into its email security appliances). I was also lead author of the widely read Trusted Email Open Standard white paper, which was downloaded over 20,000 times in its first few months of publication.

I'm a semi-regular contributor to industry publications and often speak at or chair conferences around the world. I've been interviewed and quoted by print and broadcast media in the US, the UK, Denmark, Iceland, Malaysia, Australia, and Hong Kong, including the Wall Street Journal and BBC News.

Education

McMaster University, Graduate Teaching Assistant, Hamilton, Ontario.
University of Leeds, U.K. BA, Double Honours, First.
King Henry VIII School, Coventry, U.K. School prize in English.

Blogs I'm Writing These Days

• Scobb’s Security Blog: This was my first blog, I started it in June of 2005 as “Scobb’s Blog” but changed the name as my posts focused on information security more than anything else. It was named a 2006 “Blog of Note!” which makes me an award-winning blogger.
• The Dare Not Walk Alone Blog: Created to support the movie. The movie won an award. That makes me an award winning producer.
• Cobb on the Road: This is where I post stuff about travel and mechanical travel-enabling devices.
• The Rural Broadband Blog: Written to try and spread awareness of the plight of rural Americans who lack free and open access to affordable broadband that many of their city-dwelling cousins take for granted.
• Cobb on Arts and Entertainment: Posts about things I see, hear, and read that are worth mentioning.
• Monetate Marketing Optimization Blog: Written to educate the market for software that can test and target website content, without IT, supported by a great product: Monetate. Wrote an average of one blog per week for three years.
• Celtic Curse Hemochromatosis Blog: An effort to raise awareness of hemochromatosis, the most common genetic killer in America, about which most American doctors know diddly.

• Need to add dates from 2004 through 2007.
• Third Annual Privacy and Data Security Summit, Washington, DC, February 26-28, 2003
  • Track Chair: Security Track
  • Preconference Session: Security for Privacy Professionals (with Chey Cobb and Chris Apgar, CPO Providence Health Plan)
  • Conference Session: The Impact of Emerging Security Standards on Compliance, Litigation, and Privacy (with Joseph Alhadeff, CPO, Oracle)
• IAPO Privacy & Security Academy & Expo, October 16-18, 2002
  • Track Chair: Security Track
• Preconference Session: Security for Privacy Professionals (with Chey Cobb)
• Conference Session: Everything a Privacy Officer Needs to Know About Security, in Less Than 60 Minutes
• Conference Session: E-Learning and Privacy Officer (with V. Schiavone)
• Security 2002, Immigration and Naturalization Annual Security Conference, July 9, 2002, New Orleans, Presentation: Privacy Versus Security
• Federal Trade Commission Consumer Information Security Workshop, May 20 - 21, 2002, panelist and paper: What Business Models Help Consumers Maintain Security?
• HIPAA Summit IV, Washington, DC, April 24, 2002, Seminar Leader: Basic Privacy and HIPAA Compliance Training for Privacy and Security Officers--A Preconference Symposium Sponsored by the International Association of Privacy Officers
• Medical Research Summit, Washington, DC, Seminar Leader: Privacy and Security in Medical Research
• HIPPA Summit West, San Francisco, Seminar Leader: Basic Training for Healthcare Privacy and Security Officers
• Second Annual Privacy and Data Security Summit, Washington, DC, January 30 - February 1, 2002, Faculty: Preconference Symposium I: Privacy Officer Training
• e-Learning - Investing in the Digital Workforce: An e-Gov Conference, Washington, D.C., December 18-19, 2001, Presentation: Private Sector e-Learning Experience: Profit From It.
• Cyber Banking and Cyber Security Conference, Singapore, April 25-26, 2001, Singapore, Chairperson
• Healthcare Informatics & e.md Conference: McGraw-Hill, Chicago, April 18-19, 2001, Presentation: Securing Medical Web Sites
• Employers' Summit on Health Care, March 21-22, 2001, Crystal City Marriott Hotel, Arlington. VA, Presentation: HIPAA Security Implications
• Anti-Money Laundering Conference, New York, January 2001, Presentation: Information Technology Approaches to Combating Money Laundering
• Cyber-Sabotage Conference, Alexandria, Virginia, November, 2000, Presentation: Security Through Strong Authentication [review speaker evaluations]
• IT/Cyber Security, Singapore and Kuala Lumpur, November, 2000, Conference Chair, Presentations: Strong Authentication - Tokens & Biometrics; PKI Technologies &
• Digital Certificates
• Asia Pacific Conference on Internet Payment Systems, September, Singapore, 2000, Conference Chair, Presentation: Internet Security Doubts and Fears
• Software Council of Southern California, Orange County Chapter, October, 1999, Presentation: Information Security, the Human Element
• Internet Commerce Payment Systems, The Asia Business Forum, Singapore, June, 1999, Presentation: Multiple Payment Systems in a Secure Environment
• Internet Commerce Payment Systems, The Asia Business Forum, Singapore, June, 1999, Workshop: Risks Versus Rewards: Assessing & Offsetting Threats to Your Internet Commerce Payment System
• Internet Banking Technologies: Strategies for success in the retail banking market, London, February, 1999, Presentation: Innovations in Internet Security
• 11th Hour Y2K Contingency Planning & Strategies, Miami, February, 1999, Presentation: Security Implications of Y2K
• Information Security in the Age of the Internet, London, December, 1999, 1-Day Workshop: Information Security: Threats and Defenses
• Attaining World Class Process Excellence Through Business Process Outsourcing for the Financial Services Industry, New York, December, 1998, Seminar: Outsourcing Internet Security
• Successfully Creating, Positioning and Acquiring the On-Line Brokerage Company, New York, November, 1998, Seminar: Information Security and On-line Stock Trading
• PC Expo, New York, June, 1998, Seminar: Firewalls 101
• PC Expo, New York, June, 1998, Seminar: Cryptography 101
• CyberSecurity @ Asia 98, Hong Kong, June, 1998, 1-Day Workshop: Maximizing Internet Benefits by Minimizing Internet Risks
• Cyberpayments @ Asia 98, Hong Kong, June, 1998, Presentation: State of the Art: Internet Security
• Cyberpayments @ Europe 98, London, May 1998, State of the Art: Internet Security
• International Electronic Commerce Conference, New York, May, Gartner Group Seminar: Cryptography 101
• International Security Expo, Las Vegas, April, 1998, Seminar: What you don't know about the Internet can hurt you
• Insurance Industry and the Internet, New York, December, 1997, Presentation: Internet Risks
• CyberSecurity 97, Sydney, Australia, July, 1997, Conference Chairperson and Keynote Speaker: Internet security in the corporate environment: what's in store for the future
• CyberSecurity 97, Tokyo, Japan, July, 1997, Conference Chairperson and Keynote Speaker: Internet security in the corporate environment: what's in store for the future
• CyberSecurity 97, Hong Kong, May, 1997, Conference Chairperson and Keynote Speaker: Internet security in the corporate environment: what's in store for the future
• National Association of Federal Credit Unions Conference, Miami, May 1997, Presentation: Security Risks in Internet Banking
• Network 97 Conference, Copenhagen, April, 1997, Guest speaker: What Firewalls Do and Don't Do
• Financial Securities Marketing Seminar, New York, April, 1997, Seminar: Internet Risks
• Firewalls West Conference, July, 1996, Presentation: Firewall Policy Guidelines
• Insurance Industry and the Internet Seminar, New York, June, 1996, Seminar: Internet Security Risks
• National institute of Health, February, 1996, Seminar: Security Risks of Internet Commerce
• Internet Technology Conference, Hong Kong, January, 1996, Seminar: Security Implications of Internet Commerce
• Firewalls and Internet Security Conference, January, 1996: Introduction to Firewall Security Policies

This page updated April, 2010 by webbloke at cobbsblog.com © Copyright, 1996-2008, Stephen Cobb. All Rights Reserved.