[BOARD] Jim Jones has joined the Editorial Board

["Steven M. Christey" <coley@linus.mitre.org>]

Jim Jones of Predictive Systems has joined the CVE Editorial Board as
a technical member.  His primary task will be voting on candidates.

Jim leads an 11-person research team which, among other things,
collects incident information and analyzes vulnerabilities.  His part
of Predictive Systems interfaces directly with the US Federal Computer
Incident Response Center (FedCIRC), as well as a number of Information
Sharing and Analysis Centers (ISACs).  As such, he can contribute his
experiences with information sharing across these various
organizations, and he will be consulting with the Board in this
capacity.  (Note that FedCIRC is run by the General Services
Administration (GSA), the sponsor of CVE for FY2002, but Jim has moved
through the entire recruitment process as all new Board members do).
Jim may also participate in the CIEL effort.

Jim's bio follows:

  Mr. Jones directs the development and operation of the Analysis
  Group for Predictive Systems' Global Integrity Managed Services,
  providing collection and analysis of information security
  vulnerabilities, threats, incidents, and solutions.  His role
  includes guiding and participating in technical analysis of security
  vulnerabilities and threats, including the development of mitigation
  strategies; preparing detailed analysis on selected information
  security topics; and data collection and analysis, including the
  development of new architectures, taxonomies, and models.  Mr. Jones
  has experience building and operating a Security Operations Center
  for managed security services, conducting computer security incident
  investigations, providing technical research and analysis on
  security threats and vulnerabilities, and conducting vulnerability
  and security assessments.  Mr. Jones also leads special research
  projects, presents and teaches at selected conferences, and serves
  on selected committees regarding information security threats and
  mitigation strategies.  Mr. Jones' articles and comments have been
  printed in a number of technical and popular forums.

  Prior to joining Predictive Systems, Mr. Jones was a Research
  Scientist at the Georgia Tech Research Institute where he conducted
  applied research in the computer security field, and a Scientist
  with the US Department of Navy where he designed and implemented
  computer security architectures.  Mr. Jones holds a Masters degree
  in Mathematics from Clemson University and a Bachelors degree in
  Engineering from Georgia Tech.  He has worked in the computer
  security field since 1995 and has been a registered CISSP since
  1998.

  ROLE IN FEDCIRC

  Currently directing the development and operation of the Analysis
  Group for Predictive Systems' Global Integrity Managed Services,
  providing collection and analysis of information security
  vulnerabilities, threats, incidents, and solutions.  The Analysis
  Group operates 24x7x365 and provides the content for the multiple
  ISACs operated by Global Integrity, delivers the Open Source
  Intelligence (OSI) service, and serves as the Operations Center for
  FedCIRC.  This is an active leadership role which includes guiding
  and participating in technical analysis of security vulnerabilities
  and threats, including the development of mitigation strategies;
  preparing detailed analysis on selected information security topics;
  and data collection and analysis, including the development of new
  architectures, taxonomies, and models.  Current responsibilities
  also include leading special research projects, presenting and
  teaching at selected conferences, and serving on selected committees
  regarding information security threats and mitigation strategies.
  Authored a number of articles and technical documents; these and
  various comments have been printed in various technical and popular
  forums; samples are available upon request.

Welcome aboard, Jim!

- Steve