1st Edition

The Expert in the Next Office Tools for Managing Operations and Security in the Era of Cyberspace

By M. E. Kabay Copyright 2024
    552 Pages 408 Color Illustrations
    by CRC Press

    As organizations increasingly depend on electronic information, the lack of systematic training on effective operations and security principles is causing chaos. Stories of data loss, data corruption, fraud, interruptions of service, and poor system design continue to flood our news. This book reviews fundamental concepts and practical recommendations for operations and security managers and staff. The guidelines are based on the author’s 40 years of experience in these areas. The text is written in simple English with references for all factual assertions so that readers can explore topics in greater detail.

    Chapter 1. The Parkerian Hexad
    Chapter 2. Confidentiality
    Chapter 3. Control
    Chapter 4. Integrity
    Chapter 5. Authenticity
    Chapter 6. Availability
    Chapter 7. Utility
    Chapter 8. Threats
    Chapter 9. Management Principles
    Chapter 10. Employment Practices and Policies
    Chapter 11. Operations Management in IT
    Chapter 12. Technical Support
    Chapter 13. Security-Policy Style
    Chapter 14. Programming for Security
    Chapter 15. INFOWAR
    Chapter 16. Cyberlaw Issues
    Chapter 17. Protecting your Organization’s Reputation in Cyberspace


    M. E. Kabay completed his BSc in genetics (1970) and his MSc in teratology (1972) at McGill University. In 1976, he completed his PhD from Dartmouth College in applied statistics and invertebrate zoology and then taught statistics, programming, and biology as a university professor in Canada and overseas.

    In 1979, he joined a compiler team for a new fourth-generation programming language (4GL) and relational database management system  in the U.S. and then joined Hewlett-Packard Canada in 1980 as an operating-systems and DB-performance specialist, winning the Systems Engineer of the Year Award in 1982 and teaching MPE operating system, IMAGE/3000 database and VPLUS/3000 GUI-design courses as well as serving as support engineer to HP’s hospital, university and government customers and managing HP’s bilingual call center (Phone-In Consulting Service) for Québec and the Maritime provinces.

    He served as adjunct faculty in the 1980s in the University of Ottawa Institute for Government Informatics Professionals, the John Abbot College Programmers’ Course and their Technical Support Program, and the McGill University Management Institute before joining Norwich University in 2001.

    He founded his own company, JINBU Corporation, in 1986; much of his consulting work in that firm was database-performance analysis and redesign for optimization. Other assignments included overall operating-system analysis and optimization for improved performance to meet service-level agreements for quality of service; he was assigned twelve such contracts for the Government of Canada in 1989. He also completed several contracts in organizational analysis to help improve operations and management processes.

    He served as Director of Education for the National Computer Security Association (later ICSA and then TruSecure) from 1991 to 1999 and taught security courses around the world, including Europe, Asia and North America. He was the Leader of the INFOSEC Delegation to the People’s Republic of China in 1993 and provided a 100 page report on his contacts to the Canadian Security Information Service (CSIS). He worked with Adario/AtomicTangerine where he supported the International Institute for Information Integrity (I-4).

    He was a member of the committees defining the Common Body of Knowledge for the Certified Information Systems Security Professional (CISSP) designation in the mid-1990s and earned his CISSP in 1997. The committee used his 1996 textbook, The NCSA Guide to Enterprise Security (McGraw-Hill) as one of their resources. His certification as an Information Systems Security Management Professional (ISSMP) was granted in 2005. He terminated his use of the CISSP and ISSMP designations in 2021.

    Since 1986 (and as of early 2021), he has published over 2,000 articles in operations management and security, and served as Technical Editor of the 4th (2002), 5th (2009) and 6th (2014) editions of the Computer Security Handbook (Wiley). He wrote two security-management columns a week distributed by Network World from February 2000 to September 2011 and one per week for InfoSec Perception from October 2011 to the end of 2013. His public Website has a total of over 2,000 PDF files and over 500 instructional PowerPoint files freely available to anyone for non-commercial use.

    He has been an invited lecturer at the U.S. War College, the Pentagon, and at NATO Counterintelligence training in Germany. He was inducted into the Information Systems Security Association (ISSA) Hall of Fame in December 2004.

    From 2002 to 2009, he was the creator and Director of the Master’s Program in Information Assurance (MSIA) in the College of Graduate and Continuing Studies (CGCS) at Norwich University, Northfield, Vermont where he was also the Chief Technical Officer of the CGCS from 2007 to 2009. Returning full time to the School of Business & Management in 2009, he was promoted to Professor of Computer Information Systems in May 2011 and was appointed Associate Director of the Norwich University Center for Advanced Computing and Digital Forensics in July 2011.

    He retired on 31 December 2020 after teaching at Norwich for 20 years. In May 2021, he was anointed (er, appointed) Emeritus Professor of Computer Science in the School of Cybersecurity, Data Science and Computing, College of Professional Schools, Norwich University.

    “Must-Have book for every cybersecurity professional’s library. A true joy! An impeccable and compelling overview of cybersecurity that brought back so many historical memories that otherwise would be lost to history. A Tour de Force!"

    – Winn Schwartau FRSA, author of Information Warfare: Chaos on the Electronic Superhighway. Named one of the 50 most powerful people in networking by Network World and voted one of the 25 Most Influential People in the Security Industry by Security Magazine.

    “For computer security, read The Expert in the Next Office and keep it handy.  You won't need anything else.”

    – Alan Freedman, Author of ComputerLanguage.com, the largest tech reference ever written by one person.

    "Information technologies are the foundation of our modern society and world, being present in all organizations and nearly all things we do. Kabay's latest book, The Expert in the Next Office, is a comprehensive text for those called to be responsible for information systems from the mind of a brilliant and respected expert who has been focused on this topic for a very long time. The book is full of practical and essential knowledge for anyone leading or aspiring to lead in this domain. The information is delivered in a way that takes advantage of Kabay's greatest strengths, which are the teaching, mentoring, and inspiration of others."

    –Eric Whyne, Founder and Chairman of Data Machines Corp.

    “Unlike other security books published in the past decade or so, this text reads like an insightful, clear conversation with a longtime, brilliant friend giving advice coming from lifelong experience. If you want to learn more about information and IT security relevant today, with insights obtained from decades of real-world work, get this book and refer to it often.”

    – Rebecca Herold, CEO, Privacy & Security Brainiacs, Author & Expert Witness.