Computer Network Assurance Corporation

Keith founded Computer Network Assurance (CNA) Corporation after more than 30 years of hands-on experience in Security Information Systems Development.  His specialized experience includes system analysis and design on main, mini, and micro-computer security software in both operating systems and applications.  Management and hands-on activities include system analysis, software development and documenting solutions for C4 Systems Security Requirements, recommending required research and development (R&D) and accomplishing certification and accreditation activities.

 

In September 1988, Keith established and directed the Air Force’s Product Assessment and Certification Center (PACC) by developing and acquiring administrative and laboratory spaces, test, and administrative equipment, annual budget, and personnel needed to provide the Air Force with the ability to test computer security product.  The PACC is responsible for assessing all government and commercial vendor-made security products and their use in client/server and other information system environments.  Supervised and verified the assessments of customer requested computer security products to determine suitability for government use.  Analyzed information system requirements and recommended solutions that met users functional and security requirements using IE and tools.  Published the first Assessed Products List (APL) providing computer users a listing of tested computer security products -- eliminating the purchasing of substandard software.

 

In May of 1993, he became the Chief, Operating Location FP for Information Warfare Center.  Providing on-site security management and engineering on Multi-Level Security (MLS) systems.  Assisted the customer in identifying security requirements for client/server-based MLS programs and facilities under customer control.  Performed systems analysis to identify means and methods to satisfy those requirements and recommend solutions based upon practical considerations (Computer Security, Communication Security and TEMPEST). 

 

Keith has authored and presented documents, published nationally on specific techniques for accomplishing Security Certification and Accreditation on Information Systems.  He has authored numerous policy guidelines for the U.S. Air Force, including AFSSI 5024, Volume 1-4 detailing the Certification and Accreditation Process. He was also a part of the task group that developed the Federal C&A Process (NIST SP800-37) and DoD C&A Process (DIACAP) now both are standards for the US government. 

 

Today, Keith and CNA Corporation, offer their intellectual capital to Corporate America, the Federal Government and all branches of the U.S. Military.  He has won several awards as a business leader and visionary (National Security Agency's "Roulette Award", twice awarded the Federal Computer Conference's "Best in Open System Award in Security").  Amongst his other attributes, he is a renowned lecturer and speaker on the subject of Network and Communications Security.