Stephen H. Campbell
Fletcher School of Law and Diplomacy, MALD
University of Glasgow, BSc (Hons) Physics
University of Fairfax, Graduate Certificate in Cybersecurity Best Practices, CISSP®
Mr. Campbell specializes in information security risk reduction. He has an in-depth understanding of current threat intelligence, changing attack methods, information architectures, information security best practices, and defensive technologies. Mr. Campbell applies probabilistic risk analysis, data breach statistics, and industry standard risk management and security control frameworks, such as NIST SP 800-53, the SANS/CIS Critical Controls, and ISO 27001/2 to identify and prioritize gaps in an organization’s cyber defenses and to recommend cost-effective risk reduction measures.
A 24 year veteran of the software field with a degree in physics, Mr. Campbell has spent the past ten years researching the strategies and tactics of clandestine organizations, including cyber criminals, terrorists, and insurgents. These groups are early adopters of new technologies that allow them to detect and exploit vulnerabilities. They take advantage of information and communication technologies and global commerce to mount attacks while remaining anonymous. But their use of technology and their high need for operational security also makes them vulnerable.
Mr. Campbell obtained his masters degree at the Fletcher School of Law and Diplomacy at Tufts University, the oldest graduate school of international affairs in the country, where his focus was international security, Middle Eastern politics and transnational terrorism. After graduating he continued at the school as a research associate, specializing in intelligence, counterintelligence and non-state armed groups. He developed graduate level teaching materials on the specific challenges of collecting human, communications, geospatial, technical and cyber intelligence on clandestine actors, and on these actors’ own use of intelligence and counterintelligence, denial and deception, and underground organizational structures.
Mr. Campbell’s experience with software includes programming, analysis, education, product marketing and strategy. He has worked at Shell International, Informix (IBM), and SAP on financial, database, and ERP applications running on IBM mainframes, UNIX and Windows systems. As an independent consultant he has advised companies on improving the availability and performance of their critical systems. He has been using TCP/IP since the 1980s. In 1994 he contributed to the Internet Engineering Task Force’s standard for monitoring relational databases. Working for Hewlett-Packard’s OpenView team for nine years, Mr. Campbell was responsible for launching and marketing new technologies that provided clients with early warnings of bottlenecks and performance slowdowns in their client server business applications.
Certified Information Systems Security Professional of (ISC)²
Association of Former Intelligence Officers
Institute of Electrical and Electronic Engineers