Risk Management for Computer Security

Andy Jones is an experienced Military Intelligence Analyst and Information Technology Security specialist. He has had considerable experience in the analysis of Intelligence material in Strategic, Tactical and Counter-Insurgency operations and a wide range of Information systems management experience. In addition, he has considerable experience in the security of Information Technology systems, having been responsible for the implementation of Information Technology security within all areas of the British Army and in some joint service organizations. He has directed both Intelligence and Security operations and briefed the results at the highest level. He was awarded the MBE for his work during his service in Northern Ireland and has gained an Open University Bachelor of Science degree in mathematics and technology and a Masters degree in Information Security and Computer Crime from the University of Glamorgan. After completing 25 years service with the British Army's Intelligence Corps, he moved into the area of defense research and was employed as the manager of a group of 80 research scientists and as a researcher and analyst in the area of Information Security. He has also had experience as a project manager within defense research for the security aspects of a number of large projects and has gained considerable expertise on the criminal and terrorist aspects of Information Security. He has undertaken a range of research into a number of aspects of Information warfare and the threats to information systems. 1n 2002 he co-authored a book on information warfare and is currently researching to write a book on the risks to information systems. In addition to his main work as a senior lecturer on Information Security and Computer Crime at the University of Glamorgan, he is currently also an associate lecturer for the Open University on Internet communications. His primary area of research for the last two years has been into methods for the measurement of t