About : Microsoft Security Blog

The official Microsoft Security Blog provides in-depth discussion of security, cybersecurity and technology trends affecting trust in computing, as well as timely security news, trends, and practical security guidance. Each week you’ll hear from Microsoft security experts who share insights and report on research and our collaborative work internally and with industry and governments around the world to build more secure software and services; to advance the IT ecosystem; and collective efforts to build a safer, more trusted Internet for everyone.

Meet the contributors to the Microsoft Security Blog – each one of them would love to hear your comments and feedback, so leave a comment or reach out to them on @msftsecurity.

Jeff Jones Director Trustworthy Computing @securityjones	Recently listed as one of 25 Most Powerful Voices in Security, Jeff Jones is a 24-year security industry professional that has spent the last several years at Microsoft helping drive security progress as part of the Trustworthy Computing initiative. In this role, Jeff draws upon his security experience to work with enterprise CSOs and Microsoft's internal security teams to drive practical and measurable security improvements into Microsoft process and products.  Among other activities, Jeff contributes research and analysis to the Microsoft Security Intelligence Report. Prior to Microsoft, Jeff was the vice president of product management for security products at Network Associates where his responsibilities included PGP, Gauntlet and Cybercop product lines (and formerly managed the McAfee corporate antivirus product line). These latest positions cap a career focused on security, managing risk, building custom firewalls and being involved in DARPA security research projects while part of Trusted Information Systems. Jeff is a frequent global speaker and writer on security topics ranging from the very technical to more high level, CxO-focused topics such as Security TCO and metrics. In addition to the Microsoft Security Blog, Jeff is also a contributor on The Security Decode blog on CSOOnline. Jeff earned a Masters in Computer Engineering at the University of Southern California and a Bachelor of Science in Computer and Electrical Engineering at Purdue University.
Tim Rains Director Trustworthy Computing	Tim Rains is a Director in Microsoft’s Trustworthy Computing group responsible for managing marketing and communications that span Microsoft’s boxed and cloud products as they relate to security, privacy and reliability.  Tim’s team manages marketing and communications for the Microsoft Security Response Center (MSRC), the Microsoft Malware Protection Center (MMPC), and the MicrosoftSecurity Engineering Center (MSEC) which includes the Security Development Lifecycle (SDL) and Security Science.  Among other things, his team manages the Microsoft Security Intelligence Report (www.microsoft.com/sir) which provides an in-depth analysis on the global threat landscape.  In his early years at Microsoft, Tim served in several roles including Program Manager in the Windows Networking team – Core Operating Systems Division, Technical Lead on the Security Incident Response team in the Product Support Services (PSS) Security team and Technical Lead on the PSS Windows Server Networking team. Tim’s background early on set the foundation that led to roles including Senior Public Relations Manager of Security Response, Senior Product Manager of the Microsoft Malware Protection Center and more recently the Director of Product Management within Trustworthy Computing.  Tim earned a Master’s degree in Business Administration (MBA) at Seattle University and a Bachelor of Arts (BA) degree at the University of Alberta.  Tim also holds several technical certifications including CISSP, MCSE, MCSA, including a Computer Systems Technology diploma from the Northern Alberta Institute of Technology.
Paul Nicholas Senior Director Trustworthy Computing	Paul Nicholas leads Microsoft’s Global Security Strategy and Diplomacy Team, which focuses on driving strategic change, both within Microsoft and externally, to advance infrastructure security and resiliency. His team addresses global challenges related to risk management, incident response, emergency communications, and information sharing. Paul recently served as subject matter expert for the East West Institute’s 2011 publications, including the first U.S. Russia taxonomy for cyber collaboration and a review of the applicability of The Hague and Geneva Conventions on cyberspace. In 2007, he helped to establish the Software Assurance Forum for Excellence in Code (SAFECode), a multi-company effort to advance industry best practices for software security and integrity. Prior to joining the Microsoft, Paul spent over eight years in the U.S. Government, focusing on emerging threats to economic and national security. From 2002-2004, he served as White House Director of Cybersecurity and Critical Infrastructure Protection. In that role, he coordinated the National Strategy to Secure Cyberspace and Homeland Security Presidential Decision Directive 7. Paul also served in the legislative branch, working as a senior policy advisor for U.S. Senator Robert F. Bennett and as a staff member of the Judiciary Subcommittee on Technology, Terrorism and Government Information. He has also served as an Assistant Director at the U.S. Government Accountability Office, and as an analyst for the U.S. Department of Defense.  Paul earned a B.A. from Indiana University, an M.A. from Georgetown University, and is a Certified Information Systems Security Professional.
Kevin Sullivan Senior Security Strategist Trustworthy Computing	Kevin Sullivan is a Senior Security Strategist with Microsoft’s Global Security Strategy and Diplomacy team, which focuses on driving strategic change, both within Microsoft and externally, to advance infrastructure security and resiliency. His team addresses global challenges related to risk management, incident response, emergency communications, and information sharing. Kevin leads the group’s efforts on internet threat reduction, smart grid and critical infrastructure security. Kevin participates in several industry committees focused on technology and policy issues and is a frequent speaker at conferences. In a previous role at Microsoft Kevin led information security assessments for the company’s network security group. Prior to joining Microsoft, Kevin specialized in system and network design for government, academic and private sector organizations. Kevin earned a Bachelor of Science in Information Science from Northeastern University and a Certificate in Strategic Planning for Critical Infrastructures from the University of Washington. He also holds the MCSE: Security, CISSP, CCSK, and ITIL Foundation certifications.
Eric T. Werner Principal Security Strategist Trustworthy Computing	Eric T. Werner is Principal Security Strategist with Microsoft’s Global Security Strategy and Diplomacy team, which focuses on driving strategic change, both within Microsoft and externally, to advance infrastructure security and resiliency. His team addresses global challenges related to risk management, incident response, emergency communications, and information sharing. Before joining Microsoft, Eric was a Director for Cybersecurity on the National Security Staff at the White House from February 2009 to November 2010. He was a member of the review team for President Obama’s Cyberspace Policy Review and during his tenure worked on a range of issues including U.S. international cybersecurity planning and coordination activities, economic and regulatory aspects of cybersecurity policy, and cyber incident response planning. Eric also served as Senior Advisor at the National Telecommunications and Information Administration (NTIA) at the U.S. Department of Commerce, where he provided general and strategic advice on policy matters affecting all sectors of the telecommunications industry with particular emphasis on cybersecurity, continuity communications, public safety interoperable communications, and critical infrastructure protection. He also served as a liaison from the agency to the Communications and Information Technology Sector Coordinating Councils. Prior to his arrival at NTIA, Eric served as Deputy (and Acting) Associate General Counsel at the United States Department of Homeland Security (DHS) where he managed legal support for DHS’s initiatives in the areas of national preparedness, critical infrastructure protection, cybersecurity, and national security and emergency preparedness (NS/EP) telecommunications. Before entering public service, he spent a decade as a communications attorney in private practice, representing a broad range of clients in litigation and regulatory proceedings before the Federal Courts and the Federal Communications Commission (FCC).
Bruce Cowper Senior Security Strategist Trustworthy Computing	Bruce Cowper is a Senior Security Strategist in Trustworthy Computing at Microsoft Corp. In this role, he is responsible for driving security strategy communications for Microsoft and until recently was the driving force behind the Microsoft Cloud Incident Response team covering Online Security, Privacy and Reliability. Bruce joined Microsoft in 2004, and held several positions at Microsoft Canada before moving to the United States, including cloud response communications manager, virtualization lead, Chief Security Advisor, Security and Privacy lead and IT Pro advisor. Before joining Microsoft, Bruce served on the board of directors of several IT companies, where he specialized in Internet-based and communication services, secure system design, and served as a consultant for Law Enforcement communities around the world. Bruce is a founding member of the Security Education Conference Toronto (SecTor), the Toronto Area Security Klatch (TASK), the Ottawa Area Security Klatch (OASK) and an active member of numerous organizations across North America, including the Seattle Cloud Security Alliance chapter. Bruce earned a Bachelor of Engineering in Computer Systems Enginnering from University of Sussex in England and holds a number of industry certifications.