Mich Kabay, PhD, CISSP-ISSMP


Consulting Director On Point Montana, Information Assurance


M. E. Kabay began teaching his high school classmates how to use the slide rule in 1963 and began programming IBM 1401 computers in assembly language in 1965. By 1966, he was a FORTRAN IVG programmer and teaching other students how to program. In 1976, he received his PhD from Dartmouth College in applied statistics and invertebrate zoology and taught biology, statistics and programming as a university professor in Canada and overseas. In 1979, he joined a compiler team for a new 4GL and RDBMS in the U.S. and then joined Hewlett-Packard Canada in 1980 as an operating systems and database performance specialist, winning the Systems Engineer of the Year Award in 1982 and teaching primarily MPE operating system, IMAGE/3000 database and VPLUS/3000 GUI-design courses as well as serving as support engineer to HP's hospital and university customers and managing HP's call center (Phone-In Consulting Service) for Québec & the Maritime provinces.


He served as Director of Education for the National Computer Security Association (NCSA, later ICSA and then TruSecure) from 1991 to 1999 and then worked with AtomicTangerine where he supported the International Institute for Information Integrity® (I-4®). He collaborated in the committees defining the Common Body of Knowledge for the Certified Information Systems Security Professional (CISSP) designation in the mid-1990s and earned his CISSP in 1997.


Since 1986 (and as of mid-2014), he has published over 1,400 articles in operations management and security, written a college textbook on enterprise security (McGraw-Hill, 1996), and served as Technical Editor of the 4th (2002), 5th (2009) and 6th (2014) editions of the Computer Security Handbook (Wiley). He published two security-management columns a week for Network World from February 2000 to September 2011 and one a week with InfoSec Reviews until October 2013.


He has been an invited lecturer at the United States War College, the Pentagon, NATO HQ in Brussels, and at NATO Counterintelligence training in Germany. He was inducted into the Information Systems Security Association (ISSA) Hall of Fame in December 2004 and earned his Information Systems Security Management Professional (ISSMP) designation in November 2005.

From 2002 to 2009, he was the Director of the Master's Program in Information Assurance (MSIA) in the School of Graduate and Continuing Studies (SGCS) at Norwich University, Northfield, Vermont where he was also the Chief Technical Officer of the SGCS from 2007 to 2009.


From June 2001 to April 2011, Dr Kabay was Associate Professor of Computer Information Systems in the School of Business and Management from 2001 to 2011 and became Professor of Computer Information Systems starting in May 2011. He was appointed Associate Chair of Computing and Program Director of the new Information Operations programs in July 2009. His teaching focuses on applied statistics and information assurance.