Thomas A. Wadlow
4388 24th Street
San Francisco, CA, 94114
415-824-3087 voice
415-206-0838 fax
wadlow at wadlow.org

Business Skills

Communications Skills

Accomplished public speaker and teacher, with presentations and classes at Interop, Vanguard, Wall Street Technology Association, Web Developer, Usenix Security Symposium and many others. Author of several books and many magazine articles. Skills focus on the presentation of advanced technical concepts in an engaging and understandable manner accessible to both technical and non-technical audiences. Have presented extensively at executive level, board-of-director level. Have scripted and made trade-show floor presentations, as well as handled ad hoc Q&A format presentations. Have participated in and hosted panel discussions, and acted as Master of Ceremonies at a number of events.

Management Skills

Have operated at manager, director, vice-president levels for extended periods of time. Some experience as acting CEO. Accomplished individual mentor. Extensive understanding of what it takes to build an operations infrastructure.

Entrepreneurial Skills

Extensive experience with venture capital technical presentations and defense. Have participated in creation and presentation of business plans. Have made sales calls alone and assisted in sales presentations. Excellent understanding of the sales process, solution selling, value-based pricing and sales cycles. Skilled in understanding customer issues and translating them into technical solutions.

Technical Skills

Architecture

Extensive experience in translating customer requirements (including unspoken requirements) into functional architecture. Also in analysis of existing architectures for weaknesses in security, maintainability, operability.

Security

Expert in network security architecture, host security architecture, security auditing. Specific focus on designing for security, and building the security process into day-to-day operations. Have built and trained teams to manage customer security policies, respond to attacks, perform extensive customer security audits, review customer code for security holes as well as manage more formal source code reviews.

Programming

Expert-level programmer in C, Perl, Ruby, Smalltalk, csh, sh, Unix tools. Experience with C++, Java. Specific skills in adapting to new programming languages/environments in short timeframe (extreme programming) to produce working prototypes quickly with a rapid path to robust maintainable code. Skills in designing for maintenance.

Operating Systems

All flavors of Unix (Solaris, Linux, FreeBSD, OpenBSD). Highly experienced in systems administration, systems architecture, practical as well as theoretical aspects. Applications porting, kernel modification, device drivers. Experience with Apple OSX, Cisco routers. Expert at security analysis of Cisco router configurations.

Web Technology

Have designed and built a number of web-based applications. Front-end and back-end. Ruby on Rails. Cascading Style Sheets. Server/Database integration.

Patents, Publications and Activities

US Patent #6,230,271 - Dynamic Policy-Based Apparatus for Wide-Range Configurable Network Service Authentication and Access Control using a Fixed-Path Hardware Configuration

This patent described the fundamental network architecture used at Pilot Network Services, Inc, and upon which the company services were built.

Member, Federal Trade Commission Advisory Committee on Online Access and Security

Invited to participate in an extensive discussion of fair information practices and standards for web site security. Other participants included professors, CEOs, consultants, lieutenant governors.

"The Process of Network Security" - Book - Addison-Wesley, 2000

An exploration of how to think about, manage and analyze security for organizations. Focuses on the reasons that some approaches work and others do not, as well as on how to build a team to implement and maintain security in the face of ever changing threats. Used as part of the CISSP reading list, as well as a textbook for Georgia Tech, University of Colorado, Washburn University, Strayer University, Kennesaw State University, Seneca College among others. It is cited world-wide by Infosec and IT professionals, and has been translated into Japanese.

"Memory Resident Programming on the IBM-PC" - Book - Addison-Wesley, 1987

Long out of print, and overtaken by modern operating system technology, this book continues to sell on the used market well above its cover price, as an example of how to write assembly language programs in a clean and modular fashion.

Guest Expert for ACM Queue magazine, June 2005 issue.

Subject was Computer and Network Security. Advised editors, reviewed articles and wrote "The Answer is 42, Of Course" for this issue of the magazine (available at www.acmqueue.org)

Guest Expert for ACM Queue magazine, November 2006 issue.

Subject was Cybercrime. Advised editors, reviewed articles and co-wrote "Criminal Code" with Vlad Gorelik of Sana Security for this issue of the magazine (available at www.acmqueue.org)

Numerous Articles - Byte Magazine, PC World, SatGuide Magazine

 

 

Experience

Security Assessment

Currently involved in a number of projects involving detailed technical network security vulnerability assessments as well as the technical aspects of compliance with FFIEC, SB-1386, Graham-Leech-Bliley, Sarbanes-Oxley.

Technical Advisor

Currently serving on the Technical Advisory Boards of several private corporations, advising in areas of systems architecture and security, applications development, and network design as well as consulting on business issues relating to starting a technology company.

Technical Due Diligence

Advisor to corporate officers, investment bankers and venture capitalists for technical aspects of due diligence investigation in areas relating to network security market, products and services.

Consultant

Security consulting for Fidelity National Financial, Emerald Group, and many other organizations. Standards compliance, best practices, configuration analysis, personnel termination issues.

Performed a variety of major consulting projects, either individually or under the auspices of Pilot, for Sun Microsystems, Apple Computer, Rhone-Poulenc, General Electric, Greenwich Capital Markets, United Airlines, Mervyn's and others. Special Project Management for Jerboa, Inc. Also worked with NASA-Ames and CNRS (Centre Nationale de la Recherche Scientifique) in France on several smaller projects.

Pilot Network Services 1993-2001 - Co-founder, Chief Security Architect, Vice President of Research and Chief Technology Officer

Participated in full company lifecycle: Idea creation and raising of seed money, acquisition of venture funding, business growth from garage to several hundred employees, design and evolution of service, technical firefighting, crisis management and successful resolution, secondary venture round, initial public offering, management of growth. Designed, staffed and built a dynamic security infrastructure that protected more than 70,000 networks (which translates into more than a million actual machines) from attacks on the Internet. Withstanding hundreds of serious attacks (and thousands of minor attacks) per day, this infrastructure was operational and completely successful at protecting customers for 8 years.

Sun Microsystems Laboratories, Inc. 1990-1993 - Research Network Architect

Designed and managed implementation of ultra-flexible research network for the new SunLabs facility. Designed and managed network and computing infrastructure for SunLabs. Designed and developed Internet security architecture for SunLabs.

ParcPlace Systems, Inc.

Designed network to support growth of company from a dozen people to several hundred in various locations. Created early highly-portable Unix GUI environment written in Smalltalk. Developed advanced graphical debugger for C++. Managed the company trade show infrastructure, and scripted and made trade-show booth presentations.

Xerox Palo Alto Research Center (PARC)

Worked with Adele Goldberg and the Learning Research Group on aspects of the Smalltalk Object Oriented Programming environment.

Schlumberger Palo Alto Research

Network Manager. Integrated former Fairchild Artificial Intelligence Laboratory into Schlumberger worldwide network. Supported research network and computing infrastructure.

Lawrence Livermore National Laboratories

S-1 Project - Helped to port Unix operating system to custom supercomputer. Created MD diagnostic system for hardware fault analysis of custom supercomputer.
Laser Pantography - Developed software interface to experimental laser silicon wafer etcher, capable of rendering arbitrary computer graphics at 1 micron/pixel scale.
Mirror Fusion Test Facility - Developed and built general purpose reactor actuator interface for control of prototype fusion powerplant.

Education

Carnegie-Mellon University

BS-Electrical Engineering and BS-Mathematics (Computer Science), 1979

Other Interests

Actor, stage and improvisational theatre

Member of several improv groups, regular performer.

Voiceover

Trained in voiceover acting: commercial, narrative, character voices.

World Travel

Have travelled extensively in Europe, Asia. Limited skills with French, Spanish, Italian, Japanese. Some exposure to Cantonese, Mandarin/Putonghua.