The Alliance for Enterprise Security Risk Management: A partnership of the three leading international security organizations, formed to address issues surrounding the convergence of traditional and logical security.

Jonathan Clemens

Intel

Jonathan Clemens has been a pioneer at Intel in driving convergence between information security and traditional corporate security.  During the past six years, he has led Intel’s information security penetration testing program, taking a holistic approach to risk and highlighting relevant deficiencies in both physical and logical security.  He proposed adopting the Incident Command System for information security emergency response in his mid-2000 SANS GCIH paper (http://www.giac.org/certified_professionals/practicals/GCIH/0037.php), and he was part of the team that implemented a version of his recommendations at Intel in late 2001.
 
Jonathan has been active in public service in both physical and information security, serving for the past several years as a repeat speaker and board member for CTIN (www.ctin.org), a Seattle-area computer forensics and investigations association, and most recently, coordinating Intel’s involvement as a private-sector player and contributing content expertise in the US Department of Homeland Security’s Cyberstorm ‘06 exercise.
 
Jonathan was one of the first Intel information security professional to obtain a CISSP (in 1999) and is the first and only Intel security professional to hold both the CISSP and CPP certifications, which he has since early 2004.  He served for two years in various positions—including site commander—on Intel’s Emergency Response Teams, which respond to disasters, hazardous materials incidents and medical emergencies at Intel sites.
 
In his spare time, Jonathan volunteers in a variety of security-related hobbies, including as a martial arts instructor in Tang Soo Do, and as an NRA-certified firearms safety instructor.
 
“The idea that information security and ‘traditional’ security are different disciplines is antiquated thinking, generally driven by the elitism of the IT industry,” says Clemens.  “The science of protecting assets and people from harm is a single discipline, which unfortunately remains split into logical and physical security in too many people’s minds.  Information security has a lot to learn from the more mature security disciplines, despite its status as a new and hot area.”

 

 

 

 

Copyright © AESRM 2008, All Rights Reserved.