User:Ben Fountain

Whilst studying simple 'Computing' quite some time back I found nMap, from that I found a telnet interface on a printer, from that I found that I could bypass the printer queue....

I got seriously into information security whilst working at Lambeth council in London. A piece of network packet analysis on Nortel phones' DHCP implementation resulted in halfing the time to deploy them. This led the Council to sponsor me toward studying for the CISSP to become the first full time Information Security Officer. I rapidly discovered that by coordinating work with other Councils that we could do bigger, better projects in less time and I was hooked on collaborative (and therefore open) information security practices. Joining the local specialist group for councils (Information Security for London - ISfL) I started chairing the group and was very pleased to see attendance hitting the vast majority of the Councils as word spread. Leaving London I returned to the North West where I took on the role of Information Security Manager with Rochdale MBC. Whilst with Rochdale I was exposed to a great deal of Freedom of Information and Data Protection Act issues through the North West E-Government Group (NWEGG). Again I realised that by adopting an open approach to much of the data held by public sector bodies would actually allow them to worry more about the serious information that needs to be kept secure. More recently I moved to PricewaterhouseCoopers (PwC) where I've been able to develop my skills through exposure to a wider group of clients.

If you want to know more, drop me an email or see my LinkedIn profile http://www.linkedin.com/profile/view?id=70411657&trk=tab_pro I've experience across most aspects of information security, including; firewalls switching routing web application security testing cryptography stenography incident response incident handling information classification security metrics policy development information security strategy PCI-DSS PA-DSS ISO27001 Government Connect Secure eXtranet (GCSx) Data Protection Act