Julie Ryan

EDUCATION
D. Sc. in Engineering Management, The George Washington University, Fall 2000
“Information Security Practices and Experiences in Small Businesses”
M.L.S. in Technology, Eastern Michigan University, 1996
B.S. in Humanities, U.S. Air Force Academy, 1982
HONORS
Member, The Honor Society of Phi Kappa Phi
Member, Epsilon Mu Eta, the Engineering Management Honor Society
AREAS OF INTEREST
Information security, information warfare, critical infrastructure protection, risk management.
EXPERIENCE
2010 to 2012 Chair, Engineering Management and Systems Engineering Department
George Washington University
2001 to Pres. Faculty (Associate Professor), Engineering Management and Systems Engineering
George Washington University
1997 to Pres. President
Wyndrose Technical Group
1995 – 1997 Senior Associate
Booz•Allen & Hamilton, Inc.
1994 – 1995 Senior Staff Scientist
TRW, Inc.
1990 – 1994 Associate
Welkin Associates, Ltd.
1988 – 1990 Senior Consultant
Booz•Allen & Hamilton, Inc.
1987 – 1988 Systems Engineer
Sterling Federal Systems, Inc.
1986 – 1987 Intelligence Officer
U.S. Defense Intelligence Agency
1982 – 1986 Signals Intelligence Officer
U.S. Air Force

PROFESSIONAL ACTIVITIES:
Treasurer and Member of the Board of Directors, Colloquium on Information Systems Security Education (CISSE), 2004 to 2009.
Treasurer and Member of the Board of Directors, Consortium for Academic Excellence in Information Assurance, 2008 to 2009.
Member, Naval Studies Board of the National Research Council (National Academies of Science), 1995 to 1998.
Member, National Research Council (NAS) Standing Committee on Technology Insight-Gauge, Evaluate, and Review (TIGER), 2007 – 2013.
Vice Chair, National Research Council (NAS) Committee on Assessing Foreign Technology Development in Human Performance Modification, 2012.
Member, National Research Council (NAS) Committee on Science and Technology Challenges to U.S. National Security Interests, 2012.
Member, National Research Council (NAS) Standing Committee on Research, Development, and Acquisition Options for US Special Operations Command (SOCOM), 2007 – 2010.
Referee: IEEE Transactions on Engineering Management, IEEE Security and Privacy, American Society of Engineering Management, Journal of Homeland Security and Emergency Management,
International Conference on Information Warfare and Security, Hawaii International Conference on Systems Sciences (HICCS), The Handbook of Information Security.
Member: American Society of Engineering Management, American Association for the Advancement of Science, IEEE, Phi Kappa Phi, Society for Risk Analysis, International Council on Systems Engineering.
Participant, The Highlands Forum (Office of the US Secretary of Defense), 1994 to 1998.

SPONSORED RESEARCH ACTIVITIES
4/05 – 12/05 [PI] Researching the Use of Prexis Software in Performing Information Security, Ounce Labs, Inc. $109,221.00
9/04 – 9/05 [PI] Support for US-Japan Workshop on Critical Information Infrastructure, National Science Foundation, $32,000.00
5/06 – 9/06 [PI] Support to the 2006 Colloquium for Information Systems Security Education, National Security Agency, $50,000.00
4/07 – 9/07 [PI] Support to the 2007 Colloquium for Information Systems Security Education, National Security Agency, $75,000.00

DIRECTION OF STUDENT RESEARCH
M.S. Lopez de la Cruz, J. “Applications of Probability Models and Expert Judgment Analysis in Thesis Information Security,” Delft University of Technology, Delft, The Netherlands, 2004.
Asmoredjo, S.M. “A Probabilistic Model for Cyber Attacks and Protection,” Delft University of Technology, Delft, The Netherlands, 2005.
Gurov, M. “Information Security Return on Investment,” Delft University of Technology, Delft, The Netherlands, 2006.
Tomhave, B. “The Total Enterprise Assurance Management (TEAM) Model: A Unified Approach to Information Assurance Management,” George Washington University,
Washington, DC, 2006.
Moore, S. “The Impact of a Strategic Approach to Detection Activities on Incident Response” George Washington University, Washington, DC, 2006.
D.Sc. Hekimian, Christopher. “Active Behavior as a Fourth Dimension to Identity Authentication in Dissertation Computer Systems,” George Washington University, Washington, DC, 2003.
Green, Annie. “Prioritization of Value Drivers of Intangible Assets for use in Enterprise Balanced Scorecard Valuation Models of Information Technology Firms,” George Washington University, Washington, DC, 2004.
Adamkiewicz, Susan. “The Correlation Between Productivity and the Use of Information Security,” George Washington University, Washington, DC, 2005.
Vandergriff, Linda. “Evaluation of Agile Knowledge-Based Enterprise Implications for Intelligence Age Decision Support Systems,” George Washington University, Washington, DC, 2005.
Almogbil, Abdullah. “Security, Perceptions, and Practices: Challenges Facing Adoption of Online Banking in Saudi Arabia,” George Washington University, Washington, DC, 2005.
Tolba, Ahmed. “A Multi-Attribute Utility Model For Wholly Owned Subsidiaries Investment Decisions In Developing Countries By Multi-National Information Technology Developers; The Case Of Egypt,” George Washington University, Washington, DC, 2006.
Al-Kahtani, Nouf. “The Internet Technology and its Potential Contribution to Research in Saudi Arabia: Possible Factors Influencing its Utilization,” George Washington University, Washington, DC, 2006.
Burgos, Carlos. “A Grounded Theory Approach to Explore How Programmers Understand Legacy Code in Order to Make Modifications,” George Washington University, Washington, DC, 2007.
Amin, Rohan. “Detecting Targeted Malicious Email Through Supervised Classification of Persistent Threat and Recipient Oriented Features,” George Washington University, Washington, DC, 2011.
Pettigrew, J. Andrew. “Decision-Making by Effective Information Security Managers”, George Washington University, Washington, DC, 2012.
Crane, Earl. “Emergent Network Defense”, George Washington University, Washington, DC, 2012.
Foerster, Carl. “Analysis Of Decision Factors For The Application Of Information Access
Controls Within The Organization”, George Washington University, Washington, DC, 2012

BOOKS AND MONOGRAPHS
Ryan, Julie J.C.H. (ed). Leading Issues in Information Warfare and Security Research (Vol 1). Reading, UK: Academic Publishing International, Ltd, 2011.
Nichols, Randall K, Daniel J. Ryan, and Julie J.C.H. Ryan. Defending Your Digital Assets Against Hackers, Crackers, Spies, and Thieves. New York: McGraw Hill, 2000.
Ryan, Julie J.C.H. and Gary Federici. Offensive Information Warfare: A Concept Exploration. Alexandria, VA: Center for Naval Analyses, 1996.
Ryan, Julie J.C.H., Tom Thorley, and Gary Federici. Information Support to Military Operations in the Year 2000 and Beyond: Security Implications. Alexandria, VA: Center for Naval Analyses, 1993.

JOURNAL ARTICLES
Amin, Rohan, Julie Ryan, and Johan Van Dorp (2012). “Detecting Targeted Malicious Email Using Persistent Threat and Recipient Oriented Features”. IEEE Security & Privacy Magazine May-June 2012 v10 n 3 (64-71).
Ryan, Julie J.C.H., Thomas A. Mazzuchi, Daniel J. Ryan, Juliana Lopez de la Cruz, Roger Cooke. “Quantifying Information Security Risks Using Expert Judgment Elicitation”, Computers and Operations Research, April 2012, v39 n4 (774-784) (ISSN: 03050548; DOI: 10.1016/j.cor.2010.11.013)
Pettigrew, J. Andrew, and Julie Ryan. (2012) “Making Successful Security Decisions: A Qualitative Evaluation.” IEEE Security Privacy Magazine Jan-Feb 2012 v10 n1 (60-68).
Ryan, Daniel J., Maeve Dion, Eneken Tikk & Julie J. C. H. Ryan (Summer, 2011) "International Cyberlaw: A Normative Approach." Georgetown Journal of International Law, Vol. 42, No. 4, pp. 1161-1197.
Ryan, Julie J.C.H. and Daniel J. Ryan, "Performance Metrics for Information Security Risk Management," IEEE Security and Privacy, vol. 6 no. 5, Sep/Oct 2008, pp. 38-44.
Burgos, Carlos, Julie J.C.H. Ryan, and E. Lile Murphree, Jr. “Through a Mirror Darkly: How Programmers
Understand Legacy Code,” Information Knowledge Systems Management, 2007, Vol. 6 Issue 3, p215-234.
Al-Kahtani, Nouf, Julie J.C.H. Ryan, and Theresa I. Jefferson. “How Saudi Female Faculty Perceive Internet Technology Usage and Potential,” Information Knowledge Systems Management, 2005-2006, Vol. 5 Issue 4, p227-243.
Ryan, Julie J.C.H. and Daniel J. Ryan. “Expected Benefits of Information Security Investments,” Computers andSecurity, Vol. 25, Issue 8. Amsterdam: Elsevier. Pages 579-588. (November 2006). (http://
www.sciencedirect.com/science/article/B6V8G-4KXDR1G-1/2/f3dbf2660eab68ae4bf87dde49b7f687)
Ryan, Julie J.C.H. “Use of Information Sharing Between Government and Industry as a Weapon,” Journal of Information Warfare 5 no 2 (2006): 1 – 10.
Ryan, Julie J.C.H. and Daniel J. Ryan. “Proportional Hazards in Information Security,” Risk Analysis 25 no. 1(February 2005): 141.
Green, Annie and Julie J.C.H. Ryan. “A Framework of Intangible Valuation Areas (FIVA): Aligning Business Strategy and Intangible Assets,” Journal of Intellectual Capital 6 no. 1 (2005): 43.
Ryan, Julie J.C.H. and Corey D. Schou. “On Security Education, Training and Certifications,” Information Systems Control Journal 6 (2004): 27.
Ryan, Julie J.C.H. “Information Security Tools and Practices: What Works?” IEEE Transactions on Computers 53 no. 8 (August 2004): 1060.
Ryan, Julie J.C.H. “Review of 2025: Scenarios of U.S. and Global Society Reshaped by Science and Technology, by Joseph F. Coates, John B. Mahaffie, and Andy Hines,” Rivers: Studies in the Science, Environmental Policy, and Law of Instream Flow 6 no. 3 (1998): 222 – 224.
Ryan, Julie J.C.H., John Woloschek, and Barry Leven. "Complexities in Conducting Information Warfare," Defense Intelligence Journal, vol 5 no. 1 (Spring 1996): 69.

BOOK CHAPTERS
Ryan, Julie J.C.H., Daniel J. Ryan & Eneken Tikk (2010). “Cybersecurity Regulation: Using Analogies to Develop Frameworks for Regulation.” In Eneken Tikk & Anna-Maria Talihärm (Ed.), International Cyber Security: Legal & Policy Proceedings. (pp. 76-99). Tallinn, Estonia: Cooperative Cyber Defence Center of Excellence.
Ryan, Julie J.C.H. “Information Warfare: A Conceptual Framework,” Proceedings of the 1996 Seminar on Intelligence, Command, and Control. Boston, MA: Harvard University Press, 1997.
Ryan, Daniel J. and Julie J.C.H. Ryan, “Protecting the NII,” in Information Warfare: Cyberterrorism: Protecting Your Personal Security in the Electronic Age (New York: Thunder’s Mouth Press, 1994), 626.

REFEREED CONFERENCE PROCEEDINGS
Daniel J. Ryan & Julie J. C. H. Ryan (2012) Attribution : Accountability for Cyber Incidents. Proceedings of the 2012 International Conference on Information Warfare, pp. 265-271. Seattle, WA: University of Washington.
Ryan, Julie J.C.H and Daniel J. Ryan. “Neutrality in the Context of Cyberwar”, Proceedings of the Sixth International Conference on Information Warfare and Security, 17-18 March 2011, Washington, DC. Published on CD-ROM by ACI Ltd.
Ryan, Julie J. C. H., Daniel J. Ryan, Maeve Dion & Eneken Tikk (March, 2011) "International Cyberlaw: A Normative Approach." Accepted for publication, Georgetown Journal of International Law, 2011 Symposium.
Pettigrew, James A., Julie J.C.H. Ryan, Kyle Salous, and Thomas A. Mazzuchi, “Decision Making by Effective Information Security Managers”, Proceedings of the International Conference on Information Warfare and Security (ICIW 2010), Dayton, Ohio, March 2010.
Tolba, Ahmed, David Greenwood, and Julie Ryan, “Promoting a Green Egypt Through the Design of a Sustainable Building Assessment Tool”, Proceedings of the 2010 Industrial Engineering Research Conference, Cancun, Mexico, June 2010.
Schou, Corey, Julie Ryan, Leigh Armistead and James Frost. “Developing Curriculum in Information Operations: The First Steps” Proceedings of the 4th International Conference on Information Warfare, Cape Town, South Africa, March 27-28, 2009.
Ryan, Julie J.C.H. and Daniel J. Ryan, "Biological Systems and Models in Information Security," Proceedings of the12th Colloquium for Information Systems Security Education, University of Texas, Dallas; Dallas, Texas, June2-4, 2008. Available online at http://www.cisse.info/colloquia/cisse12/proceedings12/Start.pdf
Polydys, Mary L., Daniel J. Ryan and Julie J. C. H. Ryan. “Best Software Assurance Practices in Acquisition of Trusted Systems,” Proceedings of the 10th Colloquium for Information Systems Security Education, University of Maryland, University Collage, Adelphi, MD June 5-8, 2006.
Ryan, Julie J.C.H. “Use of Information Sharing Between Government and Industry as a Weapon,” Proceedings of the International Conference on Information Warfare and Security, University of Maryland Eastern Shore, 15-16 March 2006, pages 183 - 188
Ryan, Daniel J. and Julie J. C. H. Ryan. “Daubert and Digital Forensics,” Proceedings of the 2006 Cybercrime Conference. Palm Harbor, Florida: DoD Cyber Crime Center and Joint Task Force – Global Network Operations. (January, 2006)
Ryan, Julie J. C. H. and Daniel J. Ryan. “Biological Systems and Models in Information Security,” Proceedings of the Humanities and Technology Association Conference 2005. Orem, Utah: Utah Valley State College. (October, 2005)
Ryan, Julie J.C.H. “Architecting Information Assurance,” Proceedings of the 23rd IEEE International Performance Computing and Communications Conference, Phoenix, Arizona. 2004. pg. 669.
Ryan, Julie J.C.H. “Teaching Information Security to Engineering Managers,” Proceedings of the 33rd ASEE/IEEE Frontiers in Education Conference, Boulder, Colorado. November 2003.
Jefferson, Theresa I. and Julie J.C.H. Ryan. “A Comparative Analysis of Privacy Policies of Popular E-Businesses,” Proceedings of the 2003 ASEM National Conference, St. Louis, MO.
Ryan, Julie J.C.H. and Theresa I. Jefferson. “The Use, Misuse and Abuse of Statistics in Information Security Research,” Proceedings of the 2003 ASEM National Conference, St. Louis, MO.
Ryan, Julie J.C.H. "The Effect of Public Budgetary and Policy Decisions on Development of Trusted Systems," Proceedings of the 2002 ASEM National Conference, Tampa, Florida. pp. 130 – 134.
Ryan, Daniel J. and Julie J.C.H. Ryan. “Institutional and Professional Liability in Information Assurance
Education,” Proceedings of the 2002 IEEE Workshop on Information Assurance at the United States Military Academy, West Point, NY June 2002.
Ryan, Julie J.C.H. "Information Assurance in Practice," Proceedings of the 2002 IEEE Workshop on Information Assurance at the United States Military Academy, West Point, NY June 2002.
Ryan, Daniel J. and Julie J.C.H. Ryan. “Risk Management And Information Security,” Proceedings of the Eleventh Annual Computer Security Applications Conference, December 1995. Los Alamitos, CA: IEEE Computer Society Press, 1995 (257 – 260).

TECHNICAL REPORTS
Committee for the Review of the Master’s Degree Program for Science and Technology Intelligence Professionals. “Review of the National Defense Intelligence College’s Master’s Degree in Science and Technology Intelligence.” National Academies Press, Washington DC: 2011.
Committee for the Symposium on Avoiding Technology Surprise for Tomorrow’s Warfighter - 2010 (2010).
“Avoiding Technology Surprise for Tomorrow’s Warfighter: Symposium 2010.” National Academies Press,
Washington DC: 2010. ISBN 0-309-15568-1.
Committee For The Symposium On Avoiding Technology Surprise For Tomorrow’s Warfighter ; National ResearchCouncil. Avoiding Technology Surprise for Tomorrow's Warfighter: A Symposium Report. Washington D.C.:National Academy Press, 2009.
Naval Studies Board. Technology for the United States Navy and Marine Corps, 2000-2035: Becoming a 21st-Century Force. Washington D.C.: National Academy Press, 1997.
Naval Studies Board. The Navy and Marine Corps in Regional Conflict in the 21st Century. Washington D.C.:National Academy Press, 1996.

NON-REFEREED CONFERENCE PROCEEDINGS AND WHITE PAPERS
Ryan, Julie J.C.H. Cyber Security: The Mess We’re In and Why It’s Going to Get Worse. Report GWCSPRI-2100-4, April 11, 2011. The Cyber Security Policy and Research Institute 2010-2011 Seminar Papers. Available online at https://static1.squarespace.com/static/53b2efd7e4b0018990a073c4/t/553e7a2ce4b07cdafb3d11cb/1430157868497/2011-4_cyber_security-the_mess_were_in_ryan.pdf.
Ryan, Julie J.C.H. “Phishers and Botnets and Worms, Oh My!”, Presentation to the US Army Science Board, 12October 2010.
Ryan, Julie J.C.H. “Academic Integrity: The Difficult Conversation.” Presentation made to several audiences.
Ryan, Julie J.C.H. and Daniel J. Ryan, “Understanding and Measuring Security Performance”, Proceedings of the Information Security Compliance and Risk Management Institute Conference, June 2009, University ofWashington.
Ryan, Julie J.C.H. “Using the OODA Loop to Introduce Information Warfare to Students: A Tutorial”, Proceedings of the Colloquium for Information Systems Security Education 2009, Seattle, Washington, June 2009.
Ryan, Julie J.C.H. “Acquiring Software Systems for Secure Identity Management”, Proceedings of the IDGA Identity Management Summit, July 2009.
Ryan, Julie J.C.H. “Managing the Detection Challenge,” Proceedings of the Second Annual Alaska InformationAssurance Workshop, August 2006, available online at http://assert.uaf.edu/presentations/workshop06/slides/jryan.pdf.
Ryan, Julie J.C.H., ed. Proceedings of the First US-Japan Workshop on Critical Information Infrastructure Protection, published electronically October 2004, http://www.gwu.edu/~usjpciip/, Work supported under NSF Grant 455350.
Ryan, Julie J.C.H. “Quantifying Information Security Risks Using Expert Opinion Elicitation,” Proceedings of the 2nd Japan – US Experts Workshop on Critical Information Protection (CIIP), June 2005, available online at http://www.doi.ics.keio.ac.jp/CIIP05/27/05-Ryan.pdf.
Ryan, Julie J.C.H. “Information Warfare and the High Speed Computing Community,” Proceedings from the Conference on High Speed Computing, April 1996, p 91-98.
Hughes, Julie J.C. “Prototype Testing: More Than Just a Luxury,” Booz•Allen & Hamilton Test Engineering White Paper, 1989.

OTHER PUBLICATIONS
Ryan, Julie J.C.H. “Plagiarism, Education, and Information Security,” IEEE Security and Privacy. Vol. 5, no. 5, September/October 2007, pp. 62-65.
Ryan, Daniel J. and Julie J.C.H. Ryan, “The Perfect Graduate,” The Information Leader: A Quarterly Journal on Information Trends. Information Resources Management College, National Defense University, Washington, DC. Winter 2007: Volume 12, No. 1.
Ryan, Julie J.C.H. “Political Engineering in Knowledge Security,” VINE: The Journal of Information and Knowledge Management Systems Vol. 36 No. 3 (Emerald Group Publishing Limited).
Ryan, Julie J.C.H. “Managing Knowledge Security,” VINE: The Journal of Information and Knowledge Management Systems Vol. 36 No. 2 (Emerald Group Publishing Limited).
Ryan, Julie J.C.H. “Knowledge Management Needs Security Too,” VINE: The Journal of Information and Knowledge Management Systems Vol. 36 No. 1 (Emerald Group Publishing Limited).
Ryan, Julie J.C.H. “Ask the Experts: How do Computer Hackers ‘Get Inside” a Computer?” Scientific American (January 2005): 104.
Ryan, Julie J.C.H. “Last Word: Stealing From Themselves,” Prism Magazine 13 no. 5 (January 2004).
Ryan, Julie J.C.H. “Why Plagiarism is So Tough to Curb,” Letter to the Editor, The Washington Post 14 December 2003.
Ryan, Julie J.C.H. “Stopping Hackers,” .edu/magazine, v. 1 no. 1 (April 2000): 20 – 25.
Ryan, Julie J.C.H. “Student Plagiarism in an On-Line World,” Prism Magazine, (December 1998): cover story.
Ryan, Daniel J. and Julie J.C.H. Ryan. “Protection of Information – The Lessons of History,” Colloquy, Vol. 19, No. 3 (September 1998): 21.
Ryan, Daniel J. and Julie J.C.H. Ryan. “Protecting The National Information Infrastructure Against Infowar,” Colloquy, Vol. 17, No. 1 (July 1996): 14.

WORKSHOP AND COLLOQUIA PARTICIPATION
Eneken Tikk (2011) "10 Rules of Behavior for Cyber Security: Concept by Prof. Dan Ryan (National Defense University), Prof. Julie Ryan (George Washington University), Maeve Dion (Stockholm University), Eneken Tikk (NATO Cooperative Cyber Defence Centre of Excellence)." Tallinn (2011): CCD COE Publications.
David Butler, Jessica Buono, Frederick Erdtmann, Proctor Reid, Editors; Systems Engineering to Improve Traumatic Brain Injury Care in the Military Health System: Workshop Summary Workshop Steering Commitee on Systems Engineering Health Care: Tools and Technologies to Maximize the Effectiveness of Medical Mission Support to DOD. ISBN: 0-309-12759-9, 184 pages, 6 x 9, (2008).

NIATEC National Science Foundation Information Assurance Directorate Department of Homeland Security CISSE Scholarship For Service