He is also the Assistant University Information Security Officer for VA Tech. He is the coordinator of VA-CIRT, an incident response team comprising of IRT's from various VA state Universities. He is the author of VA Tech's Acceptable Use Statement which has become a model for the VA state university system. He has been a frequent speaker at national and international conferences such as SANS, IIA, ISACA, ACUA,   Network Security, IEEE  Symposium on Systems Management, NIST, US Forest & Wildlife Service, Computer Security Conference. DECUS-Canada, Air Force Material Command, EDUCAUSE and ACUA.He's been the subject of articles in the Chronicle of Higher Education on security issues at university campuses. The SANS Institute has described him as the "best storyteller in the computer security field." He has  taught professional development seminars on Unix System Management, Forming Incident Response Teams, Auditing Unix Systems, Auditing Internet Security for various professional groups such as EDUCAUSE, ACUA, ISACA, IIA, Ernst & Young and the SANS Institute.

He is a co-author of the FBI/SANS Institute's "Top 10/20 Internet Security Vulnerabilities" document that has become a standard for  most computer security and auditing software. He is the co-author of the SANS Institute's "Responding to Distributed Denial of Service Attacks" document that was Prepared at the request of the White House in response to the DDOS attacks of 2000.

He is a co-author of the SANS Institute's "Computer Security- Incident Handling - Step by Step" which has been recognized as one of the foremost publications on Incident Response.  He has been a member of the SANS Institute's faculty since 1992 and is one of the developers of their GIAC security certification courses. He is a co-author of the EDUCAUSE "Computer and Network Security in Higher Education" booklet. He is a member of the EDUCAUSE security task force.

He is a coauthor of the Center for Internet Security's series of Security Benchmark documents for Solaris, AIX and Windows2000. These benchmarks are available for free and represent the first  successful attempt to create a set of  consensus documents with detailed steps for implementing system security. He is one of the founders of the Virginia Alliance for Secure Computing and Networking (www.vascan.org), a consortium of security practitioners and researchers from VA Tech, U of Virginia, James Madison Univ., George Mason Univ. The alliance provides security education, checklists and support for all state agencies in Virginia.

He was a member of the White House Partnership For Critical Infrastructure Security working group that developed the Consensus Roadmap for responding to the recent series of DDOS Internet Attacks. He was a recepient of the SANS Institute's Security Technology Leadership Award for 2000. He was a recepient of the VA Governor's Technology Silver Award in 2003.

He is acknowledged as one of the North American masters of the hammer dulcimer. He is the author of the theme song of Public Radio International's nationally syndicated radio program, "World Cafe". His band, "No Strings Attached" was  nominated for or won "Indie" (independent record label's version of the Grammy) for Best Album (String Music) category in 1984, 1985, 1986, 1988, 1990.