About Us

CDA Team

O. Sami Saydjari: President and Founder

Mr. O. Sami Saydjari is the founder and President of Cyber Defense Agency. Under his leadership and guidance, Mr. Saydjari has attracted twenty of the nation's top security experts to create a uniquely superb national asset to help defend the country's most important information systems. He provides vision and expertise for building a research and consulting organization that creates effective systematic defenses for high-value systems against aggressive cyber- attack. Mr. Saydjari has over 27 years experience performing and directing information assurance research, including 13 years as a leader at the National Security Agency and three years as a Defense Advanced Projects Agency (DARPA) Program Manager of Information Assurance where he created one of the most significant investments in information assurance in the nation's history.

Before founding the Cyber Defense Agency, Mr. Saydjari was a Senior Staff Scientist in SRI International s Computer Science Laboratory, where he was the program leader of the Cyber Defense Research Center (CDRC). Prior to SRI, Mr. Saydjari was the Information Assurance Program Manager for DARPA's Information Systems Office.

Mr. Saydjari is an internationally recognized security expert. He has been featured in various publications and broadcast including a feature on PBS Frontline. He served as the "On the Horizon" department editor for IEEE Security and Privacy Journal. He also has the honor of serving on board of directors for distinguished professional non-profit boards advising government leadership on cyber defense policy including the Professionals for Cyber Defense.

Mr. Saydjari earned his M.S. in Computer Science from Purdue University. The Director of NSA named Mr. Saydjari an NSA fellow in 1993 and 1994. He has published more than a dozen technical papers in the field of information security and has presented the results of his research at both such as the National Cryptologic Quarterly, the National Computer Security Conference, IEEE Security and Privacy Conference, and the ACM New Security Paradigms Workshop.

For complete list of publications, press here.

Dr. Carol Muehrcke: Director of Strategic Planning

Dr. Carol Muehrcke is the Director of Strategic Planning for Cyber Defense Agency. She is responsible for helping determine the CDA long- term strategic plan and coordinating those efforts. She has 13 years of experience in security-related product development and assurance.

Prior to CDA, she led commercial software development projects to bring new security technologies to market, including the 3Com Embedded Firewall, where this technology was transferred from the DARPA Autonomic Distributed Firewall (ADF) program. She previously led the assurance effort for major NSA-sponsored development programs for high assurance Guard systems.

Additionally, Dr. Muehrcke has 9 years experience in systems engineering for advanced manufacturing systems at Bell Laboratories. Her specialties include analytic assurance methods and integration with software development, requirements engineering, architecture level trust analysis and project management.

Dr. Muehrcke has a Ph.D., in Mathematics from Rutgers University and an A.B. in Mathematics from Reed College.

Jim Wallner

Jim Wallner is strategic risk analyst and security architect for the Cyber Defense Agency.

Jim evaluates and designs mission critical systems and has over 20 years of security experience. Specialty is formally modeling and synthesizing threat, attack, mission impact, and countermeasure information. Unique system engineering approach efficiently derives solutions that balance the competing design goals of security, survivability, functionality and cost.

Prior to joining CDA, served for 15 years at the National Security Agency where he worked as a system security engineer and evaluator. In this previous position, was chief system engineer for the NSA’s high assurance Key Management Infrastructure. His duties of the nation’s most critical key management architecture, responsible for the secure ordering, generation, and distribution of all cryptographic material for the Department of Defense. Other past assignments include senior INFOSEC System Engineer for NATO, technical director for security for NSA’s Office of Network Security Infrastructure, and cryptographic evaluator.

Jim Wallner has a B.A. Applied Mathematics and a B.A. Economics, University of California, Berkeley, 1987.

Rich Feiertag

Rich Feiertag has more than 40 years of experience in architecture, design, and software development of large complex systems including operating systems, embedded systems, distributed systems, agent-based systems, and networks. He has focused on systems with exceptional requirements for security, reliability, and fault and intrusion tolerance, both in developing new techniques for the development of such systems and applying such techniques to new and existing systems. Recently, Mr. Feiertag has focused on intelligent application of security countermeasures for systems based on an evaluation of the risk imposed by threats to the system's mission and the benefits and costs those countermeasures accrue. Mr. Feiertag has successfully managed many projects involving high technical risk, developing innovative solutions to difficult problems and has published numerous technical papers.

James Meritt

James is a senior security architect for the Cyber Defense Agency. He has over 30 years of experience.

James is an Information Assurance/Cyber Security professional with broad experience in information systems and network engineering. The last 15 years focused in risk management, cross-domain solutions, security management, and C&A, as well as researching and applying critical security solutions. CISSP, CISA, PMP, and IAM certified as well as holding a top national security clearance with a project perspective with network security and vulnerability analysis in an operations research framework. Worked in research environments with significant successes in applying theoretical knowledge. Thorough understanding of federal security policy within the DoD environment. Retired Navy Lieutenant Commander.

James has an MS Operations Research/Systems Analysis specializing in advanced modeling, Naval Postgraduate School, Monterey CA 1982 and a BS Marine Science, specializing in physiochemical oceanography, University of South Carolina, Columbia, SC 1976.

Sue Rho

Ms. Rho has more than 30 years of experience designing and developing high assurance systems. Most recently, she worked on developing a detailed engineering plan for DARPA's National Cyber Ranger Phase I project. As part of the Sparta team, she worked on developing the knowledge management architecture to capture range and test management experience across tests.

Prior to the NCR work, she managed the security development effort for a DAPRA program, called UltraLog during which she developed an adaptive security architecture that integrated the contributions of the program's seven contractors to ensure that the capabilities they developed worked together as an integrated whole. Adaptation was achieved by developing policy-based security mechanisms and using KAoS policy management to dynamically change policies to adapt to changing threat conditions.

She also led the development of a suite of tools, called Proteus, that support dynamic configuration of security mechanisms. Proteus allows component developers to specify the security properties and dependencies for components and then uses a reasoning engine based on Jess to check the security requirements of components for their consistency. If requirements are consistent, Proteus locates applicable security mechanisms that comply with the requirements; if it can't find a security mechanism that can satisfy a particular requirement, it notifies the user for assistance. If all the requirements can be satisfied, it generates the configuration file to build the system.

Ms. Rho also managed the development of several formal verification systems. At Aerospace Corporation, she led the State Delta Verification System, developed to prove the correctness of microcode programs. At Trusted Information Systems, she worked on correctness of C compilers by leading the effort to define semantics of the C language and the development of a C verifier that showed the compiler generated object code satisfies its C program semantics.