Kevin Nixon

Current

• Owner & Sr. Principal at KMN, LLC
• Security Editor at Information-Security-Resources.com

Past

• Independant Security Consultant at Hypersecurity, LLC
• Sr. Director, Security Business Strategy at Exodus, Cable & Wireless, SAVVIS
• Sr. Director, Security Business Strategy at Exodus Communications

• Sr. Director, Information Security & Business Continuity at Alliance Data Systems
• Security, Data Privacy, & Domestic and International Compliance at SABRE
• Manager, Product Development – Joint Ventures at AMR/SABRE
• Manager & Sr. Systems Analyst, SABRE Application Security at AMR/American Airlines - SABRE Systems

see less...

4 more...

Education

• Southern Methodist University - Cox School of Business
• Schreiner University

Recommended

38 people have recommended Kevin

Connections

493 connections

Industry

Computer & Network Security

Websites

• The Daily Sandbox!
• Information Security Resources
• Waves Turn Rocks To Sand!

Kevin Nixon’s Summary

Exemplary record providing the vision and decisive leadership in Information Technology Management, IT Security, Regulatory Compliance, Corporate Governance, and Joint Ventures. Successful at building corporate infrastructures and establishing operating controls that facilitate smooth operations during periods of significant growth and rapid downsizing. Extremely effective at integrating emerging technologies and operational systems/processes to solve complex business & ebusiness problems. Talent for developing high-performance executive teams, making effective decisions under unfavorable conditions, and quickly revising tactics to achieve goals. An ice breaker that thrives, in a creative, imaginative, multi-tasking, semi-structured team with no interest in empire building. Favorite quote is "Waves turn Rocks to Sand. Make Waves!"

Kevin Nixon’s Specialties:

► Certified in the Governance of Enterprise IT (CGEIT)
► Certified Information Systems Security Professional (CISSP)
► Certified Information Systems Manager (CISM)


Extensive experience in:
► Gramm-Leach-Bliley Security Audits
► Data Privacy Policy
► Investigation & Litigation Support
► Mergers & Acquisitions
► FFIEC/OCC/OTS Regulations
► EU & Basel II Regulations
► Sarbanes-Oxley
► Domestic & International Regulatory Compliance
► USA PATRIOT ACT

Kevin Nixon’s Experience

• Owner & Sr. Principal

  KMN, LLC

  (Computer & Network Security industry)

  May 2008 — Present (1 year 3 months)

  Thought Leadership in Governance, Risk, Compliance and Privacy. Leading the creation of Public Policy, revised Regulatory Oversight and IT Security & Data Privacy Standards. Dedicated to the promulgation of Enterprise IT Governance Ethics; the evangelism of data element classification controls which provide protection while enabling the continuity of business, and establishing metrics which allign with the legal requirements of both public and private corporations.

• Security Editor

  Information-Security-Resources.com

  (Publishing industry)

  November 2007 — Present (1 year 9 months)

  The goal of Information-Security-Resources.com is to help industry stakeholders, government regulators, and the public better understand and address the mounting information security threats inherent in the current financial crisis.
  
  Our concern is centered around the failure of organizations to adequately protect regulated systems and data. Our current focus is on the exposure of private info and sensitive systems during the financial meltdown, including identity theft, privacy breach, info stolen, credit card fraud, and other enormous liabilities.

• Independant Security Consultant

  Hypersecurity, LLC

  (Privately Held; 1-10 employees; Information Technology and Services industry)

  December 2005 — December 2007 (2 years 1 month)

  Supported clients regarding Regulatory Compliance, Security Policies and Procedures. Strategic Thought Management related to Mergers & Acquisitions, Growth, Priviatisation or Re-Tooling current processes.

• Sr. Director, Security Business Strategy

  Exodus, Cable & Wireless, SAVVIS

  (Public Company; 1001-5000 employees; SVVS; Information Technology and Services industry)

  April 2001 — December 2005 (4 years 9 months)

  Responsibilities included management of the Chief Security Officer Budget as well as the ROI analysis of all greenhouse products, including scanners, the wireless base, and all 3rd Party distribution channels.
  
  Industry liaison to the American National Standards Institute (ANSI) as well as the American Bankers Association X9F Committee for Financial and Banking Sector Information Security and Data Privacy.
  
  Directed corporate compliance and policies for U.S. as well as European regulations and legislation, specifically:
  
  ► Gramm-Leach-Bliley (GLB) Act
  ► Health Insurance Portability and Accountability Act (HIPAA)
  ► Sarbanes-Oxley Act (SOX)
  ► Regulatory Investigative Powers Act (RIPA)
  ► Data Protection Act (DPA)
  ► Fair Accurate Credit Transactions Act (FACTA)
  ► Fair Credit Reporting Act (FCRA)
  ► USA Patriot Act

• Sr. Director, Security Business Strategy

  Exodus Communications

  (Public Company; 5001-10,000 employees; Computer & Network Security industry)

  April 2001 — March 2003 (2 years)

• Sr. Director, Information Security & Business Continuity

  Alliance Data Systems

  (Public Company; 5001-10,000 employees; ADS; Banking industry)

  November 1997 — March 2001 (3 years 5 months)

  Responsible for protection of all enterprise information systems and corporate assets from threats such as errors and omissions, fraud, embezzlement, sabotage, terrorism, industrial espionage, brute force attacks, social engineering, privacy violations and natural disasters, while minimizing service interruptions and ensuring legitimate access to information.
  
  Coordinated and facilitated internal and external audits for protection of assets and environments in the mainframe, network and e-commerce areas, as well as compliance to federal laws (FFIEC, OCC, and FDIC) for protected systems.
  
  Designed, developed, and implemented the corporate strategy for privacy, protection, and security of e-commerce projects in compliance with GLB and HIPAA.
  
  Served as primary Corporate Information Services contact for local, State, Federal, and international law enforcement officials and, when necessary, coordinated all investigations.

• Security, Data Privacy, & Domestic and International Compliance

  SABRE

  (Public Company; 10,001 or more employees; TSG; Information Technology and Services industry)

  January 1995 — November 1997 (2 years 11 months)

  Directed and oversaw system security enhancements and audit functions necessary for the SABRE system to ensure compliance to all European Union regulations and international data protection and security standards.
  
  Managed the external auditor’s review of SABRE internal security measures and compliance to the European Commission’s CRS Code of Conduct.
  
  Collaborated with various U.S. governmental and regulatory agencies to affect a reduction of more than $25M in electronic fraud within the US airline industry.

• Manager, Product Development – Joint Ventures

  AMR/SABRE

  (Public Company; 10,001 or more employees; AMR; Information Technology and Services industry)

  January 1990 — January 1995 (5 years 1 month)

  Conceptualized, developed, and coordinated system enhancements specific to Australasian and Pacific rim customer groups.
  
  Developed marketing and cost assessments for all deployed connectivity solutions.
  
  Reduced overall product support costs by 80% by orchestrating the upgrade of a majority of the global customer base to a single product line and by phasing out a six-tier (version) product line.

• Manager & Sr. Systems Analyst, SABRE Application Security

  AMR/American Airlines - SABRE Systems

  (Public Company; 10,001 or more employees; AMR; Information Technology and Services industry)

  June 1984 — December 1989 (5 years 7 months)

  Developed applications designed to add granular controls for permission or denial of access to numerous global systems, including but not limited to, ticketing, pricing, inventory control, seat assignments, boarding pass issuance, American Airlines’ AAdvantage Program and Passenger Profiling System as well as all Application Program Interface (API) hand-offs to back-office systems.
  
  Additionally, handled all interfaces to external reservation systems of SABRE’s participating airline, car, and hotel reservation systems, using a product called Total Access which included Direct Connect, Direct Access and Multi Access.

Kevin Nixon’s Education

• Southern Methodist University - Cox School of Business

  Executive MBA Certification , Business & IT Management , 1999 — 2001

• Schreiner University

  Communications 1974 — 1976

Additional Information

Kevin Nixon’s Websites:

• The Daily Sandbox!
• Information Security Resources
• Waves Turn Rocks To Sand!

Kevin Nixon’s Honors:

Rotary International Exchange Student Scholarship - Essen, Germany - Attended Alfred Krupp Schule

Consultant to the Federal Trade Commission on the roll out of the Fair and Accurate Credit Transactions Act of 2003 (FACTA) providing input regarding web security best practices for the website: www.annualcreditreport.com

Disaster Recovery Workgroup for the Office of Homeland Security under Richard Clarke, Special Advisor to the President for Cyberspace Security and Chairman of the Critical Infrastructure Protection Board.

TC68-SC2 & US TC68-SC6 Member to the International Standards Organization (ISO) on Financial Data Protection, Privacy, and Security Standards.

Kevin Nixon’s Contact Settings

Interested In:

• career opportunities
• consulting offers
• new ventures
• job inquiries
• expertise requests
• business deals
• reference requests
• getting back in touch