Doctorate of Management, Technology and Information Systems, concentration in Information Security, University of Maryland, University College, 2007
M.S., Management Information Systems, University of Maryland, University College, 1998
B.A., Political Science, The George Washington University, 1995
Relevant Professional Experience:
LMI, Senior Consultant
University of Maryland, Adjunct Professor
Science Applications International Corporation, Senior Information Assurance Analyst
The National Association for the Education of Young Children, Systems Administrator
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Business Continuity Professional (CBCP)
Certified Security Enterprise Architect (CSEA)
Privacy Knowledge Portal. Developed tool to identify and catalog privacy documentation to reduce the complexity of identifying privacy related laws, regulations, and guidance. Evaluated what privacy laws apply to a federal agency system or application that gathers personally identifiable information (PII) to enable an agency to understand and properly deal with privacy-related constraints.
Enterprise Architecture Process/IA integration. Integrated enterprise architecture (EA) and information assurance (IA) into a single, holistic approach to enterprise-wide coordination and integration of processes, information, and technology.
Information Assurance Management in the Federal Sector. An Analytical Framework. Developed an academically cogent and intellectually valid analytical framework that federal IA managers can use to measure their ability to protect their information infrastructure assets.
Security Classification Guide (SCG) Methodology. Conducted an independent research and development project to develop an SCG methodology.
Wireless Security Risk Assessment Method. Developed a comprehensive and efficient method for guiding decision making about wireless connectivity. Tool clearly defines wireless needs, assists with developing policy and guidelines to fulfill those needs, and provides guidance for implementing a wireless plan.
Conference papers presented:
"Cyber Readiness: Are We There Yet?", 9th International Conference on Cyber Warfare and Security (CFP), March 24, 2014, JS Hurley, Sean Kern, Roxanne Everetts.
“Development of a cost model for health care data breaches,” UMD Smith School Workshop on Heath Information Technologies and Economics (WHITE); October 21, 2011, Everetts R., Stouffer, V.
LMI Enterprise Architecture and Information Assurance Integration Approach” Association of Enterprise Architects, May 13, 2009, Everetts R., Perdu D.
Enterprise Security and Risk Management (ESS)
Cyber Strategies (CYS)
Cyber Security for Information Leaders (SEC)
Critical Infrastructure Protection (CIP)
Approval to Operate (ATO)