JMU Works

Magnotti is the information systems security director for the U.S. House of Representatives, and Grabow is the information security branch manager of the US Senate. Both graduated in the first cohort of the relatively new Commonwealth Information Security Center's distance-learning graduate program.

Both of them graduated in May 1999; they were even in the same study group on occasion. Magnotti assumed his position more than two years ago, and Grabow joined the Senate on Nov. 5.

"I ran into Allan [Allan Berg, executive director of CISC] at a conference in 1997," Grabow says. "He had paper handouts about the program, and it was real low-key and very quiet at the time. We had about 33 people at our first meeting, and about 17 made it through the program."

JMU is still the only school in the country to offer a Master of Science degree in computer science with a concentration in information security. In August 2000, the university added an M.B.A. degree with a concentration in information security.

"To my knowledge, we are the only school in the world that offers both programs," Berg says. This is how the Master of Science program works: Students meet at the beginning and end of the program; the rest of the work is done via distance learning on the Internet. The group is called a cohort.

Magnotti and Grabow were in the first cohort. Instead of picking and choosing a variety of courses, the cohort moves through the program together taking the same courses in lockstep. The program has evolved. For the first cohort, some classes met weekly in Tyson's Corner. The program became 100 percent Internet-based in August 1999.

For Grabow, the critical-thinking skills he gained from the program have been most beneficial in his current position, but he also found software engineering and cryptology helpful. Other courses include computer law, two networking classes and networking security. All courses have information-assurance problems woven throughout.

"Students take two courses every semester and have their summer off," Berg says. "We wanted to make the program as family friendly as possible. Our average student is in their mid-30s and works 60 to 65 hours a week." The program is not limited to computer science professionals, however. "We have students with undergraduate degrees in English and history," Berg says. "They might have to take up to four prerequisite classes, and we require a "B" or better. But they do not have to be in computer science when they enter the program. There is a huge shortage of educators and professionals in the field right now."

Grabow was a senior information technology analyst for the Federal Reserve System when he saw the federal job posting for his current position. He had been there for nearly seven years when he made the move to the Senate.

It was clear to Magnotti that he would be involved in security from a very young age. His grandfather was a locksmith. "I was taught to be a locksmith," Magnotti says. "I became an expert in physical security first, but I could see that computers were the last stronghold and literally held the key to the security kingdom."

Before joining the House of Representatives two years ago, Magnotti was a security manager for the Navy. Computer security was part of his job, but not his specialty.

Although the very nature of these JMU grads' current positions do not allow them to divulge details, Grabow said the scope of his work for the Senate is comparable to the work a person in charge of information security would do in the private sector. "It's unique only in that the objectives we have to meet are the agency's objectives versus working for a profit motive."

Grabow is in the process of putting his own mark on the information security program already in place at the Senate. He and his staff work closely with senators and spend quite a bit of time on Capitol Hill. Grabow's office is in Postal Square. "It's important for me to first get a good grasp of what's occurred before and to be flexible," he says. "More than designing or constructing a program, we'll be refining."

Magnotti's 10-member staff is responsible for the workings of the 12,000 House of Representatives computers. "About two-thirds of the computers they maintain are in the Washington-Metro area, but about a third are in congressional offices all over the country," Berg says. "You hear the term 'firewall,' but that is really a software package, and when you consider the thousands of computers they maintain and the complexity, that is what their [Grabow's and Magnotti's] jobs are."

Magnotti and his staff spend their time on system certification, security audits, security investigations and anti-virus troubleshooting. "What surprises me the most about the information security system here is how open an architecture it is. It's a public house, so it has to be accessible to the public. That means there is a lot of risk to the overall network structure."

The Web site <www.house.gov> is open to the public, and House members' e-mail addresses are also accessible. The same is true for www.senate.gov. "Hackers like to try to deface these Web sites as opposed to a corporate private network," Magnotti says. Computer viruses are also popular among Congress members' computers. "Viruses proliferate fast in this environment," he adds. "We have a CERT [Certified Emergency Response Team] prepared for emergency notification. We have an automatic system alert message."

Although you might think of information security specialists as people who spend a great deal of time on their computers, both Grabow and Magnotti get out of the office on a regular basis. "Working with people is a big part of my job," Grabow says. "Computers don't do aberrant things; people do. I am not glued to my computer all the time."

Grabow says clearing up computer viruses is also within the scope of his job description. "This is a very active time to be in this line of work for the federal government," and he has been very busy since coming to work for the Senate. He has not bumped into Magnotti, his cohort in the House, even one time, but they have a lunch date planned and will see each other at quarterly information security meetings.

"Our offices are a mile away, but the ground that we cover [Capitol Hill campus] is spread out over 287 acres. We've e-mailed, but we haven't connected," Grabow says. "The circumstances haven't warranted a meeting. It's a unique time in the legislative branch."

Indeed, these two alumni have had their hands full, especially in the aftermath of Sept. 11. There is no doubt that being in charge of information security for the government is stressful. People who held Magnotti's position before him didn't last a full year, but he has been there for two. "It's a volatile situation because it is such a political place, but it's supposed to be. Politics enter into everything every day. That's the business we're in."

Grabow, who is a three-time medalist in the World Whitewater Canoe/Kayak Championships, says that he is up for the challenge ahead as well. "I like working for institutions I admire," he says. "And it's not embarrassing anymore to be able to say that I also want to do something for the country."

-- Sande Snead Fulk ('82)