Time passes, and we lose friends

[Note: update added
March 15]

2017 has gotten off to a bad start for the security
community…and to me, personally.

First, we lost
Kevin Ziese
. I met Kevin over two decades ago, when he was
involved in computer investigations with the Air Force. I got
involved with a couple of investigations, as it was a new field and
I had some connections with the Air Force at the time. Kevin later
served as a UN Weapons Inspector in Iraq after the first Gulf War.
He was at the Pentagon on 9/11. He served in our military with
distinction. Later, he was involved with intrusion detection
research, and became one of the principals in Wheelgroup, which was
acquired by Cisco. He had a significant career in cyber, and made a
number of seminal contributions to the field that most current
practitioners have never heard about.

Kevin was very creative and an able investigator, but what I
remember most about him was his incredible enthusiasm and sense of
humor. In all our interactions, I can’t recall him being anything
other than upbeat, and with great insight. I regularly crossed
paths with him at IDS and computer crime workshops, and in
activities for the Air Force. He was also generous with his time,
and he found ways to visit Purdue several times to give talks to my

I hadn’t seen Kevin for a few years, and was vaguely planning on
visiting him in the next year or so. We were overdue to catch up.
We had been keeping in touch electronically, and his death was a
huge — and sad — surprise to me.

Kevin introduced me, electronically, to Howard Schmidt in the
early 1990s, after Howard joined AFOSI. We exchanged email and
phone calls for several years until we spoke on a conference panel
together and finally met in person. Early on, we discovered we were
in sync on a number of things, and continued to enjoy our
correspondence and occasional meetings through his time at
Microsoft. When he moved to his position at the White House (the
first time) in 2002, I visited several times to join in
conversations on how to fix some of the cyber security problems of
the country. One time, he hosted my family for a Saturday morning
breakfast in the West Wing staff dining room, and was so very kind
to my young daughter — answering her questions with tremendous
patience. Thereafter, we continued to interact in his various
roles, and on through his time at the Obama White House. Whenever
I’d get to Washington, we’d get together for a conversation, and
sometimes a beer.

Twice, Howard came to Purdue to speak in our annual CERIAS Security
. Each time, he told me in confidence that he had
decided to leave his position at the White House, and his visit to
me each time had cemented his decision. (Thereafter, I got a note
from someone who worked with Howard suggesting that I stop inviting
critical personnel to speak at Purdue!)

I have so many stories about my times with Howard and they are
all good. He was always supportive and positive, and he was always
trying to find a way to make things better for others. He also
never let his seniority and distinctions get in the way of helping
others. For instance, I fondly recall when the EWF was starting its
Women of
awards, and they asked Howard and me serve as judges
for the first awards. However, to keep with the spirit of the
awards (and the restriction on judges), we had to be declared as
“honorary women.” Howard and I agreed, even when told that we might
need to show up at the awards in skirts and heels as part of the
process! We laughed about that in later years — that the reason the
awards made it into subsequent years was because we weren’t
asked to do that! (And we did view it as an

The last time I saw Howard was in late 2015, when we both
appeared on a panel at a meeting at a government agency. For the
last 2 years we kept up with occasional social media and email —
sort of the reverse of how we met.
Howard’s passing
last month was untimely and a shock to any of
us, especially so close to Kevin’s.

I attended Howard’s funeral and memorial service last Friday. It
was important to many of us to see off an old friend. While there,
I got to spend time with one of my oldest and dearest friends,

Becky Bace
, the “Den Mother of Cyber Security.” Becky was an
old friend of Howard’s, too, having met him slightly before I did.
(Becky was also a friend of Kevin.) I first met Becky in 1991, at
one of the old (now defunct) National Security Conferences. We
immediately hit it off, with discussion about mutual interests in
security and crazy humor. Becky was the person who got me to move
my primary research focus to security, and provided funding for my
first security research project in intrusion detection. She
involved me in the intrusion detection “guru” workshops she held,
and introduced me to others in the field — Becky knew everybody, it

Over the course of the next 25+ years, Becky and I became good
friends, and colleagues in a number of cybersec activities. We
served on boards and panels together. We consulted for some of the
same companies. She also made sure to introduce some of my students
to people working in the field, both to help them enhance their
research, and to get researchers to learn about some of the
cutting-edge things we were doing in the university. We often
called each other to share notes and occasionally gossip that we
didn’t want to put in email. Becky regularly visited CERIAS to speak and mentor students. She was
especially helpful in mentoring some of our women students and
faculty. “Infomom” was bright, funny, and incredibly networked.

I have so many stories about Becky. There was never a time
together where we didn’t laugh about something…many things…but also
develop some new insight or connection that one of us could use.
And every time we were together, we were spinning ideas for how I
could find something new to do to break out of the rut I’m often in
at the university, and for her to explore as a new career path: I
wanted to do more in the commercial world, and she wanted to have
an impact in the academic space.

Becky and I both were quite devastated by Howard’s passing, and
the funeral was both a very sad time, and a chance to share more
laughs with each other with stories about our times with Howard.
Thus, it was all the more shock to learn, less than 4 days after I
last saw her, that Becky had died suddenly.

In the space of six weeks, I have lost three friends and
colleagues, each of whom I have known for over two decades, and one
of whom was one of my closest friends. Time passes, and we all have
finite time here. Nonetheless, it is always too soon for the people
we care about. And it is too soon to lose the people who have spent
so much time and effort trying to make the world better for the
rest of us.

It is also sobering that these three were people my age. It
reminds me that time is passing rather than some entity purposely
making the stairs steeper for me each year.

It also reminds me of one of the reasons I have spent my career
to date in higher education — it is one of the few vocations where
there is some real hope of replacing ourselves, and doing so with
better quality than what we are ourselves. But as much as we may
try, we will not see any like Kevin, Howard, and Becky again. To
paraphrase a mutual friend, if there is a heaven it is going to be
much more secure and much more fun than it was before.

RIP, friends.

Update: March 15,


I have learned that some people had not yet heard of Kevin’s
passing, although they knew him. If you want to make a donation in
his memory, please send it to one or more of:


If you wish to make a donation in the memory of Howard Schmidt,
send it to:

Brain Tumor Research Program
℅ Dr. Connelly
9200 W. Wisconsin Ave
Milwaukee, WI 53226


There will be a memorial service for Becky in Shelby Hall at the
University of South Alabama in Mobile, AL on Saturday, March 25th
at 1PM. Information on attending and travel are
posted here
. A memorial webpage will be posted on Becky’s
infidel.net website sometime in
the next week or so.

A memorial service will also be held in San Jose on April 21. I
will post additional details here if I get them.

ACSA’s top scholarship in the Scholarship for Women Studying
Information Security (SWSIS.org)
has been renamed as the Rebecca Gurley Bace Scholarship.
Contributions to help support this scholarship are welcomed by
sending a check (sorry, no online contributions) to:

Applied Computer Security Associates, Inc
2906 Covington Road
Silver Spring, MD 20910

Checks should be made payable to Applied Computer Security
, and note SWSIS Rebecca Gurley Bace
on the memo line.

All of the above are non-profit, charitable organizations, and
your contributions will likely be tax-deductible, depending on your
tax circumstances.

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips