Dan Shoemaker

Biography

PROFESSIONAL SKILLS

• 36 years of university teaching and research
• Founded SEI sanctioned program in software engineering 1988
• Founded SEI sanctioned program in software management 1991
• 26 years as a department chair
• 30 years experience in system and software engineering
• 6 years as general manager of large information system operation
• 25 years as a professional consultant/trainer
• Areas of consulting expertise are:
• ICT Supply Chain Risk Management
• Secure Software Assurance
• Cyber Security Enterprise Architectural Development
• Integrated Asset Accounting and Control Frameworks Using  COBIT
• Integrated Enterprise IT Governance Process Development
• Quantitative Management – PMO Development
• Enterprise Procurement Process Development for IT
• IT Protection Profile Development Using ISO 15408-2 and ISO 15408-3
• Software Configuration Management Process Architecture and Deployment
• Software Process Assessment/Improvement using CMM, CMMI, or ISO 15504
• Integrated Software Quality Assurance Process Architecture and Deployment
• Software Testing and Quantitative Measurement Program Deployment
• System and Software Specification and Design
• IT Management Process Development and Deployment
• IEEE 12207.0, 12207.1, 12207.2 Training
• TSP and PSP Training


PROFESSIONAL EXPERIENCE (Past 30 Years)
Professor and Senior Research Scientist
Computer and Information Systems
Center for Cyber Security and Intelligence Studies
College of Liberal Arts and Education
University of Detroit Mercy

In addition to my own teaching, research and publication program, I am accountable for developing innovative research programs in cybersecurity. I am also responsible for leadership in all aspects of curriculum design and development for a National Center of Excellence in Information Assurance Education (CAE/IAE). Courses taught include:
 Graduate Secure Software Management
 Graduate Software Assurance
 Graduate Information Assurance Principles
 Graduate Information Assurance Processes
 Graduate Information Audit and Audit Processes
 Cyberlaw


2004 to 2013
Director
Centre for Assurance Studies
A National Center of Academic Excellence in Information Assurance Education
School of Cybersecurity and Intelligence Studies
University of Detroit Mercy

Provide leadership and strategic direction for a National Security Agency/Department of Homeland Security Center of Academic Excellence in Information Assurance (CAE/IAE). Develop curricula to align with national standards for IA education. Perform research in information assurance under Department of Defense (DoD) sponsorship. Develop outreach opportunities within the State of Michigan. Duties include:
 Direction of the programs of the Centre for Assurance Studies under contract to the National Security Agency
 Leadership of the International Cyber-Security Education Coalition – which includes most of southeast Michigan
 Participation in the development of (and co-authorship) of the national Software Assurance Body of Knowledge (SWABOK) for the Department of Homeland Security
 Participation in the SWABOK business case development project for the Department of Homeland Security
 Participation in the National Workforce Training and Education initiative of the Department of Homeland Security
 Participation in the National SCADA security education initiative of the Department of Homeland Security

2000 to 2010
Professor and Chair
Computer and Information Systems
College of Liberal Arts and Education
University of Detroit Mercy

In addition to my own teaching, research and publication program, I am accountable for all scheduling, staffing and mentoring of CIS faculty. I am also responsible for leadership in all aspects of curriculum design and development and academic administration for a Program with 200 students offering an average of 30 courses per term. Courses taught include:
 Graduate Software Management
 Graduate Software Quality Assurance
 Graduate Information Assurance
 Graduate Software Process Improvement  – TSP/PSP
 Graduate Audit Processes


1991 to 2000
Associate Professor
Academic and Research Coordinator/Program Manager
Computer and Information Systems
College of Business Administration
University of Detroit Mercy
In addition to my own teaching, research and publication program, I was responsible for leadership in development of the teaching and the personal research programs of CIS faculty. I was also accountable for all aspects of curriculum design and implementation as well as the details of academic administration and recruitment for a Program offering undergraduate and Masters degrees. Courses taught in this period include:
 Graduate Software Management
 Graduate Software Engineering: Specification and Design
 Undergraduate Software Engineering


1984 to 1991
Associate Professor and Director
Computer and Information Science
Mercy College of Detroit
I designed, implemented and developed the curriculum for this program. I also maintained complete budgetary and administrative responsibility for faculty, equipment and course programming for the undergraduate software engineering and computer science concentrates.  Courses:
 Management Information (MIS) and Decision Support System (DSS) Development
 Software Engineering: Specification and Design
 Software Configuration Management and Technical Reviews
 Systems Analysis
 Computer Organization and Architecture/binary mathematics and logic circuits
 Data Base Design
 Data Communications
 FORTRAN and BASIC Programming
 End User Applications
 Computers and Society


1980 to 1984
Director and Adjunct Assistant Professor
Office of Information Systems and Analysis
Michigan State University
I provided overall management, budgetary and concept leadership to analysts and programmers in a major organizational unit composed of data processing and MIS professionals. Responsibilities included general management, architecting of integrated systems to support operational and managerial decision-making. I also designed and oversaw development of a complete, decision support system for health care providers.


Education

1978 Ph.D University of Michigan Information Systems and Strategic Planning
1975 MA Eastern Michigan University Research Design and Statistics
1968 MA Eastern Michigan University English and History
1966 BA University of Michigan Pre-Law

National Service

• Department of Homeland Security - SME Policy and Strategy – Nice Initiative Workforce Framework (2011-2015)

• United States Educational Representative – European Union Summit on Cyber Security (Paris, France, March, 2009)

• Department of Defense, Principal Investigator, National Secure Software Assurance Workforce Education and Training Program (funded research from DoD)

• Department of Homeland Security – National Cybersecurity Division - Workforce Education and Training Committee - 2004 -2015 (Chair)

• Department of Homeland Security – National Cybersecurity Division – Software Assurance Body of Knowledge (co-author) - 2004 to 2015

• Department of Homeland Security – National Cybersecurity Division – Workforce Training and Education Certification Taskforce - 2006 to 2015

State Level Service
• Governor’s International Cybersecurity Summit Track Reviewer 2015
• Co-Chair for Governor’s International Cybersecurity Summit Education Track 2014

• Co-Chair Statewide Strategic Plan for Cybersecurity Education, 2011

• Author Statewide Strategic Plan for Cybersecurity Education 2011

Honors

• State of Michigan Homeland Security Consortium (MIHSC) Annual SELECT Award to recognize homeland security segment leaders (Educator) – April, 24 2007, Lansing Michigan

• Alpha Iota Delta, Delta Mu Chapter, University of Detroit Mercy, National Academic Honorary for Computer and Information Systems and the Decision Sciences  - Board Member

• Phi Kappa Phi, Eastern Michigan University - National Academic Honorary


Professional Service:


Co-Editor, Special Edition of the Colloquium for Information System Security Education (CISSE) Educational Approaches to Transition Former Military Personnel into the Cybersecurity Field, Edition Two, Issue 2, Spring 2015

Editor, Proceeding of the Colloquium for Information System Security Education (CISSE) and Paper Chair for the Annual Conference, with Annual publication  2014-Present

Co-Editor, Proceeding of the Colloquium for Information System Security Education (CISSE) (CISSE Edition One Book 1) December 1, 2013.

Editor, International Journal of Secure Software Engineering, (special issue – Software security Education), March-April 2011

Reviewer, Journal of Information Systems Security Education, Elsevier Publishers 2009-present

Refereed Publications (past 8  years)

1. Woody, Carol, Shoemaker, Dan, Model-Based Engineering for Supply Chain Risk Management,CrossTalk, Sept/Oct 2015

2. Shoemaker, Dan, The NICE Framework: Why you need to Understand This Important Initiative,  UEDP, EDPACS, #1054241, May 20, 2015

3. Shoemaker, Dan, Woody, Carol,  The Impact of Contextual Factors on the Security of Code, CrossTalk, Vol 28 No3, May/June 2015

4. Shoemaker, Dan, Mead, Nancy, Evaluating Software Assurance Knowledge and Competency of Acquisition Professionals, CrossTalk, Vol 27 No 5, Sept/Oct 2014.

5. Dan Shoemaker, The colloquium for information system security education (CISSE)--the adventure continues, ACM Inroads, Volume 5, Issue 2, June 2014, pages 50-54

6. Mead, Nancy, Dan Shoemaker, A Standard Best Practice Approach to Acquisition of Secure ICT Products, The EDP Audit, Control and Security Newsletter, Vol 49 Issue 6, 2014, pgs 10-18.
7. Shoemaker, Dan, The SEI report titled Software Assurance Measurement – State of the Practice, CMU/SEI-2013-TN-019, Type: Technical Note, November 2013

8. Shoemaker, Dan, Building a Software Reuse Governance Framework Using a Global Standard, EDPACS: The EDP Audit, Control, and Security Newsletter, Volume 48, Issue 1, 2013

9. Shoemaker, Dan, Wilson, Charles, The Weakest Link-The ICT Supply Chain and Information Warfare, Journal of Information  Warfare, 2013 Edition

10. NR Mead, D Shoemaker, Building a Body of Knowledge for ICT Supply Chain Risk Management,  CrossTalk, March/April 2013

11. NR Mead, D Shoemaker, C Woody, Principles and Measurement Models for Software Assurance, International Journal of Secure Software Engineering, Volume 4, Issue 1,2013

12. Dan Shoemaker, James Rainey III, Charles Wilson, A Governance Framework For ICT Supply Chain Risk Management, EDPACS:The EDP Audit Control and Security Newsletter, December 2012, Col. 46, No.6

13. Dan Shoemaker, The Proof Is In the Certification, Cutter IT Journal, September 7, 2011

14. DP Shoemaker, GW Ulferts, PT Wirtz, A Drommi, Evaluating Return On Investment For Software Process Improvement Projects, Journal of Business & Economics Research (JBER), 2011

15. GW Ulferts, A Drommi, D Shoemaker, Embedding Security Functionality In Formal Specifications of Requirements,  Review of Business Information Systems (RBIS), 2011

16. Shoemaker, Dan, Security and the Enterprise, Cutter IT Journal, November 16, 2011

17. Shoemaker, Dan, Arming the Fortress: Principles for Securing Your Enterprise, Cutter IT Journal, August 10, 2011

18. JA Ingalsbe, D Shoemaker, NR Mead, W Meier,  Taking Our Eyes Off the Ball: Has Fighting Cyber Crime in the US Left Us Ill-Prepared for Cyber War?, Cutter IT Journal, 2011

19. Shoemaker, Dan, Nancy Mead and Jeff Ingalsbe, Integrating the Master of Software Assurance Curriculum into the Model Curriculum Guidelines for Information Systems Curricula, Technical Note CMU/SEI-2011-TN-004, Software Engineering Institute, 2011  

20. Mead, Nancy and Dan Shoemaker, Two National Initiatives to Improve Software, Crosstalk August 2010

21. NR Mead, JH Allen, WA Conklin, A Drommi, J Harrison,  D Shoemaker, Making the Business Case for Software Assurance, Software Engineering Institute, Special Report 01, CMU/SEI- 2009

22. Mead, Nancy R., Antonio Drommi Dan Shoemaker, and Jeff ingalsbe, A study of the Impact on Students Understanding Cross Cultural Differences in Software Engineering Work, 33rd Annual IEEE International Computer Software and Applications Conference, Seattle, 2009

23. Ingalsbe, Jeffrey, Dan Shoemaker and Nancy Mead, Threat Modeling the Enterprise, Journal of Information Systems Security, 5,3,2009

24. Mead, Nancy, Dan Shoemaker, and Jeffrey Ingalsbe, Software Assurance Practice at Ford – A Case Study, Crosstalk, Vol 22, No 3, March, 2009

25. Shoemaker, Dan, It’s a Nice Idea but How Do We Get Anyone to Practice It? A Staged Model for Increasing Organizational Capability in Software Assurance, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, February 2009, https://buildsecurityin.us-cert.gov

26. Shoemaker, Dan, Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, February 2009, https://buildsecurityin.us-cert.gov

27. Shoemaker, Dan and Art Conklin, Finding a Vendor you can Trust in the Global Marketplace, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, July, 2008, https://buildsecurityin.us-cert.gov

28. Bailey, John, Antonio Drommi, Jeffrey Ingalsbe, Nancy Mead and Dan Shoemaker, A Common Sense Way to Make the Business Case for Software Assurance, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, March, 2008, https://buildsecurityin.us-cert.gov, EDPAC’s: The EDP Audit, Control & Security Newsletter 38(3), 8-20

29. Mead, Nancy; Dan Shoemaker and Jeffrey A. Ingalsbe,  Integrating Software Assurance Knowledge into Conventional Curricula, Crosstalk, January 2008, Vol 21, No1

30. Shoemaker, Dan, Gregory Ulferts and Antonio Drommi, A Standard Methodology for Embedding Security Functionality Within Formal Specifications of Requirements,  Journal of Information Technology Management, Fall 2007

31. Mead, Nancy, Dan Shoemaker and Antonio Drommi, Maintaining IT’s Corporate Impact through a Governance Framework,  Cutter Magazine, Cutter Consortium, July 2007

32. Shoemaker, Dan, Building Security into the Business Acquisition Process, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, June 4, 2007 https://buildsecurityin.us-cert.gov/daisy/bsi/896.html?branch=1&language=1

33. Mead, Nancy R. and Dan Shoemaker, Justifying IT Investment: Why CIOs Have to Know Strategy, Cutter Magazine, Cutter Consortium, March 2007

34. Bailey, John, Antonio Drommi, Jeffrey Ingalsbe, Nancy Mead and Dan Shoemaker, Models for Assessing the Cost and Value of Software Assurance, Software Engineering Institute, BuildSecurityIn website, Department of Homeland Security, February 6, 2007, https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/business/684.html?branch=1&language=1

      21. NR Mead, D Shoemaker Producing Alignment-Savvy CIOs - IT Journal, 2007

Books:

1. Shoemaker, Dan, Sigler, Kenneth and Kohnke, Anne, CyberSecurity: A Guide to the National Initiative for Cybersecurity Education (NICE) Framework (2.0),  Feb 2016

2. Kohnke, Anne, and Shoemaker, Dan, The Complete Guide to Cyber Security Risks and Controls, due out Feb 2016.

3. Shoemaker, Dan and Kenneth Sigler, Cybersecurity: Engineering a More Secure Software Organization, Cengage Publishing, January 2014

4. Conklin, W.A. and Dan Shoemaker, The CSSLP All-In-One,  McGraw-Hill, Dec. 2013

5. Shoemaker, Dan and Art Conklin, Cybersecurity: The Essential Body of Knowledge, Cengage Publishing, May 17, 2011

6. Mead, Nancy R., Julia H. Allen, W. Arthur Conklin, Antonio Drommi, John Harrison, Jeff Ingalsbe, James Rainey, & Dan Shoemaker, Making the Business Case for Software Assurance, Chapter 6, Carnegie Mellon University/Software Engineering Institute, SEI/CMU-2009-SR-001

7. Mead, Nancy and Dan Shoemaker, Novel Methods of Incorporating Security Requirements Engineering into Software Engineering Courses and Curricula, in Heidi Ellis (Ed), “Software Engineering: Effecting Teaching and Learning Approaches and Practices” IGI Global books, 2007

8. Shoemaker, Daniel and Daniel B. Kennedy, Criminal Profiling and Cybercriminal Investigations, in Michael Pittaro & Frank Schmalleger (Eds), “Crimes of the Internet”, Prentice-Hall, 2007

9. Schou, Corey and Dan Shoemaker, Information Assurance for the Enterprise: A Roadmap to Computer Security, September 2006, McGraw-Hill Publishers, San-Francisco/Chicago

10. Shoemaker, D. A Quantitative Risk Assessment Model for the Management of Software Projects(chapter) “Practicing Software Engineering in the 21st Century”, ed. Joan Peckham, IRM Press, Idea-Group Publishers, Hershey, Pa. 2003

11. Shoemaker D. and V. Jovanovic, Engineering a Better Software Organization, (third edition) Quest Publishing House, ISBN 0-9673695-0-9, Library of Congress Catalogue Number 99-65120, Ann Arbor, Michigan, 2002 (nominated for an AJCU national award in business)

12. Shoemaker D. and V. Jovanovic, GOT-IT Fine Tuning your Software Organization, Quest Publishing House, ISBN 0-9673695-1-9, Detroit, Michigan, 2002



Refereed Proceedings: (past 13 years)


1. Mead, Nancy and Dan Shoemaker, A Competency Model for Software Assurance, Conference on Software Engineering Education and Training (CSEET), San Francisco, 2013
2. Shoemaker Daniel and Charles Wilson, The Weakest Link – The ICT Supply Chain and Information Warfare, ICIW 2013, 25-26 March, Denver, Colorado, USA

3. Schymik, Gregory and Shoemaker, Dan, Managing Government Regulatory Requirements for Security and Privacy Using Existing Standard Models (2013). Transactions of the International Conference on Health Information Technology Advancement. Paper 33., http://scholarworks.wmich.edu/ichita_transactions/33

4. C Woody, N Mead, D Shoemaker Foundations for Software Assurance, Hawaii International Conference on System Science (HICSS), 2012 45th Hawaii, IEEE, 2012

5. Mead, Nancy, Dan Shoemaker and  Linda Laird, Getting Secure Software Assurance Knowledge into Conventional Practice – Three National Initiatives, The 35th Annual IEEE Computer Software and Applications Conference (COMPSAC 2011), Munich
6. Jeffrey A. Ingalsbe, Daniel Shoemaker, Nancy R. Mead, Threat Modeling the Cloud Computing, Mobile Device Toting, Consumerized Enterprise - an overview of considerations, 17th Americas Conference on Information Systems, AMCIS 2011, Detroit, Michigan, USA, August 4-8 2011


7. Mead. Nancy, Linda Laird and Dan Shoemaker, Moving Secure Software Assurance Knowledge into Higher Education – A Roadmap for Social Change, 23rd Annual Systems and Software Technology Conference (SSTC 2011), Hill AFB, Utah

8. Woody, Carol, Nancy Mead and Dan Shoemaker, Principles for Secure Software Assurance, Hawaii International Conference on System Sciences, January 2011

9. Mead Nancy, Dan Shoemaker and Jeffrey Ingalsbe, Symposium on Secure Software Assurance, Conference for Software Engineering Education and Training (CSEET), 2010

10. Shoemaker, Dan, Jeff Ingalsbe, Rita Barrios and Nancy R. Mead ,Defining the Discipline of Secure Software Assurance: Initial Findings from the National Software Assurance Repository, Hawaii International Conference on System Sciences (proc.), Kauai, Hawaii 2010

11. Drommi, Antonio, Nancy R Mead, Dan Shoemaker, Follow up Survey on an Immersion Program to Help Students Understand the Impact of Cross Cultural Differences in Software Engineering Work, Proceedings: 33rd Annual IEEE International Computer Software and Applications Conference, Seattle, July 2009
12. Mead, Nancy R, Dan Shoemaker, Jeff Ingalsbe, Ensuring Cost Efficient and Secure Software through Student Case Studies in Risk and Requirements Prioritization, Proceedings: 42nd Annual Hawaii International Conference on Software Systems (HICSS) , Hawaii, January 2009

13. NR Mead, D Shoemaker, J Ingalsbe, Teaching Security Requirements Engineering Using SQUARE- … Engineering Education and Training (REET), 2009
14. Ingalsbe, Jeffrey A., Dan Shoemaker, Nancy Mead, Antonio Drommi, Threat Modeling the Enterprise, Proceedings: America’s Conference on Information Systems (AMCIS), Toronto, August 2008

15. Mead, Nancy R, Dan Shoemaker, Antonio Drommi, Jeff Ingalsbe, An Immersion Program to Help Students Understand the Impact of Cross Cultural Differences in Software Engineering Work, Proceedings: 32nd Annual IEEE International Computer Software and Applications Conference, Turku, Finland, July 2008
16. Shoemaker, Dan, Nancy Mead, Antonio Drommi and Jeffrey A Ingalsbe,  Integrating Secure Software Assurance Content with SE 2004 Recommendations, Proceedings: 21st Annual Conference on Software Engineering Education and Training (CSEET), Charleston, South Carolina, IEEE,  April, 2008

17. Mead, Nancy, Dan Shoemaker, Antonio Drommi and Jeffrey A Ingalsbe, A Comparison of the Software Assurance Common Body of Knowledge to Common Curricular Standards, Proceedings: 20th Annual Conference on Software Engineering Education and Training (CSEET), Dublin, Ireland, July 2007

18. NR Mead, TB Hilburn, J McDonald, M Ryan… , On the Feasibility of Specialization within Software Engineering Degree Programs, Software Engineering Education & Training, 2007

19. C Hoxey, D Shoemaker, Navigating the Information Security Landscape: Mapping the Relationship Between ISO 15408: 1999 and ISO 17799: 2000, AMCIS 2005, paper 448

20. D Shoemaker, G Ulferts, A Drommi, A Prototype Curriculum For The Study Of Software Management, Review of Business Information Systems (RBIS), Vol 9, No 2, 2005

21. M Sparks, A Drommi, D Shoemaker, Data Mining and the Five Pillars of Information Assurance: Where Does Society Draw the Line?, AMCIS 2005

22. Jovanovic, Vladan, Jim Harris, Richard Chambers, Ron McKinnon, Hans Reighelt, Sonny Butler Stevan Mrdalj and Dan Shoemaker, Programming Principles - Instructor's Top List, International Association for Computer Information Systems, Cancun 2004
23. Shoemaker, Dan and Raymond Hackney, Cyber-Criminal Profiling, Proceedings, ISOne World, A Conference of the AIS,  Las Vegas, 2006
24. Jovanovic, Vladan, Jim Harris, Richard Chambers, Ron McKinnon, Hans Reighelt, Sonny Butler Stevan Mrdalj and Dan Shoemaker, Programming Principles - Instructor's Top List, International Association for Computer Information Systems, Cancun 2004
25. Velayudham, Chidambaram, Dan Shoemaker and Antonio Drommi, A Standard Methodology for Embedding Security Functionality Within Formal Specifications of Requirements, America’s Conference On Information Systems (AMCIS), New York, 2004
26. Bawol, Julia and Dan Shoemaker, A Delivery Model for Information Security Curriculum: What Students Need to Know and an Approach to Teaching it, ISOne World, A Conference of the AIS, Las Vegas 2004
27. Shoemaker, Dan and Antonio Drommi, Assurance Through Control Objectives, A Governance Basis for Managing Corporate Information Assets, Proceedings, Information Resource Management Association (IRMA), Philadelphia, 2003
28. Shoemaker, Dan, Antonio Drommi and Vladan Jovanovic, A Prototype Curriculum for the Story of Software Engineering Management, Proceedings ISOne World, A conference of the AIS, Las Vegas, 2003
29. Shoemaker, Dan and Roshan Pinto, The Cost of CMM Deployment in a Conventional IT Organization: A Field Study, Proceedings ISOne World, A conference of the AIS, Las Vegas, 2003
30. Shoemaker, Dan and Tamara Shoemaker, Unifying the Body of Knowledge, Why Business Requires a Single Standard for Information Security, The Security Conference, Proceedings ISOne World, A conference of the AIS, Las Vegas, 2003
31. Shoemaker, Dan and Antonio Drommi, Lessons Learned: Integrating Best Practices into a Knowledge Base for Software and IT, Information Systems Research Methods (ISRM), Symposium, Proceedings ISOne World, A conference of the AIS, Las Vegas, 2003
32. Shoemaker, Dan, Jeffrey Ingalsbe and Antonio Drommi, E-Valuation for E-commerce Systems Deployment: The Value of Looking Before You Leap, Proceedings, ISOne World, Conference of the AIS, Las Vegas, 2002
33. Shoemaker, Dan, Kenneth Sigler and Jeffrey Ingalsbe, A Practical Model for Deploying a Strategic Management Framework for E-Business, Proceedings, ISOne World, Conference of the AIS, Las Vegas, 2002
34. Shoemaker, Dan, Antonio Drommi, Vladan Jovanovic and Wendy Norfleet, How to Build a Practical Quantitative Management Capability From an International Standard, Information Resource Management Association (IRMA), Seattle, 2002
35. Jovanovic, V, Paul MacNiel, Duane Matlan, Kenneth Modesitt and Dan Shoemaker, Software Engineering Masters Programs – Lessons Learned, Proceedings, 18th Annual Conference on Software Engineering Education and Training (CSEET), Cincinnati, 2002
36. Shoemaker Dan, Gregory Ulferts and Antonio Drommi, Navigating the Leading Edge: A Prototype Curriculum for Software Systems Management, First International Conference on Electronic Business, Hong Kong, 2001
37. Antonio Drommi, Gregory Ulferts, Dan Shoemaker, Interface Design: A Focus on Cognitive Science, Information Systems Education Conference, Cincinnati, OH, 2001
38. Shoemaker Dan, Antonio Drommi and Gregory Ulferts Estimating Return on Investment for Software Process Improvement Projects: A Validation Study, Decision Sciences International Annual Conference, San Francisco, 2001
39. Gundry, Edward J, Dan Shoemaker, Vladan Jovanovic and Michael Whitty, Requirements Estimation: Or, Why Not Base Resource and Schedule Decisions on Something Real, Decision Sciences International Annual Conference, San Francisco, 2001
40. Ingalsbe, Jeffrey, Dan Shoemaker and Vladan Jovanovic, A Meta Model for the Capability Maturity Model for Software, America’s Conference on Information Systems, AMCIS/AIS, Boston, 2001
41. Shoemaker Dan, Gregory Ulferts and Antonio Drommi, Estimating Return on Investment, Decision Sciences International Conference, Singapore, 2001
42. Jovanovic, Vladan and Dan Shoemaker, Patterns of Organizational Design in Software Development, Hawaii Conference on Business, Honolulu, Hawaii, 2001
43. Jovanovic, Vladan, Dan Shoemaker and Lerine Steenkamp, A Baseline Configuration for Software Engineering Curricula: A Report from the Software Engineering Education Baseline Project, International Association of Business Disciplines, Orlando 2001
44. Whitty, Michael, Dan Shoemaker and Antonio Drommi, TechnoSpirit, Liberating the Techno soul: Social, Ethical and Legal Dimensions, International Association of Business Disciplines, Orlando 2001
45. Sigler, Kenneth and Dan Shoemaker, A Process Architecture for E-Commerce Systems’, International Association of Business Disciplines (IABD), Las Vegas, 2000
46. Shoemaker, Dan and Wendy Norfleet, Measuring Progress a Realistic Approach to Implementing Level Three CMM, International Association of Business Disciplines (IABD), Las Vegas, 2000
47. Shoemaker, Dan and Bahman Mirshab, How Production Theory can make your Software Process Improvement Effort More Effective, Decision Sciences conference, Chicago, 2000
48. Shoemaker, Dan, Michael Whitty and Antonio Drommi, TechnoSpirit, the Sovereign Cure for TechnoStress, International Association of Business Disciplines (IABD), Las Vegas, 2000



National Standards or Bodies of Knowledge

1. The Software Assurance Common Body of Knowledge, National Cyber Security Division, Department of Homeland Security, March 2006 (named author)

2. The Expert Body of Knowledge for Information Assurance, National Cyber Security Division, Workforce Training and Education, Department of Homeland Security, October 2007 (panelist)

Magazines

1. Dan Shoemaker (University of Detroit Mercy), Jeff Ingalsbe (University of Detroit Mercy),Nancy R. Mead, “Integrating Software Assurance Knowledge into Conventional Curricula” Software Engineering Inst., Carnegie Mellon University, White Paper, May 2013
2. Dan Shoemaker and Ian Bryant, Securing The Entire Elephant: Where a Program of Education Can Make a Difference, Cybertalk, SoftBox LTD, UK, Issue Four, Spring 2014
3. Dan Shoemaker, The Current U.S. Effort to Create an Academic Discipline for ICT Supply Chain Risk Management, Cybertalk, SoftBox LTD, UK, Issue One 2012
4. Jeffrey A. Ingalsbe, Dan Shoemaker, Nancy R. Mead, Wesley Meier, “Taking Our Eyes Off the Ball: Has Fighting Cyber Crime in the US Left Us Ill-Prepared for Cyber War?”, Cutter IT Journal, May 1, 2011
5. Dan Shoemaker, “Arming the Fortress: Principles for Securing Your Enterprise” Cutter IT Journal, August 10, 2011
6. Dan Shoemaker, “The Proof Is in the Certification” Cutter IT Journal, September 7, 2011
7. Dan Shoemaker, Security and the Enterprise”, Cutter IY Journal, November 16, 2011
8. Dan Shoemaker, “It’s a Nice Idea but How Do We Get Anyone to Practice It? A Staged Model for Increasing Organizational Capability in Software Assurance” Software Engineering Inst., Carnegie Mellon University, White Paper, January 2009
9. Antonio Drommi, Dan Shoemaker, Jeff Ingalsbe, John Bailey, and Nancy Mead, “A Common Sense Way to Make the Business Case for Software Assurance,” EDPACS: The EDP Audit, Control, and Security Newsletter, Volume 38, Issue 3, 2008
10. Dan Shoemaker, “Individual Certification of Security Proficiency for Software Professionals: Where Are We? Where Are We Going?” Software Engineering Inst., Carnegie Mellon University, White Paper, January 2009.
11. Dan Shoemaker, M Whitty and T Drommi, “TechnoSpirit a Sovereign Cure for TechnoStress”, New Renaissance Magazine, Frankfurt Germany, Spring 2000


Presentations:

Invited/paid:

1. Shoemaker, Dan, NICE and the Critical Infrastructure Framework – What They Are and How They Work Together, Secure World Exposition, Detroit Sept 17, 2015
2. Shoemaker, Dan, Defining the Field of Cybersecurity: The National Framework for Cybersecurity Work ,Secure World Exposition, Detroit, Sept. 2014
3. Shoemaker, Dan, The Weakest Link-The Information & Communications Technology (ICT) Supply Chair and Information Warfare, EUCOM, 2013 Cyber Endeavor Seminar, 17-20 September 2013 in Grafenwoehr, Germany.
4. Shoemaker, Dan, A Process and Tool for Ensuring Security of the ICT Supply Chain,Secure World Exposition, Detroit, Sept. 2013
5. Shoemaker, Dan, Cyber Security: Why I Sleep Well at Night, Cyber Security Task Force Conference Key note Speaker, Drake State Technical College, April 5, 2013
6. Shoemaker, Dan, Global Supply Chain for ICT-Body of Knowledge, invited speaker, Information Assurance Symposium(NSA), Nashville, TN, August, 2012
7. Shoemaker, Dan, Supply Chain Risk Management for ICT Round Table, University College Cork Ireland, 13-14 September 2012
8. Shoemaker, Dan, Global Supply Chain for ICT-Body of Knowledge integrated into Higher Education, De Montfort Center for Cyber Security, First Annual Conference, Invited Speaker, September, 2012.
9. Shoemaker, Dan, GETTING THE WORKFORCE TO PRACTICE EFFECTIVE SUPPLY CHAIN RISK MANAGEMENT (SCRM), Secureworld Expo, Dearborn, MI , Oct 2012
10. Shoemaker, Dan, Building a Discipline for ICT Supply Chain Risk Management, Global Forum, Stockholm, Sweden, November 2012
11. Shoemaker, Dan, Shoemaker, Tamara, International Strategy for Global Supply Chain Risk Management for ICT, FMV(Försvarets Materielverk), Swedish Defense Materiel Administration, Nov. 2012
12. Shoemaker, Dan, National  Initiative for Cybersecurity Education, Shaping the Future of Cybersecurity, Invited Panelist, September 20, 2011
13. Shoemaker, Dan, Getting Security Software Assurance Knowledge into Conventional Education Practice: Three National Initiatives, Invited Speaker, Federal Information Systems Security Educator’s Association (FISSEA), 24th Annual Conference  March, 2011
14. Shoemaker, Dan, Moving Secure Software Assurance Into Higher Education: A Roadmap For Social Change, Invited Speaker, Secure World Exposition, Detroit 2010
15. Shoemaker, Dan, Software Assurance Training and Development-Panel, Invited Speaker,   SC World Congress, New York 2010
16. Shoemaker, D, Software Assurance: Mitigating Risks Through Security-Enhanced Practices and Diagnostic Tools, Invited Speaker, Secure World Exposition, Detroit 2009
17. Shoemaker, D., Keynote, Outrunning the Bear, Invited Speaker Upper Michigan Technological Forum, Bay Community College, Escanaba, September 2009
18. Shoemaker, D., Defining the Discipline of Secure Software Assurance, Michigan Cyber Security Summit, Lansing Michigan, June 2009
19. Shoemaker, D., Panelist – Security on a Shoestring, Michigan Cyber Security Summit, Lansing Michigan, June 2008
20. Shoemaker, D., Keynote – Outrunning the Bear, Invited Speaker Detroit ITEC, Quicken Convention Center, Novi, May 2008
21. Shoemaker D., Security Bootcamp, Invited Speaker Detroit ITEC, Quicken Convention Center, Novi, May 2008
22. Shoemaker, D., ISO 27000, paid Speaker, ISC2, SecureAmerica, Washington DC, May 2008
23. Shoemaker, D., Making the Business Case for Assurance, paid Speaker, ISC2, Cincinnati, Ohio May 2008
24. Shoemaker, D., Security Bootcamp paid Speaker, Philadelphia ITEC Convention (November 2007)
25. Shoemaker, D., Security Bootcamp paid Speaker, Chicago ITEC Convention (October 2007)
26. Panelist: Lohrmann D and Dan Shoemaker, Web Content Filtering, Invited Speaker, Secure World Exposition, Detroit 2007
27. Shoemaker, D., Software Assurance from a Homeland Security Perspective, Invited Speaker IEEE Annual Conference on Embedded Software, Oakland University, September 29, 2007
28. Shoemaker, D., Software Assurance from a Homeland Security Perspective, Invited Speaker Great Lakes Software Process Improvement Group, Auburn Hills 2007
29. Shoemaker, D., Ensuring Total Security in your Organization – a Lifecycle Model, Invited Speaker, ITEC Exposition, Detroit 2007
30. Shoemaker, D., Continuity Management for your Organization, Invited Speaker, ITEC Exposition, Detroit 2007
31. Shoemaker, D., A Lifecycle Approach to Information Assurance, Invited Speaker Information Systems Audit and Control Association, Dearborn 2007
32. Shoemaker, D., Ensuring Total Security in your Organization – a Lifecycle Model, Invited Speaker, ITEC Exposition, Philadelphia, 2006
33. Shoemaker, D., Ensuring Total Security in your Organization – a Lifecycle Model, Featured Speaker, ITEC Exposition, Chicago 2006

34. Shoemaker, D., Continuity Management for your Organization, Invited Speaker, ITEC Exposition, Chicago 2006
35. Shoemaker, D., Five Things to Think About for the Future of Security, Keynote Speaker, ITEC Exposition, Detroit 2006
36. Shoemaker, D., Continuity Management for your Organization, Invited Speaker, ITEC Exposition, Detroit 2006
37. Shoemaker, D., Total Security, Paid Speaker,  UnixWorld Exposition, Toronto, Canada 2006
38. Shoemaker, D., Ensuring Total Security in your Organization – a Lifecycle Model, Paid Speaker,  UnixWorld Exposition, Toronto, Canada 2006
39. Shoemaker, D., Total Security and ISO 27000, Featured Speaker,  ITEC Exposition, Philadelphia, 2005
40. Shoemaker, D., A Prototype Curriculum for Information Assurance Education, Invited Speaker Davenport University (April 2004), ITT Tech. (April 2004), for McGraw-Hill Publisher
41. Shoemaker, D. Standard Models for Strategic Alignment of the IT Function, Paid Speaker Doctor of Management in Information Technology (DMIT), Lawrence Technological University, February, 2003
42. Shoemaker, D. A Quantitative Portfolio Management Model for Software, Project Management Institute, Great Lakes Symposium (invited speaker), Southfield, Michigan 2002


Other Academic or Scholarly Activity
 Visiting Professor, London Southbank University, 2009 (renewed 2013)
 External Reviewer, Tenure and Promotion Applications, George Washington University, Washington DC (Diane Burley) 2011
 External Reviewer,  Promotion Application, Carnegie- Mellon University (SEI), Pittsburgh, Pa, (Carol Woody), 2011gton DC (Diane Burley) 2011
 Paid External Reviewer, Tenure and Promotion Applications, Howard University, Washington DC (Rajni Goel), 2009
 Director, Center for Assurance Studies (CAS), University of Detroit Mercy, 2002-present – A British Standards Institution Center of Excellence (BSI- COE) – A Fully Funded Advanced Research Center for Information Assurance  
 Coordinator/Director, International Studies Program,  University of Detroit Mercy, 1988 – Present, Permanent course venues include Imperial College London, ITESM Monterrey and Beijing Institute of Technology
 Editor, The Software Management Quarterly, IT Trade e-journal sent to over 200 subscribers worldwide
 Paid External Reviewer, Tenure and Promotion Applications, Sienna Heights College, Adrian Michigan 1990-2002



Funded Research

• 2012 – Department of Defense, ICT Supply Chain Risk Management, $100,000
• 2010 – Cyber Innovation Center, Software Assurance Curriculum Project, $100,000
• 2008-2009 – Department of Defense, National Software Assurance Repository, $1.6 M
• 2007-2008 - National Security Agency, Business Case for Software Assurance
(with SEI) $90,000
• 2006-2007 National Security Agency – Operational Proof of Concept of a Threat Modeling Approach for Cyberattacks (with TACOM) $90,000
• 2005-2006 National Security Agency – Development of a Threat Modeling Approach for Cyberattacks (with Ford) $125,000

Professional Memberships and offices held:

Memberships:
U.S. Department of Homeland Security (3 committees)
State of Michigan Governor’s Roundtable for Homeland Security (economic development)
National Security Agency – funded research in threat modeling
National Security Agency – funded research in business case development for security
Software Engineering Institute/Department of Homeland Security – two articles for the Build Security In website
Gold Sponsor of the Software Engineering Institute’s GL-SPIN Group (leadership) along with Oakland University
ISACA Academic Advocate (Sarbanes-Oxley)
POC for National Center of Academic Excellence
Co-Founder Michigan Peer Institutions Conferences
Affiliate: Carnegie Mellon University Software Engineering Institute
Case Users Group of Michigan
AITP/EDSIG/CIS
DB2 Users Group
Association for Systems Management
SPIN CMU/SEI
Michigan Education Association Executive Board
Information Systems Audit and Control Association
AIS Oneworld
Midwest Decision Sciences

Offices:
Colloquium for Information Systems Security Education – Board & Treasure
International Conference on Information Warfare – Track Chair
Information Resource Management Association Track Chair
International Association of Business Disciplines, Track/Session Chair
Track Chair AIS

Reviewer:
Reviewer: National Institute for Standards and Technology (NIST) Computer and ...Information Systems Security journal (Auerbach Publications)
Reviewer:  Crimes of the Internet (M. Pittaro Ed.)
Reviewer:  Software Engineering: Effecting Teaching and Learning Approaches and Practices (H. Ellis Ed.)
IABD, AIS, AMCIS

Discussant:
IRMA, AIS, IABD, ICIW

 Michigan Education Association Executive Board
 AMCIS Reviewer
 Information Resource Management Association Track Chair
 International Association of Business Disciplines, Track/Session Chair
 Midwest Decision Sciences

Personal Interests

Amateur Historian, lover of travel, writing, my grandchildren, children and wife.  The order of importance really depends on the day.

Books

News