PRESIDENT

Paul Herrmann
CISSP, CISA, CPP, IAM, EnCE

With 32 years in the IT industry, Paul brings an executive business perspective to security management and IT investigations. Prior to founding eVestigations Inc., Paul headed the global IT security function reporting to the CIO of Smithkline Beecham plc., a position he built from the ground up.

In his position as IT Chief Information Security Officer, Paul developed information technology security policies and established critical security management processes worldwide. These processes were so effective that while competitors were shutting down production sites due to the infamous Melissa and Chernobyl virus outbreaks, during his five years in leadership, no SmithKline Beecham facility worldwide was forced to curtail business due to any computer virus infestation.

As a high-technology investigator, Paul has led and managed over 150 domestic and international cases, which involved inappropriate usage, anonymous harassment, corporate espionage, and surveillance operations. These cases required investigations in the USA, UK, Belgium and Spain. Many required close cooperation with national and local law enforcement.

There are few positions in the IT industry that Paul has not held. Starting at duPont as a process control programmer in Richmond, VA, he was quickly promoted to positions at headquarters in Wilmington, DE. where he became the first non-engineer awarded an innovation stock award for developing a programming solution that saved millions in production costs. Paul designed and authored duPont’s first global online application for the Employee Relations department. During his 18 years at duPont, Paul held many leadership positions including head of technical groups that supported DB2, IMS and CICS. Before leaving duPont for SmithKline Beecham, Paul was awarded the bi-annual Vice-President’s Customer Excellence Award.

While at Smithkline Beecham, Paul headed the online and database organizations in the corporate datacenter.  He then was appointed the project manager for rolling out the global quality program for the Information Technology department. At the conclusion of this project, Paul was made Sr. Director (operating director) for a startup subsidiary company. This company processed mail-order prescriptions where Paul was responsible for the Engineering, Facilities, IT and Security organizations.

In 1997, SmithKline Beecham sold the startup company and Paul was among four employees that were retained by Smithkline Beecham as a condition of the sale. Paul was then appointed to the Chief Information Security Officer position.

Credentials

Paul is a bonded Pa. licensed private investigator, maintains a standing as a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), a board Certified Protection Professional (CPP), an NSA certified Infosec Assessment Methodology (IAM) practitioner and one of the few Encase Certified Examiners (EnCE) in the Delaware Valley.

Paul is an active member of the High Technology Crime Investigation Association (HTCIA), the American Society for Industrial Security (ASIS), the Information Systems Security Association (ISSA), the Information Systems Audit and Control Association & Foundation (ISACA) as well as the FBI’s Infragard program.