Gordon Smith, Co-Founder

Gordon Smith, co-founder of Canaudit, Inc., has over 30 years of progressive audit experience. He continues to explore new audit and security technology as he develops new auditing procedures and techniques. Specializing in high-tech auditing, Gordon is a recognized expert on auditing complex networks, operating systems, databases, and forensic auditing. He is the original developer of the Canaudit Penetration Testing methodology.

As a technical auditor with a strong business sense, Gordon is adept at tying significant audit issues to the key objectives of the organization. He has been the keynote speaker at many national and international conferences. His highly energetic and enthusiastic presentations make audit topics interesting, exciting and informative. His motivating style and dynamic delivery techniques capture the interest of the audience, open their minds and inspire them to accept new methodologies and techniques. His innovative audit techniques and ability to translate complicated technology into simple English make Gordon one of the most popular speakers on the audit and computer security lecture circuit.

Gordon is a distinguished career auditor with both internal and external audit experience. He co-founded Canaudit in 1985 to provide professional development and consulting services to the international audit community. Through Canaudit, Gordon has provided training and audit consulting services to many of the larger organizations such as banks, utilities, insurance companies, retail, government, and manufacturing concerns and has provided extensive services in the medical services industry.

Gordon was the recipient of the 2002 Wasserman Award for Outstanding Achievement in the field of Information Systems Auditing and Control. He is a Certified Management Accountant (Canada) who graduated in 1981. He is also a Certified Government Financial Manager and a member of The Institute of Internal Auditors and The Association of Government Accountants. Gordon is listed in the Who’s Who of Leading American Executives and has published two books titled Network Auditing: A Control Assessment Approach and Control and Security of E-Commerce, both published by John Wiley and Sons. Gordon will be working on his next two books in the next 18 months as he enters semi-retirement.

Kevin Nibler, Senior Manager, Security and Audit Services

Kevin Nibler, an Associate of (ISC)2, is the Senior Manager of Security and Audit Services at Canaudit. He has been with Canaudit for over five years and holds a Bachelor of Science in Computer Science from California State University of Northridge. Kevin is responsible for heading the company’s research and development. In this capacity, he directs staff in Canaudit’s efforts to identify new IT audit and security risks and develop new tools to automate audits.

Kevin is experienced in a broad range of penetration and security auditing techniques. Since starting at Canaudit, he has specialized in the audit and penetration testing of client’s Internet, web applications and web mail and has helped develop many of the tools used. He is also responsible for managing Internet audits, web application assessments and external vulnerability testing.

As a member of the Canaudit Penetration Team, Kevin is adept at identifying vulnerabilities. In the Windows environment, he is easily able to discover the single flaw in a machine that has the capability of compromising the entire domain. Kevin is also well versed in networking technologies. His work on Cisco, Nortel and Juniper vulnerability identification and assessment enables him to quickly determine needed improvements in client networks.

In addition to his capabilities as a member of the Canaudit Penetration Team, Kevin developed the Canaudit audit approach and security baseline regimen for Voice over Internet Protocol (VoIP). His approach enables the speedy identification of configuration flaws that can lead to the VoIP network being compromised. Kevin also developed and implemented the enhanced Canaudit Microsoft SQL audit approach. His software enhancements and scripts simplify the process of digging deeply into the database structure to assess the controls and suggest improvements in the configuration, security and other database controls.

Kevin has accomplished much during his career at Canaudit and continues to expand his knowledge in order to create the tools needed to pioneer innovative new techniques in technical auditing and IT security.

Kevin Kalbfleish, Audit and Security Specialist

Kevin Kalbfleish is an Audit and Security Specialist at Canaudit. Kevin has been with Canaudit for over two years. He is a former United States Marine with an extensive IT background and is currently pursuing his Bachelors of Science in Computer Information Systems. Prior to joining Canaudit, Kevin had six years of IT-related experience maintaining a regulated information systems environment at a global medical products and services company.