cisos are from mars, cios are from venus

Report

Tags:

Post on 15-Jan-2015

298 Views

Category:

Business

0 Downloads

Preview:

Click to see full reader

DESCRIPTION

Most organizations have a CIO; many have a CISO. These key leadership positions often approach solutions differently and have different motivations. The CIO must deliver IT, automation, innovation and efficiency. The CISO is tasked with assuring adherence to security frameworks and regulatory standards, and protecting against, and responding to, vulnerabilities and incidents. These mandates can conflict. And often the CISO reports to the CIO. We will take a light-hearted look at questions including: What are the issues?; Are CISOs and CIOs from different planets?; Can we align to meet critical business needs, deliver value and protect the organization?

TRANSCRIPT

CISOs are from Mars

CIOs are from Venus

bcaplin1@fairview.org

bc@bjb.org @bcaplin

http://about.me/barrycaplin

http://securityandcoffee.blogspot.com

Barry CaplinChief Information Security

OfficialFairview Health Services

http://about.me/barrycaplin

securityandcoffee.blogspot.com

@bcaplin

3

Different worlds

The Sword of Anti-Virus

4

The Light Saber of Endpoint Protection

5

The Shield of Next-Gen Firewall

6

Next Gen

Firewall

The Scepter of IT Budget

7

The Cloud of…

8

Different worlds – reporting structure

CISO reports to CIO

• Security overruled?

CISO reports to {CRO, CEO, CxO}

• Visibility into IT?

• Budget?

9

Different languages

10

• Nation States

• Hacktivists

Threats

• Malicious hackers

• Malware

11

• Over-time; over-budget

• Outsourcing

Confidentiality

• Protection of Data

• Minimum Necessary

12

What happens in the boardroom, stays in the boardroom

• Coherence of financial data

Integrity

• Data in correlates with data out

• Chain of custody of log and forensic data

13

• Transparency

• Coherence of financial data

Risk

• Probability/Impact of Threats

• Data Breach

14

• Not meeting business needs

• Data Breach

IO

15

CIO

C

onsidering

nterim

pportunities

OSCI

16

CISOareers

veroon

Meet in the middle

18

Unite Against theCommon Enemy

19

Key Opportunities

• Mobile/BYOD/Cloud

• “V”OI

• Management – Vendor; Configuration; Incident; Risk

• Lifecycle/SDLC

• Keep the auditors happy

• Keep the board happy

21

Good Things are sure to follow

22

http://about.me/barrycaplin

securityandcoffee.blogspot.com

@bcaplin

top related

cmos and cios - ibm
Documents
the nctrc webinar series · cios/cisos etc our mandate...
Documents
next gen cios
Documents
what drives cios crazy
Technology
report: cios & big data
Technology
communicating the value of cybersecurity to boards and...
Documents
medieval venus renaissance venus medieval bvm
Documents
research, strategy and...
Documents
fearless: going beyond technology to drive...
Documents
breaking the vulnerability cycle—key findings from 100...
Technology
for cios and cisos: every user is a privileged user, learn...
Technology
cio & ciso guide: digital discovery technology … cio &...
Documents
cyber risk: what’s at stake for your business...• cyber...
Documents
chapter 07 enterprise architecture, cios, executive ......
Documents
attribute based access control - nccoe draft nist...
Documents
cyber trends in the market - triangle infosecon€¦ ·...
Documents
a-plus venus & venus extra
Documents
2013   appsec guide and ciso survey: making owasp visible...
Documents
oja.coj.go.th...o iodg)b ddg€-g< bom o cios cios cios...
Documents
agile for cios
Technology