information security is big! it’s huge! can you meet the challenge? · 2018-04-02 · information...

Eric W. Cowperthwaite

November 3, 2016

Information Security is big! It’s Huge!

Can you meet the challenge?

Who Am I?

• More than 30 years protecting stuff

• Worked in the military, consulting, professional

services, system engineering, technology

• 7 years as CISO of the largest Catholic

Healthcare System

• VP, Strategy for Core Security

Once Upon A Time

• Security was all about tech

• CEO’s just wanted their

email to work

• The bad guys weren’t all

that bad

• And there weren’t any

botnets

And We Took The Wrong Turn

• COMPLIANCE

• AUDITS

• PRIVACY

• OH MY!

The Bad Guys Evolved

And Now ….

• Compliance, Audits, Privacy are the bare

beginning

• PCI-DSS Compliance

• Major costs

• People lose jobs

• Mergers & Acquisitions don’t happen

Interesting Examples

• John Podesta’s password

• Anthony Weiner’s laptop

• Yahoo and the Paranoids

• Multiple health insurance companies with no

Security Executive

Boards, Executives and Security

Okay, I Get It … Security is Huge

• So, what do I do?

• How do I deal with this?

• Who are my allies?

• What’s the Strategy?

Move To a New Level

• Managers implement, Executives plan and

execute

• Your business needs you

• You need to become a business leader

• You can’t leave the tech behind

Here’s My Take On It

• You must focus on strategy

• You absolutely must have Governance

• You have to be a salesperson

• Align with business plans and risk

• Leapfrog the technology

• Hire the best you can

• Don’t be afraid to outsource and use consultants

Enjoy Your Lunch!

Questions? Thoughts? Paranoid Now?

• https://www.linkedin.com/in/ecowper

• @e_cowperthwaite

• eric@citadelsvc.com