Eric W. Cowperthwaite
November 3, 2016
Information Security is big! It’s Huge!
Can you meet the challenge?
Who Am I?
• More than 30 years protecting stuff
• Worked in the military, consulting, professional
services, system engineering, technology
• 7 years as CISO of the largest Catholic
Healthcare System
• VP, Strategy for Core Security
Once Upon A Time
• Security was all about tech
• CEO’s just wanted their
email to work
• The bad guys weren’t all
that bad
• And there weren’t any
botnets
And We Took The Wrong Turn
• COMPLIANCE
• AUDITS
• PRIVACY
• OH MY!
The Bad Guys Evolved
And Now ….
• Compliance, Audits, Privacy are the bare
beginning
• PCI-DSS Compliance
• Major costs
• People lose jobs
• Mergers & Acquisitions don’t happen
Interesting Examples
• John Podesta’s password
• Anthony Weiner’s laptop
• Yahoo and the Paranoids
• Multiple health insurance companies with no
Security Executive
Boards, Executives and Security
Okay, I Get It … Security is Huge
• So, what do I do?
• How do I deal with this?
• Who are my allies?
• What’s the Strategy?
Move To a New Level
• Managers implement, Executives plan and
execute
• Your business needs you
• You need to become a business leader
• You can’t leave the tech behind
Here’s My Take On It
• You must focus on strategy
• You absolutely must have Governance
• You have to be a salesperson
• Align with business plans and risk
• Leapfrog the technology
• Hire the best you can
• Don’t be afraid to outsource and use consultants
Enjoy Your Lunch!
Questions? Thoughts? Paranoid Now?
• https://www.linkedin.com/in/ecowper
• @e_cowperthwaite