• Home

  • Documents

  • Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for...
16
Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! PRESENTATION Top 7 Issues for CISOs

Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Tags:

Embed Size (px)

Citation preview

Page 1: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha!

PRESENTATION

Top 7 Issues for CISOs

Page 2: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

SPOTLIGHT ON THE PRESENTERS

2

Stephen MarchewitzPresidentSteve has more than 15 years of experience in multiple aspects of information systems, security, management, and risk advisory services.

Don MillerManager of Cyber Security & IT Compliance at FirstEnergyFulfilling the CISO role and building the security function from its infancy for over 10 years, Don has developed and implemented the enterprise cyber security, risk and compliance programs for First Energy. Don started his career at Bell Labs and was a Sr. Manager at both E&Y and Deloitte & Touche.

Page 3: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

AUDIENCE DEMOGRAPHICS

3

Pro-fes-

sional Ser-vices16%

Retail25%

Finance15%Tech-

nology6%

Manu-factur-

ing7%

Educa-tion13%

Healthcare18%

Industry

C-Suite17%

Manager30%

Director21%

Consul-tant23%

Other9%

Job functions

Page 4: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

SECURESTATE OVERVIEW

4

Management Consulting Firm Specializing in Information Security

Established in 2001

By identifying the problem in a causal relationship we can provide tactical and strategic recommendations to position our clients in achieving their SecureState.

Page 5: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

SECURESTATE PHILOSOPHY

5

Page 6: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

What are CISOs Saying?

6

Page 7: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

BACKGROUND

SecureState Research and Innovation Study

• Discussions with 20 CISOs • Interviews ended Q4 2013

• Questions such as:– What are your top issues?– What things have the greatest impact to your success? – What trends are you seeing or dealing with?

• Some responses were formal interviews, others were anecdotal or compiled from our assessments

7

Page 8: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #1:MARKETING AND SELLING OF SECURITY

8

Page 9: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #2:PRESENTING TO OTHER EXECUTIVES AND

THE BOARD

9

Page 10: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #3:UNDERSTANDING (AND CONVEYING) HOW THE BUSINESS MAKES MONEY

10

Page 11: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #4:SPEAKING IN BUSINESS LANGUAGE, NOT

TECHNICAL

11

Page 12: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #5:HELPING THE CEO ‘WIN’

12

Page 13: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #6:SECURING NEW TECHNOLOGY

13

Page 14: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

CISO ISSUE #7:STRATEGIC (RISK) MANAGEMENT

14

Page 15: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

“BONUS” CISO ISSUE #8:LOSING YOUR JOB AFTER A BREACH

15

Page 16: Security: Yes. Risk: Getting There. Breaches: Uh Oh. People: Aha! P RESENTATION Top 7 Issues for CISOs

Data Classification: SecureState Public

THANK YOU FOR YOUR TIME!

AQ&Q U E S T I O N

SA N S W E R S

Stephen [email protected]

mailto:[email protected]

How CISOS deal with advanced cyber threats

How CISOS deal with advanced cyber threats

Software
AD MAG Marketion Project [resentation

AD MAG Marketion Project [resentation

Documents
Company P resentation

Company P resentation

Documents
CORPORATE RESENTATION 2020

CORPORATE RESENTATION 2020

Documents
M oody’s P resentation!!

M oody’s P resentation!!

Documents
PROJECT PR RESENTATION

PROJECT PR RESENTATION

Documents
Mendeley resentation , Sina Manavi

Mendeley resentation , Sina Manavi

Education
Guía de Seguridad en Aplicaciones para CISOs - owasp.org · Guía de Seguridad en Aplicaciones para CISOs El Guía de Seguridad en Aplicaciones para CISOs versión 1.0 documento

Guía de Seguridad en Aplicaciones para CISOs - owasp.org · Guía de Seguridad en Aplicaciones para CISOs El Guía de Seguridad en Aplicaciones para CISOs versión 1.0 documento

Documents
Guidelines for Project P resentation

Guidelines for Project P resentation

Documents
Effective meeting skills resentation

Effective meeting skills resentation

Business
CISOs are from Mars, CIOs are from Venus

CISOs are from Mars, CIOs are from Venus

Business
Script for Gospel resentation

Script for Gospel resentation

Documents
Html5 p resentation by techmodi

Html5 p resentation by techmodi

Technology
P resentation in health

P resentation in health

Technology
Budget P resentation

Budget P resentation

Documents
INVESTOR ELATIONS RESENTATION

INVESTOR ELATIONS RESENTATION

Documents
e-LDK resentation

e-LDK resentation

Education
Power point p resentation

Power point p resentation

Technology
Edu final p resentation

Edu final p resentation

Education
Pecha Kucha P resentation

Pecha Kucha P resentation

Documents
INFOGRAPHIC: CISOs on Building a Cloud Security Strategy

INFOGRAPHIC: CISOs on Building a Cloud Security Strategy

Technology
What CISOs should know about SAP security

What CISOs should know about SAP security

Software
ORAL BRIEFING P RESENTATION

ORAL BRIEFING P RESENTATION

Documents
P resentation: SCPD Orientation Redesign

P resentation: SCPD Orientation Redesign

Documents
Application Security Guide For CISOs - OWASP

Application Security Guide For CISOs - OWASP

Documents
Bpr p resentation

Bpr p resentation

Education
CISOs in the boardroom - Bizcon

CISOs in the boardroom - Bizcon

Documents
Cia Hering 1Q14 Earnings resentation

Cia Hering 1Q14 Earnings resentation

Investor Relations
Adj sample invest resentation

Adj sample invest resentation

Documents
Sources for this resentation

Sources for this resentation

Documents