15
A CISO’s Journey

Global CISO Forum 2017: A CISO's Journey

Embed Size (px)

Citation preview

Page 1: Global CISO Forum 2017: A CISO's Journey

A CISO’s Journey

Page 2: Global CISO Forum 2017: A CISO's Journey

Objectives

• From Banking to Energy to Healthcare to Criminal Justice Systems to Academia

• Where have we been: Remember the basics

• Standards Everywhere

• Attacking the Future

Page 3: Global CISO Forum 2017: A CISO's Journey

I will NEVER work with Computers!!!! - 1977

Page 4: Global CISO Forum 2017: A CISO's Journey

EDP AUDIT: Banking (1982)

Page 5: Global CISO Forum 2017: A CISO's Journey

ENERGY (1987)

• My First Hack

• Social Engineering

• From Mainframe to Distributed Processing

Page 6: Global CISO Forum 2017: A CISO's Journey

Data Security Officer: HEALTHCARE (1993)

• HIPAA – 1996

• What is Compliance?

• Why Protect Healthcare Information?

Page 7: Global CISO Forum 2017: A CISO's Journey

Keep Your Head in Sand

ciso.eccouncil.org 7

Page 8: Global CISO Forum 2017: A CISO's Journey

Breach Notification Laws

• HIPAA

• States

• Other Countries?

ciso.eccouncil.org 8

Page 9: Global CISO Forum 2017: A CISO's Journey

Criminal Justice & HIPAA (2015)

ciso.eccouncil.org 9

Page 10: Global CISO Forum 2017: A CISO's Journey

Back to the Future or The Wild Wild West (CISO-2016)

Page 11: Global CISO Forum 2017: A CISO's Journey

Standards, Standards, Everywhere

• Standards, Standards, Everywhere

Page 12: Global CISO Forum 2017: A CISO's Journey

NIST 800-171 to other standards

Page 13: Global CISO Forum 2017: A CISO's Journey

Attack Vectors

Page 14: Global CISO Forum 2017: A CISO's Journey

Have controls changed?

Page 15: Global CISO Forum 2017: A CISO's Journey

THE FUTURE: 2017-2057

• CYBORGS

• Driverless Cars – Drones

• IOT

• Artificial Intelligence

• The Circle?

• 1984? All Remote Workers? No Human Workers?

• Look at the last 40 years, what can we imagine in the next 40 years?


Ciso 4 ospf

Ciso 4 ospf

Technology
2014 IBM CISO 평가를 토대로 한 분석 CISO Assessment.pdf · 2014-12-19 · CISO. 의 관점: 까다로워진 과업에 맞게 높아진 위상 Broadridge Financial Solutions

2014 IBM CISO 평가를 토대로 한 분석 CISO Assessment.pdf · 2014-12-19 · CISO. 의 관점: 까다로워진 과업에 맞게 높아진 위상 Broadridge Financial Solutions

Documents
CISO Board Briefing 2017 - Black Swan Technologies€¦ · CISO BOARD BRIEFING 2017: INSIGHTS FROM THE 2016 CISO FORUMS Introduction A chief information security officer (CISO) has

CISO Board Briefing 2017 - Black Swan Technologies€¦ · CISO BOARD BRIEFING 2017: INSIGHTS FROM THE 2016 CISO FORUMS Introduction A chief information security officer (CISO) has

Documents
Virtual CISO - Grant Thornton

Virtual CISO - Grant Thornton

Documents
The new CISO - Deloitte 78 The new CISO Looking inward: When the CISO needs to look in the mirror According to data from Deloitte’s CISO Labs, building capabilities to better integrate

The new CISO - Deloitte 78 The new CISO Looking inward: When the CISO needs to look in the mirror According to data from Deloitte’s CISO Labs, building capabilities to better integrate

Documents
CISO && CDO.pptx

CISO && CDO.pptx

Documents
2_The rol of CISO

2_The rol of CISO

Documents
Owasp atlanta-ciso-guidevs1

Owasp atlanta-ciso-guidevs1

Documents
CISO Softskills Handbook

CISO Softskills Handbook

Documents
CISO's Guide for Securing the Remote Workforce

CISO's Guide for Securing the Remote Workforce

Documents
Психология в деятельности CISO

Психология в деятельности CISO

Spiritual
Ciso executive forum 2013

Ciso executive forum 2013

Documents
CISO | CISO | Centre International de Solidarité Ouvrière

CISO | CISO | Centre International de Solidarité Ouvrière

Documents
The CISO Guide – How Do You Spell CISO?

The CISO Guide – How Do You Spell CISO?

Business
Robert Garigue CISO Briefing.ppt

Robert Garigue CISO Briefing.ppt

Documents
CISO Dream Team - Balbix

CISO Dream Team - Balbix

Documents
122 CISO Compass - securityweekly.com

122 CISO Compass - securityweekly.com

Documents
A CISO's Guide to Cyber Liability Insurance

A CISO's Guide to Cyber Liability Insurance

Software
White Paper The CISO's Guide to NIST Security Control

White Paper The CISO's Guide to NIST Security Control

Documents
RSA 2017 - CISO's 5 steps to Success

RSA 2017 - CISO's 5 steps to Success

Technology
Los CISO´s opinan

Los CISO´s opinan

Documents
CISO JFO Funding Manual

CISO JFO Funding Manual

Documents
Data Protection Strategy Bob Maley, CEO, Strategic CISO & former CISO, State of Pennsylvania

Data Protection Strategy Bob Maley, CEO, Strategic CISO & former CISO, State of Pennsylvania

Documents
#%! My CISO Says

#%! My CISO Says

Technology
Facultad de Ciencias Socialessociales.uprrp.edu › wp-content › uploads › 2019 › 11 › ...b92 b92 392 b92 cÓdigo cisc) 3011 ciso 3011 ciso 3011 ciso 3011 cisc) 3146 ciso 3065

Facultad de Ciencias Socialessociales.uprrp.edu › wp-content › uploads › 2019 › 11 › ...b92 b92 392 b92 cÓdigo cisc) 3011 ciso 3011 ciso 3011 ciso 3011 cisc) 3146 ciso 3065

Documents
CISO's Guide to Securing SharePoint

CISO's Guide to Securing SharePoint

Technology
Delivering CISO Vision and Strategy - Optivfiles.accuvant.com/web/file/ddf1e7ff005a4c979d46540817ab3880/CISO... · Delivering CISO Vision and Strategy SERVICE DATA SHEET CISO Services

Delivering CISO Vision and Strategy - Optivfiles.accuvant.com/web/file/ddf1e7ff005a4c979d46540817ab3880/CISO... · Delivering CISO Vision and Strategy SERVICE DATA SHEET CISO Services

Documents
Through the cyber looking glass The perspective from a US federal CISO turned private sector CISO Patricia Titus Chief Information Security Officer (CISO)

Through the cyber looking glass The perspective from a US federal CISO turned private sector CISO Patricia Titus Chief Information Security Officer (CISO)

Documents
Cio ciso security_strategyv1.1

Cio ciso security_strategyv1.1

Documents
CISO - Mobile Applications

CISO - Mobile Applications

Documents