The role of the ciso
This presentation is the property of its rightful owner.
Sponsored Links
1 / 23

The Role of the CISO PowerPoint PPT Presentation


  • 134 Views
  • Uploaded on
  • Presentation posted in: General

The Role of the CISO. Ron Baklarz CISSP , CISA, CISM, NSA-IAM/IEM **Warning sexually graphic content and subject matter**. Internal Factors Affecting the CISO Role Top 10 Coolest Information Security Jobs What Makes a Good CISO? Corporate culture To Whom does the CISO report?

Download Presentation

The Role of the CISO

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


The Role of the CISO

Ron Baklarz

CISSP, CISA, CISM, NSA-IAM/IEM

**Warning sexually graphic content and subject matter**


  • Internal Factors Affecting the CISO Role

    • Top 10 Coolest Information Security Jobs

    • What Makes a Good CISO?

    • Corporate culture

    • To Whom does the CISO report?

    • What are budget and staffing levels?

  • External Factors Affecting the CISO Role

    • Regulatory aspects

    • Risk factors of the organization

  • Personal Experience

Agenda


The Top 10 of the 20 Coolest Jobs in Information Security

  • Information Security Crime Investigator/Forensic Expert

  • System, Network and/or Web Penetration Tester

  • Forensic Analyst

  • Incident Responder

  • Security Architect

  • Malware Analyst

  • Network Security Engineer

  • Security Analyst

  • Computer Crime Investigator

  • CISO/ISO or Director of Security

www.sans.org


“Key responsibilities of a CSO include asset management, security assessments, development of a security strategy and risk management plan, certification and audit. In a nutshell, the CSO manages risks for the organization and advises senior management about risks to the business and recommends a treatment for the risk. “

May 30, 2007 Nalneesh Gaur www.csoonline.com


What makes a good CISO?

- The ability to affect change.

- An understanding of how business processes and information interact.

- An understanding of the technologies used in your organization

- An understanding of legal and compliance issues.

May 15, 2009 Boaz Gelbord


  • Experience

    • Military-focused organization

    • Government

    • Private Sector

    • Humanitarian

    • Healthcare

    • Transportation

Corporate Cultures


GLBA

SOX

HIPAA

PCI

FISMA

Regulatory Aspects


Titles: CISO, CSO, CRO, ISSO, Director, Manager

Reports To: CIO, CFO, CRO, CEO, CTO

Never realized convergence of physocal and logical security

Reporting & Organizational Structures


Wearing the Chief Risk Officer Hat


Chronology of Data Breaches

- Started in 2005 subsequent to the Choicepoint breach

  • As of September 25, 2009:

    263, 674,426 records compromised

www.privacyrights.org


www.privacyrights.org


  • $3.5 Billion non-profit

  • Largest healthcare system in the Washington DC-Baltimore area

  • 8 hospitals and over 50 offices and services

  • 25,000 employees

  • 5,000 affiliates

Personal Experience - MedStar Health


Wearing the Chief Hacking Officer Hat


MedStar Health – 2007 WebInspect


Wearing the Chief Investigative Officer Hat


Personal Experience – MedStar Health


What is DLP?

DLP – Data Loss Prevention


DLP – First 45 minutes


DLP – First 45 minutes & More


  • Affiliated physician

  • Coming in through VPN with static IP assignment

  • Had VPN trail, firewall trail, DLP corroboration

  • DLP easily assembled cases

  • FBI/BCPD investigated – confiscated work computer

DLP – First 45 minutes & More


  • DLP – First 45 minutes

DLP – “The Officer is not a gentleman”


“Attachments F and G are screenshots from direct access to PC xxx.xxx.xxx.xxx and specifically the “My Pictures/Pics” folder. The details of this folder show that there are 49 subfolders with a total of over 1,300 mostly pornographic images of different women compartmentalized on a by-folder basis. “

Excerpt from investigative report CISO.2007.155 dated October 1, 2007

DLP – “The Officer is not a gentleman”


Q & A

End of Presentation


  • Login