1 / 8

FROM CISO TO CIO

FROM CISO TO CIO. “An Uncharted Course – or was it?”. The Right Place at the Right Time?. CAREER PROGRESSION A 28 year trip without luggage Locksmith → Physical Security Rep. → Manager (Northrop ASD) - Physical Security-OPSEC-EDP-Investigations - Security Management Experience

trapper
Download Presentation

FROM CISO TO CIO

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FROM CISO TO CIO “An Uncharted Course – or was it?”

  2. The Right Place at the Right Time? CAREER PROGRESSION A 28 year trip without luggage Locksmith → Physical Security Rep. → Manager (Northrop ASD) - Physical Security-OPSEC-EDP-Investigations - Security Management Experience Security Manager (U.S. Navy at McDonnell Douglas in MO) - “Checkerboard” classification system (1st time ever) - Unique challenges for INFOSEC - Completed baccalaureate degree in Computer Science - Became “resident expert” on INFOSEC

  3. Right Place at the Right Time? CAREER PROGRESSION (Cont’d) Security Management (U.S. Navy in Washington, D.C.) - Multi-tasking: assigned several visible programs to oversee all security issues (learned a lot) - Briefed Executive Level Govt., military, corporate personnel - Continued education by obtaining masters degree in Computer Science Director, Information Systems Security (U.S. House of Representatives) - Structuring an organization (from 6 -27 personnel) - Budgetary responsibility - Briefed Members of Congress & Executive Level personnel - Establishing security parameters/policy (900 offices, 15000 employees) - Recognizing confluence initiatives - Keeping abreast of the state-of-the-art in INFOSEC - Two year battle for CISO “State Hood”

  4. The Right Wrong Place at Right Time? CAREER PROGRESSION (Cont’d) Chief Information Officer (U.S. House of Representatives) - Appreciate the “executive big picture” - P² - Teamwork approach towards organizational goals - Think “inside and outside the box” - Have a vision and a roadmap to get there - Inter-agency/departmental coordination (share successes and failures)

  5. CISO CIO What I Didn’t Know: - Competing Priorities - Each Business Unit has just as good a story as the other - Morale issues - Steering an aircraft carrier What I Did Know: - Security business - Information Technology as a whole entity - Management – Decision Maker - Communication Skills - Motivator - Team Builder - Troubleshooter - Politics

  6. The Executive Management Screw(kinda befitting title) • What kind of Security Person are you? doomsday, chicken little, opportunists, risk manager-CB TOO LITTLE AVERAGE RISKY AGGRESSIVE

  7. What’s the Message? - Communicate in a layman’s terminology • The hardest and MOST IMPORTANT trait a security professional can possess - Know your job, but also know everyone else's job • Especially the C- Suite - Bear/Bull Market CSO-CISO • When revenue/budgets are abundant – begin new projects • When revenue/budgets are flat – tighten the reins or extend projects - Keep your Frenemies close and help them be successful - Staffing: • Don’t be afraid to hire good people (even those with a better resume than you!) • Take care of your people and they’ll take care of you…it’s like the Golden Rule! • Use consultants and outside agencies to assist when necessary (everyone needs help once in awhile!)

  8. Self-Preservation OUTSIDE ACTIVITIES You will be remembered for what you gave…not what you took! - Take advantage of opportunities to speak at public forums - Join professional security groups and be an active member - Write a magazine article - Get security certifications or more training - Reduce Stress – exercise, talk with colleagues, laugh often and of course the occasional beverage of choice AND FINALLY --- Keep the Lights on for ME – I may need to come back home to Security!

More Related