Presented at ShellCon 2018
Sept. 22, 2018, 10 a.m.
The CISO's role has been evolving over the years. It is moving away from so much emphasis on compliance and monitoring towards a more strategic role, particularly as CISOs get more and more access to the C-Suite.
A key to success as a CISO is collaboration with and understanding the work of other business units. A large part of the job is not about technology at all. It is about relationships, project management, and learning about several parts of the business.
It is a good CISO's job to adequately assess and point out the risks to the business of various projects and business practices.
What are other key elements that are part of the strategy of a successful CISO? Have you initiated a balanced Security Awareness Program? Is security baked in to your company's SDLC? Are you regularly running scans of both your network and your applications? Are you monitoring your network to detect unusual activity? What about when that dreaded intrusion into your network occurs? Do you know what to do? What about third party risk? Do you have adequate InfoSec policies, standards, and procedures?
Join me as we take a look at A Day in the Life of a CISO and find out what should be happening at your company.
Richard Greenberg, CISSP is the CISO for the LA County Department of Public Health. Previous positions include Director of Surveillance and Information Systems, Chief of Security Operations, Director of IT, and Project Manager for various companies/agencies in the private and public sectors.
Richard brings over 25 years of management experience and has been a strategic and thought leader in IT and Information Security for both the private and public sectors. His Project Management, Security Management and Operations, and Policy and Compliance experience has helped shape his broad perspective on creating and implementing Information Security Programs in organizations.
Richard is the President of the ISSA and OWASP Los Angeles Chapters. He and his chapter have been a recipient of the OWASP Chapter of the year.
Richard has been a published author and has spoken on Information Security individually and on panels, most recently at the ISSA CISO Forum in May and "A Day in the Life of a CISO" for the Argyle CISO Forum in November 2017. He is also a Security Evangelist, helping to spread the word about secure application development and general security awareness.