280 likes | 646 Vues
The Role of the CISO. Ron Baklarz CISSP , CISA, CISM, NSA-IAM/IEM **Warning sexually graphic content and subject matter**. Internal Factors Affecting the CISO Role Top 10 Coolest Information Security Jobs What Makes a Good CISO? Corporate culture To Whom does the CISO report?
E N D
The Role of the CISO Ron Baklarz CISSP, CISA, CISM, NSA-IAM/IEM **Warning sexually graphic content and subject matter**
Internal Factors Affecting the CISO Role • Top 10 Coolest Information Security Jobs • What Makes a Good CISO? • Corporate culture • To Whom does the CISO report? • What are budget and staffing levels? • External Factors Affecting the CISO Role • Regulatory aspects • Risk factors of the organization • Personal Experience Agenda
The Top 10 of the 20 Coolest Jobs in Information Security • Information Security Crime Investigator/Forensic Expert • System, Network and/or Web Penetration Tester • Forensic Analyst • Incident Responder • Security Architect • Malware Analyst • Network Security Engineer • Security Analyst • Computer Crime Investigator • CISO/ISO or Director of Security www.sans.org
“Key responsibilities of a CSO include asset management, security assessments, development of a security strategy and risk management plan, certification and audit. In a nutshell, the CSO manages risks for the organization and advises senior management about risks to the business and recommends a treatment for the risk. “ May 30, 2007 Nalneesh Gaur www.csoonline.com
What makes a good CISO? - The ability to affect change. - An understanding of how business processes and information interact. - An understanding of the technologies used in your organization - An understanding of legal and compliance issues. May 15, 2009 Boaz Gelbord
Experience • Military-focused organization • Government • Private Sector • Humanitarian • Healthcare • Transportation Corporate Cultures
GLBA SOX HIPAA PCI FISMA Regulatory Aspects
Titles: CISO, CSO, CRO, ISSO, Director, Manager Reports To: CIO, CFO, CRO, CEO, CTO Never realized convergence of physocal and logical security Reporting & Organizational Structures
Chronology of Data Breaches - Started in 2005 subsequent to the Choicepoint breach • As of September 25, 2009: 263, 674,426 records compromised www.privacyrights.org
$3.5 Billion non-profit • Largest healthcare system in the Washington DC-Baltimore area • 8 hospitals and over 50 offices and services • 25,000 employees • 5,000 affiliates Personal Experience - MedStar Health
What is DLP? DLP – Data Loss Prevention
Affiliated physician • Coming in through VPN with static IP assignment • Had VPN trail, firewall trail, DLP corroboration • DLP easily assembled cases • FBI/BCPD investigated – confiscated work computer DLP – First 45 minutes & More
DLP – First 45 minutes DLP – “The Officer is not a gentleman”
“Attachments F and G are screenshots from direct access to PC xxx.xxx.xxx.xxx and specifically the “My Pictures/Pics” folder. The details of this folder show that there are 49 subfolders with a total of over 1,300 mostly pornographic images of different women compartmentalized on a by-folder basis. “ Excerpt from investigative report CISO.2007.155 dated October 1, 2007 DLP – “The Officer is not a gentleman”
Q & A End of Presentation