Recorded (2 Hour Event) on Tuesday, September 27, 2016
Generously sponsored by
RedSeal. The measure of resilience.
IoT, BYOD, Clouds, IAS, SAaS, and a host of other things – these are all symptoms of our real security problem. Every day we add to our corporate architecture and we don’t think about the architectural modeling, the security of those elements or how those elements will impact it. This session will cover strategies for defining architectures, how to remodel your security architecture for 2017, and how to measure your exposure.
Do you often wonder what kind of security architecture you have? Feel like you have a straw, wooden, or brick security structure?
While we have repeatedly talked about point vulnerabilities, we have missed the fact that it is about the architecture that is being attacked. Yet we tend to ignore modeling the security architecture and access paths, measuring risk and prioritizing response to threats.
What is going on when the security architecture fails? How can you measure risk? How can you increase situational awareness?
For the past 25 years, Mark Kadrich has worked in the security community, building knowledge, and contributing solutions. Mr. Kadrich serves as CISO at SDHC Health Exchange in San Diego and as CISO for 211 San Diego. He holds degrees in Management Information Systems, Computer Engineering and Electrical Engineering.
Ben Tomhave, MS, CISSP
Ben Tomhave is a security architect with New Context, a lean security firm. He holds a Master of Science in Engineering Management from The George Washington University and is a CISSP. He has previously held positions with Gartner, AOL, Wells Fargo, ICSA Labs, LockPath, and Ernst & Young. He is former co-chair of the American Bar Association Information Security Committee, a senior member of ISSA, former board member at large for the Society of Information Risk Analysts, and former board member for the OWASP NoVA chapter. He is a published author and an experienced public speaker, including speaking engagements with the RSA Conference, MISTI, ISSA, Secure360, RVAsec and RMISC, as well as Gartner events.
Jerry Sto. Tomas, CISSP, CISM, MSIA
Jerry Sto. Tomas is the Chief Information Security Officer for Apria Healthcare, a leading provider of home respiratory services and medical equipment including oxygen therapy, inhalation therapies, sleep apnea treatment, and negative pressure wound therapy. As the CISO, he is responsible for the development and execution of enterprise information security strategic plan and roadmap.
Sto. Tomas has over 20 years of IT, privacy, and information security experience. As the head of Global Information Security at Allergan for eight years, he established the Information Security Department and executed successful global security programs such as Security Awareness, Data Loss Prevention and Privacy, Vendor Risk Management, Vulnerability and Threat Management, and eDiscovery. He was also the Chief Security Officer for The Impac Companies and Global Information Security Advisor for Celestica, Inc. where he was involved in various aspects of information and physical security such as strategic planning, architecture design, incident response, and security audit and assessments.
Sto. Tomas studied business administration at the University of Santo Tomas, Philippines and Colorado Technical University. He also holds a master’s degree in information assurance from Norwich University and is a CISSP (Certified Information Systems Security Professional) and a CISM (Certified Information Security Manager).
Forgot your password?
Haven't registered yet?
This feature is restricted to registered members.
If you are already a member of the community,click here to sign in.
If you have not yet registered,click here to get connected!
1/24/2017International Web Conference - 2016 Review and 2017 Predictions
2/9/2017CISO Mentoring Webinar Series: What It Takes to be a CISO in 2017
2/11/2017 » 2/12/2017ISSA CISO Executive Forum - Feb. 2017, San Francisco, CA
2/13/2017 » 2/17/2017RSA® Conference 2017
2/13/2017Women in Security SIG February 2017 Webinar