Find out what's inside the September 2020 edition of the Journal & download a free copy of this month's featured article
- This event has passed so registration is closed.
Each day in the life of a CISO will be different, as priorities change and interruptions abound. Join me as we look at atypical (if there is such a thing) day of a CISO.
CISOs are not just the heads of information security. They have to be business leaders; they have to learn and know the business. They need to be public relations and marketing specialists, selling security to their organization’s business units. The days of technologists sharing with management the number of potential attacks from the Internet are ancient history. The C-Suite has no desire to learn to communicate with Information Security professionals. We must learn to speak the language of business. Have I used the word “business” enough, yet?
CISOs must have a solid background in IT to be able to effectively communicate with the IT side of the house, collaborating on projects and discussing strategies to ensure security controls are in place and being adhered to. In addition, effective security awareness strategies are increasingly important, as phishing attacks proliferate. One Phishing attempt can interrupt an entire morning. Applications need to be written in a secure manner, in an environment with ample security processes in place. Proposed new apps must be assessed for security at their very inception, not just prior to implementation.
Richard Greenberg – Information Security Officer, Los Angeles County Department of Public Health
Richard brings over 25 years of management experience and has been a strategic and thought leader in IT and Information Security for both the private and public sectors. His Project Management, Security Management and Operations, and Policy and Compliance experience has helped shape his broad perspective on creating and implementing Information Security Programs in organizations.
Richard was recently honored as an Honor Roll recipient by ISSA International. He has been selected as a finalist for both the (ISC)2 Americas Information Security Leadership Award in the Senior Information Security Professional category and the Los Angeles Business Journal CIO of the Year in Security.
Richard is the Chair of the Annual Healthcare Privacy and Security Forum in LA. He has been a Chair of several ISSA LA Security Summits, and AppSec California conferences. He has also served as the OWASP AppSec USA Conference Co-Chair and has been a member of the ISSA International Conference Committee. He is President of ISSA-Los Angeles, as well as the OWASP Los Angeles Chapter Leader. He has worked diligently to bring together the various Southern California InfoSec organizations to enhance their collaboration efforts, to help reach new and existing members.
Richard is a published author, and has spoken on Information Security individually and on panels, most recently at the Beverly Hills Health IT Summit in Nov 2016. He is also a Security Evangelist, helping to spread the word about secure application development and general security awareness.