- This event has passed so registration is closed.
Each day in the life of a CISO will be different, as priorities change and interruptions abound. Join me as we look at atypical (if there is such a thing) day of a CISO.
CISOs are not just the heads of information security. They have to be business leaders; they have to learn and know the business. They need to be public relations and marketing specialists, selling security to their organization’s business units. The days of technologists sharing with management the number of potential attacks from the Internet are ancient history. The C-Suite has no desire to learn to communicate with Information Security professionals. We must learn to speak the language of business. Have I used the word “business” enough, yet?
CISOs must have a solid background in IT to be able to effectively communicate with the IT side of the house, collaborating on projects and discussing strategies to ensure security controls are in place and being adhered to. In addition, effective security awareness strategies are increasingly important, as phishing attacks proliferate. One Phishing attempt can interrupt an entire morning. Applications need to be written in a secure manner, in an environment with ample security processes in place. Proposed new apps must be assessed for security at their very inception, not just prior to implementation.
Richard Greenberg – Information Security Officer, Los Angeles County Department of Public Health
Richard has been a Chief Information Security Officer (CISO) for 15 years, Director of Surveillance and Information Systems, Chief of Security Operations, Director of IT, and Project Manager for various companies and agencies in the private and public sectors.
You may have heard Richard’s interview as a Cyber Security expert on Will Ferrell’s Ron Burgundy podcast: https://www.iheart.com/podcast/the-ron-burgundy-podcast-30270227/episode/cyber-security-47951911/.
Richard is the Founder and CEO of Security Advisors LLC, which offers fully-managed security assessments and network and software penetration testing services that allows organizations to continuously assess their internal and external cyber risk posture, and helps companies with compliance issues.
Richard is an Information Systems Security Association (ISSA) Distinguished Fellow, one of only 64 worldwide, and has received their Honor Roll designation (only 55 worldwide). He has also been selected as a finalist for both the (ISC)2 Americas Information Security Leadership Award in the Senior Information Security Professional category and the Los Angeles Business Journal CIO of the Year in Security.
Richard has served on the OWASP Global Board of Directors, leads the OWASP LA Chapter, and has been Co-Chair of the highly successful AppSec California conferences. Richard also is President of the Information Systems Security Association Los Angeles Chapter and is Chair of their widely recognized annual Security Summit and CISO Forum.
Richard is dedicated to diversity in our field. He started and chairs the annual Women in Security Forum, and supports creating a more open and welcome community. Richard’s reach in the Southern California region is extensive. He has worked diligently to bring together the various Southern California IT and InfoSec organizations to enhance their collaboration efforts, to help reach new IT and InfoSec professionals.
Richard has been a published author and has spoken worldwide on Information Security, individually and on panels.