Contact Us   |   Print Page   |   Sign In   |   Join Now
September 2016 ISSA Web Conference

Security Architecture & Network Situational Awareness

Recorded (2 Hour Event) on Tuesday, September 27, 2016

Click here to view the recording.
Click here to take the CPE quiz.

Generously sponsored by

RedSeal. The measure of resilience.


IoT, BYOD, Clouds, IAS, SAaS, and a host of other things – these are all symptoms of our real security problem. Every day we add to our corporate architecture and we don’t think about the architectural modeling, the security of those elements or how those elements will impact it. This session will cover strategies for defining architectures, how to remodel your security architecture for 2017, and how to measure your exposure.

  • Do you often wonder what kind of security architecture you have? Feel like you have a straw, wooden, or brick security structure?

  • While we have repeatedly talked about point vulnerabilities, we have missed the fact that it is about the architecture that is being attacked. Yet we tend to ignore modeling the security architecture and access paths, measuring risk and prioritizing response to threats.

  • What is going on when the security architecture fails? How can you measure risk? How can you increase situational awareness?


Mark Kadrich

For the past 25 years, Mark Kadrich has worked in the security community, building knowledge, and contributing solutions. Mr. Kadrich serves as CISO at SDHC Health Exchange in San Diego and as CISO for 211 San Diego. He holds degrees in Management Information Systems, Computer Engineering and Electrical Engineering.


Ben Tomhave, MS, CISSP

Ben Tomhave is a security architect with New Context, a lean security firm. He holds a Master of Science in Engineering Management from The George Washington University and is a CISSP. He has previously held positions with Gartner, AOL, Wells Fargo, ICSA Labs, LockPath, and Ernst & Young. He is former co-chair of the American Bar Association Information Security Committee, a senior member of ISSA, former board member at large for the Society of Information Risk Analysts, and former board member for the OWASP NoVA chapter. He is a published author and an experienced public speaker, including speaking engagements with the RSA Conference, MISTI, ISSA, Secure360, RVAsec and RMISC, as well as Gartner events.

Jerry Sto. Tomas, CISSP, CISM, MSIA

Jerry Sto. Tomas is the Chief Information Security Officer for Apria Healthcare, a leading provider of home respiratory services and medical equipment including oxygen therapy, inhalation therapies, sleep apnea treatment, and negative pressure wound therapy. As the CISO, he is responsible for the development and execution of enterprise information security strategic plan and roadmap.

Sto. Tomas has over 20 years of IT, privacy, and information security experience. As the head of Global Information Security at Allergan for eight years, he established the Information Security Department and executed successful global security programs such as Security Awareness, Data Loss Prevention and Privacy, Vendor Risk Management, Vulnerability and Threat Management, and eDiscovery. He was also the Chief Security Officer for The Impac Companies and Global Information Security Advisor for Celestica, Inc. where he was involved in various aspects of information and physical security such as strategic planning, architecture design, incident response, and security audit and assessments.

Sto. Tomas studied business administration at the University of Santo Tomas, Philippines and Colorado Technical University. He also holds a master’s degree in information assurance from Norwich University and is a CISSP (Certified Information Systems Security Professional) and a CISM (Certified Information Security Manager).

Community Search
Sign In


6/20/2019 » 6/21/2019
2019 Triad of NC ISSA Security Summit

ISSA International Series: Privacy - GDPR a Year Later

ISSA International Series: Security Standards Organizations - The good, the bad, and the ugly?

ISSA International Series: Legislative Aspects

ISSA International Series: New Trends in Security- Outsourcing and Other Tech

Copyright © 2016, Information Systems Security Association, All Rights Reserved
Privacy PolicyCopyright Information