Your SlideShare is downloading. ×
0
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
CISM IS Leadership Presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

CISM IS Leadership Presentation

226

Published on

Edited version of internal presentation on security risk management efforts.

Edited version of internal presentation on security risk management efforts.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
226
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Helping Leaders Make Informed Decisions IS LEADERSHIP PRESENTATION
  • 2. Agenda Review of CISM Background Analysis Lifecycle Current Analysis Products Upcoming Products
  • 3. CISM Background
  • 4. Skill Sets Over 50 years of domain expertise CIS/IA PhD, MBA, MSIM 20+ domain certifications Average 30+ hours a month of outside outreach and training
  • 5. Analysis Lifecycle Acquisition Storage and Processing Analysis Reporting
  • 6. Acquisition Threat Intelligence ◦ REN-ISAC ◦ NH-ISAC ◦ VCDB ◦ Subscription Services ◦ Private Sources Internal Data Sources ◦ Orchestrate ◦ Security Logs ◦ Nessus ◦ Interviews
  • 7. Storage and Processing SQL Server NoSQL ◦ MongoDB ◦ Elasticsearch ◦ Apache Pig (Hadoop) PowerShell
  • 8. Analysis Simulation ◦ Rstats ◦ Python
  • 9. Reporting Written Reports ◦ Compliance Analysis Visualization ◦ Tableau Example Work Products ◦ Policy ◦ Audits ◦ Security Findings ◦ Data Loss Protection ◦ Network Security Posture Analysis ◦ Security Incident Management
  • 10. Current Analysis Products
  • 11. A Tale of Three Demonstrations 1. Vulnerability Performance Management 2. PCI-DSS Compliance Tracking 3. Application Risk Overview
  • 12. Upcoming Efforts Modelling Application Risk
  • 13. Application Risk Simulation Which of the various options will provide the highest returns to the safety, stability, and security of my application at the lowest cost?
  • 14. Project X Application Risk Simulation
  • 15. Questions? David F. Severski Email Phone

×