2. Why study info sec management?
1. If you’re good, you can make a difference in
peoples lives
2. There is money to be made
3. Congress and the country looks to InfoSec
leaders to write policy
3. If you’re good, you can make a
difference in peoples lives
• Rick Rescorla – Chief Security Officer for
Morgan Stanley
– Evacuated 2,700 people from 22 floors of WTC
• His ability to see risk and create plans to
mitigate that risk is the essential skill needed
to excel in this profession
• Piss Poor Planning Promotes Piss Poor
Performance
4. There is money to be made
• Highest Paid Professions in computer security
industry:
– Chief Information Officer
– Chief Technology Officer
• What’s the difference?
5. CIO Duties
CIO’s role mandated
by legislation
CIO’s must be held
accountable for these
business operations
http://www.govloop.com/profiles/b
logs/the-roles-of-cios-and-ctos
6. CTO Duties
CTO role is still evolving
and therefore adaptable to
changing technologies
If you want a executive
officer aiding your
company, employ a CTO,
not a CIO
http://www.govloop.com/profiles/blogs/the-roles-of-cios-and-ctos
7. CIO & CTO often work together
http://www.govloop.com/profiles/blogs/the-roles-of-cios-and-ctos
8. How much do they make?
Who are they?
• Pay attention to the next 7 slides
• Note similarities, differences, and things you
find interesting
9. John Tracy
• CTO Boeing
• 2010 compensation $3.6 million
•Undergrad School: CSU Dominguez Hills - Physics
•Master’s: CSULA – Physics
•PhD: UC Irvine - Engineering
10. Lori Beer
• CTO WellPoint
• 2010 compensation $4.5 million
•Undergrad School: University of Dayton
•Undergrad Major: Computer Science
11. Bill Chenevich
• CIO US Bancorp
• 2010 compensation $4.4 million
•Undergrad School: City College of New York
•MBA: City University of New York
12. Thomas Stephens
• CTO General Motors
• 2010 compensation $5.6 million
•Undergrad School: University of Michigan
•Undergrad Major: Mechanical Engineering
13. Rob Carter
• CIO FedEx
• 2010 compensation $3.6 million
•Undergrad School: University of Florida
•Undergrad Major: Computer and Information Science
14. David Thompson
• CIO Symantec
• 2010 compensation $1.9 million
•Undergrad School: Marymount University
•Undergrad Major: Business administration, management & operations
15. Tim Sullivan
• CIO SunTrust Banks
• 2010 compensation $2.1 million
•Undergrad School: Unioversity of Illinois
•Undergrad Major: BA Economics
17. Although these executives undoubtedly
understand technologies surrounding
computer security…
… they have mastered management and division
operations with corporations.
Point: to reach their level, you need infosec
management.
18. Congress looks to InfoSec leaders to
help write federal policy
• Energy & Commerce Committee
– Communications & Technology Subcommittee
• Jurisdiction: Interstate and foreign telecommunications
and information transmission by broadcast, radio, wire,
microwave, satellite and, Homeland security-related
aspects of the foregoing, including cybersecurity.
19.
20. InfoSec professionals advise
Congressional members
• Feb. 8: Cybersecurity: Threats to Communications Networks and
Private-Sector Responses
– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-technology-subcommittee-hearing-on-cybersecurity-
threats-to-communications-ne
• March 7: Cybersecurity: The Pivotal Role of Communications
Networks
– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-and-technology-subcommittee-hearing-on-
cybersecurity-communications-networks
• March 28: Cybersecurity: Threats to Communications Networks and
Public-Sector Responses
– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-technology-subcommittee-hearing-on-cybersecurity-
threats-to-communications--0
21. Assignment: due next class
• Watch the rest of the posted Congressional
Hearing
– If you prefer text over video, look through the
transcripts of the videos found in links posted on
previous slide
• Come to class ready to discuss
– Bring facts, ideas, you found interesting
– Try to answer the question: how are these particular
speakers chosen to testify?
– Bring questions you have
• Read through chapter 1