2. Who is a Security Champion?
⁄ A person! Nominated by their squad/team leader
⁄ An Information Security “go to” person in their team
⁄ Information Security Promoter
⁄ A Security Champion will:
• Have an overview of their squad’s assets
• Monitor all squad assets regularly (automated/manual Nmap, port and vulnerability scans, Data Dog,
Elastic or any other tool of choice, code, apps, threat models...)
• Responsible of reporting any security risks or vulnerabilities within their squad/team work scope
• Be aware of and help with enforcing Glasswall Security Guidelines to the team
• Report and escalate any breach of the Security Guidelines within their team/squad
• Promote Information Security awareness and tips with the squad via Slack channels
• Be involved in Incident Response within their team/squad
3. Why do we need Security Champions?
⁄ To ensure information security is part of every team workflow in Glasswall
⁄ As part of an information security assurance there will be a Security Champion within every
team in Glasswall
⁄ Ensuring our assets and our customers are safe goes beyond the Information Security Team
⁄ Risk awareness and mitigation processes within every team helps establish Resiliance
4. How it will be introduced in GW?
Security Champion
Policy
Security Champion
Nomination
Security Champion
Training
5. Risk Strategy
Asset Protection
Information Security Resilience
Threat Modelling
Discovering and Mitigating Vulnerabilities
Risk Assessment
Information Security Policies
Information Security Team
Employees – InfoSec as workflow
Risk Framework
6. Security Champion Training
⁄ Security Champions will receive InfoSec training led by the InfoSec team
in form of onboarding procedures, tutorials, webinars and e-learning
⁄ If any questions or uncertainties the InfoSec team will always be
available to assist and provide training and feedback
⁄ Learning by participating in the InfoSec meetings
⁄ Proactive self e-learning about information security
7. Thank You for your attention
Any questions?
Petra Vukmirovic
InfoSec Team Glasswall