Presentations
I really enjoy presenting ideas about security, technology, and business management to audiences of all sizes. Here are some of my more enjoyable presentations.
I was featured on an episode of the CISO Stories Podcast hosted by Todd Fitzgerald. The subject was "Where Should the CISO Report?," a favorite topic of mine. (Spoiler alert: it doesn't matter!)
"Prioritize Security Risks and Solutions in the Face of Ever-Changing Risks, Threats and Technology (and other examples of the dark arts…)" Presented at the 2018 Connected Insurance USA Summit in Chicago. How to prioritize information security risks.
"Short Words and Sock Puppets: 8 Simple Rules for Communicating Security Programs to Management." From the MISTI CISO Summit 2015, an easy-to-understand methodology for ensuring your communication is clear, understandable, and - most important - effective in conveying your program.
"Conducting a Risk Assessment for Mobile Devices" was a presentation at the MISTI Mobile and Smart Devices Security conference in 2013. In the session we did the risk assessment live and learned a few things in the process.
My MISTI IT Governance, Risk and Compliance talk, "Risk Management for Those Who Like to Sleep at Night," was a fun look at the myths and realities of how to build an effective risk management program without driving yourself crazy.
MISTI CISO Summit 2012: The Role of the CISO in 2012. Another turn at predicting the future. Maybe I'll be right this time!
The Mobile Security Show: An AT&T Tech Channel series that explores the issues and solutions around securing mobile devices. I participated in a panel discussion for Episode 2. Hosted by Veronica Belmont and Dino Dai Zovi, with fellow panelists Ed Amoroso (AT&T), Charles Crouchman (Mformation), and Robert Griffin (RSA).
Mobile Device Security Presentations: Here are two presentations from the MISTI Mobile & Smart Device Security and IT Audit & Control conferences in October 2011. There is a lot of commonality between the two, but each has a different core message.
Building a Mobile Device Security Program aims to describe how to establish a sustain a mobile security component to your overall security program.
Managing and Auditing Mobile Devices discusses the audit aspects of mobility.
SC Magazine World Congress 2011: Building a Positive Relationship Between Security and Audit. The farmer and the cowman can be friends!
MISTI IT GRC Conference 2011: Risk Management and Compliance in Today's Economy. It's not rocket science!
CSO Perspectives Conference 2011 - Maturing the Application Security Assessment Program. Go horizontal for better coverage.
MISTI CISO Summit 2007 - Opening Keynote Remarks. What will the next generation CISO look like?
InfoSec World 2007 - Getting From Good to Great. Security organization development and improvement
eWeek Security Summit - 2004 - Security Architecture in the Real World. Everything I Needed to Know About Security Architecture I Learned in High School Physics
ISF Congress 2003 - Intellectual Property Protection Through E-Mail Analysis. Joint presentation of some original research done by Glenn Cater and the CCANS gang at Lucent Technologies
ISSA 2002 - Financial Fraud. Where it's been, Where it's going