Type your search keyword, and press enter

Winner of 2017 Information Security Executive Award

Information Security Executive of the year 2017Honored and privileged to have been chosen as the Information Security Executive of the year 2017. The awards ceremony and the winners for the executive of the year and security project of the year were announced at an Awards Gala on August 23, 2017 at the Westin St. Francis in San Francisco, CA.

Executives nominated for the ISE® West Award in the Executive category are defined as leaders who improve their organization’s risk management, data asset protection, privacy and network security efforts while proactively implementing security technology and processes. Judges evaluated these leading nominees based on the following criteria: responsibilities, aligning security with the business, leadership, future vision, applying innovation, and building technology partnerships.

For over a decade, the West ISE® Awards recognize nominees from Alaska, Arizona, California, Colorado, Hawaii, Idaho, Montana, Nevada, New Mexico, Oregon, Utah, Washington and Wyoming. Nominations are sent to T.E.N.’s distinguished panel of ISE® judges for review and scoring.  The winner is announced publicly on the evening of the awards.

“We applaud the ISE® Award Executive nominees for demonstrating regional distinction in their career achievements,” said Marci McCarthy, CEO and president, T.E.N. “Being judged worthy of an ISE® Award demonstrates a lifetime of success in the field of IT security.”

About T.E.N.
T.E.N., a national technology and security executive networking organization, facilitates peer-to-peer relationships between top executives, industry visionaries and solutions providers. Nominated for numerous industry awards, T.E.N.’s executive leadership programs enable information exchange, collaboration and decision-making. Its flagship program, the nationally-acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals. Other offerings include The ISE® Lions’ Den and Jungle Lounge, T.E.N. Custom Programs and the ISE® Industry Expert Advisory Services, empowering IT solutions providers to gain access to highly credentialed IT business veterans’ expertise. For information, visit www.ten-inc.com.

About ISE® Award Program Series
For more than a decade, the Information Security Executive® (ISE®) of the Year Award Program Series has empowered security executives and their project teams to Connect, Collaborate and Celebrate. Recognized as the industry’s most prestigious IT Security award program, it has become the most anticipated award program for security executives and their project teams. Winners have included executives and project teams from leading organizations such as Nike, The Walt Disney Company, the United States Postal Service, Schlumberger, Texas Instruments, JPMorgan Chase & Co., Equifax, Comcast, PayPal, Northrop Grumman Corporation, and Nationwide.

Our distinguished ISE® Judges are past nominees representing a cross section of industries, including commercial, government, health care and academic sectors. For this reason, the ISE® Awards represent the best achievements of the year as evaluated by those regarded as the industry’s most influential and successful thought leaders. Coupled with a one or two-day executive summit, the ISE® Awards are held across the country and Canada in major cities including Atlanta, Chicago, Dallas, New York and San Francisco. The ISE® Awards Program Series has reached more than 10,000 executives across a broad range of industries and has been a major influence in executives’ careers, knowledge sharing, and the development of peer-to-peer relationships.

Participating in Security Shark Tank with Robert Herjavec and CISOs

Participating as a ‘Shark’ as part of a panel comprising of Chief Information Security Officers (CISOs) and Robert Herjavec. The event is the Security Shark Tank taking place on Feb 14, 2017 in San Francisco during the week of RSA Conference 2017.

The event will be conducted in a true Shark Tank style environment that we are used to seeing in the hit TV series. It will be great participating alongside Robert Herjavec who will be serving as the host and moderator. It will give us the opportunity to interact with new technologies from top notch vendors while giving valuable feedback to the vendors themselves.

“The Security Shark Tank has grown to become the premier forum for CISOs and industry leaders to learn about innovative technology. I look forward to the rapid-fire exchange with my peers, the participating vendors and host Robert Herjavec during one of the most anticipated events during the week of RSA,” said Hearst CISO David Hahn, a former moderator and participant.

Link to the prnewswire feed: http://www.prnewswire.com/news-releases/robert-herjavec-to-host-security-current-signature-event-security-shark-tank-in-san-francisco-300362932.html?tc=eml_cleartime

Judge for SC Magazine Awards 2017

The annual SC Magazine 2017 awards celebrating the best and brightest in Information Security is around the corner. As part of this mission, it was a huge honor and privilege to be part of a small panel of judges comprised of a range of cybersecurity industry luminaries — from current and former CISOs to vendor-neutral consultants or analysts to educators from academic institutions — all members of SC’s audience, validating the best of the best Information security products and services nominated for various cybersecurity awards.


Speaking at Global Big Data Conference 2016

Securing Apache Kafka by Ajit Gaddam

Speaking on Securing Apache Kafka

Global Big Data Conference
Securing Apache Kafka by Ajit Gaddam


The Session

The Interview


Cloud Security Guidance

This post is a summary of the guidance provided in version 3 of the Cloud Security Alliance document Security Guidance for Critical Areas of Focus in Cloud Computing v3.0.  The CSA guidance remains one of the best around providing actionable security guidance for businesses adopting a multi-tenant cloud service environment.

Overall document summary:

  1. The Cloud Security guidance document is organized into 14 domains.
  2. The 14 cloud security domains are Cloud Architecture, Governance and Enterprise Risk Management, Legal: Contracts and Electronic Discovery, Compliance and Audit, Information Management and Data Security, Portability and Interoperability, Traditional Security, Business Continuity and Disaster Recovery, Data Center Operations, Incident Response, Notification and Remediation, Application Security, Encryption and Key Management, Identity and Access Management, Virtualization, and Security as a Service
  3. The different cloud deployment models are: private, public, community, or hybrid models
  4. Assets that need security in the cloud fall in two categories: Data or Applications/functions/processes. Parts or all assets can move to the cloud or live in your own data center.
  5. Hosting options could include internal (on-premise), external (dedicated or shared cloud infrastucture), or combined (e.g. data can live on-prem while application can move to the cloud).
  6. Assess the CIA (Confidentiality, Integrity, Availability) requirements for the asset and how the risk varies if part or the entire asset moves to the cloud.
  7. In summary, know the assets moving to the cloud, determine your risk tolerance, and figure out the acceptable cloud deployment and service models
    Continue reading… “Cloud Security Guidance”