Breaches Are Everywhere: What Should a Good Security Leader Do?
Wednesday, February 20, 2019 | 3:00 pm EST
Breaches are on the news seemingly weekly, as organizations are struggling to secure their data. Phishing attacks are proliferating and going after our workforce. Ransomware has taken several victims and is also escalating. In this talk, I will share strategies to combat the rise of cybercrime, and how to make your networks more secure. I will discuss administrative, technical, and physical security controls. Have you built a sustainable and dynamic Information Security Plan? Have you shared this with upper management and gotten their buy-in and support? Have you initiated a balanced Security Awareness Program? Are you regularly running scans of both your network and your applications? Are you monitoring your network to detect unusual activity? What about when that dreaded intrusion into your network occurs? Do you know what to do? Are you testing and evaluating your security controls on a regular basis? How often do you test your Disaster Recovery Plan and your Incident Response Plan? Do you have the right people on your IR team? We are entrusted with highly sensitive data. We must utilize best practices, but they cannot be "best" unless they employ both best privacy and security practices. Come learn if you are doing this and ensure that you indeed protect your confidential information. Don't allow your organization to become the next victim of a breach.
What you'll learn:
- Defense in depth
- The importance of being a business leader
- Collaboration strategies within your organization
Richard Greenberg, Information Security Officer
Los Angeles County Public Health, OWASP Global Board of Directors, President ISSA Los Angeles
Richard Greenberg, CISSP is the Information Security Officer for the Los Angeles County Department of Public Health. Previous positions include Director of Surveillance and Information Systems, Chief of Security Operations, Director of IT, and Project Manager for companies/agencies in the private and public sectors. Richard has 25+ years of management experience and has been a strategic and thought leader in IT and Information Security. His Project Management, Security Management, and Policy and Compliance experience has helped shape his broad perspective on creating and implementing Information Security Programs. Richard, an Information Systems Security Association Fellow, has received their Honor Roll designation. He has also been selected as a finalist for both the (ISC)2 Americas Information Security Leadership Award and the Los Angeles Business Journal CIO of the Year in Security. Richard was recently elected to the OWASP Global Board of Directors. Richard is the President of the ISSA and OWASP LA Chapters. He has worked diligently to bring together various IT/InfoSec organizations to enhance their collaboration efforts, to help reach new IT and InfoSec professionals. He and his chapter have been a recipient of the OWASP Chapter of the year. Richard has been a published author and has spoken on Information Security individually and on panels, most recently in November at the Argyle 2018 IT and Security Leadership Forum in Los Angeles and the Cyber Security Summit at the Beverly Hilton. He is also a Security Evangelist, helping to spread the word about secure application development and general security awareness.