From the War Room to the Board Room: Translating Between Information Security and Risk Management
Interhack founder Matt Curtin will moderate the Third Annual Executive Panel Discussion held by the Central Ohio chapter of the Information Systems Security Association. The meeting will be held November 5, 2003 at the Hilton Hotel at Easton in Columbus.
Information security has suddenly become important to organizations of all types and sizes. As pressures such as insurance premiums and regulatory demands gain the attention of boards of directors, security experts have found themselves pulled out of their war rooms, taking on greater visibility and accountability. Boards demand security efforts that make sense in light of their overall risk management philosophy.
How can security officers and their organizations understand risk in information systems? How can they rationally decide when to accept risk, when to mitigate it, and when to transfer it? How can information security professionals translate the demands of the corporation into everyday information security policy and practice? Our panel of experts will consider these issues and audience questions.
- Matt Curtin
- CEO, Interhack Corporation (Moderator)
- Michael Assante
- Chief Security Officer, American Electric Power
- Jack Jones
- Chief Information Security Officer, Nationwide
- James Wade
- Chief Information Security Officer, KeyBank
About the Central Ohio ISSA
ISSA is “the Global Voice of the Information Security Profession.” The goal of the Central Ohio chapter is to ensure that information security professionals are provided with a valuable resource to enhance their knowledge and experience. Central Ohio ISSA can be found online at centralohio.issa.org.
Interhack Corporation is an information assurance and forensic computing firm in Columbus with focus on compliance with regulatory demands in health care, consumer lending, and public companies. With clients all over North America, Interhack uses small, expert teams to deliver solutions that help to close the gap between theory and practice in information systems. Interhack can be found on the Web at web.interhack.com.