The definition of strategy is “a plan of action to accomplish a major goal.” We often hear stories about companies having a large number of security tools, but only a few of them are fully implemented and utilized. On the flipside, there are security leaders who can’t obtain enough budget to build out their security program. Having a strong strategy in place can solve both of these problems and more. Our panel of seasoned security leaders will discuss how they each approach the different aspects of strategy and the results they have seen.
After completing this session, the learner will understand: - The different aspects of creating a strategy - Lessons learned from not having a strong strategy - Tips on how to get started building a successful strategy
In August 2014, Deborah Blyth became the state’s new Chief Information Security Officer (CISO), bringing a diverse 25-year technology background including 14 years of information security experience. As the CISO, she serves as the point of contact for all information security initiatives in Colorado, informing the Secretary of Technology & Chief Information Officer and executive agency leadership on security risks and impacts of policy and management decisions on IT-related initiatives. Deborah is responsible for determining the strategic and tactical security direction for the State to meet established objectives. Before joining the state of Colorado, Deborah led the Information Technology Security and Compliance programs at TeleTech (5 years) and Travelport (3 years). Deborah is a Colorado native, and graduated Summa cum Laude with a Bachelor of Science degree from Regis University.
Kyriakos "Rock" Lambros is the CEO and Founder of RockCyber, LLC, a Cybersecurity consulting firm. Before RockCyber, his cybersecurity experience spanned industries with differing security and privacy requirements including energy, eCommerce, government, banking, and manufacturing. Most recently, Rock led the cybersecurity program for a large midstream oil and gas company.
Merlin Namuth is a former Chief Information Security Officer. Namuth has over 23 years of IT experience with the last 20 years focused in security. His experience in security includes building and running numerous security programs, program management, managing incident response teams, computer forensics, compliance, architecture, and engineering complex security solutions. Namuth serves on the cyber risk advisory board at Pepperdine University where he also guest lectures. Merlin currently serves on the Board of Directors at iEmpathize, a nonprofit organization focused on educating people about human trafficking. He has presented at several conferences, including RSA both domestically and internationally, as well as RMISC, OWASP, and ISSA. He holds the PMP, CISSP, GCFA and GCIH certifications.
Matthew Sharp leads the cybersecurity function for Logicworks, a company specializing in public cloud operations. Previously, he ran the global security program for Crocs, and provided consulting services with Coalfire and Optiv. In addition to his role at Logicworks he serves as a Technical Advisory Board Member, Cloud Advisory Board Member and NY Metro CSA Board Volunteer.