Security vs. Operations – Balancing the Risk – Ross Leo – CSP #114
The role of CISO is one filled with challenges and decisions. Frequently, a CISO is faced with having to decide in compromise with Operations, in favor of Operations. This can be a very difficult and risky choice to make - but the ideal of having both get 100% of what they want, or need is not realistic. How to do this? In this session, we discuss how to analyze both POV, both sets of requirements and issues and reach optimal decisions that, hopefully, achieves a balance between these without amplifying risk.
Mr. Leo has been in Information Systems for more than 35 years, and an Information Privacy-Security professional for more than 30 of those years. He has worked internationally as a Systems Analyst/Engineer, and as a Security and Privacy Consultant. His past employers include IBM, St. Luke’s Episcopal Hospital, Computer Sciences Corporation, and Rockwell International. A NASA contractor for 22 years, he held the role of Director of Security Engineering and Chief Security Architect for Mission Control at the Johnson Space Center from 1998 to 2002. From 2002 to 2006 Mr. Leo was the Director of Information Systems, and Chief Information Security Officer for the Managed Care Division of the University of Texas Medical Branch in Galveston, Texas. Now is CISO for InvisALERT Solutions.
In 2022, was awarded the honor of being named to the list of “Ten Most Influential CISOs of the Year” by CIOViews.
Todd Fitzgerald has built information Fortune 500/large company security programs for 20 years. Todd serves as VP, Cybersecurity Strategy and Chairman of the Cybersecurity Collaborative Executive Committee, was named 2016–17 Chicago CISO of the Year, ranked Top 50 Information Security Executive, authored 4 books including #1 Best Selling and 2020 CANON Hall of Fame Winner CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers (2019), ground-breaking CISO Leadership: Essential Principles for Success, as well as contributions to a dozen others. Todd held senior leadership positions at Northern Trust, Grant Thornton International, Ltd, ManpowerGroup, WellPoint (Anthem) Blue Cross Blue Shield/ National Government Services, Zeneca/Syngenta, IMS Health and American Airlines.