Similar to how eccentric scientist Victor Frankenstein creates a grotesque creature in an unorthodox scientific experiment, security professionals have a tendency to build security programs in a similar manner; piece by piece.
Security professions should build security programs based on well defined security frameworks such as ISO27001, CSF, and NIST 800-53. In this discussion we will discuss how a security program is built from the ground up in a strategic manner. We will discuss the basics of what a security program should contain to meet regulatory compliance requirements and include the building of a sustainable security lifecycle management program .
Let’s not build security programs in the same manner Victor Frankenstein would; let’s build the next Frankenstein.
- Building a security program.
- Strategic process to building a security program
About Ron Kuriscak
Ron Kuriscak brings more than 20 years of information security leadership and experience to his current role. As director of information security in the office of the CISO at Optiv, Kuriscak uses his leadership experience from both the public and private sectors in multiple industries and business sectors to assist clients in building better and more effective information security programs.
He has been an outsourced chief information security officer (CISO) and has been acknowledged by security experts as developing security programs operating within the top one percent of organizations within the U.S. Kuriscak has experience with the Federal Information Security Management Act (FISMA), the National Institute of Standards and Tec.