• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

The Paper Trail: A False Facade Of InfoSec

How many times as information security professionals have we heard “There is a policy that covers this.”, or “The reason there was a leak is because John didn’t follow our procedure?”

How many hours have we spent writing policies, and dealing with the politics of implementing those policies, just to not have them followed or enforced?

This presentation is targeted to information security management and will focus on the harsh reality of relying so heavily on policy and process, with subpar results in protecting our organizations.
We will address information security by emphasizing the importance of holding information security professionals responsible. Too often information security professionals point the blame to a policy or process that is not being followed. While this paper trail has its place in information security, we have created this false façade that management hides behind. As information security professionals we need to begin spending our policy time on proactive security. We will discuss how to develop an information security program and build a team that will more effectively protect your organization.

Key learning points:
  • Policies Pass Audit Review But Don't Provide Infomation Security
  • Promotion Of Proactive Security Testing To Enhance Security Program
  • There Is A Need For Information Security Accountability

About Scott Erven

Scott Erven is an Associate Director at Protiviti. He has over 15 years of information security and information technology experience with subject matter expertise in medical device and healthcare security. Scott has consulted with the Department of Homeland Security, Health and Human Services, Food and Drug Administration and advised national policymakers. His research on medical device security has been featured in Wired, Forbes, BBC and numerous media outlets worldwide. Mr. Erven has presented his research and expertise in the field internationally. Scott also has served as a subject matter expert and exam writer for numerous industry certifications. His current focus is on research that affects human life and public safety issues inside today’s healthcare landscape.

Primary Sidebar

Details

Wednesday May 15, 2013
2:35 PM - 3:35 PM
Room 12
Level: Intermediate

Share this page

Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Buffer this page
Buffer
Email this to someone
email

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.