Submit Search
Upload
Applied mobile chaos theory
•
0 likes
•
373 views
S
SecureITExperts
Follow
A 12 Step plan for ending the madness.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 21
Download now
Download to read offline
Recommended
Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and Complexity
NetIQ
Security White Paper
Security White Paper
MobiWee
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...
NetIQ
Data Loss Prevention: Brainstorming
Data Loss Prevention: Brainstorming
Dr. Lydia Kostopoulos
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security Program
NetIQ
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11
Symantec
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Symantec APJ
Recommended
Leveraging Identity to Manage Change and Complexity
Leveraging Identity to Manage Change and Complexity
NetIQ
Security White Paper
Security White Paper
MobiWee
From reactive to automated reducing costs through mature security processes i...
From reactive to automated reducing costs through mature security processes i...
NetIQ
Data Loss Prevention: Brainstorming
Data Loss Prevention: Brainstorming
Dr. Lydia Kostopoulos
IBM Security Strategy Intelligence,
IBM Security Strategy Intelligence,
Information Security Awareness Group
Building A Cloud-Ready Security Program
Building A Cloud-Ready Security Program
NetIQ
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11
Symantec
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Symantec APJ
Keep Up with the Demands of IT Security on a Nonprofit Budget
Keep Up with the Demands of IT Security on a Nonprofit Budget
BVU
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
NetIQ
The Changing Role of IT Staff
The Changing Role of IT Staff
BVU
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
woodsy01
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
Lisa Abe-Oldenburg, B.Comm., JD.
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
OracleIDM
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
Intel - API Security & Tokenization
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
Securing and Modernizing Technology in the Commonwealth: Better Together
Securing and Modernizing Technology in the Commonwealth: Better Together
EOTSS
Symantec DLP for Tablet
Symantec DLP for Tablet
Symantec
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
centralohioissa
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
DeniseFerniza
Trend micro data protection
Trend micro data protection
Andrew Wong
Smarter cyber security v8
Smarter cyber security v8
John Palfreyman
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Ben Rothke
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
Valencell, Inc.
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
biometrics and cyber security
biometrics and cyber security
Karthiga Manisekaran
NZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
More Related Content
What's hot
Keep Up with the Demands of IT Security on a Nonprofit Budget
Keep Up with the Demands of IT Security on a Nonprofit Budget
BVU
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
NetIQ
The Changing Role of IT Staff
The Changing Role of IT Staff
BVU
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
NetIQ
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
woodsy01
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
Lisa Abe-Oldenburg, B.Comm., JD.
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
OracleIDM
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Liwei Ren任力偉
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
Intel - API Security & Tokenization
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Symantec
Securing and Modernizing Technology in the Commonwealth: Better Together
Securing and Modernizing Technology in the Commonwealth: Better Together
EOTSS
Symantec DLP for Tablet
Symantec DLP for Tablet
Symantec
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
centralohioissa
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
DeniseFerniza
Trend micro data protection
Trend micro data protection
Andrew Wong
Smarter cyber security v8
Smarter cyber security v8
John Palfreyman
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Ben Rothke
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
Valencell, Inc.
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Digital Guardian
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
HyTrust
What's hot
(20)
Keep Up with the Demands of IT Security on a Nonprofit Budget
Keep Up with the Demands of IT Security on a Nonprofit Budget
Scrubbing Your Active Directory Squeaky Clean
Scrubbing Your Active Directory Squeaky Clean
The Changing Role of IT Staff
The Changing Role of IT Staff
A Smarter, More Secure Internet of Things
A Smarter, More Secure Internet of Things
Security For Business: Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Develop and Enforce a Bring-Your-Own-Device (BYOD) Policy
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
Securing and Modernizing Technology in the Commonwealth: Better Together
Securing and Modernizing Technology in the Commonwealth: Better Together
Symantec DLP for Tablet
Symantec DLP for Tablet
Helen Patton - Cross-Industry Collaboration
Helen Patton - Cross-Industry Collaboration
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
Trend micro data protection
Trend micro data protection
Smarter cyber security v8
Smarter cyber security v8
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Similar to Applied mobile chaos theory
biometrics and cyber security
biometrics and cyber security
Karthiga Manisekaran
NZISF Talk: Six essential security services
NZISF Talk: Six essential security services
Hinne Hettema
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
CompTIA UK
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
Jay McLaughlin
Zero Trust and Data Security
Zero Trust and Data Security
Career Communications Group
8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery
Mighty Guides, Inc.
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7
Mark Interrante
The Identity-infused Enterprise
The Identity-infused Enterprise
Novell
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Norm Barber
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
UnifyCloud
Security in Cloud Computing
Security in Cloud Computing
Ashish Patel
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
Andrew White
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Sumana Mehta
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best Practices
Community IT Innovators
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
Chris Pepin
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
Chris Pepin
Aalto cyber-10.4.18
Aalto cyber-10.4.18
japijapi
Sleeping well with cloud services
Sleeping well with cloud services
Comarch_Services
Security Management in the Cloud
Security Management in the Cloud
GaryArdito
Similar to Applied mobile chaos theory
(20)
biometrics and cyber security
biometrics and cyber security
NZISF Talk: Six essential security services
NZISF Talk: Six essential security services
EMEA10: Trepidation in Moving to the Cloud
EMEA10: Trepidation in Moving to the Cloud
BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, West
Zero Trust and Data Security
Zero Trust and Data Security
8 Experts on Flawless App Delivery
8 Experts on Flawless App Delivery
HP2065_TieCon_Presentation_V7
HP2065_TieCon_Presentation_V7
The Identity-infused Enterprise
The Identity-infused Enterprise
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications To The Cloud - ISACA Seattle - Sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Migrating Critical Applications to the Cloud - isaca seattle - sanitized
Security in Cloud Computing
Security in Cloud Computing
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
Community IT Innovators - IT Security Best Practices
Community IT Innovators - IT Security Best Practices
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
Aalto cyber-10.4.18
Aalto cyber-10.4.18
Sleeping well with cloud services
Sleeping well with cloud services
Security Management in the Cloud
Security Management in the Cloud
Recently uploaded
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
apidays
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
V3cube
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
Boston Institute of Analytics
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
hans926745
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
The Digital Insurer
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
hans926745
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Recently uploaded
(20)
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Applied mobile chaos theory
1.
Applied ‘Mobile Chaos
Theory’ …and NCA’s 12-step plan to end the madness Presented by Brad Bemis © 2011 Network Computing Architects, all rights reserved
2.
Our Modern Mobile
Workforce The term ‘mobile’ has changed. It’s not just about phone calls and web surfing though… • ‘Always on’ availability • Location-based services • Credit card transactions • Patient medical records • Supply chain management • Customer and partner collaboration • Social media and social marketing • Predictive analysis and unique targeting The technology is getting smaller, faster, and smarter… © 2011 Network Computing Architects, all rights reserved
3.
The Mobile Challenges
We Face While keeping up with the rapid pace of innovation is our biggest challenge, it’s only one of many… • Our data is on the move • The network perimeter is gone • The edge is now driving the core • IT services are now a commodity • Cloud and social challenge tie ins • Blurring of personal and business • Balancing emerging risks vs. benefits We must find ways to incorporate security controls that address the four dimensions of mobility above… © 2011 Network Computing Architects, all rights reserved
4.
Applied Mobile Chaos
Theory Chaos theory is more complicated than what’s presented here, but: • Chaos underlies complex systems • Patterns can emerge from chaos • Initial conditions play a big part • Indicators of possible outcomes • Equilibrium based on attractors Mobile chaos theory is based on the idea that: • Mobility is a complex system challenge • Success is determined by initial conditions • To achieve equilibrium takes real effort © 2011 Network Computing Architects, all rights reserved
5.
Ending the Madness We
can’t just solve part of the problem. In order to fully enable a modern mobile workforce, we should be looking at things from a more holistic perspective: Needs Identity Management Risks End-Point Protection Policy Remote Access Ecosystem Data Protection Virtualization Training and Awareness Device Management Loss and Incident Handling This approach is consistent with our long-standing principles of ‘defense-in-depth’. © 2011 Network Computing Architects, all rights reserved
6.
Needs What are your
business needs? The needs of the many What needs do various groups have? The needs of the few What needs do specific individuals have? The needs of the one • Identify the key stakeholders • Gather formal requirements • Define group/user profiles Don’t forget about your compliance needs! • Legal, regulatory, contractual… © 2011 Network Computing Architects, all rights reserved
7.
Risks What is your
current risk posture? What are your risk tolerance thresholds? What are you doing to measure/manage risk? • Understand the threat landscape • Establish well-defined decision-making criteria • Build an overall mobile strategy covering all bases Include a risk assessment /analysis to help with planning! • Use FAIR in a contextual manner… © 2011 Network Computing Architects, all rights reserved
8.
Policy What does your
policy framework cover? What other security policies might apply? What are your data classification policies? • Define acceptable use • Clarify and explain all expectations • Get formal sign-off and acceptance Mobile devices are just another end-point! • Leverage what you already have… © 2011 Network Computing Architects, all rights reserved
9.
Ecosystem What platforms and
models? What carrier service provider(s)? What kind of back-end infrastructure? • Decide on purchased, BYOD, or mixed • Research what carriers can offer you • Consider virtualizing the back-end These are some of the most critical decision points! • Be sure to plan for the future (3 to 5 years)… © 2011 Network Computing Architects, all rights reserved
10.
Virtualization What are you
doing about data mixing? What are you doing to fully enable people? What are you doing to keep the security balance? • Consider mobile virtual machines • Keep the current limitations in mind • Understand how it’s different from sandboxing Virtualization really is the answer to many challenges! • Watch this technology closely as it evolves… © 2011 Network Computing Architects, all rights reserved
11.
Device Management What are
you doing to lock devices down? What are you doing to manage all of them? What are you doing to keep track of everything? • Review scope, capabilities, and limitations • Build out written configuration standards • Simplify provisioning and de-provisioning Probably the single most important investment made! • Make your decision based on clear requirements… © 2011 Network Computing Architects, all rights reserved
12.
Identity Management How are
you authenticating to the device? How are you authenticating to remote assets? How are you authenticating with third parties? • Enforce pins and passphrases • Look at multi-factor authentication • Tie in to federated identity management Identity is everything in a mobile, social, cloud-based world! • Applies to people and assets… © 2011 Network Computing Architects, all rights reserved
13.
End-Point Protection What are
you doing about mobile malware? What are you doing to limit network dangers? What are you doing to gain visibility into things? • Use AV on the platforms it’s available for • Consider available mobile FW options • Look into mobile end-point reporting There are a lot of platform dependency issue here! • Stay up to date on how the industry responds… © 2011 Network Computing Architects, all rights reserved
14.
Remote Access How are
you providing access to resources? How are you resolving file management issues? How are you keeping data out of the public cloud? • Use a reliable SSL client for remote access • Consider a VDI-based model for mobility • Build your own file management solution File management is one of the biggest issues right now! • Keep your data out of the public cloud… © 2011 Network Computing Architects, all rights reserved
15.
Data Protection How are
you protecting the local data store? How are you protecting data on removable cards? How are you protecting data leaving the device? • Disk encryption is still a key requirement • Look into data loss prevention options • Don’t forget about data classification Routing data back to the corporate network may be possible! • Keep an eye on this to use your existing tools… © 2011 Network Computing Architects, all rights reserved
16.
Training and Awareness How
do people know what the policies say? How do people know what is/isn’t acceptable? How do people know where to go with issues? • Have a formal awareness and training program • Fold mobility into this larger program • Keep folks up to date on changes Security training/awareness is still the absolute best tool! • Unfortunately it’s still the least used… © 2011 Network Computing Architects, all rights reserved
17.
Loss and Incident
Handling What happens if a device is lost or stolen? What happens if something suspicious occurs? What happens if you experience an actual incident? • Have a formal incident response plan • Fold mobility into your existing plan • Make sure folks know what to do Everything we do is to avoid incidents – be prepared though! • It only takes one for everything to change… © 2011 Network Computing Architects, all rights reserved
18.
Closing the Loop Everything
is happening at such an incredibly fast pace – it’s hard to keep up. In the future we may see more and more integration between security options, but as it stands today a holistic approach is needed, one that includes: Needs Identity Management Risks End-Point Protection Policy Remote Access Ecosystem Data Protection Virtualization Training and Awareness Device Management Loss and Incident Handling …and, of course, NCA is happy to help! © 2011 Network Computing Architects, all rights reserved
19.
Questions? © 2011 Network
Computing Architects, all rights reserved
20.
About the Author:
Brad Bemis is the CISO, Security Practice Manager, and Principle Security Consultant for Network Computing Architects (NCA) in Bellevue WA, and has over 20 years of practical experience in IT and information security. He is also a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Associate Business Continuity Planner (ABCP), and Lean Six Sigma Greenbelt; with several additional technology-centric certifications from Cisco, Microsoft, and CompTIA. Brad holds associate degrees in both Personnel Management and in Information Systems Technology, a Bachelors of Science in Information Technology, and is currently pursuing a Masters of Science in Education. He has also engaged in graduate level course-work towards a Masters of Business Administration and a Masters of Science in Clinical Psychology. Brad has worked with multiple Fortune 500 companies, military organizations, and government agencies around the world; in roles ranging from Systems Security Administrator to Chief Information Security Officer (and everything in-between). Although highly skilled across multiple security disciplines, his main passion is information security awareness and training – evangelizing the message and engaging others. He is also very active in the security community, including: contributions to the Cloud Security Alliance (CSA), board positions with the Greater Seattle Area Chapter of the Cloud Security Alliance and the Pacific Northwest Chapter of the Information Systems Security Association (ISSA), participation in several other professional associations, sharing insights and experience across a number of on-line security forums, and much much more. Additional information can be found on Brad's professional blog at www.secureitexpert.com. © 2011 Network Computing Architects, all rights reserved
21.
About NCA’s Information
Security Practice: NCA’s Information Security Practice is an ISO 27001 Certified Professional Security Services Consultancy with offices in Bellevue WA, Portland OR, and Los Gatos CA. We offer a wide range of professional security services that can be scaled and customized to meet the business needs of any organization. Our major core competencies include: • Program Management: Building and managing a holistic information security program. • Governance: Incorporating security into enterprise or IT governance frameworks. • Risk Management: Measuring and managing information security and other related risks. • Compliance: Ensuring that all internal and external requirements are being met. • Identity & Access Management: Managing identities and permissions for systems and users. • Perimeter Defense & Firewall Management: Defending the borders between networks. • Traditional & Mobile End-Point Protection: Securing fixed and mobile end-point devices. • Virtualization & Cloud Computing: Migrating customers to the cloud safely and securely. • Event Management & Incident Response: Detecting and responding to security incidents. • Awareness & Training: Engaging people in the process of security on a daily basis. Through a number of strategic partnerships we can also deliver additional services in the areas of: • Managed Services: Managing the day-to-day operational security of information systems. • Application Security & Penetration Testing: Validating controls for business applications. Learn more today at http://www.ncanet.com Or call 877-KNOW NCA (877-566-9622) © 2011 Network Computing Architects, all rights reserved
Download now