A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Run your security program like a boss / practical governance advice - Justin Leapline & Rockie Brockway Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Run your security program like a boss / practical governance advice
Justin Leapline & Rockie Brockway
Derbycon 2017

Let’s face it; it’s not easy to run a security governance program. With the continuing pressure of keeping our information secure and breach-free while management doesn’t see the need of increasing budget if there isn’t an incident occurring or compliance need. So how does someone in the trenches measure, monitor, and communicate this to ensure that you get the buy-in needed - or at least get the acceptance from management on the risk. It’s something that everyone in a security leadership position struggles with. Through this talk, we will be discussing some of the key points in implementing, managing, and creating oversight to communicate both internally to the security team and externally with the company. And don’t worry, the points we will be discussing will be applicable across the board - from small businesses to Fortune 100s. Also, we will be releasing some helpful tools in aiding your quest to the nirvana of a simple security governance program. You don't want to miss it!

Justin Leapline has over twenty years of experience involving system administration, software development, and information security. His core skills include regulatory and contractual compliance within the information security realm, security program management, and general governance practices and frameworks. Before joining TrustedSec, Justin consulted with numerous Fortune 1000 companies in the areas of information systems, audit, governance and information security. He has also led the governance and security practices for leading eCommerce and large financial services companies. Rockie Brockway serves TrustedSec as the Practice Lead of the Office of the CSO. With over two decades of experience designing, building and managing systems and networks; auditing and enforcing network security and policy; incident response; pen-testing; adversarial simulation; assessing vulnerabilities and threats; and analyzing business impact and risk, Rockie teams with organizations to understand the value and location of business critical data in an effort to further enable organizational innovation, achieve business outcomes and to protect the brand.

Justin - @jmleapline, Rockie - @rockiebrockway

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast