Hundreds of security controls work constantly to provide millions of security-centric data points. This presentation discusses how three of these controls – three that are happen to be easy to obtain, manage and scale – can be combined to offer a continuous view of overall security posture. Mapping the combined perspectives to business-centric notions of risk and relevance make them even more powerful, and provide an actionable, risk-based measure of current security that can “move the security needle.” This presentation will discuss the benefits of this convergence, how it comes about, and what the future may hold for security practitioners who pursue it.

Brian has over 20 years of technical experience in the IT industry. He has worked in New England, the Great Lakes, and Eastern Canada supporting and selling Security and Compliance solutions in the Enterprise space for the last 8 years. Brian earned his CISSP, and is ITIL Certified. He is a recognized leader in Software Sales Solutions, and Customer Satisfaction. He has experience providing technical security leadership and guidance to Fortune 500 accounts, as well as smaller companies, in several verticals including financial, energy/commercial, healthcare, and retail. Brian has worked as a Systems Engineer for Tripwire for the last eight years. Prior to that, Brian worked as a software development consultant, and designed automated software functional and regression testing suites. He got his start in technology as an instructor, where he taught everything from an Introduction to DOS, to Visual Basic Programming. Brian is active with ISSA and Evanta CISO events. Brian holds a BS in Business Administration from the University of North Carolina in Chapel Hill, is fluent in Spanish, and is an enthusiastic windsurfer.

Back to Louisville InfoSec 2013 video list