Decision-makers need reliable data in order to understand risk and determine value of investments. With the amount of data available in a multinational company, one would assume that answers would be easy to find. But how does one identify which data is reliable and make it meaningful? This talk will provide best practices and lessons learned on how ADP built an effective security metrics program.
Learning Objectives:
1: Understand use cases in which metrics can be applied to business-driven security.
2: Gain a structured approach to leveraging data for security decision-making.
3: Learn through practical lessons how to communicate results of your metrics program.
Speakers: James Lugabihl, Marta Palanques
With over 20 years of information security, leadership and management experience in the private sector, James Lugabihl has been involved in nearly all aspects of securing, defending and leading organizations of all sizes. This includes designing defensive infrastructures for compute environments, conducting detailed risk assessments in accordance with regulatory requirements, managing a world class incident response center, and supporting business operations for a security team spanning six continents. For the last decade, Lugabihl has been building and training global security organizations to deliver timely, accurate and effective results in extremely high-pressure situations. Prior to his private sector experience, Lugabihl had 12 years of experience in the United States Navy.
Marta Palanques is responsible for the Executive Metrics program in ADP’s Global Security Organization, which is a pivotal, single reporting platform that enables exploration of multiple data sources and provides ADP’s executive leadership with visibility and insight into the security and risk program. Her experience in the industry ranges from IT audit and risk functions at Deloitte to conducting research in cybersecurity at Barcelona Digital Technology Center, including project management for a large multinational like ADP. Palanques holds a bachelor’s degree in telecommunications engineering from Polytechnic University of Catalonia (UPC), a master's in information security from Open University of Catalonia (UOC), and is a Certified Information Systems Security Professional (CISSP).
Detailed Presentation:
Comments