Webcasts

Risky Business: Evaluating the True Risk to your Security Program

  • Monday, February 08, 2016 at 1:00 PM EST (18:00:00 UTC)
  • Johannes Ullrich, Demetrios Lazarikos, Mike Goldgof, and Jenna McAuley

Sponsor

  • WhiteHat Security
You can now attend the webinar using your mobile device!

Overview

In today's increasingly complex threat landscape, it is impossible to achieve 100% security protection. In a situation where you have more vulnerabilities than resources to fix them, how do you protect your enterprise? Risk assessment is key to prioritization and effective security coverage. This webinar will focus on business risk assessment and measurement, the relationship between business risk and vulnerability remediation, and the role of risk in the development of an effective application security program. We will also discuss the importance of benchmarking your risk and security posture versus the rest of your industry.

Speaker Bios

Johannes Ullrich, PhD

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.


Demetrios Lazarikos (Laz)

Demetrios Lazarikos (Laz), a recognized visionary for building Information Security, fraud, and big data analytics solutions, is the vArmour Chief Information Security Officer (CISO). Laz has more than 30 years experience in building and supporting some of the largest InfoSec programs for Financial Services, Retail, Hospitality, and Transportation verticals. Laz's past roles include: IT Security Researcher and Strategist at Blue Lava Consulting, CISO at Sears, CISO at Silver Tail Systems (acquired by RSA/EMC), VP of Strategic Initiatives at ReddShell Corporation (acquired by TrustWave), and a former PCI QSA. Laz is a Professor at Pepperdine University's Graziadio School of Business and Management, holds a Master's in Computer Information Security from the University of Denver, an MBA from Pepperdine University, and has earned several security and compliance certifications.


Mike Goldgof

Mike Goldgof is the Senior Director of Product Marketing at WhiteHat Security where he is responsible for product messaging, solutions content, and go-to-market strategies. He brings 25 years of executive experience in marketing and product management, including senior roles at Juniper Networks, Hifn, Phoenix Technologies and Lucent. Mike holds an MBA in Marketing from Columbia Business School and an MS in Electrical Engineering from Cornell University.


Jenna McAuley

Jenna McAuley currently serves as Mercer's Chief Information Security Officer. She is responsible for establishing, executing and maintaining the enterprise vision, strategy and program to ensure that Mercer's physical and digital information assets and technologies are adequately protected.

Prior to joining Mercer in June 2015, Jenna served as the Northeast Regional Lead for Ernst & Young's Cyber Threat Management practice. In that role, Jenna delivered comprehensive security solutions for a wide cross-section of industries. Jenna has designed and delivered security monitoring and operations functions, secure application development and lifecycle programs, penetration testing and vulnerability assessments, incident response programs and integrated threat intelligence capabilities.

Jenna has been a featured speaker for several conferences, including the 2016 LegalTech Women in eDiscovery panel, the 2013 North America Information Security Risk Management ISACA Conference, where she spoke on the topic of Responding to Cyber Attacks and the 2012 Annual Information Systems Security Association (ISSA) Conference, where she delivered a presentation entitled "Active Defense-- is the best defense a good offense?" She is an active participant in several industry associations, including Infragard and the Executive Women's Forum.

Need Help? Visit our FAQ page or email webcast-support@sans.org.