Class 1: Motivation to Study Information Security Management
Why study info sec management?
1. If you’re good, you can make a difference in peoples lives
2. There is money to be made
3. Congress and the country looks to InfoSecleaders to write policy
If you’re good, you can make a difference in peoples lives
• Rick Rescorla – Chief Security Officer for Morgan Stanley– Evacuated 2,700 people from 22 floors of WTC
• His ability to see risk and create plans to mitigate that risk is the essential skill needed to excel in this profession
• Piss Poor Planning Promotes Piss Poor Performance
There is money to be made
• Highest Paid Professions in computer security industry:
– Chief Information Officer
– Chief Technology Officer
• What’s the difference?
CIO Duties
http://www.govloop.com/profiles/blogs/the-roles-of-cios-and-ctos
CIO’s role mandated by legislation
CIO’s must be held accountable for these business operations
CTO Duties
http://www.govloop.com/profiles/blogs/the-roles-of-cios-and-ctos
CTO role is still evolving and therefore adaptable to changing technologies
If you want a executive officer aiding your company, employ a CTO, not a CIO
CIO & CTO often work together
http://www.govloop.com/profiles/blogs/the-roles-of-cios-and-ctos
• Pay attention to the next 7 slides
• Note similarities, differences, and things you find interesting
How much do they make?Who are they?
John Tracy
• CTO Boeing
• 2010 compensation $3.6 million
•Undergrad School: CSU Dominguez Hills - Physics•Master’s: CSULA – Physics•PhD: UC Irvine - Engineering
Lori Beer
• CTO WellPoint
• 2010 compensation $4.5 million
•Undergrad School: University of Dayton•Undergrad Major: Computer Science
Bill Chenevich
• CIO US Bancorp
• 2010 compensation $4.4 million
•Undergrad School: City College of New York•MBA: City University of New York
Thomas Stephens
• CTO General Motors
• 2010 compensation $5.6 million
•Undergrad School: University of Michigan•Undergrad Major: Mechanical Engineering
Rob Carter
• CIO FedEx
• 2010 compensation $3.6 million
•Undergrad School: University of Florida•Undergrad Major: Computer and Information Science
David Thompson
• CIO Symantec
• 2010 compensation $1.9 million
•Undergrad School: Marymount University•Undergrad Major: Business administration, management & operations
Tim Sullivan
• CIO SunTrust Banks
• 2010 compensation $2.1 million
•Undergrad School: Unioversity of Illinois•Undergrad Major: BA Economics
What did you notice?
Although these executives undoubtedly understand technologies surrounding computer security…
… they have mastered management and division operations with corporations.
Point: to reach their level, you need infosecmanagement.
Congress looks to InfoSec leaders to help write federal policy
• Energy & Commerce Committee
– Communications & Technology Subcommittee
• Jurisdiction: Interstate and foreign telecommunications and information transmission by broadcast, radio, wire, microwave, satellite and, Homeland security-related aspects of the foregoing, including cybersecurity.
InfoSec professionals advise Congressional members
• Feb. 8: Cybersecurity: Threats to Communications Networks and Private-Sector Responses– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-technology-subcommittee-hearing-on-cybersecurity-threats-to-communications-ne
• March 7: Cybersecurity: The Pivotal Role of Communications Networks– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-and-technology-subcommittee-hearing-on-cybersecurity-communications-networks
• March 28: Cybersecurity: Threats to Communications Networks and Public-Sector Responses– http://democrats.energycommerce.house.gov/index.php?q=hearing/c
ommunications-technology-subcommittee-hearing-on-cybersecurity-threats-to-communications--0
Assignment: due next class
• Watch the rest of the posted Congressional Hearing– If you prefer text over video, look through the
transcripts of the videos found in links posted on previous slide
• Come to class ready to discuss– Bring facts, ideas, you found interesting– Try to answer the question: how are these particular
speakers chosen to testify?– Bring questions you have
• Read through chapter 1