A Chief Information Security Officer's View of StorageSecurity

Library Content Type:
Publish Date: 
Monday, April 16, 2007
Event Name: 
Focus Areas:

The CISO is accountable for the mitigation of risk. Their diligenceassures the success of their organization. While securing the storage in allof its forms may be tasks of the storage team, if that team fails, the CISOmay pay the price. C-Level Security Executives are leaders who set vision,choose information security models, define the security services, build ateam, manage budget, run the business and prepare for potential crisis’s allfor one purpose: to meet business and regulatory expectations. To understandthe CISO is to know what they value and what they expect.

This session helps the storage professional understand the perspective ofthe security executive. How do they see storage risk? What is their approachto mitigation? We will examine how they challenge conventional wisdom andadapt while assessing threats, assets and vulnerabilities. Then we will lookat how they lead in the heat of an incident. Finally, we will providespecific recommendations and offer insight into the best ways for storageprofessionals to work with the security executive.

After completing this tutorial, you should be able to:

Better understand information assurance and the CISO “interests” within the storage layer
Know how security professionals measure storage security and respond to risk and threat
Understand the upfront and continuing effort required to work with the secure team while securing the storage layer