Todd Fitzgerald, Global Director of Information Security at Grant Thornton International, Ltd. talked about the role of the CISO in 2020.
Rajan Kapoor, Senior Manager for Trust and Security at Dropbox, stressed the importance of usable, universally adoptable, services for long-term enterprise security.
"It’s IT risk. It’s financial risk. It’s disaster recovery. In order to really have control of risk you need to have a full understanding of what’s happening in all facets of the organization. That also mandates that the CFO really has much deeper operational chops, if you will."
"I want to implement control A, I want to implement process A, whatever it is, it’s easy to say that and it’s easy to put it on a piece of paper. It’s a whole different thing to justify and then execute that. It really required us to drive through this complexity with data."
"Ultimately, if we don’t build the culture that scales, if we don’t build an information risk and security oriented culture within our organization, we're never going to be successful at really moving the needle."
Paul Calem, Assistant Vice President for Retail Risk Analysis at the Federal Reserve Bank of Philadelphia, and Wei Chen, Head of Global Banking Risk Product Management at SAS, discussed effective stress testing bank models.
"I think the primary objectives that we see and hear from our customers are managing risk and increasing compliance in the best legal outcomes. There are a lot of different levers you have to pull to get those, but underlying a lot of that is what I call operational objectives. These are things that really help support achieving those primary objectives. They tend to be more on the business or operational side."
"There’s rapid-fire communication, and if you or the company makes a mistake, it’s now going to be exposed to the world. There are a lot of things that happen out there that are now going to happen by the minute. We have companies that are reacting to the minute to issues that happen."
Barry Caplin, Chief Information Security Officer at Fairview Health Systems, shares his insights on the two different worlds that CISOs and CIOs are living on right now and how they can meet in the middle to make better business decisions.