Zero to CISO in 60 Seconds: Rebooting an InfoSec Program

In 2013, the University of Arkansas got its first-ever CISO. On day one, he managed an InfoSec department of one: himself. It's been a busy year as new staff have joined the team, as new projects have been started, and as the security team's responsibility has increased. In this session, he'll tell the story of how he got from there to here. He'll talk about building a strategic information security practice where there wasn't one before. He'll also cover the pitfalls he encountered, in the hope that you can avoid them in your world.

OUTCOMES:
Hear firsthand experiences of a new CISO * Learn about the strategy used to grow the information security team, as it had been tasked with undertaking new challenges * Learn about some of the interesting projects that the team now manages and how they fit into the goals of the team and the university