At next week’s meeting, we’ll hear from Josh Sokol about how he lead his team from high-level security platitudes to an actionable roadmap with meaningful organizational results.
We were tasked with creating a roadmap for the National Instruments Information Security Program. While we had previously used a Gartner Maturity Model to figure out how far along our organization was, we found their recommendations to be too high level to define an actionable roadmap. After some discussion, we determined that we could use the NIST Cybersecurity Framework to not only assess our maturity, but also define risk in our environment and create a roadmap. This talk will not only show you how we did it, but how you can do it too!
About Josh Sokol, CISSP:
Josh graduated from the University of Texas at Austin with a BS in Computer Science in 2002. Since that time, he has worked for several large companies, including AMD and BearingPoint, spent some time as a military contractor and recently left a ten year career as the Information Security Program Owner at National Instruments in order to pursue a full-time role as the Creator, CEO, and CISO of the free and open source risk management tool named SimpleRisk. Josh has spoken on dozens of security topics, including the much-hyped “HTTPSCan Byte Me” talk at Black Hat 2010, and served for four years on the OWASP Global Board of Directors.
Austin ISSA is proudly hosting the Security Summit at InnoTech Austin on October 13, and we’re looking for speakers! The CFP deadline is around the corner on August 20th, so apply soon: Submit CFP to Security Summit at InnoTech!
Next Wednesday August 18th, we’ll be meeting via zoom from 11:30-1:00 Central. Register at Eventbrite.