Latest Content from CSI:

Is Data Loss Plummeting?

Our guess is that the primary finding of the latest Verizon business 2011 Data Breach Investigations Report –namely that even with doubling the number of examined incident cases, the total number of compromised data records dropped by an order of magnitude—will be so unpalatable to some that the report will fall off the radar in a hurry.  [more]

STAY CONNECTED WITH CSI!

We post valuable information, special discounts and offer you the opportunity to give your opinion and feedback to other security professionals and CSI.

     

  CSI's Robert Richardson's Twitter
Online Events

Stay informed with our interactive webinars and virtual events.

 CSI Online Events
CSI Computer Crime & Security Survey

The most widely cited cybercrime statistics in the world. Access your copy today.

 CSI Computer Crime & Security Survey
ICSC 2011

May 19-21, 2011 in Mumbai, India
ICSC 2011 features a comprehensive program, covering key topics, to provide the security knowledge one needs to succeed in today's environment.
Learn more here.

 ICSC 2011
CSI's Mission

If you're an information security professional or are aspiring to be one, then CSI is here to help you succeed.

 CSI Logo

CSI Advisory Council

A special thank you to our Advisory Council for volunteering their time and expertise. Your contributions to CSI are greatly appreciated.

Terri Curran

Terri Curran is Director, Corporate Information Security Services at Bose Corporation. She has responsibility for the company's global information security program. Terri has over thirty-four years of information security and systems operations experience. She has developed and deployed innovative threat, risk, and compliance management solutions for global manufacturing, consumer goods, and other Fortune 200-level organizations. She has lectured at the collegiate level on information security topics, assisted with the development of academic certification and degree programs, and has authored articles in journals, books, and periodicals. Terri is a frequent speaker at industry conferences, symposiums, and professional meetings. She is board-certified in both physical and information security domains (IAPP CIPP, ASIS CPP, ISC2 CISSP, ISACA CISM and ICAF MICAF). She holds a BS and MS in Security Management and anticipates entering the Ph.D. program in information security at Royal Holloway, University of London (U.K.) in 2010.

Cheryl Jackson

Cheryl Jackson, CISSP, is an information systems security professional with over twenty years of progressive experience in information services. She is a Certified Information Systems Security Professional (CISSP), and her career includes experience in governance and organizational design; policies, standards and procedures; training, awareness and education; monitoring and compliance; operations and systems administration; analysis, design and implementation of end-to-end information security solutions. She also has extensive experience and has been responsible for every aspect of business continuity planning, including: risk analysis, business impact analysis, and the design, testing, and implementation of business continuity plans; disaster recovery plans; incident management programs; and crisis management plans. She has extensive consulting experience with major organizations in multiple industries including investment banking, oil and gas, manufacturing, energy, transportation, and communication. She participates regularly as a speaker, instructor, workshop leader, and panelist for professional conferences and industry group meetings, and has held elective offices for a number of professional organizations. She is a Security Solutions Architect for Hewlett-Packard as a member of their Americas Security Practice.

Anne Kuhns

Anne is responsible for oversight and management of the Information Security Program for The Walt Disney Company worldwide, including: establishing Information Security Policies and Standards, and for defining and developing the Information Security Strategy; she is responsible for leading initiatives for effective management of information security risks; and for coordinating and communication with Business Segments to ensure consistent information protection practices are implemented throughout the Company. She is responsible for raising the profile of information security by engaging with key stakeholders including the IT organization, Legal, HR, Global Security and end users. Anne established and leads the Information Security Governance Committee to ensure the Information Security Program is aligned with business priorities and objectives. She coordinates critical company initiatives related to information protection and, collaborates with Business Segments for strategy development and business alignment.

Her diverse background and collaborative, proactive leadership style have been significant contributors to her success. She has led highly talented and productive teams, who have delivered a variety of enterprise-wide information security infrastructure solutions.

Anne is an active member of her profession; she is a CISSP, is a member of the Computer Security Institute and served two terms as chairperson for the CSI Advisory Council, and she is a member of ISACA. She is an in-demand speaker at national conferences on a variety of information security related topics such as security awareness and garnering management support for security programs. Anne was recognized with the prestigious Partners In Excellence award by Walt Disney World, and she is the recipient of the Executive Alliance Information Security Executive of the Year, Southeast, 2007 and was a finalist for the Information Security Executive of the Year, National, 2007, Enterprise Division. Anne is a graduate of the University of Florida where she received both her bachelor's and master's degrees.

Robert E. Lee, Jr., CISSP-ISSEP, CAP

Rob is a Security Practitioner with 23 years of professional experience in network operations, information assurance/security, technical client service, and program management. This includes extensive experience in network design, certification & accreditation, security vulnerability assessments, operations and maintenance, information technology infrastructure library (ITIL) implementation, Public Key Infrastructure (PKI), HSPD-12 integration, and defense weapons systems support. Rob is the President of RL Goodworks, LLC which provides Information and Assurance Services to the federal government, the department of defense, the intelligence community and the civil sector. He has designed and implemented training curriculums for technical staff and end users. Rob is fluent in certification and accreditation methodology using NIST SP 800 series documents DITSCAP, DIACAP and DCID 6/3.

Rob is a veteran of the United States Army and has degrees in Electronic Engineering and Information Systems Management.

Randolph Smith

Randolph Smith is an information systems security professional who is responsible for United Parcel Service's enterprise security policy, strategy and architecture.

Mr. Smith has served UPS in many capacities during a career spanning thirty-five years. He has managed highly visible projects in industrial engineering, line operations, information services, and telecommunications.

Mr. Smith's extensive involvement in the practice of information security at UPS includes:

  • The establishment of a permanent enterprise information security policy process. Mr. Smith was the principal co-author of the entire body of enterprise-wide information security policies and the charter for the executive review process.
  • The establishment of an enterprise data classification process with a complete set of control requirements for each classification.
  • The enhancement of the standard systems development life cycle methodology to include information security risk analysis and mitigation.
  • The analysis and design of processes and the application of technology to control internal and external enterprise network access. This work included controls that reduced the number of network access modems by over one-half. 
  • The analysis and design of processes and techniques to strengthen authentication credentials and authorization. 
  • The analysis and design of systems to monitor access to customer data in order to detect inappropriate behavior. 
  • The establishment of firewall rules standards and the process to review request for changes. 
  • The establishment of the UPS Privacy Policy. Mr. Smith was the principal co-author of the policy that was made available to the public in April 1999.

In 2002, Mr. Smith was recognized by IDG's Computerworld as one of Computerworld's Premier 100 IT Leaders. The award honors individuals who have had a positive impact on their organizations through technology.

"The Computerworld Premier 100 IT Leaders are overcoming today's business challenges through the innovative application of technology," said Computerworld Editor-in-Chief Maryfran Johnson. "The honorees for 2002 join an elite class of innovative thinkers dedicated to solving business problems through creativity and effectively managed IT strategies."

Recent Council Members
Robert B. Batie Jr.
Charles R. Hudson, Jr.
Scott Tompkins
Amit Yoran