Security vs. Compliance – PSW #632

Full episode and show notes

Guests

President at Gula Tech Adventures

Since 2017, GTA has invested in dozens of cyber start-ups and funds and supported multiple cyber nonprofits and projects. Ron has served on the Board of Directors for a number of GTA’s portfolio companies and has been a steadfast mentor and advisor to many founders. Ron has also supported a variety of cyber nonprofits and think tanks, with both his substantive expertise and through philanthropic funding.

From 2002 to 2016, Ron was the co-founder and CEO of Tenable Network Security. Under Ron’s leadership, Tenable grew to 20,000 customers, raised $300m in venture capital, and grew revenues to $100 million annually; this positioned the company for a successful IPO in 2018, where it was valued at $3 billion.

Prior to founding Tenable, Ron was a cyber industry pioneer. Ron developed Dragon, one of the first commercial network intrusion detection systems, and he also ran risk mitigation for one of the first cloud companies. While serving as a US Air Force officer, Ron deployed network honeypots in the mid 90s for the US Defense Department (DOD) and served as a penetration tester at the National Security Agency (NSA), participating in some of the nation’s first cyber exercises.

For these efforts, Ron received in 2020 both the Northern Virginia Technology Council Cyber Investor of the Year award and the Baltimore Business Journal Power 10 CEO award.

Director of Strategic Engagements at Cisco

Wendy Nather is Director of Strategic Engagements at Cisco. She was previously Research Director at the Retail ISAC, where she was responsible for advancing the state of resources and knowledge to help organizations defend their infrastructure from attackers. Wendy was also Research Director of the Information Security Practice at independent analyst firm 451 Research, covering the security industry in areas such as application security, threat intelligence, security services, and other emerging technologies.

Wendy has served as a CISO in both the private and public sectors. She led IT security for the EMEA region of the investment banking division of Swiss Bank Corporation (now UBS), as well as for the Texas Education Agency. Wendy is co-author of The Cloud Security Rules, and was listed as one of SC Magazine’s Women in IT Security “Power Players” in 2014, as well as an “Influencer” in the Reboot Leadership Awards in 2018; she was inducted into the Infosecurity Europe Hall of Fame in 2021. She serves on the board of directors for Sightline Security, an organization that helps provide free security assessment services to nonprofit groups. Wendy is a Senior Fellow at the Atlantic Council’s Cyber Statecraft Initiative, and a steering committee member for the IST Ransomware Task Force. She is based in Fort Collins, Colorado.

CISO at The Anschutz Corporation

Alex Wood has over 20 years of experience in Information Security is currently the CISO for The Anschutz Corporation. Alex has managed security programs and services at major companies across verticals, including telecommunications, energy, healthcare, entertainment, travel, and financial services. Additionally, Alex has served as a Director on the International Board of the Information System Security Association (ISSA) and is Past-President of the ISSA Denver Chapter. Alex is also Co-host of the Colorado = Security Podcast. Alex received a Bachelor of Arts from Grinnell College and a Masters of Applied Science in Computer Information Systems Security from the University of Denver.

Vice President & Chief Risk Officer at Blue Cross & Blue Shield of Rhode Island

Jon Fredrickson is the Information Security and Privacy Officer for Blue Cross and Blue Shield of Rhode Island. He graduated from the University of Rhode Island with a B.A. in Economics. Prior to joining BCBSRI, Jon was the CISO of Southcoast Health and has had various other IT Security positions in healthcare, services and manufacturing. During the past 15 years of working in the IT security field, Jon has developed a pragmatic approach to implementing cybersecurity solutions and assisting his organizations in properly measuring and managing cyber and privacy risk. Jon is a member of the Association for Executives in Healthcare Information Security, the Healthcare Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG), and is a Certified Information Security Manager.

VP, Security at The Open Group

Jim Hietala, is Vice President, Security for The Open Group, where he manages security and risk management programs and standards activities, He has participated in the development of several industry standards including O-ISM3, O-ESA, and the Open FAIR Body of Knowledge. He led the development of the Open FAIR standards and the certification program for risk analysts, and a joint Open Group and SIRA risk management practices survey project. He also led the development of compliance and audit guidance for the Cloud Security Alliance’s v2 publication.

Hosts

Principal Security Researcher at Eclypsium
Preventative Security Specialist at Architect Security
Sr. InfoSec Consultant at Online Business Sytems
Executive Director at Guardedrisk
Product Security Research and Analysis Director at Finite State
Chief Product Officer at CyberSaint

You can skip this ad in 5 seconds