Premise Health is a leader in onsite health and wellness programs providing some 600 large employer sponsored employee clinics. With a highly distributed and regulated environment, Joey Johnson is responsible for all cybersecurity and information technology, compliance, audit and vendor risk management.
Johnson was just named the winner of the prestigious Information Security Executive® of the Year Award in the Southeast. In this podcast, Johnson speaks with David Cass, IBM Cloud & SaaS Global CISO, about Premise Health’s unique business model and how he uses proactive security and risk management to meet challenging security, compliance and audit demands.
The volume of threats and attacks most security teams face daily can leave them overworked and fatigued, operating in what DocuSign CISO Vanessa Pegueros has identified as level one trauma – a sort of cyber PTSD that can put organizations at risk.
In this podcast, Pegueros talks with David Cass, IBM Cloud & SaaS Global CISO, about her four-part series in Security Current that explores the human element of incident response and how CISOs can identify and resolve trauma in the organization. They also discuss the Board’s role in incident response and why being quick to fire after a breach may not always be the most effective approach.
The CISO increasingly has a seat in the boardroom, as the role is becoming more of the rule than the exception in enterprises.
During RSA Conference 2017, Marci McCarthy, President & CEO of T.E.N., sat down with David Cass, Global CISO IBM Cloud & SaaS, to discuss the continuing evolution of the information security industry.
McCarthy founded the prestigious ISE® Awards Program, which has helped elevate the role of security executives, who are recognized by their peers for their contributions and specific security projects. In this podcast, McCarthy provides insights into the profession and talks about the shortage of security personnel, the startup ecosystem and where the industry is headed.
The city of San Diego is a $4 billion business and it doesn’t shut down. As you’ll hear in this discussion between Gary Hayslip, the city’s CISO, and David Cass, Global CISO IBM Cloud and SaaS, San Diego is a smart city which is continuously rolling out new technologies to facilitate 'the business' while bolstering its security.
In this podcast, recorded during the RSA Conference, Hayslip talks about joining the city as its first CISO some three years ago and how he established a five-year-plan which leveraged established frameworks like the National Institute of Standards and Technology (NIST) to increase the security of the city and its 24 networks and 40 departments. The two also discuss ‘cloud first’ initiatives, resilient networks and the role of the CISO, which Hayslip provides practical guidance on with his book “A CISO Desk Reference Guide: A Practical Guide for CISOs.”
There has been an exponential adoption of Internet of Things (IoT) with experts predicting billions of IoT devices coming into use. And with the strategy more often than not being go to market and secure it later, enterprises are increasingly exposed to a variety of attacks.
As you’ll hear in this podcast with David Cass, Global CISO IBM Cloud and SaaS, and Len Rosenberg, ForeScout’s Commercial CTO and VP of Systems Engineering, the IoT is here to stay and security needs to be by design and not an afterthought. They also discuss what CISOs can do today to mitigate their exposure and what they should demand from IoT manufacturers.
With RSA around the corner and more security vendors than you can count, if you are a new CISO at the conference what should your game plan be? As you’ll hear in this podcast, the sheer number of interesting technologies at their fingertips can potentially overwhelm new CISOs.
David Cass, Global CISO IBM Cloud and SaaS, and Dr. Anton Chuvakin, research VP at Gartner’s Technical Professionals (GTP) Security and Risk Management Strategies team and a speaker at the RSA conference leading sessions on threat intelligence , discuss how RSA is a great place to talk to the vendors and their top product executives and see solutions up close. They also stress that people and process gaps and not a “particular box” are what needs to be addressed first.
As you’ll hear first, Chuvakin also talks about today’s malware, box fatigue, and critical challenges and ways to think about threat vectors in 2017.
Tokenization is helping render data theft obsolete. Jason Witty, US Bancorp EVP and CISO, is in the midst of completing a multi-year tokenization integration project, for which his team won the recent ISE North America Project of the Year Award in the Financial Services category.
He discussed the many benefits of tokenization with David Cass, Global CISO IBM Cloud & SaaS, including fraud prevention and the reduction of risk and the attack surface. They discuss how it is a complex process, which is “simple” to implement but difficult to adopt. Witty also touches on the many unintended business benefits.
What specific things should companies look at when it comes to security monitoring in 2017? As you’ll hear in this podcast, a lot of the security problems facing organizations from the late 1990s and early 2000s have yet to be solved. David Cass, Global CISO IBM Cloud and SaaS, and Dr. Anton Chuvakin, research VP at Gartner’s Technical Professionals (GTP) Security and Risk Management Strategies team, discuss how security executives are still operationally challenged.
Chuvakin discusses how the technology landscape is changing but a lot of the challenges with the people themselves actually haven’t changed and the “old problems” haven’t been solved. In this podcast, he talks to Cass about the essential things organizations should be looking at, including newer technology like User Behavior Analytics (UBA) as well as Data Loss Prevention (DLP) solutions.
As you’ll hear in part two of the conversation between David Cass, Global CISO IBM Cloud and SaaS, and Chris Roberts, Acalvio Chief Security Architect, threat detection technology is allowing enterprises to identify intruders quickly. In this sponsored podcast you’ll hear how this burgeoning field of cybersecurity is helping enterprises protect their perimeters and internal infrastructure while shortening the time to discovery.
Ensuring continuous compliance while reducing complexity is essential to bolstering security for many organizations, in particular, those that process credit card data.
In this Tufin-sponsored podcast, IBM’s David Cass talks with Monext’s Laurent Klefstad, Leader for Systems, Network and Telecom, about automated security policy orchestration and how it allows the French company to save time and money by reducing the complexity of its networks and firewalls.
Klefstad explains how Monext’s implementation of the Tufin solution provided Monext continuous compliance and the ability to reduce its firewall rules, of which there were about 3,000, by upwards of 20 percent. He also talks ROI, staffing implications and business enablement.