Boston Security Operations 2011

CISO EXECUTIVE NETWORK

Boston Security Operations Breakfast Roundtable

Wednesday, May 4, 2011

8:00 am - 12:00 noon

Bingham McCutchen

Speakers

Tim Madden  Bingham McCutchen

Tom Murphy  Bit9

Stan Black  Nuance Communications - on behalf of Tripwire

Don Gray  Solutionary

Member Discussion Leader

Patty Long  ING USFS

Advisory Council Member Patty Long Discusses Security Operations

At ING, each division has operations that are responsible for IT security for that particular region and business. Each of these divisions has its own direct operations that are imbedded into the IT function, with a reporting chain to the division’s CIO.

“There may be opportunities where things are leveraged,” explains Patty Long, director of information security. “Right now we have a strip of Latin America for the insurance business. Operations are virtually one team, but they are split between Minnesota and Mexico City.”  

Up until August of last year, Patty ran security operations for the U.S. and Latin American insurance and retirement divisions. She is now working with insurance and investment management in EurAsia.

Right now, her job focuses more on strategy, but in the recent past, she was responsible for the security areas of monitoring, detection, response and remediation for the insurance businesses. When she was in charge of those security areas, she put a heavy emphasis on understanding response.

“I think some people minimize response,” she says. “I feel as monitoring and detection become more obvious and as skills and tools focusing on those issues, people look at those things first to see and understand what’s ‘normal.’” She decided to shift her focus to response because, she says, “You know you’re going to find stuff, but if you don’t know what to do, it can make the situation spiral very quickly.”

To handle response efforts, Patty brought in forensics experts and developed policies and procedures. “We had a short list of who to call. People knew how to react. We knew how to preserve evidence and do testing and troubleshoot.”

Monitoring and detection are important, she is quick to point out, but she thinks it is imperative to look at the technical aspects of response. By doing that, it can save on time in an arena where split seconds can determine how big a breach is going to be

“It’s possible to meet business relevance through the security operations functions,” Patty says. “It’s a matter of bringing in the best IT and technical operations people, and then the key is to build a bridge to the business and explain that relevancy from day one. It’s having the security people as part of the business process.”

Patty Long is working with ING's Insurance and Investment Management businesses in EurAsia as they build their IT Security framework, including all aspects of Security Operations. he spent 4 years as CISO of CitiStreet, prior to its acquisition by ING in July 2008, and before that, 15 years of IT experience within the financial services arena.