Pittsburgh Security Operations 2011

CISO EXECUTIVE NETWORK

Pittsburgh Security Operations Breakfast Roundtable

Wednesday, April 27, 2011

8:00 am - 12:00 noon

Reed Smith

Speakers

Patrick Kenny  Bit9

Arthur Taylor  Benefit Allocation Systems, Inc. - on behalf of Tripwire

Don Gray  Solutionary

Member Discussion Leader

Matt Tolbert  Westinghouse

Advisory Council Member Matt Tolbert Discusses Security Operations

 Matt Tolbert, Global Manager of Information Security, is responsible for Westinghouse's computer security operations at all Global locations:  53 sites in 18 countries on five continents. “I am also responsible for physical security of all Westinghouse data centers,” he says. “Computer Security Operations is part of Westinghouse's Information Systems department.  I report to the Chief Information Officer, who reports to our Senior Vice President of Global Operations.”

 So what exactly does Matt have control over with regards to security operations?  He says his responsibilities cover the following areas: security operations; computer security governance; nuclear and utility industry cybersecurity regulatory compliance; computer investigations and eDiscovery; and security awareness and training

 Westinghouse has formal documented policies and procedures for both incident response and computer investigations, Matt explains.  “Monitoring and detection is performed from Westinghouse's dedicated Security Operations Center (SOC), located in our Pittsburgh Corporate Headquarters data center.  Incident response and remediation is managed by my Security Operations team at Corporate Headquarters, working closely with security and computer support personnel at all Westinghouse global locations.”

 Matt takes these steps to make his security operations more efficient and relevant to business operations:

- Formal security governance policies and procedures that reflect Westinghouse's business goals and compliance requirements.

- Formal enterprise risk management process that establishes Westinghouse's most critical processes and services, identifies the most probable disruptive threats, and quantifies the financial impact a security event would have on the company.

- Fully using ITIL practices to ensure security processes align with business processes.

- Monthly meetings of Westinghouse's Security Advisory Council, which are comprised of myself, the Director of Corporate Security, the CIO, the Senior VP of Operations, the CFO, the Senior VP of Human Resources, and Westinghouse's Lead Council.  Our discussions ensure that Security's priorities and practices align with senior leaderships' priorities.

- Weekly metrics that reflect operational effectiveness and progress towards attaining business goals for secure operations and regulatory compliance.

And what is Matt’s best piece of advice to other CISO Executive Network members? “Metrics drive behavior,” he says. “Security Operations must have accurate, up-to-date incident, operational, and compliance metrics to ensure that known threats are effectively addressed, new threats quickly identified, and security operations resources (people, processes, and technology) are efficiently prioritized.

Matt Tolbert is Global Manager of Information Security for Westinghouse. He brings over 25 years of experience as a computer professional with experiences involving computer security, SAP R/3 implementations, supercomputing, and data center management.