Bill Lawrence, ITEGRITI Chief Delivery Officer appeared in two sessions at HouSecCon:  “Your Journey to CISO” and “Waltzing with Elephants.”  In the first session, Bill joined a panel of other past/present CISOs to tighten the gap in career guidance for mid-level professionals.  The panel discussed their varied career paths and experiences as successful CISOs, including the challenges they faced and how they overcame them.  Key messaging confirmed the importance of understanding that the cybersecurity landscape is always evolving and the critical role that CISOs play in ensuring organizational security and resilience.  The session attendees learned the panelists’ leadership approaches and strategies for building effective security teams, managing risk, and communicating with key stakeholders.

During “Waltzing with Elephants,” Bill exuded hope that cyber start-ups will someday “waltz with elephants” and make the big time in their chosen markets and sectors.  Growing in security maturity along the way, of course.  Attendees were able to learn from the lessons gathered by a cyber security start-up CISO over two years of building a security program that satisfied even extremely mature and large customer organizations.  The project management methodology he presented encompassed the people, processes, and technology involved to build such a program, while remaining mindful of the limited resources of a start-up as well as the complex security challenges of defending a cloud-based SaaS solution.  The session covered capabilities and timing of vulnerability management, penetration testing strategies, back-office security controls, data loss prevention options, and company security training requirements, all with the goal of obtaining an unqualified (clean) SOC 2 Type 2 attestation.  Additional security questionnaires and proprietary forms were discussed along with customer security interviews.