The ISE® North America Awards are held in conjunction with a two day Leadership Summit which includes keynote speakers, interactive roundtables moderated by the CISOs and VPs of participating companies, and hot topic panel discussions. The two day program offers the opportunity to meet with peers and leading IT executives from across the region to discuss and share insights into today's issues and solutions.
ISE® North America Executive Award Winner 2011 - Commercial Category
Jerry Archer
Senior Vice President, Chief Information Security Officer
Sallie Mae
ISE® North America Executive Award Winner 2011 - Government Category
Jeff Shyshka
Deputy Chief Information Officer for Service Delivery and Engineering
Department of Veterans Affairs
ISE® North America Executive Award Winner 2011 - Health Care Category
Brad Sanford
Chief Information Security Officer
Emory University
ISE® North America Executive Award Winner 2011 - Education/Non-Profit Category
Grace Crickette
Chief Risk Officer
University of California
ISE® North America Project Award Winner 2011 - Commercial Category
Bag It and Tag It
Executive Sponsor: Glen Taylor, Vice President
Project Team: Dawn Ellis, Mike Pruitt, Ahmed Faridy, Tim Gruber, Cleora Madison, Vicky Justynski, Craig Smith, Jason Summerlin, Peter W Gold, Richard Robertson, Greg Harry, Kathy Burns, Kevin Haertling, Melanie K Roush
Walt Disney World is the largest single site employer in the US with over 58,000 cast members in 1 location. The recent consumer trend towards wireless devices combined with this huge workforce resulted in many unknown or rogue wireless access points. With 47 sq. miles of property (the size of San Francisco) it would have taken an army of people to find, catalog, and address this situation. Disney Cast Members thrive on this type of challenge and used creativity and crowd sourcing to mitigate the risk.
ISE® North America Project Award Winner 2011 - Government Category
Security Consolidation with McAfee Cloud Services
Executive Sponsor: Daniel Srebnick, Associate Commissioner & CISO
Team Members: Daniel Srebnick, Jamie Arnold, Nick Mauriello, Larry Pfeifer
Location: New York, NY
The New York City Department of Information Technology and Telecommunications (DoITT) McAfee project was designed to provide consolidation of security throughout New York City. The DoITT worked with McAfee to deploy cloud services and leverage threat analytics to support 180,000 end users from 52 agencies. The DoITT, in conjunction with McAfee, deployed an integrated network, host and cloud solution to enhance New York City government against the cyber threat.
ISE® North America Project Award Winner 2011 - Health Care Category
Operational Risk Management Project
Executive Sponsor: Richard Seiersen, ORM Architect
Project Team: Richard Seiersen, Jason Ellis, Carl Koster, Brian Kavanagh, Kevin DePeugh, David Cho, Michael Ruiz
The Operational Risk Management project applies security intelligence within a GRC framework to allow Kaiser Permanente to identify and prioritize actionable security risk. Business intelligence practices are used to automate the collection of enterprise asset data, vulnerability data, and mitigation data into a “single pane of glass.” “Risk tolerance rules,” then operate on the aforementioned data, creating workflow for the purpose of protecting Kaiser's critical assets. The net result is a highly scalable and automated full-stack framework for addressing both vulnerability remediation and associated mitigation up and in the systems stack.
ISE® North America People's Choice Award Winner 2011
Lee Parrish
Vice President & Chief Security Officer
Parsons Corp.
ISE® North America Luminary Leadership Award Winner 2011
Rich Jackson
Chief Information Protection Officer and General Manager of Global Information Risk Management
Chevron Corporation
ISE® North America Executive Award Finalist 2006
ISE® North America Executive Award Finalists 2011
James Beeson
Chief Information Security Officer
GE Capital
John R. South
Chief Security Officer
Heartland Payment Systems
Richard Seiersen
Principal Solution Engineer
Kaiser Permanente
Mike Wilson
Vice President, Chief Information Security Officer
McKesson
ISE® North America Project Award Finalists 2011
BSOC – Business Security Operations Center
Executive Sponsor: Spencer Mott, Chief Information Security and Intellectual Property Officer
Project Team: Shammy Rana, Matt Farrer, Calvin Dickinson, Ben Stanbury, Nelson Ho, Robin Wilson, Barbu, Ionut-Daniel; Bobeanu, Victor-Flavius; Ciocoi, Maria Madalina; Constantin, Ciprian-Septimiu; Costache, Marian Bogdan; Cotenescu, Vlad; Doroftei, Alexandru; Gaspar, Andrei Dimitrie; Ionescu, Mihai; Iordache, Constantin Cosmin; Nunu, Silviu; Pirvu, Mihai; Prioteasa, Ileana-Emilia; Schverin, Cosmin Constantin; Soare, Marius; Stanciu, Alexandru-Cristian; Vanut, Marian
The project was to establish “Business Security Operation Center” (BSOC), new generation 24X7 operation providing security and risk management services to all global offices. The type of services that went into the BSOC service portfolio met a specific criteria and ‘scoring’. The criteria included Revenue Generation, Business Expansion, Employee Mobility, Loss Mitigation and Business Innovation. BSOC supplements on-site manned guarding with remote surveillance by innovative adaptation of surveillance techniques. BSOC remotely monitors and manages Information security tools, disaster recovery plan, provide data compliance support, intellectual property protection and fraud monitoring for all global operations. BSOC is a new twist on a traditional Security Operations Center as it addresses key ‘business’ enabling security services by centralizing security from all different domains such as physical security (including supply chain), incident management, information security, intellectual property protection, fraud monitoring to name a few.
E3™ End-to-End Encryption
Executive Sponsor: John South, Chief Security Officer
Project Team: Steve Elefant, Sarah McCrary, Larry Godfrey, Paul Minutillo, Dustin Francis
E3™ end-to-end encryption is designed to combat the growing problem of credit/debit card fraud by protecting cardholder data during the payment transaction lifecycle, from the moment of card swipe to and through the processing system. E3 provides the strongest degree of security available — with no extra costs — safeguarding various stakeholders in the payments ecosystem, including consumers, business owners, banks and financial institutions. E3 also affords merchants added breach protection with the E3Warranty.
Identity Management
Executive Sponsor: Scott Breece, Director of Security Strategy and Compliance
Project Team: Brenton Warner
CHS is challenged with managing user accounts across multiple technologies. The management of users includes user provisioning for new employees, account management for roles based access and termination of accounts. The existing technology, Novell Identity Manager (SIM); is currently implemented into the environment. The current version of this technology doesn’t provide the flexibility to meet all the business needs as the environment has evolved. But, the newest revision level of the application presents new and improved features that will assist CHS with meeting the needs of the business.
Enterprise Security, Identity Management & Access Governance
Executive Sponsor: Scott Pettigrew, Chief Security Officer, HMS
Team Members: Mark Ma, Jason Guzman, Len Atkinson, Deb Whitehead, Luke Magda, Jeremy Miller, Joe Spearin, Quyen To
Location: New York, NY
HMS, the nation’s largest healthcare cost containment service provider, set out in 2009 with aggressive goals for an Identity and Access Management program. Due to the rapid growth of the dynamic healthcare industry, HMS experienced ongoing challenges due to the complex regulatory pressures and compliance requirements. By working with Identity and Access Management Specialists, Logic Trends, HMS developed and executed an extensive undertaking to reduce risk exposure, improve on/off boarding processes, provide employees and contractors rapid access to mission critical systems, introduce electronic provisioning and bring consistent, auditable role governance, role maintenance and access management to the enterprise.