The CISO Executive Network is a peer-to-peer organization dedicated to helping information security, IT risk management, privacy, and compliance executives be more successful.  We accomplish this mission by providing opportunities for those professionals to meet periodically in their local cities to share with one another and hear from industry experts.

Chapters include: Atlanta, Bay Area (serving San Francisco, San Jose, Silicon Valley), Boston, Chicago, Columbus, Dallas, Mid-Atlantic (serving Baltimore and DC), Philadelphia, Pittsburgh, New York.

Here's what our members have to say:

"I participate in the CISO Executive Network because it affords me great opportunities to share information with my peers during the chapter meetings and outside of the meetings too. It is helpful to get the legal perspectives from the hosting firm as well as exposure to information and products from vendors. Overall, the CISO Executive Network is a well-run, well-organized forum with the added bonus of the Executive and Healthcare Summits each year. "  Keith Fricke, CSO, Catholic Health Partners

"The CISO Executive Network is an extremely valuable resource in my role as V.P., Corporate Security Officer.  The content of the chapter meetings is always quite relevant to current business challenges, the discussion is consistently high-quality, and the format is very well organized.  Beyond that, the interaction with peers across multiple industries brings a value that is immeasurable.  I now have the ability to reach out to a wide audience of security leaders through the LinkedIn group whenever needed, and I am able to have thought-provoking discussions during the chapter meetings.  These interactions are proving to be of immense benefit.  I highly recommend the CISO Executive Network to any security leader in any industry."  Kevin Hamel, Vice President, Security Officer, Operations, COCC

UPCOMING EVENTS

May 16:  LUNCHTIME WEBINAR: CONTINUOUS MONITORING

Join us at 12:00 Noon EDT for this one-hour Lunchtime Webinar featuring Ashar AzizFounder, Founder & CTO, FireEye, Inc.

Our third 2013 Webinar on Continuous Monitoring is an excellent follow-on to CISO Executive Network's March-April Breakfast Roundtable Series, which focuses on Enterprise Security Risk Management.

In relation to Enterprise Risk Management, Continuous Monitoring is the mechanism and process by which real-time information is collected and analyzed to produce the data for making risk management decisions. 

Continuous Monitoring originated in the Federal government.  A few years ago, the government recognized that its annual certification and accreditation (C&A) process for assessing, reporting, and managing the risk to information systems did not accommodate the dynamic nature of the systems and the threats to them. In response, Continuous Monitoring was adopted as a more dynamic approach to risk management.  While this approach has been used for some time for other operational controls, its use for security controls is a bit more recent.

No longer just for Federal government systems, Continuous Monitoring is proving to be an effective tool for commercial enterprises as well. 

Register from your Chapter Home Page.

June 4 - 26:  EXECUTIVE BREAKFAST ROUNDTABLE SERIES:  SECURITY MONITORING, DETECTION, AND RESPONSE

In order to effectively manage risk it is essential that the CISO organization have relevant, real time data from its security technologies.  Knowing that incidents and breaches are likely to occur despite our best efforts, we must be prepared to detect and respond to suspected and actual security incidents.  In this Breakfast Roundtable Series, experts will share their best practices and experiences with our members to help them stay ahead of the curve.

We will discuss processes and technologies, important relationships to establish with law enforcement, digital forensics, chain of custody, monitoring tools, and other practices and technologies. 

Topics for discussion may include:

• Logging and log management
• SIEM
• Big Data/SEIM transition
• Incident response
• Breach notification
• "Instrumentation" beyond logs, i.e., data feeds of intrusion indicators or forensic support when responding to incident.  Examples include http header info, DNS traffic capture, network traffic data such as Cisco Netflow data.  Include discussion of need for full packet capture in order to support incident response forensics.  Include discussion of incident response agents on endpoints, which can do broad scale forensic queries against the endpoints for indicators of compromise.
• MSSP support models - what components of technologies/processes at MSSP vs. in-house
• Include discussion about competencies such as forensic analysis, incident management coordination
• Discuss threat intelligence analysis and disposition
• Use cases.

Participants will be eligible to claim 4 CPE credits.