2012.0×0011 (Nov)
November Meeting details
Speaker: Brian A. Engle
Chief Information Security Officer, Texas Health and Human Service Commission
Topic: Complacent Compliance
Date: November 2nd, 2012
Time: 12:00 – 1:00 p.m. with introductions beginning at 11:30 a.m.
Venue: Microsoft Technology Center at Quarry Oaks 2.
Address: 10900 Stonelake Blvd. Suite 225. Austin, TX 78759
Synopsis:
Do you recall from your childhood the feeling that you had on Christmas afternoon? Not the feeling of anxious anticipation from Christmas Eve, and not the exhilaration of Christmas Morning, but instead the somewhat empty feeling of let down experienced later in the day. After the gifts were all opened, and the joy of what seemed to be an endless parade of toys, there was an inevitable feeling that all of glimmer just wasn’t enough.
Imagine that the legislators and compliance bodies that create regulations as a solution to the failure of risk mitigation might feel this same empty feeling after organizations become compliant. The reality is, there is a presumption that the regulations and compliance requirements are enough, and providing all that is required. Those of us charged with securing information resources are left with the let down. Compliance can create complacency at the lowest bar of security requirements, and the result is data loss, system breaches and the realization that risks are present at levels above acceptable tolerances.
If your spiritual life ends at a point of religious compliance you might be feeling this same Christmas Day let down. Stagnant faith without growth and a lack of a prosperous relationship with our Lord and Savior is like the low bar of security, something that fails to deliver at a level that meets the need.
In this session we will look at the shortcomings of complacent compliance in security and faith and explore a path to greater fulfillment for both.
Brian A. Engle (@brianaengle) is the Chief Information Security Officer for the State of Texas Health and Human Services Commission. HHSC is a collection of 5 state agencies consisting of over 55,000 employees that oversee the operations of health and human services and provide over 200 programs to assist the citizens of Texas. As CISO of HHSC, Brian provides the strategic guidance for securing and ensuring privacy within technology initiatives including IT risk management, IT security policy development and oversight, security awareness, security architecture and operations, as well as cyber security incident detection and management. Brian is also a member of the Texas Statewide Information Security Advisory Committee and Chair of the Subcommittee on Risk Assessment.
Previous information security roles include CISO for Temple-Inland, Manager of Information Security Assurance for Guaranty Bank and Senior Information Security Analyst for Silicon Laboratories. Brian is a Past President and Lifetime Board of Directors Member of the Information Systems Security Association Capitol of Texas Chapter, is a member of the Information Systems Audit and Control Association, and is a Certified Information Security Systems Professional and Certified Information Systems Auditor. He holds a B.S. in Management/Computer Information Systems and was the 2010 Information Security Magazine Security 7 Award winner for the Manufacturing Vertical.