As CSO-in-Residence, David Mortman is responsible for Echelon One's research and analysis program. Formerly the Chief Information Security Officer for Siebel Systems, Inc., David and his team were responsible for Siebel's worldwide IT security infrastructure, both internal and external. He also worked closely with Siebel's product groups and the company's physical security team and led up Siebel's product security and privacy efforts.
Previously, Mr. Mortman was Manager of IT Security at Network Associates, where, in addition to managing data security, he deployed and tested all of NAI's security products before they were released to customers. Before that, Mortman was a Security Engineer for Swiss Bank. A CISSP, member of USENIX/SAGE and ISSA, and an invited speaker at RSA 2002 and 2005 security conferences, Mr. Mortman has also been a panelist and speaker at RSA 2007 and 2008, InfoSecurity 2003, Blackhats 2005-2008, Defcon 2005-2008 and Information Security Decisions 2007 and 2008. Mr. Mortman sits on a variety of advisory boards including Qualys, Applied Identity and Reflective, amongst others. He holds a BS in Chemistry from the University of Chicago.
Do you have a question for our experts?
Contributions from David Mortman, featured expert
- Learn security program management strategies to improve IT security
- What Obama's Blackberry means for mobile device security
- How to quantify business risk exposure to malware
- How to preserve an IT security budget from data breach fines
- How do I get CPE credits?
- Getting the CEH certification to join an ethical hacking network
- Changing information security plans in an economic downturn
- Boosting morale of the information security staff after a data breach
- Should enterprises ban USBs because the DoD banned them?
- Finding a security management job after an economic downturn
- Is a lack of employee privacy a HIPAA violation?
- How to create a policy to avoid disgruntled employee data leaks
- How to set up a remote access security policy
- Ethical hacking techniques for standard penetration testing
- Best practices for merging with a company that is not PCI compliant
- What's the best strategy to catch up on HIPAA compliance quickly?