Premium Content

Access "Ping: Mark Odiorne"

Published: 19 Oct 2012

Do not envy Mark Odiorne. As the CISO at Scottish Re, a reinsurance company with more than $12 billion in assets, Odiorne is the only full-time security practitioner on staff. In addition to fighting threats, he also has responsibility for much of the company's substantial compliance efforts. MARK ODIORNE Which compliance requirements take up most of your time? Sarbanes-Oxley is probably the biggest focus; Gramm-Leach-Bliley as well, because we're a financial services company. What we have found is because we used the ISO standard to build our security model, whether it's Gramm-Leach or Sarbanes or something else, we can pretty much track anything they're looking at to that model. When the company was young, we were constantly writing policies on the fly. So every year, when the auditors would come back in, we had a lot of new processes in place and they had some testing to do. That's also why we've made information security more of a priority and have more resources applied to it. What are the challenges you think will take up a lot of your time in 2007? ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free