This article can also be found in the Premium Editorial Download "Information Security magazine: Tips from the 2007 Security 7 Awards."
Download it now to read this article plus other related content.
|CATCHING UP WITH Andre Gold|
ON HIS NEW JOB At Continental, I had responsibilities over policy, strategy and execution. Here, it's just strategies and execution; policies come from the group level. At Continental, the organization was 50 years old and never really focused on information risk management; here in financial services, it's all about risk management. The first day I walked in, there were posters on the wall about Compliance Week and security awareness training. At the fundamental level, information risk management is germane across industries. It's just that a number of external statutes caused companies to lose track of the fundamental blocking and tackling of information risk management. At ING, that's what we focus on.
Last year's retail award winner has moved on to a new position in a new vertical market as head of technology risk management with ING.
ON SWITCHING INDUSTRIES It was absolute culture shock. I have one of those posters in my office now, and I'm thinking of having some fun and making a PDF copy for some of my friends. 'See: this is what we were striving for!' It's a lot easier to get the business engaged; everyone has a notion of risk. The executive team is cognizant of the role information risk management plays in the delivery of products and services.
ON THE SECURITY MARKET Buying habits were a lot different 18 months ago than they are today. Big companies today are a lot more focused on providing synergies between product portfolios. Now, you're not looking just at best-of-breed, now it's about vendors telling their portfolio story, how they leverage XYZ products. What companies are doing is looking at who is going to be a technology security partner for them, making a bet on that company and leveraging their technology exclusively with one or two that they'll primarily buy from. On the other hand, there are still markets where you can a la cart some technology if you're trying to meet a particular need. It's about making the right choices.
ON THE PURSUIT OF HIS MBA I took the summer off with the new job, but grad school just started up again and I'm back riding the bull. I would have graduated this spring otherwise.
--Michael S. Mimoso
This was first published in October 2007