PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2003

Defending the rock: Prudential's security culture and change control management

Kenneth Tyminski knew he had a problem when Microsoft announced the DCOM-RPC vulnerability in July '03. As the CISO of Prudential Financial, he had thousands of vulnerable Windows workstations and servers, and it was only a matter of time before a worm began burrowing through the Internet. Left to Right: Joyce R. Leibowitz, Senior VP, Corporate Operations and Systems; William Friel, Chief Information Officer; Kenneth Tyminski, Chief Information Security Officer; Mary Rose Freddo, Business Security Officer, Insurance Division; Charlene Bowie, Information Systems Manager; Amy Tomea, Process Management Analyst For many large enterprises, Tyminski's task would be overwhelming. But, within a week, Tyminski's staff issued corporate-wide vulnerability advisories, tested the patch and repaired nearly 90% of the affected machines. Prudential was virtually shielded from a devastating infection long before the Blaster worm hit. What enabled that quick response was a fine-tuned command and control strategy, in which everyone -- from the CEO...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue