In Depth

Lou Magnotti: The Conductor

Visitors to Lou Magnotti's office had best be prepared for a mélange of metaphors.

By Allan Holmes

June 01, 2005CSO — When Louis Magnotti III was a teenager in the 1970s growing up in Pittsburgh, he frequently worked in his grandfather's locksmith business during weekends and summers. Reassembling some of the more complex locks, the young Magnotti would try to force the intricate pieces back together. Magnotti's grandfather would tell him that he had to patiently slide the lock's parts together, finessing, coaxing and slightly readjusting the pieces so that they slipped just so into place. "If you have to force it, then the lock won't work," Magnotti remembers his grandfather telling him.

Magnotti, now 47, has relied on that advice throughout his career in security. The House of Representatives is no straightforward lockdown job, as many of the networks are open for public accessand some of them are controlled by contractors or other outsiders, rather than by Magnotti's group. This requires a skillful touch, finessing and coaxing independent-minded representatives, their staff members, committee staffers and others to embrace common security practices and policies.

Indeed, it takes a lot of patience to make the locks work.

Reaching Out

As Magnotti sees it, many CSOs try to force information security policies onto users; he refers to it as "pushing out" to customers. That practice often meets with resistance, and like the locks that won't work if the pieces are forced together, information security won't work either, because the policies will be frequently ignored and the systems left open for attack or misuse. By contrast, Magnotti says, CSOs would be more successful if they pulled information into the CSO office by reaching out to customers, learning their needs and concerns and working with them to develop policies that they would be more likely to implement. Magnotti's gentle touch makes sure that the House's security pieces fit together better. "You have to be up-front with people, and be sensitive to things like privacy," he says. "That builds credibility, rather than acting like the security guard who is out to hang them for doing something wrong."

Sensitivity, affability and a predilection toward inclusion are the hallmarks that make Magnotti, who's been House CISO for six years, a perfect fit for a job that requires securing the networks in an environment that must be kept open to the public yet secure enough to guard sensitive documents. Magnotti oversees network security for 435 U.S. representatives, dozens of committees and subcommittees, as many as 14,000 users and 22,000 system devicesincluding servers, PCs, printers and other peripherals. Many are scattered throughout the United States in 900 district offices.

$firstKeyword

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors