Phil Richards has both breadth and depth of security experience. He currently is the Chief Information Security Officer (CISO) for Ivanti. He has held other senior security positions including the Director of Operational Security for Varian Medical Systems, Chief Security Officer for Fundtech Corporation and Business Security Director for Fidelity Investments.
In his security leadership roles, he has created and implemented Information Security Policies based on industry standards. He has led organizations to clean PCI DSS and SSAE SOC2 compliance certifications, implemented security awareness training, and established a comprehensive compliance security audit framework based on industry standards. He has led the organizations through GLBA risk assessments and remediation and improved the organizations risk profile. Finally, he has implemented global privacy policies, including addressing privacy issues in the European Union.
Transforming an organization requires focus on the objectives, clear communication, and constant coordination with executive leadership, which is exactly what Phil has focused on during his security career.
The opinions expressed in this blog are those of Phil Richards and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.
Your IT service management (ITSM) teams can serve up good security practices with your help.
Your employees make risk/reward decisions daily. Have you defined risk boundaries for them? Unwanted risk or missed opportunities happen without clear direction.
GDPR compliance is not a customer-service proposition. To better understand GDPR, U.S. companies should adopt a European mindset.
Trusted networks are not always what they seem. Ask a hacker. They love your employees’ casual use of open wireless networks.
It is important for your company to identify risks you should be taking as part of being in your business...like a supermarket does when stocking okra.
Can you answer this question: how do you know the laptop that shows up today in Tokyo is the same one that was in New York last week? Make sure you have a complete inventory of hardware and software so you can be confident your patching is thorough.