�ݺ�ߣshows by User: JackNichelson

�ݺ�ߣshows by User: JackNichelson / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: JackNichelson / Sat, 28 Oct 2023 21:18:23 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: JackNichelson A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf /slideshow/a-clear-path-to-nist-cmmc-compliance-2023-cleveland-security-summitpdf/262831890 aclearpathtonistcmmccompliance-2023clevelandsecuritysummit-231028211823-9566e378
All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score ]]>
All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score ]]> Sat, 28 Oct 2023 21:18:23 GMT /slideshow/a-clear-path-to-nist-cmmc-compliance-2023-cleveland-security-summitpdf/262831890 JackNichelson@slideshare.net(JackNichelson) A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf JackNichelson All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.�In addition to answering questions from attendees, this presentation will cover the following topics:�• What You Need to Know About CMMC�• CMMC 2.0 Proposed Changes�• The Crawl – Walk – Run of CMMC�• Preliminary Steps for CMMC Success�• How to improve your NIST SP 800-171 Self-Assessment SPRS score <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2023clevelandsecuritysummit-231028211823-9566e378-thumbnail.jpg?width=120&height=120&fit=bounds" /> All DoD contractors are now be subject to CMMC 2.0 DFARS 252.204-7012 & 7019. This means, that any DoD suppliers looking to earn new business or up for a renewal will need to complete a new NIST 800-171 Self-Assessment and upload the results to the Supplier Performance Risk System (SPRS) before a contract is awarded. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC 2.0 certification.�In addition to answering questions from attendees, this presentation will cover the following topics:�• What You Need to Know About CMMC�• CMMC 2.0 Proposed Changes�• The Crawl – Walk – Run of CMMC�• Preliminary Steps for CMMC Success�• How to improve your NIST SP 800-171 Self-Assessment SPRS score

A Clear Path to NIST & CMMC Compliance - 2023 Cleveland Security Summit.pdf from Jack Nichelson

]]> 128 0 https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2023clevelandsecuritysummit-231028211823-9566e378-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx /slideshow/a-clear-path-to-nist-cmmc-compliance-2022-summitpptx/253862966 aclearpathtonistcmmccompliance-2022summit-221028211926-5cb96252
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score ]]>
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.In addition to answering questions from attendees, this presentation will cover the following topics:• What You Need to Know About CMMC• CMMC 2.0 Proposed Changes• The Crawl – Walk – Run of CMMC• Preliminary Steps for CMMC Success• How to improve your NIST SP 800-171 Self-Assessment SPRS score ]]> Fri, 28 Oct 2022 21:19:26 GMT /slideshow/a-clear-path-to-nist-cmmc-compliance-2022-summitpptx/253862966 JackNichelson@slideshare.net(JackNichelson) A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx JackNichelson Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.�In addition to answering questions from attendees, this presentation will cover the following topics:�• What You Need to Know About CMMC�• CMMC 2.0 Proposed Changes�• The Crawl – Walk – Run of CMMC�• Preliminary Steps for CMMC Success�• How to improve your NIST SP 800-171 Self-Assessment SPRS score <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2022summit-221028211926-5cb96252-thumbnail.jpg?width=120&height=120&fit=bounds" /> Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this presentation, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification.�In addition to answering questions from attendees, this presentation will cover the following topics:�• What You Need to Know About CMMC�• CMMC 2.0 Proposed Changes�• The Crawl – Walk – Run of CMMC�• Preliminary Steps for CMMC Success�• How to improve your NIST SP 800-171 Self-Assessment SPRS score

A Clear Path to NIST & CMMC Compliance - 2022 Summit.pptx from Jack Nichelson

]]> 52 0 https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2022summit-221028211926-5cb96252-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 A Clear Path to NIST & CMMC Compliance_ISSA.pptx /slideshow/a-clear-path-to-nist-cmmc-complianceissapptx/251744671 aclearpathtonistcmmccomplianceissa-220509115623-84795461
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this webinar, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification. In addition to answering questions from attendees, this webinar will cover the following topics: • What You Need to Know About CMMC • The Crawl – Walk – Run of CMMC • Preliminary Steps for CMMC Success ]]>
Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this webinar, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification. In addition to answering questions from attendees, this webinar will cover the following topics: • What You Need to Know About CMMC • The Crawl – Walk – Run of CMMC • Preliminary Steps for CMMC Success ]]> Mon, 09 May 2022 11:56:22 GMT /slideshow/a-clear-path-to-nist-cmmc-complianceissapptx/251744671 JackNichelson@slideshare.net(JackNichelson) A Clear Path to NIST & CMMC Compliance_ISSA.pptx JackNichelson Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this webinar, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification. In addition to answering questions from attendees, this webinar will cover the following topics: • What You Need to Know About CMMC • The Crawl – Walk – Run of CMMC • Preliminary Steps for CMMC Success <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccomplianceissa-220509115623-84795461-thumbnail.jpg?width=120&height=120&fit=bounds" /> Beginning in 2020, the DoD will use the Cybersecurity Maturity Model Certification (CMMC) to verify contractors of the Defense Industrial Base are operating with effective cyber hygiene. In order to bid on, maintain, and win future DoD contracts, all organizations will need to prove their required level of cyber maturity. If you do business with the DPD, NASA, GSA or another state/federal agency, you need to be prepared for the CMMC framework. In this webinar, we discuss the potential impacts on your business, while introducing an affordable, practical and secure solution for contractors preparing for CMMC certification. In addition to answering questions from attendees, this webinar will cover the following topics: • What You Need to Know About CMMC • The Crawl – Walk – Run of CMMC • Preliminary Steps for CMMC Success

A Clear Path to NIST & CMMC Compliance_ISSA.pptx from Jack Nichelson

]]> 363 0 https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccomplianceissa-220509115623-84795461-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Office 365 Security - Its 2am do you know whos in your office 365 /slideshow/office-365-security-its-2am-do-you-know-whos-in-your-office-365/147677060 its2amdoyouknowwhosinyouroffice365-190526193137
You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.]]>
You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.]]> Sun, 26 May 2019 19:31:37 GMT /slideshow/office-365-security-its-2am-do-you-know-whos-in-your-office-365/147677060 JackNichelson@slideshare.net(JackNichelson) Office 365 Security - Its 2am do you know whos in your office 365 JackNichelson You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/its2amdoyouknowwhosinyouroffice365-190526193137-thumbnail.jpg?width=120&height=120&fit=bounds" /> You’ve entrusted all of your company’s data to Microsoft’s cloud…what could go wrong? In 2018 you’ve either moved your data to Office365, you’re thinking about it, or you’ve locked your entire business into Lotus Notes. As cloud providers eat away traditional infrastructure, IT and Security teams must either adapt to this brave new world, or be left behind. In this talk we will provide real-world examples and how to apply both traditional and new security controls/tools to secure Office 365 & Azure. We will give specific, actionable recommendations you can make to your Microsoft Office 365 and Azure tenants. Recommendations like how to prevent external threats like account takeovers, internal threats like Shadow cloud Apps, effective monitoring and processes to follow to minimize the likelihood that your company becomes the Next Big Breach. The new perimeter is identities in the cloud, so learn to protect them with Azure Active Directory.

Office 365 Security - Its 2am do you know whos in your office 365 from Jack Nichelson

]]> 397 3 https://cdn.slidesharecdn.com/ss_thumbnails/its2amdoyouknowwhosinyouroffice365-190526193137-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Creating a results oriented culture /slideshow/creating-a-results-oriented-culture-107868636/107868636 creatingaresultsorientedculture-ohtec2017-180729004115
Creating a results oriented culture]]>
Creating a results oriented culture]]> Sun, 29 Jul 2018 00:41:14 GMT /slideshow/creating-a-results-oriented-culture-107868636/107868636 JackNichelson@slideshare.net(JackNichelson) Creating a results oriented culture JackNichelson Creating a results oriented culture <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/creatingaresultsorientedculture-ohtec2017-180729004115-thumbnail.jpg?width=120&height=120&fit=bounds" /> Creating a results oriented culture

Creating a results oriented culture from Jack Nichelson

]]> 197 3 https://cdn.slidesharecdn.com/ss_thumbnails/creatingaresultsorientedculture-ohtec2017-180729004115-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 The kickstarter to measuring what matters Evanta CISO 2017 /slideshow/the-kickstarter-to-measuring-what-matters-evanta-ciso-2017/76903777 thekickstartertomeasuringwhatmatters-evanta2017-170613142013
Does counting the number of intrusions a firewall blocked in a month really justify the capital spend on security projects? What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend — a system that won them both dollars and trust with peers and their boards.]]>
Does counting the number of intrusions a firewall blocked in a month really justify the capital spend on security projects? What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend — a system that won them both dollars and trust with peers and their boards.]]> Tue, 13 Jun 2017 14:20:13 GMT /slideshow/the-kickstarter-to-measuring-what-matters-evanta-ciso-2017/76903777 JackNichelson@slideshare.net(JackNichelson) The kickstarter to measuring what matters Evanta CISO 2017 JackNichelson Does counting the number of intrusions a firewall blocked in a month really justify the capital spend on security projects? What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend — a system that won them both dollars and trust with peers and their boards. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/thekickstartertomeasuringwhatmatters-evanta2017-170613142013-thumbnail.jpg?width=120&height=120&fit=bounds" /> Does counting the number of intrusions a firewall blocked in a month really justify the capital spend on security projects? What kind of operational data demonstrates cybersecurity leaders’ long-term budgetary needs for their programs and at the same time shows the progress they’ve made over the years? Learn how a duo of cybersecurity professionals used thought leadership and a goals-based approach to build the case for past capital and future spend — a system that won them both dollars and trust with peers and their boards.

The kickstarter to measuring what matters Evanta CISO 2017 from Jack Nichelson

]]> 359 4 https://cdn.slidesharecdn.com/ss_thumbnails/thekickstartertomeasuringwhatmatters-evanta2017-170613142013-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Creating a Results Oriented Culture /slideshow/creating-a-results-oriented-culture/75478503 creatingaresultsorientedculture-ohtec2017-170427184825
Be Proactive – Focus on what you can influence Begin with the end in mind – Define practical outcomes Create a Problem Statement – A goal without a plan is just a wish Put first thing first – Plan weekly, act daily Chart Performance & Adjust – Shine a light on the problem]]>
Be Proactive – Focus on what you can influence Begin with the end in mind – Define practical outcomes Create a Problem Statement – A goal without a plan is just a wish Put first thing first – Plan weekly, act daily Chart Performance & Adjust – Shine a light on the problem]]> Thu, 27 Apr 2017 18:48:25 GMT /slideshow/creating-a-results-oriented-culture/75478503 JackNichelson@slideshare.net(JackNichelson) Creating a Results Oriented Culture JackNichelson Be Proactive – Focus on what you can influence Begin with the end in mind – Define practical outcomes Create a Problem Statement – A goal without a plan is just a wish Put first thing first – Plan weekly, act daily Chart Performance & Adjust – Shine a light on the problem <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/creatingaresultsorientedculture-ohtec2017-170427184825-thumbnail.jpg?width=120&height=120&fit=bounds" /> Be Proactive – Focus on what you can influence Begin with the end in mind – Define practical outcomes Create a Problem Statement – A goal without a plan is just a wish Put first thing first – Plan weekly, act daily Chart Performance & Adjust – Shine a light on the problem

Creating a Results Oriented Culture from Jack Nichelson

]]> 814 7 https://cdn.slidesharecdn.com/ss_thumbnails/creatingaresultsorientedculture-ohtec2017-170427184825-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Moving Mountains Through Measurement /slideshow/moving-mountains-through-measurement/74174188 misti-moving-mountains-170402033145
You're the newly-minted CISO in your organization, charged with the (un)enviable task of improving security. Unfortunately, your superiors and peers aren't quite sure what good security looks like, what they expect to see from you, or how you should go about doing it. All the execs know for sure is that if a security breach happens, it’s definitely your fault...and if a breach never comes, they question the need for security’s budget. It falls to you to chart your own path, and help define what good security looks like within your organization. In this session we will provide real-world examples of how the three speakers have faced this challenge in multiple organizations, what metrics were chosen to show progress, and how the speakers have gone about gathering them. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today. This session will address: • How to show security progress • Presenting security to senior leadership • Real-world security metrics • Identifying and using easily collected data • Aligning with existing organizational metrics]]>
You're the newly-minted CISO in your organization, charged with the (un)enviable task of improving security. Unfortunately, your superiors and peers aren't quite sure what good security looks like, what they expect to see from you, or how you should go about doing it. All the execs know for sure is that if a security breach happens, it’s definitely your fault...and if a breach never comes, they question the need for security’s budget. It falls to you to chart your own path, and help define what good security looks like within your organization. In this session we will provide real-world examples of how the three speakers have faced this challenge in multiple organizations, what metrics were chosen to show progress, and how the speakers have gone about gathering them. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today. This session will address: • How to show security progress • Presenting security to senior leadership • Real-world security metrics • Identifying and using easily collected data • Aligning with existing organizational metrics]]> Sun, 02 Apr 2017 03:31:45 GMT /slideshow/moving-mountains-through-measurement/74174188 JackNichelson@slideshare.net(JackNichelson) Moving Mountains Through Measurement JackNichelson You're the newly-minted CISO in your organization, charged with the (un)enviable task of improving security. Unfortunately, your superiors and peers aren't quite sure what good security looks like, what they expect to see from you, or how you should go about doing it. All the execs know for sure is that if a security breach happens, it’s definitely your fault...and if a breach never comes, they question the need for security’s budget. It falls to you to chart your own path, and help define what good security looks like within your organization. In this session we will provide real-world examples of how the three speakers have faced this challenge in multiple organizations, what metrics were chosen to show progress, and how the speakers have gone about gathering them. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today. This session will address: • How to show security progress • Presenting security to senior leadership • Real-world security metrics • Identifying and using easily collected data • Aligning with existing organizational metrics <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/misti-moving-mountains-170402033145-thumbnail.jpg?width=120&height=120&fit=bounds" /> You're the newly-minted CISO in your organization, charged with the (un)enviable task of improving security. Unfortunately, your superiors and peers aren't quite sure what good security looks like, what they expect to see from you, or how you should go about doing it. All the execs know for sure is that if a security breach happens, it’s definitely your fault...and if a breach never comes, they question the need for security’s budget. It falls to you to chart your own path, and help define what good security looks like within your organization. In this session we will provide real-world examples of how the three speakers have faced this challenge in multiple organizations, what metrics were chosen to show progress, and how the speakers have gone about gathering them. You will leave this session not with abstract ivory-tower ideas on measurement, but with actionable tactics you can put in place within your own program today. This session will address: • How to show security progress • Presenting security to senior leadership • Real-world security metrics • Identifying and using easily collected data • Aligning with existing organizational metrics

Moving Mountains Through Measurement from Jack Nichelson

]]> 975 6 https://cdn.slidesharecdn.com/ss_thumbnails/misti-moving-mountains-170402033145-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 10 Critical Habits of Effective Security Managers /slideshow/10-critical-habits-of-fffective-security-managers/41020851 10criticalhabitsofeffectivesecuritymanagers-141102120340-conversion-gate01
How to Secure Things & Influence People: 10 Critical Habits of Effective Security Managers Have you ever felt that the security problems you're faced with would be so simple to solve if only your colleagues had your perspective on them? Are you frustrated that security does not have a more prominent seat at the table? Often times identifying security problems and developing the appropriate controls is the easiest part of the security job. Getting our peers and superiors to buy-in to those solutions and understand the risk decisions they're making is an under-appreciated but arguably much more important part of our jobs in security. Chris and Jack will share techniques that help to turn your employees into an army of human security sensors, to get security done regardless of where it sits on the org chart, and to earn major security victories even with a meager budget and a small team. Along the way you’ll learn about the “10 Critical Habits” which we have observed effective security leaders using to achieve their goals.]]>
How to Secure Things & Influence People: 10 Critical Habits of Effective Security Managers Have you ever felt that the security problems you're faced with would be so simple to solve if only your colleagues had your perspective on them? Are you frustrated that security does not have a more prominent seat at the table? Often times identifying security problems and developing the appropriate controls is the easiest part of the security job. Getting our peers and superiors to buy-in to those solutions and understand the risk decisions they're making is an under-appreciated but arguably much more important part of our jobs in security. Chris and Jack will share techniques that help to turn your employees into an army of human security sensors, to get security done regardless of where it sits on the org chart, and to earn major security victories even with a meager budget and a small team. Along the way you’ll learn about the “10 Critical Habits” which we have observed effective security leaders using to achieve their goals.]]> Sun, 02 Nov 2014 12:03:40 GMT /slideshow/10-critical-habits-of-fffective-security-managers/41020851 JackNichelson@slideshare.net(JackNichelson) 10 Critical Habits of Effective Security Managers JackNichelson How to Secure Things & Influence People: 10 Critical Habits of Effective Security Managers Have you ever felt that the security problems you're faced with would be so simple to solve if only your colleagues had your perspective on them? Are you frustrated that security does not have a more prominent seat at the table? Often times identifying security problems and developing the appropriate controls is the easiest part of the security job. Getting our peers and superiors to buy-in to those solutions and understand the risk decisions they're making is an under-appreciated but arguably much more important part of our jobs in security. Chris and Jack will share techniques that help to turn your employees into an army of human security sensors, to get security done regardless of where it sits on the org chart, and to earn major security victories even with a meager budget and a small team. Along the way you’ll learn about the “10 Critical Habits” which we have observed effective security leaders using to achieve their goals. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/10criticalhabitsofeffectivesecuritymanagers-141102120340-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds" /> How to Secure Things & Influence People: 10 Critical Habits of Effective Security Managers Have you ever felt that the security problems you're faced with would be so simple to solve if only your colleagues had your perspective on them? Are you frustrated that security does not have a more prominent seat at the table? Often times identifying security problems and developing the appropriate controls is the easiest part of the security job. Getting our peers and superiors to buy-in to those solutions and understand the risk decisions they're making is an under-appreciated but arguably much more important part of our jobs in security. Chris and Jack will share techniques that help to turn your employees into an army of human security sensors, to get security done regardless of where it sits on the org chart, and to earn major security victories even with a meager budget and a small team. Along the way you’ll learn about the “10 Critical Habits” which we have observed effective security leaders using to achieve their goals.

10 Critical Habits of Effective Security Managers from Jack Nichelson

]]> 1017 4 https://cdn.slidesharecdn.com/ss_thumbnails/10criticalhabitsofeffectivesecuritymanagers-141102120340-conversion-gate01-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Information Security Metrics - Practical Security Metrics /slideshow/information-security-metrics-practical-steps-to-security-measurement/39812445 dotimkp3qwysmtxr4omm-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140848-phpapp01
So exactly how do you integrate information security metrics into action in an organization and actually achieve value from the effort. Learn what efforts are currently underway in the industry to create consensus metrics guides and what initial steps an organization can take to start measuring the effectiveness of their security program.]]>
So exactly how do you integrate information security metrics into action in an organization and actually achieve value from the effort. Learn what efforts are currently underway in the industry to create consensus metrics guides and what initial steps an organization can take to start measuring the effectiveness of their security program.]]> Thu, 02 Oct 2014 14:08:48 GMT /slideshow/information-security-metrics-practical-steps-to-security-measurement/39812445 JackNichelson@slideshare.net(JackNichelson) Information Security Metrics - Practical Security Metrics JackNichelson So exactly how do you integrate information security metrics into action in an organization and actually achieve value from the effort. Learn what efforts are currently underway in the industry to create consensus metrics guides and what initial steps an organization can take to start measuring the effectiveness of their security program. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/dotimkp3qwysmtxr4omm-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140848-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> So exactly how do you integrate information security metrics into action in an organization and actually achieve value from the effort. Learn what efforts are currently underway in the industry to create consensus metrics guides and what initial steps an organization can take to start measuring the effectiveness of their security program.

Information Security Metrics - Practical Security Metrics from Jack Nichelson

]]> 3760 5 https://cdn.slidesharecdn.com/ss_thumbnails/dotimkp3qwysmtxr4omm-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140848-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Information Security - Back to Basics - Own Your Vulnerabilities /slideshow/information-security-back-to-basics-own-your-vulnerabilities/39812145 vvjsjwvxtycpefxpfald-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140106-phpapp01
When a security program isn't as good as it should be it can be tempting to conclude that it needs more resources and solutions. Jack Nichelson decided to take a different approach: simplification. By focusing on fewer problems with bigger returns, he was able to reduce malware by 60 percent and improve the results of his annual pen report. He’ll share a back-to-the-basics case study for removing complexity and running a simple, effective, start-up worthy security program. This Talk is for - Security Managers looking to better focus on the real vulnerabilities and more effectively communicate your progress The Goals of this talk – Find the real problems, create a formal plan, build support for the plan, and report the progress]]>
When a security program isn't as good as it should be it can be tempting to conclude that it needs more resources and solutions. Jack Nichelson decided to take a different approach: simplification. By focusing on fewer problems with bigger returns, he was able to reduce malware by 60 percent and improve the results of his annual pen report. He’ll share a back-to-the-basics case study for removing complexity and running a simple, effective, start-up worthy security program. This Talk is for - Security Managers looking to better focus on the real vulnerabilities and more effectively communicate your progress The Goals of this talk – Find the real problems, create a formal plan, build support for the plan, and report the progress]]> Thu, 02 Oct 2014 14:01:06 GMT /slideshow/information-security-back-to-basics-own-your-vulnerabilities/39812145 JackNichelson@slideshare.net(JackNichelson) Information Security - Back to Basics - Own Your Vulnerabilities JackNichelson When a security program isn't as good as it should be it can be tempting to conclude that it needs more resources and solutions. Jack Nichelson decided to take a different approach: simplification. By focusing on fewer problems with bigger returns, he was able to reduce malware by 60 percent and improve the results of his annual pen report. He’ll share a back-to-the-basics case study for removing complexity and running a simple, effective, start-up worthy security program. This Talk is for - Security Managers looking to better focus on the real vulnerabilities and more effectively communicate your progress The Goals of this talk – Find the real problems, create a formal plan, build support for the plan, and report the progress <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/vvjsjwvxtycpefxpfald-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140106-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> When a security program isn't as good as it should be it can be tempting to conclude that it needs more resources and solutions. Jack Nichelson decided to take a different approach: simplification. By focusing on fewer problems with bigger returns, he was able to reduce malware by 60 percent and improve the results of his annual pen report. He’ll share a back-to-the-basics case study for removing complexity and running a simple, effective, start-up worthy security program. This Talk is for - Security Managers looking to better focus on the real vulnerabilities and more effectively communicate your progress The Goals of this talk – Find the real problems, create a formal plan, build support for the plan, and report the progress

Information Security - Back to Basics - Own Your Vulnerabilities from Jack Nichelson

]]> 1152 5 https://cdn.slidesharecdn.com/ss_thumbnails/vvjsjwvxtycpefxpfald-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002140106-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Protecting the Crown Jewels – Enlist the Beefeaters /slideshow/beefeaters-defenders-of-the-crown-jewels/39811433 lcyrmhetqz6vy828lgsb-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002134447-phpapp01
Protecting the Crown Jewels – Enlist the Beefeaters In the wake of a constant stream of high-profile breaches, data is not only becoming a highly valued commodity, it’s becoming an organization’s crown jewels. Who better to protect your crown jewels than the Beefeaters? Tapping into the iconic London Guard’s reputation, Jack Nichelson, with the support of the FBI and PwC, has developed an elite force to defend his organization’s most valuable assets from even trusted insiders. Providing insights into his companies data identification, classification and security initiative, sharing best practices for creating consensus, and engaging and aligning multiple business units to better protect the organization's crown jewels.]]>
Protecting the Crown Jewels – Enlist the Beefeaters In the wake of a constant stream of high-profile breaches, data is not only becoming a highly valued commodity, it’s becoming an organization’s crown jewels. Who better to protect your crown jewels than the Beefeaters? Tapping into the iconic London Guard’s reputation, Jack Nichelson, with the support of the FBI and PwC, has developed an elite force to defend his organization’s most valuable assets from even trusted insiders. Providing insights into his companies data identification, classification and security initiative, sharing best practices for creating consensus, and engaging and aligning multiple business units to better protect the organization's crown jewels.]]> Thu, 02 Oct 2014 13:44:47 GMT /slideshow/beefeaters-defenders-of-the-crown-jewels/39811433 JackNichelson@slideshare.net(JackNichelson) Protecting the Crown Jewels – Enlist the Beefeaters JackNichelson Protecting the Crown Jewels – Enlist the Beefeaters In the wake of a constant stream of high-profile breaches, data is not only becoming a highly valued commodity, it’s becoming an organization’s crown jewels. Who better to protect your crown jewels than the Beefeaters? Tapping into the iconic London Guard’s reputation, Jack Nichelson, with the support of the FBI and PwC, has developed an elite force to defend his organization’s most valuable assets from even trusted insiders. Providing insights into his companies data identification, classification and security initiative, sharing best practices for creating consensus, and engaging and aligning multiple business units to better protect the organization's crown jewels. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/lcyrmhetqz6vy828lgsb-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002134447-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> Protecting the Crown Jewels – Enlist the Beefeaters In the wake of a constant stream of high-profile breaches, data is not only becoming a highly valued commodity, it’s becoming an organization’s crown jewels. Who better to protect your crown jewels than the Beefeaters? Tapping into the iconic London Guard’s reputation, Jack Nichelson, with the support of the FBI and PwC, has developed an elite force to defend his organization’s most valuable assets from even trusted insiders. Providing insights into his companies data identification, classification and security initiative, sharing best practices for creating consensus, and engaging and aligning multiple business units to better protect the organization's crown jewels.

Protecting the Crown Jewels – Enlist the Beefeaters from Jack Nichelson

]]> 911 5 https://cdn.slidesharecdn.com/ss_thumbnails/lcyrmhetqz6vy828lgsb-signature-32f79f4044faf73c84bdbbec0849216504581c07610ca709d94d08841d4333bd-poli-141002134447-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation 000000 http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-JackNichelson-48x48.jpg?cb=1698524970 I protect shareholder value by providing a secure and standardized IT environment that empowers the business. Currently serve as the Director, IT Infrastructure & Security Operations with Chart Industries, a $1B publicly traded corporation with a global reach. My team includes 4 managers, 5 individual contributors and 15 site administrators who architect, implement and administer the IT infrastructure and security used enterprise-wide across 43 locations. As a strong team together, we provide world class service, performance and availability to 5,500 employees through a consultative approach and are entrusted with an annual $14M budget including OPEX & CAPEX. I lead the development and e... www.linkedin.com/in/nichelson/ https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2023clevelandsecuritysummit-231028211823-9566e378-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/a-clear-path-to-nist-cmmc-compliance-2023-cleveland-security-summitpdf/262831890 A Clear Path to NIST &... https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccompliance-2022summit-221028211926-5cb96252-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/a-clear-path-to-nist-cmmc-compliance-2022-summitpptx/253862966 A Clear Path to NIST &... https://cdn.slidesharecdn.com/ss_thumbnails/aclearpathtonistcmmccomplianceissa-220509115623-84795461-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/a-clear-path-to-nist-cmmc-complianceissapptx/251744671 A Clear Path to NIST &...