14th Annual Security
& Compliance Summit
& Compliance Summit
Make Compliance Management a Competitive Advantage
Often we fall back on examples of penalties to explain our justiﬁcations. But what if we could talk about it as a market mover? What if, much as vault salesmen of the 30’s, we could explain that our customers are looking for safety and security, and that if we show them that we may get their business? Equally as important is that when we tackle a compliance requirement, we fail to see how it touches on other regimes. By using a central guidance document such as the critical security controls, we can both see how the work we are doing is improving our security posture and also how it can satisfy other requirements. This way, whether a regulator is looking for NIST or ISO, we can say “Yes we can” to either one. The CIS Controls are our free guidance document and while they will be a part of this presentation, it will not be a sales pitch for them (although can you really sell free?)
Ryan is a Senior Director at the Center for Internet (CIS), a nonproﬁt organization focused on improving cyber security for public and private sector entities. Ryan is responsible for identifying new opportunities to improve global cyber security and new partnerships for sharing CIS best practices and resources. Ryan also advises the membership on key areas such as insurance, regulation, and new developments around compliance. As part of those responsibilities, Ryan led the development of template policy for NYS DFS regulations that are being used by hundreds of exempted entities across the North East. Prior to his work at CIS, Ryan served as Director of the New York State Senate’s CommiWee on Homeland Security. While serving as CommiWee Director, Ryan led and advised state legislators in developing statewide policies and legislation pertaining to homeland security and veterans, established the Homeland Security Business Roundtable, which brought together leaders of Fortune 500 companies and senior state public safety oﬃcials to collaborate on the development of security and disaster preparation policies, and represented the State Senate on the development of legislation that established New York State’s Division of Homeland Security and Emergency Services (DHSES). Ryan holds a Masters of Public Administration (MPA) from the University at Albany’s Nelson A. Rockefeller College of Public Aﬀairs & Policy, specializing in Public Safety, a GIAC Critical Controls Certiﬁcation, and a GIAC Security Leadership Certiﬁcation. While he has presented in over 25 states and traveled to almost all 50, he prefers being home in upstate New York with his beautiful wife, wonderful kids and crazy dog.