The ISE® West Executive Forum and Awards 2015 was held on August 20, 2015 at the Westin St. Francis in San Francisco, CA. The ISE® West Award recognizes the information security executives and their teams who have demonstrated outstanding leadership in risk management, data asset protection, regulatory compliance, privacy, and network security.
The ISE® West Awards are held in conjunction with a one day Executive Forum which includes keynote speakers, interactive roundtables moderated by the CISOs and VPs of participating companies, and hot topic panel discussions. The one day program offers the opportunity to meet with peers and leading IT executives from across the region to discuss and share insights into today's issues and solutions.
ISE® West Executive of the Year Award Winner 2015
City of San Diego
ISE® West Project Award Winner 2015
ElasticSearch Security Visualization Engine
Executive Sponsor:Joseph McComb, Director, Information Security
Location: Denver, CO
Janus utilized Elasticsearch, Logstash and Kibana (big data technologies) to drive an internal security analytics program. The open source tools were used to pull in relevant security log information and provide an interface to rapidly search security relevant information. The project had zero dollar cost in software licensing and reduced incident response times by fifty percent.
ISE® West People's Choice Award Winner 2015
Chief Information Security Officer
DaVita HealthCare Partners Inc.
ISE® West Executive Award Finalists 2015
Chief Information Security Officer, Assistant Chief Information Officer
County of Napa
VP, Global Information Security
ISE® West Project Award Finalists 2015
Application Security Program Management
Executive Sponsor: Jason Morton, Application Security Manager | Office of the CISO
Project Team: Tim Heimerl, Andrew Welsh, Matin Kahn, Bud Wilkinson, Manuela Robinson, Carla Lewis and Ben Kinsella
Location: Denver, CO
The project was focused on transforming how application security was managed for DaVita HealthCare Partners’ complex ecosystem. The goal was to move from a one-man operation into a fully integrated program, built on a single platform that could scale with the business needs.
By May, 2015, DaVita has brought the software development lifecycle (SDLC) for 18 applications under automated security assessment, trained 90 developers around the world, established a secure mobile program, put a system in place to ensure that all third-party application used by DaVita HealthCare Partners are secure, and actively monitors all 141 of the company’s associated websites.
Implementing a Language-Based Security Software Development Life Cycle
Executive Sponsor: Fares Alraie, Sr. Director of Product Security & Assurance, Visa
Location: Foster City, CA
Visa pioneered the creation of a full-scale secure software development life cycle (SSDLC) process through close collaboration between its security and application development practices and a range of hardware and software technologies. In addition to an iterative design, testing, and review process and traditional firewalls, the team sought to include runtime application self-protection (RASP). Specifically, they incorporated a built-in capability that improves security for applications and prevents threats in production environments. With Visa’s vision and the help of an application security technology company, effective runtime security was developed into several programming languages – protecting corporate assets and users across many applications.