Disclaimer: The opinions of the columnists are their own and not necessarily those of their employer.
Executive Women's Forum - Information Security, Risk Management and Privacy

The Risk Rack written by Frank Cassano

Frank Cassano

Frank Cassano is an information risk management consultant with over 20 years experience in the field. His experience includes both internal corporate experience as he has held a number of senior Information Technology management positions within organizations, as well as external experience as he has been an external consultant and trusted advisor with dozens of clients. Mr. Cassano was CISO at People’s Bank. Prior that he was CISO at Prudential Securities, and Audit Director at Prudential Insurance (PSI), Senior Auditor at Coopers & Lybrand. A graduate of Pace University, with a BBA degree in Management Information Systems, Cassano also is a Certified Information Systems Security Professional (CISSP) and has served on the board of the New York Metro ISSA.

Assessing your Organization’s Network Perimeter (pt. 2)

June 16, 2008 – 6:00 am – Welcome once again to the risk rack. This time on the risk rack we will be continuing our review of how to assess your organization’s network perimeter. As a reminder the identified steps were: Step 1: Define the functions and purposes of your network perimeter. Step 2: Assess the technology…
Posted in CSO/CISO Perspectives, General, Risk Analysis, Technical | Tagged , , , , | Comments (1)

Assessing your Organization’s Network Perimeter (pt. 1)

June 2, 2008 – 6:00 am – Welcome once again to the risk rack. This time on the risk rack we will be reviewing how to assess your organization’s network perimeter. The assessment of a network perimeter has six major steps: Define the functions and purposes of your network perimeter. Assess the technology used along…
Posted in CSO/CISO Perspectives, Risk Analysis, Technical | Tagged , , , , | Comments (0)

Your Information Security Program: It’s All About The Bones

May 14, 2008 – 6:00 am – Welcome once again to the risk rack. This time on the risk rack I will be discussing the bones of an information security program namely the fundamental framework and standards around which you choose to build your program. As with any living and breathing creature the creature’s bone structure…
Posted in CSO/CISO Perspectives, Compliance and Laws, Contingency Planning, General | Tagged , , , , , , , | Comments (0)

How to Make Security a Presence in Your Organization

April 23, 2008 – 6:00 am – Welcome once again to the risk rack. In this risk rack I will be discussing a way to bring some presence to your security awareness month. To the uninitiated, National Security Awareness Month occurs in October and is supported by the U.S. Department of Homeland Security. A security program is…
Posted in CSO/CISO Perspectives, Human Elements | Tagged , , , , , | Comments (1)

CIO: The Next Career Step After Being The CISO? Why Not?

April 11, 2008 – 6:00 am – Welcome once again to “The risk rack”, today’s column deals with Chief Information Security Officer (CISO) career paths and if a CISOs career path includes or should include the role of Chief Information Officer Role (CIO). I believe it should and I believe that CISOs have…
Posted in CSO/CISO Perspectives | Tagged , , | Comments (0)