|
ABSTRACT:
GRC is the latest information security buzzword, but marketing hype is doing a disservice to this array of products that address an organization's policy governance, risk management and compliance needs. Most deliver only part of the picture they promise, and every tool in this market has its own focus, areas of maturity and strategies for solving the same business challenges.
|
|
Authors
Diana Kelley
Partner, Security Curve
Diana Kelley has more than 15 years of experience creating secure network architectures and successful business technology implementations for large corporations. Her previous positions include serving as a vice president and service director with Burton Group; executive security advisory for CA's eTrust; manager for KPMG's Financial Services Consulting practice; vice president of security technology for Safe3W; senior analyst for Hurwitz Group; and general manager of a development group at Symantec Corp.
Ed Moyle
Founding Partner, Security Curve
Ed provides, consulting, and solutions to clients worldwide. Prior to joining Security Curve, Ed was Vice President and Information Security Officer for Merrill Lynch Investment Managers (MLIM,) where he was responsible for coordinating all aspects of information security within the 2,500 employee, $500 billion, business unit. During his tenure at Merrill, Ed also developed firm-wide cryptographic solutions for secure data transfer, secure key management, authentication and data integrity. Before joining Merrill, Ed worked within the federal sector for CSC where he consulted to the Department of Defense's Joint Service Computer Aided Acquisition and Logistics System. Ed was responsible for security engineering activities, including platform security, security evaluation activities and vendor evaluation/deployment activities. Ed is co-author of "Cryptographic Libraries for Developers", and a frequent contributor to the Information Security industry as author, public speaker, and analyst.
|
