Information Services Security Management James ‘Mason’ Costa “I am an IT Management Professional passionate about protecting companies and individuals against what I call ‘cyber-trauma’.”

General Requirements MY SKILLS TOOLBOX “Big Picture” Strategic Planning Project Management Leadership & Team Building Communication, Collaboration, Presentation, Negotiation Analysis & Problem-Solving Deductive & Inductive Reasoning

Career Outlook Web Security: 11.2% Projected Growth in 5 Years More Internet Users = More Security Risk More Data & Devices = More Security Risk More External Threats (cyber-attacks, hacktivists) More Internal Threats (careless breaches, deliberate breaches) More Compliance Requirements (COBIT, PCI DSS, SOX, CPNI, HIPAA, …) (Kessler, 2012) (Lainhart, 2011)

Security Intelligence Should be a C-Suite Priority Not just a CIO/CISO concern impacts: CEO, CFO, COO, CHRO, CMO A Comprehensive Approach The need to mitigate risk in 4 key areas People/Access Security Data Security Applications Security Infrastructure Security (Lainhart, 2011)

Career Competencies The Magnificent 7 Leading people and teams Developing sustainable solutions Serving customers Managing products and services Managing technology and innovation Assessing the competitive environment Planning for the future in the global marketplace

Leading People and Teams Public speaking & presentation skills Leadership & Team Management Team Building Communication, Collaboration, Presentation, Negotiation Ethics

Developing Sustainable Solutions Project Management Cost, Benefit, and Risk Analysis Analysis & Problem-Solving Deductive & Inductive Reasoning Eye On the Future

Serving Customers Executive-level persuasion & negotiation Strong security policies, corporate-wide user training Promote security awareness and compliance Recognition programs for “Safe Computing” Improved self-service features & web-based tools Ethics

Managing Products and Services Continually enhance current products/services for Business Harmonize IT processes with Business Processes Analysis & Problem-Solving Deductive & Inductive Reasoning Promote security initiatives/enhancements executives Project & Team Management

Managing Technology and Innovation Focus on the Future (mobile, cloud, virtualization) Analysis & Problem-Solving Deductive & Inductive Reasoning Promote security initiatives/enhancements to executives Project & Team Management

Assessing the Competitive Environment and Planning for the Future in the Global Marketplace Focus on the Future (mobile, cloud, virtualization) Threat report reviews (SANS/CERT) ISSA (Information Systems Security Assoc) chapter association

Technical Skills CISSP “10 DOMAINS” International Information Systems Security Certification Consortium, Inc. Technical Skills CISSP “10 DOMAINS” 1. Access Control 2. Telecommunications and Network Security 3. Information Security Governance and Risk Mgt. 4. Software/Application Development Security 5. Cryptography 6. Security Architecture and Design 7. Security Operations 8. Business Continuity and Disaster Recovery Planning 9. Legal, Regulations, Investigations and Compliance 10. Physical Security (ISC2, 2013)

Contact Info James 'Mason' Costa MBA / Information Technology Management BS / Electrical Engineering Technology PMI-PMP / Project Management Professional - Mobile: 864-243-1160 - Email: masoncosta@gmail.com - LinkedIn: www.linkedin.com/in/masoncosta - Resume / Credentials / Portfolio: www.visualcv.com/masoncosta

References ISC2 (2013). CISSP Domains. Certification Programs: CISSP. Retrieved from https://www.isc2.org/cissp-domains/default.aspx Kessler, S. (2012). Computers: Consumer Services & the Internet. Standard & Poor's Industry Surveys. Retrieved from http://www.netadvantage.standardandpoors.com/NASApp/NetAdvantage/showIndustrySurvey.do?task=showIndustrySurvey&code=csi Lainhart, J., Robinson, S., & Van Zadelhoff, M. (2011). Managing threats in the digital age. Retrieved from http://www-935.ibm.com/services/us/gbs/thoughtleadership/ibv-security-managing-threats.html