1. Information Services Security Management
James ‘Mason’ Costa
“I am an IT Management Professional passionate about protecting companies and individuals against what I call ‘cyber-trauma’.”

2. General Requirements MY SKILLS TOOLBOX
“Big Picture” Strategic Planning
Project Management
Leadership & Team Building
Communication, Collaboration, Presentation, Negotiation
Analysis & Problem-Solving
Deductive & Inductive Reasoning

3. Career Outlook Web Security: 11.2% Projected Growth in 5 Years
More Internet Users = More Security Risk
More Data & Devices = More Security Risk
More External Threats (cyber-attacks, hacktivists)
More Internal Threats (careless breaches, deliberate breaches)
More Compliance Requirements (COBIT, PCI DSS, SOX, CPNI, HIPAA, …)
(Kessler, 2012)
(Lainhart, 2011)

4. Security Intelligence
Should be a C-Suite Priority
Not just a CIO/CISO concern
impacts: CEO, CFO, COO, CHRO, CMO
A Comprehensive Approach
The need to mitigate risk in 4 key areas
People/Access Security
Data Security
Applications Security
Infrastructure Security
(Lainhart, 2011)

5. Career Competencies The Magnificent 7 Leading people and teams
Developing sustainable solutions
Serving customers
Managing products and services
Managing technology and innovation
Assessing the competitive environment
Planning for the future in the global marketplace

6. Leading People and Teams
Public speaking & presentation skills
Leadership & Team Management
Team Building
Communication, Collaboration, Presentation, Negotiation
Ethics

7. Developing Sustainable Solutions
Project Management
Cost, Benefit, and Risk Analysis
Analysis & Problem-Solving
Deductive & Inductive Reasoning
Eye On the Future

8. Serving Customers Executive-level persuasion & negotiation
Strong security policies, corporate-wide user training
Promote security awareness and compliance
Recognition programs for “Safe Computing”
Improved self-service features & web-based tools
Ethics

9. Managing Products and Services
Continually enhance current products/services for Business
Harmonize IT processes with Business Processes
Analysis & Problem-Solving
Deductive & Inductive Reasoning
Promote security initiatives/enhancements executives
Project & Team Management

10. Managing Technology and Innovation
Focus on the Future (mobile, cloud, virtualization)
Analysis & Problem-Solving
Deductive & Inductive Reasoning
Promote security initiatives/enhancements to executives
Project & Team Management

11. Assessing the Competitive Environment and Planning for the Future in the Global Marketplace
Focus on the Future (mobile, cloud, virtualization)
Threat report reviews (SANS/CERT)
ISSA (Information Systems Security Assoc) chapter association

12. Technical Skills CISSP “10 DOMAINS”
International Information Systems Security Certification Consortium, Inc.
Technical Skills
CISSP “10 DOMAINS”
1. Access Control
2. Telecommunications and Network Security
3. Information Security Governance and Risk Mgt.
4. Software/Application Development Security
5. Cryptography
6. Security Architecture and Design
7. Security Operations
8. Business Continuity and Disaster Recovery Planning
9. Legal, Regulations, Investigations and Compliance
10. Physical Security
(ISC2, 2013)

13. Contact Info
James 'Mason' Costa
MBA / Information Technology Management
BS / Electrical Engineering Technology
PMI-PMP / Project Management Professional
- Mobile: -
- LinkedIn:
- Resume / Credentials / Portfolio:

14. References
ISC2 (2013). CISSP Domains. Certification Programs: CISSP. Retrieved from
Kessler, S. (2012). Computers: Consumer Services & the Internet. Standard & Poor's Industry Surveys. Retrieved from
Lainhart, J., Robinson, S., & Van Zadelhoff, M. (2011). Managing threats in the digital age. Retrieved from