To be successful in presenting IT security to senior leadership, it's important it is done in ways that they can ingest, process, and understand; because ultimately, IT risk management decisions are business decisions, not technical decisions.

This session will discuss approaches to present to individual business decision makers, understanding that each has his/her own goals, incentives, currency, and biases. We will discuss three simple concepts to be defined and agreed upon by senior leadership to move forward:

1. What does success look like?
2. What does failure look like?
3. How do we measure these?

This session will be very conversational and interactive, so bring your questions!

speaker photo
Rick Doten
CISO & VP, Information Security, Carolina Complete Health

Rick is CISO of Carolina Complete Health, a state healthcare plan for Centene Corporate. Rick has run ethical hacking, application security, incident response & forensics, and risk management teams throughout his 25 years in IT Security. Rick has been the first CISO for two companies. He has also consulted as a virtual CISO for many industries and companies around the world. Other notable roles over last 20 years have been as a Risk Management consultant at Gartner, Chief Scientist for Lockheed Martin’s Center for Cyber Security Innovation, and Managing Principal in the Professional Security Services practice at Verizon.