ISE® northeast project Nominees 2013
These nominees have demonstrated outstanding leadership and exemplary achievement in the areas of information security, risk management, data asset protection, regulatory compliance, privacy and network security. They have proven their ability to develop innovative security strategies and solutions to meet business challenges in their organizations and the industry.
Congratulations to the ISE® Northeast Information Security Project of the Year Award Nominees!
 |
| Project Name: |
Application Security Assurance Program (ASAP) |
| Executive Sponsor: |
John Bader, SVP, Allstate |
| Project Team: |
Yabing Wang, Pat, Wiet, Kenny Alperstein, Leo McCavana, Orlando Lopez, Ryan Russell, Jerry Higgins and Cynthia Whitley. |
| Location: |
Northbrook, IL |
| Description: |
The vision of the Application Security & Assurance Program (ASAP) is to integrate secure practices into the Allstatesoftware development lifecycle (SDLC) processes. This program is not about implementing a tool to resolve a specific issue. It is about adopting a holistic approach from People, Process, Technology and Governance perspective and making sure security is embedded into SDLC from the start. As part of the risk management, the goal of this program is to focus on application security, and to reduce the vulnerabilities, understand and manage the risks, and improve the Confidentiality, Integrity and Availability of Allstate’s applications. |
| |
 |
| Project Name: |
BCBSM Information Security Operation Center |
| Executive Sponsor: |
Tonya Byers, Director; Gary Harvey, VP Information Technology |
| Project Team: |
Angela Williams,Sanjeev Vohra, Ron Farhat, Michael Moore and Shirley Meeks |
| Location: |
Detroit, Michigan |
| Description: |
Blue Cross Blue Shield of Michigan (BCBSM) was one of the first BCBS plans to implement a Security Operations Center or SOC (pronounced sock). The SOC hosts a collection of IT security toolsthat provide the capability of centralized monitoring and detection of threats, vulnerabilities, and security events that could adversely affect BCBSM’s information assets, technical infrastructure, and most importantly our data. The SOC is focused on monitoring our computers, servers, firewalls and networks. The SOC was created as part of ongoing efforts by our Information Security team to help us proactively recognize threats and vulnerabilities. This center allows us to better minimize risks, downtime and data loss by providing timely monitoring to security teams, supporting audit and compliance efforts, and assisting with incident response and forensics efforts. By leveraging the tools within the SOC we are better positioned in our fight against malicious attacks from outside our organization. |
| |
 |
| Project Name: |
Security Program Evolution |
| Executive Sponsor: |
Joanne Cummins, CIO, Standard Register |
| Project Team: |
Philip Woods, David Pappas, Marta Sullivan, Steve Braswell, Robin Housley, Aaron McCray, Kevin Mundhenk, Mike McGill, Cory Trese, Raj Nair, Tim McDonald, Terrance Merriman and Andy Blosser. We had help from Deloitte, Battelle & Battelle, HP, Verizon, Forsythe and an anonymous customer. |
| Location: |
Dayton, Ohio |
| Description: |
Have you ever been in a situation where sales promised something that didn’t exist? Every IT organization has faced that challenge! In Standard Register’s case, we were simply asked to create an isolated FISMA-compliant Authorization Boundary conforming to NIST. Did I mention that we had never done that before? And, how many times do you get to say that Security made the sale?! Leveraging our mature security program and collaborating with our customer and partners, we designed, delivered and externally attested the solution in nine months enabling our customer to gain the required scale, flexibility and cost savings - securely. |
| |
| |
|
