ISE® west project Nominees 2012
These nominees have demonstrated outstanding leadership and exemplary achievement in the areas of information security, risk management, data asset protection, regulatory compliance, privacy and network security. They have proven their ability to develop innovative security strategies and solutions to meet business challenges in their organizations and the industry.
Congratulations to the ISE® West Award Nominees!
 |
| Project Name: |
Enterprise Data Loss Prevention |
| Executive Sponsor: |
Derek Houts, Sr. Manager of Information Security, Broadcom Corporation |
| Project Team: |
Geoff Aranoff, James lee and Jonathan Lee |
| Location: |
Irvine, CA |
| Description: |
In 2012, Broadcom’s IT security team successfully deployed data loss prevention to more than 11,000 worldwide endpoints to protect their intellectual property from data theft and misuse. By using Websense Data Security Suite technology, Broadcom safely enabled its employees to access confidential data, while increasing the IT Security team’s productivity. |
| |
 |
| Project Name: |
Cricket IDMS |
| Executive Sponsor: |
Andy Walker, Sr. Manager of IT Compliance, Cricket Communications |
| Project Team: |
Fernando Padilla, Ankur Patel, Joe Minniece, Christopher Bischoff, Art Poghosyan, Alex Gudanis and Lori Ye |
| Location: |
San Diego, CA |
| Description: |
As Cricket grew, they faced additional InfoSec complexity due to new relations, new systems, and complex integrations. The company also faced increased risk and stricter compliance requirements. As a result, manual access monitoring and user certification processes were too inefficient and ineffective. The IDMS project deployed the Aveksa solution, an automated platform for access governance. This resulted in efficient and effective access reviews, and a better security and compliance profile. |
| |
 |
| Project Name: |
Denver Public Schools Embraces Change, Enhances Agility & Enables Growth through Strategic Approach to Identity & Access Management |
| Executive Sponsor: |
Bud Ballard, Interim CIO, Denver Public Schools |
| Project Team: |
Josh Allen, JoAnn Buck, Tamera Gingerich, John Welter, David Steifel, Kevin Boyer, Rob Losinski, Nancy Parker, Sharyn Guhman, Jim Anderson, Jerry Mozes, Keith Roath, Carolyn Henzel, Joyce Fell, Bryan Ferrer, Steve Bussey, Kathry Palm, Rick Machado, Thanis McLaughlin, Raelene Vining, Karen Tobo, Rudy Perez, Jeff Braa, Jason Rand, Tony Dorado, Juan Pablo Parodi, Mark Morfin, Shanda Abeyta and Leslie Brown |
| Location: |
Denver, CO |
| Description: |
Denver Public Schools recognized numerous opportunities to improve GRC, end-user experience, productivity and efficiency, and security through a comprehensive Identity & Access Management (IAM) initiative. Understanding the need to resolve existing challenges while laying an agile and flexible identity platform to support future growth, Information Security and Technology leaders at DPS engaged FishNet Security to help develop and execute a comprehensive multi-phased roadmap allowing them provide users rapid and secure access to critical systems, and deliver a consistent, auditable IAM solution to the enterprise. The solution not only significantly increased employee productivity and improved user experience, but DPS has laid the foundation to support a valuable Parent and Student Portal initiative. |
| |
 |
| Project Name: |
Enterprise Web Content Filtering |
| Executive Sponsor: |
Ed Telders, Director of Information Security & Service Management, REI |
| Project Team: |
Arkady Shteyngart, Zachary Carney, Kevin Johnson |
| Location: |
Kent, WA |
| Description: |
Web-based threats such as phishing, drive-by malware sites and botnets are becoming more sophisticated. Protecting a retail company with 135+ locations demands a highly technical and operationally mature web content filtering solution. The Web Content Filtering project was tasked to solve the threat presented by that dynamic threat environment. The solution REI implemented not only addressed this threat, but also brought a level of business intelligence not previously considered. |
| |
 |
| Project Name: |
Factory Application Control/Whitelisting Project |
| Executive Sponsor: |
Curtis Coleman, CISO, Seagate Technology |
| Project Team: |
Steve Haines, plus 15 team members from 4 countries |
| Location: |
Scotts Valley, CA |
| Description: |
The Factory Application Control/Whitelisting Project was undertaken to protect both legacy factory testing systems with embedded computers and high-risk, high-value knowledge worker systems. The project addressed the need to 1) Replace the resource-intensive antivirus system that impacted throughput capacity within the factory environment and 2) Augment the signature-based antivirus system with strong defense that would prevent malware from executing on the knowledge worker computers. Throughout the effort it was critical to maintain factory production capacity while protecting the testing systems from malware and other threats. |
| |
 |
| Project Name: |
Corporate Security Initiative (CSI) |
| Executive Sponsor: |
Van Nguyen, Director of IT Security |
| Project Team: |
Stan Lee, Ryan Young, Cyndi Zou and Joon Park |
| Location: |
Mountain View, CA |
| Description: |
The Synopsys Corporate Security Initiative is a multi-phase collaborative effort sponsored by the company executives to implement controls to identify, track, and monitor sensitive and confidential information. Thecore team was responsible for developing a corporate framework, which extends from executive management team through the business process owners and the technical administrative team. The deliverables included technical DLP implementation of Websense TRITON, incident response methodology, and executive reports and dashboards. |
| |
 |
| Project Name: |
Server and Network Access Management Project |
| Executive Sponsor: |
John Tolo, Director, System Control & Reliability |
| Project Team: |
Bill Gibbons, Stan Hollowell, Jason Radetski, Tom Dudgeon |
| Description: |
To effectively secure access to the servers and networks that house their Energy Management Systems, Tucson Electric Power implemented an access management solution. The solution centralizes the administration, enforcement, and auditing of access policies across their Unix/Linux and Windows servers. TEP is able toautomatically enforce granular, role-based authorization policies and eliminate the sharing of privileged account passwords. As well, user activity logs are automatically consolidated for NERC-specific documentation. The organization is not only able to achieve compliance and reduce the risk of a security breach, they are also improving operational efficiency with simplified administration and automated alarm and reports. |
|
