SlideShare a Scribd company logo

Information Security Project Management

I
Igor Pertsovsky

The document outlines the professional background and expertise of Igor Pertysov in information security project management, highlighting the growing demand for infosec professionals and the role of project management in implementing security solutions. It details his experience with various organizations, including roles in policy management, compliance, and incident response, and discusses methodologies such as Agile and risk management approaches. Certifications and notable projects further illustrate his qualifications and contributions to the field.

Leadership & Management
1 of 12
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
INFORMATION SECURITY PROJECT MANAGEMENT I g o r P e r t s o v s k y , M B A , P M P, C S M , S A F e , I T I L S t a r g a t e I T S o l u t i o n s L L C P M O M a n a g e r a t C o l u m n 5 C o n s u l t i n g L L C i g o r @ s t a r g a t e i t . n e t
• B o r n i n B e l a r u s • G r a d u a t e d l o c a l U n i v e r s i t y • I m m i g r a t e d t o I s r a e l • B A i n I n d u s t r i a l E n g . • W o r k e d f o r H i - T e c h s t a r t u p s • C o m p l e t e d M B A i n M I S i n U K • B a c k g r o u n d i n S y s t e m A d m i n i s t r a t i o n a n d I T M a n a g e m e n t • R e l o c a t e d t o S c o t t s d a l e i n 2 0 0 6 b y D H L E x p r e s s • P M P s i n c e 2 0 0 9 • C o n s u l t a n t s i n c e 2 0 1 0 f o r l a r g e s i z e p r o j e c t s • H o b b y - C h e s s 2 ABOUT ME
WHY INFOSEC PM? 3 • T h e m o s t i m p o r t a n t a s s e t i s D A T A • B r e a c h e s h a p p e n a l m o s t d a i l y a n d w e r e a d a b o u t t h e m i n t h e n e w s • T h e r e i s a 3 m i l l i o n d e m a n d o f I n f o S e c p r o f e s s i o n a l s u n t i l 2 0 2 1 w h a t m a k e s i f r e c e s s i o n p r o o f i n d u s t r y • P r o j e c t M a n a g e m e n t c a n h e l p I n f o S e c p e o p l e t o i m p l e m e n t t h e r i g h t s o l u t i o n s , m a k e t h e r i g h t b a l a n c e d b u s i n e s s d e c i s i o n s , m i t i g a t e r i s k s
INFOSEC TYPICAL AREAS OF RESPONSIBILITY • G o v e r n a n c e , R i s k , C o m p l i a n c e - G R C • A u d i t i n g a n d C o m p l i a n c e • P o l i c i e s a n d s t a n d a r d s • A p p l i c a t i o n s e c u r i t y - D e v O P S • A w a r e n e s s a n d e d u c a t i o n p r o g r a m s • P h i s h i n g c a m p a i g n s • P e n e t r a t i o n t e s t i n g • D L P, A n t i v i r u s • B u s i n e s s c o n t i n u i t y , • P A M , S S O , I A M • I n c i d e n t M a n a g e m e n t P l a n 4
MY INFOSEC PROJECTS 5 • Arizona Public Services: • Managed design of InfoSec Policies and rollout of New Browser to 10k End Users • Next Generation Firewall Vendor Selection Process and implementation projects • Hard Drive Encryption for 4k laptops • Department of Education: was responsible to Information Security Policies and Procedures, Managed DR and Business Continuity Projects • American Express GBT: PCI Compliance Program • ALSAC/St. Jude Children's Hospital: PCI Compliance and InfoSec Programs • SIEM Implementation • MDR (Managed Detection Response) Project • GRC Implementation
STAKEHOLDERS AND TEAM MEMBERS • C I S O , V P o f I n f o r m a t i o n S e c u r i t y • D i r e c t o r s • A n a l y s t s , A r c h i t e c t s , S e c u r i t y E n g i n e e r , I T O p e r a t i o n s • C h a n g e M a n a g e m e n t , P r o d u c t O w n e r s • C o m p l i a n c e t e a m s , I n t e r n a l A u d i t s • P h y s i c a l S e c u r i t y , A p p l i c a t i o n T e a m s • K n o w Y o u r P r o j e c t T e a m , V e n d o r s , A n d S u b c o n t r a c t o r s 6
PMO AND METHODOLOGY • G l o b a l P M O • I n f o S e c P M O • N o P M O - a l i g n e d w i t h I T • A g i l e v s . W a t e r f a l l • S A F e 7
• E s t a b l i s h A C o m m o n R i s k M a n a g e m e n t A p p r o a c h • S e c u r i t y p r a c t i t i o n e r s t e n d t o t h i n k i n t e r m s o f t h r e a t s a n d t h e p o s s i b i l i t y o f t h e s e b e i n g e x p l o i t e d t o e x p o s e p a r t i c u l a r v u l n e r a b i l i t i e s • A s s e t s n e e d t o b e a s s i g n e d a v a l u e s o t h e t h r e a t s o r v u l n e r a b i l i t y c a n b e q u a n t i f i e d 8 RISK MANAGEMENT
KNOW YOUR SECURITY SOLUTION(S)-VENDORS 9
VENDORS 10
CERTIFICATIONS CISSP, CISM, CCSK, SECURITY+, CISA, CPA AGILE CERTIFICATION – SCRUM MASTER, PRODUCT OWNER
THANK YOU QUESTIONS???

More Related Content

PPTX
Dholera
Atik Bheda
 
PPTX
Іван Ковальов “Як створити інноваційний інді проект історія g30” GameDev Conf...
Lviv Startup Club
 
PDF
Disruptive Technologists: Radical Health Tech Innovation
Oliver Christie
 
PDF
Product Management Lessons from Rose Yao
AxiomZen
 
PDF
#ShopifyMeetupMY Part 1/2
Meekco.Asia
 
PDF
Spring cleaning workbook 2018
Ted Creighton, P.Eng, MBA
 
PDF
C.V Abdullah
Abdullah ALFawwaz
 
PPTX
Doctor Appointment App Development Company
deorwine infotech
 
Dholera
Atik Bheda
 
Іван Ковальов “Як створити інноваційний інді проект історія g30” GameDev Conf...
Lviv Startup Club
 
Disruptive Technologists: Radical Health Tech Innovation
Oliver Christie
 
Product Management Lessons from Rose Yao
AxiomZen
 
#ShopifyMeetupMY Part 1/2
Meekco.Asia
 
Spring cleaning workbook 2018
Ted Creighton, P.Eng, MBA
 
C.V Abdullah
Abdullah ALFawwaz
 
Doctor Appointment App Development Company
deorwine infotech
 

What's hot (20)

PPTX
June 29, 2020 TARC Virtual Meeting
Miami-Dade Transportation Planning Organization
 
PPTX
New technologies about Drugs Administration - Pharmacology
Yvann Saculo
 
PDF
Social Media Launch | JJust Music | AGENCY09
AGENCY09
 
PDF
messagingLAB_thought leadership class slides
messagingLAB
 
PDF
In de weerd presentatie social media
Mirror Wise
 
PPTX
Packaging Trends
Steiner Werbung AG
 
PPTX
EVOLVE'16 | Keynote | Matt Hauser | Multilingual Digital Experiences
Evolve The Adobe Digital Marketing Community
 
PDF
5 Event Safety Tips - Guardian Paramedics
Guardian Paramedics
 
PDF
Hard to Reach Users in Easy to Reach Places
Mike Crabb
 
PDF
Call Monitoring - 5 Best Practices
Anjani Vigha
 
PPTX
Orientation Summer 2017 NSUACMSC
Shawon Ashraf
 
PPTX
PM Narendra Modi’s Chhattisgarh Visit on Social Media
Aadeep Bhatia
 
PPTX
Malignant melanoma Oral pathology
AkshMinhas
 
PDF
Texas AMA Agency x Seekr Final Presentation
Mira McKee
 
PDF
Tailoring Malaysian Blockchain Regulations For Digital Economy 2018 MIGHT
Kancil San
 
PDF
Entrepreneurial Goals & Strategy with Angela Cordell
Angela Cordell
 
PPTX
Building a self-service marketplace for Test Data (Dzmitry Humianiuk, Belarus)
Dmitriy Gumeniuk
 
PDF
Angry Bytes: Beyond the second screen (MARCOM14)
MARCOM2014
 
PPTX
Mapan
Adiba Rasib
 
PDF
Non-profit marketing workshop
Colin Stokes
 
June 29, 2020 TARC Virtual Meeting
Miami-Dade Transportation Planning Organization
 
New technologies about Drugs Administration - Pharmacology
Yvann Saculo
 
Social Media Launch | JJust Music | AGENCY09
AGENCY09
 
messagingLAB_thought leadership class slides
messagingLAB
 
In de weerd presentatie social media
Mirror Wise
 
Packaging Trends
Steiner Werbung AG
 
EVOLVE'16 | Keynote | Matt Hauser | Multilingual Digital Experiences
Evolve The Adobe Digital Marketing Community
 
5 Event Safety Tips - Guardian Paramedics
Guardian Paramedics
 
Hard to Reach Users in Easy to Reach Places
Mike Crabb
 
Call Monitoring - 5 Best Practices
Anjani Vigha
 
Orientation Summer 2017 NSUACMSC
Shawon Ashraf
 
PM Narendra Modi’s Chhattisgarh Visit on Social Media
Aadeep Bhatia
 
Malignant melanoma Oral pathology
AkshMinhas
 
Texas AMA Agency x Seekr Final Presentation
Mira McKee
 
Tailoring Malaysian Blockchain Regulations For Digital Economy 2018 MIGHT
Kancil San
 
Entrepreneurial Goals & Strategy with Angela Cordell
Angela Cordell
 
Building a self-service marketplace for Test Data (Dzmitry Humianiuk, Belarus)
Dmitriy Gumeniuk
 
Angry Bytes: Beyond the second screen (MARCOM14)
MARCOM2014
 
Mapan
Adiba Rasib
 
Non-profit marketing workshop
Colin Stokes
 
Ad

Similar to Information Security Project Management (20)

PDF
Ninja Correlation of APT Binaries
CODE BLUE
 
PPT
Buy vs Build Considerations in Today's Data Center Marketplace
AFCOM
 
PPTX
Marketing: Closing The Sale | Fluid Advertising
Fluid
 
PPTX
Marketing Closing The Sale
Fluid
 
PPTX
Top Website Design Trends in Dubai (2025)
Website Designer Dubai
 
PPTX
AWS para Torpes - Introducción a AWS
Alvaro García Loaisa
 
PDF
Faizal Resume
Faizal Johori
 
PPT
How IBM API Management use Informix and NoSQL
Ajay Gupte
 
PPTX
Research Proposal e-Marketing - Copy.pptx
ssuserb772ab1
 
PPT
Presentation
adityashah82
 
PDF
ATC UK 2015: Enhancing Drop Testing Simulation for Luxury Smartphones
Altair
 
PDF
DNX GLOBAL Workshop ★ Katja Andes - Transforming your passion into a valid bu...
DNX
 
PDF
AUA Data Science Meetup
David Gevorkyan
 
PDF
Being Strategic With Social Media to deliver on Corporate Objectives
Bank of Ireland
 
PPTX
Cisa domain 2 part 3 governance and management of it
ShivamSharma909
 
PDF
A Comparative Study of Data Management Maturity Models
Data Crossroads
 
PDF
Dmmaturitymodelscomparison 190513162839
Irina Steenbeek, PhD
 
PDF
Cisa domain 2 part 1 governance and management of it
ShivamSharma909
 
PPT
Mobile Analytics for Advertising_Michael Hanley
Sara Quinn
 
PDF
Telling Tales (and not just shiny new ones!) | How to gain coverage when you ...
CharityComms
 
Ninja Correlation of APT Binaries
CODE BLUE
 
Buy vs Build Considerations in Today's Data Center Marketplace
AFCOM
 
Marketing: Closing The Sale | Fluid Advertising
Fluid
 
Marketing Closing The Sale
Fluid
 
Top Website Design Trends in Dubai (2025)
Website Designer Dubai
 
AWS para Torpes - Introducción a AWS
Alvaro García Loaisa
 
Faizal Resume
Faizal Johori
 
How IBM API Management use Informix and NoSQL
Ajay Gupte
 
Research Proposal e-Marketing - Copy.pptx
ssuserb772ab1
 
Presentation
adityashah82
 
ATC UK 2015: Enhancing Drop Testing Simulation for Luxury Smartphones
Altair
 
DNX GLOBAL Workshop ★ Katja Andes - Transforming your passion into a valid bu...
DNX
 
AUA Data Science Meetup
David Gevorkyan
 
Being Strategic With Social Media to deliver on Corporate Objectives
Bank of Ireland
 
Cisa domain 2 part 3 governance and management of it
ShivamSharma909
 
A Comparative Study of Data Management Maturity Models
Data Crossroads
 
Dmmaturitymodelscomparison 190513162839
Irina Steenbeek, PhD
 
Cisa domain 2 part 1 governance and management of it
ShivamSharma909
 
Mobile Analytics for Advertising_Michael Hanley
Sara Quinn
 
Telling Tales (and not just shiny new ones!) | How to gain coverage when you ...
CharityComms
 
Ad

Recently uploaded (20)

PDF
ORGANIZATIONAL communication -concepts and importance._20250806_112132_0000.pdf
preethijothivel2006
 
PPTX
Self-Awareness and Values Development presentation
KhanfromInfitel
 
PDF
Maintaining a Quality Culture - Performance Metrics, Best Practices and QMS E...
ScottDSiders1
 
PDF
Contemporary management and it's content
SushmithaaSubramania
 
PPTX
INTELLECTUAL PROPERTY LAW IN UGANDA.pptx
ssuser0dda571
 
PDF
CHAPTER 15- Manageement of Nursing Educational Institutions- Staffing and st...
anu7thomas
 
PPTX
Project Management Methods PERT-and-CPM.pptx
Prashanth259415
 
PDF
Air India AI-171 Crash in Ahmedabad A Tragic Wake-Up Call.
Sky One
 
PDF
The Plan: Save the Palestinian Nation Now
Virgilio "Toy" Paralisan
 
PPTX
BASIC H2S TRAINING for oil and gas industries
mishraankit9408
 
PPTX
Effective_communication._(strategy).pptx
neathrajayabalan224
 
PPTX
MY GOLDEN RULES la regla de oro jhonatan requena
jhonatanrequena058
 
PPTX
Chapter One an overview of political economy
argachewbochena1
 
PDF
Phillips model training for evaluation pdf
Akshathaa21
 
PDF
1_Corporate Goverance presentation topic
ergvedfvef sdvsfvdvd
 
PPTX
Human Resource Management | Introduction,Meaning and Definition
sriinotez
 
PDF
MANAGEMENT LESSONS FROM ANCIENT KNOWLEDGE SYSTEM-ARTHASHASTRA AND THIRUKKURAL...
HARINIS967745
 
PDF
Features of Effective decision making in Management
kkeerthanagowri
 
PDF
The-Power-of-Communication (1).pdf......
RoobaV2
 
PDF
CISSP Domain 6: Security Assessment and Testing
VICTOR MAESTRE RAMIREZ
 
ORGANIZATIONAL communication -concepts and importance._20250806_112132_0000.pdf
preethijothivel2006
 
Self-Awareness and Values Development presentation
KhanfromInfitel
 
Maintaining a Quality Culture - Performance Metrics, Best Practices and QMS E...
ScottDSiders1
 
Contemporary management and it's content
SushmithaaSubramania
 
INTELLECTUAL PROPERTY LAW IN UGANDA.pptx
ssuser0dda571
 
CHAPTER 15- Manageement of Nursing Educational Institutions- Staffing and st...
anu7thomas
 
Project Management Methods PERT-and-CPM.pptx
Prashanth259415
 
Air India AI-171 Crash in Ahmedabad A Tragic Wake-Up Call.
Sky One
 
The Plan: Save the Palestinian Nation Now
Virgilio "Toy" Paralisan
 
BASIC H2S TRAINING for oil and gas industries
mishraankit9408
 
Effective_communication._(strategy).pptx
neathrajayabalan224
 
MY GOLDEN RULES la regla de oro jhonatan requena
jhonatanrequena058
 
Chapter One an overview of political economy
argachewbochena1
 
Phillips model training for evaluation pdf
Akshathaa21
 
1_Corporate Goverance presentation topic
ergvedfvef sdvsfvdvd
 
Human Resource Management | Introduction,Meaning and Definition
sriinotez
 
MANAGEMENT LESSONS FROM ANCIENT KNOWLEDGE SYSTEM-ARTHASHASTRA AND THIRUKKURAL...
HARINIS967745
 
Features of Effective decision making in Management
kkeerthanagowri
 
The-Power-of-Communication (1).pdf......
RoobaV2
 
CISSP Domain 6: Security Assessment and Testing
VICTOR MAESTRE RAMIREZ
 

Information Security Project Management

  • 1. INFORMATION SECURITY PROJECT MANAGEMENT I g o r P e r t s o v s k y , M B A , P M P, C S M , S A F e , I T I L S t a r g a t e I T S o l u t i o n s L L C P M O M a n a g e r a t C o l u m n 5 C o n s u l t i n g L L C i g o r @ s t a r g a t e i t . n e t
  • 2. • B o r n i n B e l a r u s • G r a d u a t e d l o c a l U n i v e r s i t y • I m m i g r a t e d t o I s r a e l • B A i n I n d u s t r i a l E n g . • W o r k e d f o r H i - T e c h s t a r t u p s • C o m p l e t e d M B A i n M I S i n U K • B a c k g r o u n d i n S y s t e m A d m i n i s t r a t i o n a n d I T M a n a g e m e n t • R e l o c a t e d t o S c o t t s d a l e i n 2 0 0 6 b y D H L E x p r e s s • P M P s i n c e 2 0 0 9 • C o n s u l t a n t s i n c e 2 0 1 0 f o r l a r g e s i z e p r o j e c t s • H o b b y - C h e s s 2 ABOUT ME
  • 3. WHY INFOSEC PM? 3 • T h e m o s t i m p o r t a n t a s s e t i s D A T A • B r e a c h e s h a p p e n a l m o s t d a i l y a n d w e r e a d a b o u t t h e m i n t h e n e w s • T h e r e i s a 3 m i l l i o n d e m a n d o f I n f o S e c p r o f e s s i o n a l s u n t i l 2 0 2 1 w h a t m a k e s i f r e c e s s i o n p r o o f i n d u s t r y • P r o j e c t M a n a g e m e n t c a n h e l p I n f o S e c p e o p l e t o i m p l e m e n t t h e r i g h t s o l u t i o n s , m a k e t h e r i g h t b a l a n c e d b u s i n e s s d e c i s i o n s , m i t i g a t e r i s k s
  • 4. INFOSEC TYPICAL AREAS OF RESPONSIBILITY • G o v e r n a n c e , R i s k , C o m p l i a n c e - G R C • A u d i t i n g a n d C o m p l i a n c e • P o l i c i e s a n d s t a n d a r d s • A p p l i c a t i o n s e c u r i t y - D e v O P S • A w a r e n e s s a n d e d u c a t i o n p r o g r a m s • P h i s h i n g c a m p a i g n s • P e n e t r a t i o n t e s t i n g • D L P, A n t i v i r u s • B u s i n e s s c o n t i n u i t y , • P A M , S S O , I A M • I n c i d e n t M a n a g e m e n t P l a n 4
  • 5. MY INFOSEC PROJECTS 5 • Arizona Public Services: • Managed design of InfoSec Policies and rollout of New Browser to 10k End Users • Next Generation Firewall Vendor Selection Process and implementation projects • Hard Drive Encryption for 4k laptops • Department of Education: was responsible to Information Security Policies and Procedures, Managed DR and Business Continuity Projects • American Express GBT: PCI Compliance Program • ALSAC/St. Jude Children's Hospital: PCI Compliance and InfoSec Programs • SIEM Implementation • MDR (Managed Detection Response) Project • GRC Implementation
  • 6. STAKEHOLDERS AND TEAM MEMBERS • C I S O , V P o f I n f o r m a t i o n S e c u r i t y • D i r e c t o r s • A n a l y s t s , A r c h i t e c t s , S e c u r i t y E n g i n e e r , I T O p e r a t i o n s • C h a n g e M a n a g e m e n t , P r o d u c t O w n e r s • C o m p l i a n c e t e a m s , I n t e r n a l A u d i t s • P h y s i c a l S e c u r i t y , A p p l i c a t i o n T e a m s • K n o w Y o u r P r o j e c t T e a m , V e n d o r s , A n d S u b c o n t r a c t o r s 6
  • 7. PMO AND METHODOLOGY • G l o b a l P M O • I n f o S e c P M O • N o P M O - a l i g n e d w i t h I T • A g i l e v s . W a t e r f a l l • S A F e 7
  • 8. • E s t a b l i s h A C o m m o n R i s k M a n a g e m e n t A p p r o a c h • S e c u r i t y p r a c t i t i o n e r s t e n d t o t h i n k i n t e r m s o f t h r e a t s a n d t h e p o s s i b i l i t y o f t h e s e b e i n g e x p l o i t e d t o e x p o s e p a r t i c u l a r v u l n e r a b i l i t i e s • A s s e t s n e e d t o b e a s s i g n e d a v a l u e s o t h e t h r e a t s o r v u l n e r a b i l i t y c a n b e q u a n t i f i e d 8 RISK MANAGEMENT
  • 9. KNOW YOUR SECURITY SOLUTION(S)-VENDORS 9
  • 11. CERTIFICATIONS CISSP, CISM, CCSK, SECURITY+, CISA, CPA AGILE CERTIFICATION – SCRUM MASTER, PRODUCT OWNER