On Trust: Stories from the Front Lines

Black Hat USA 2019

Presented by: Jamil Farshchi
Date: Thursday August 08, 2019
Time: 09:00 - 09:25
Location: Lagoon GHI

Time and again, we as consumers read about the latest significant data breach, and we feel a familiar disappointment. Disempowered, helpless, without recourse. Angry for being treated like a commodity. Frustrated that nothing's likely to change.

On the other side of the coin, as security practitioners and businesspeople, we have lost sight of our stakeholders' perspectives -- our customers, investors, regulators, and others affected by the success or failure of our work. We focus on specific items like strengthening controls and obtaining compliance certifications, but what we miss is that the single most damaging thing to many companies has been a loss of TRUST.

I’ll share my experiences leading the security programs of some of the world’s preeminent companies through times of great change – situations where their response to adversity or a growth opportunity colors their long-term reputation. We’ll explore how companies, like people, develop a character, and that a key determinant of that character is their approach to security and privacy. And we’ll see how this character can lead to, or away from, earning trust. Finally, we’ll consider several major industry happenings over the past few years as examples of companies who have successfully (and unsuccessfully) navigated times of transformative change.

It's clear that the pendulum is swinging toward giving consumers more control over their relationships with firms, with watershed changes like the so-called "right to be forgotten", the EU GDPR, and most recently the California Consumer Privacy Act. Firms have to act quickly and decisively to build trust with their stakeholders, or else face lost customer preference, strict regulation, and other business-leveling outcomes.

Security practitioners have a uniquely valuable role to play in leading and supporting a company’s ability to maintain trust. Come learn about the next evolution of security’s role in business and society, and practices you can take back to champion trust within your organization.

Jamil Farshchi

Jamil Farshchi is the Chief Information Security Officer and is responsible for ensuring the security of the company's digital assets as well transforming the Equifax cybersecurity program into a world-class capability. Farshchi, an award-winning change leader, has spent his career building industry-leading cybersecurity programs to protect some of the world's most sensitive assets, particularly in times of urgent need. Most recently, Farshchi, in his role as CISO, successfully led a similar rebuilding effort to mature The Home Depot into an information security leader following what was one of the largest cyber breaches in history. Prior to The Home Depot, Farshchi was named the first CISO at Time Warner Inc. in 2014 and was responsible for the defense of entities such as Warner Bros., CNN, and HBO. Before taking on his role at Time Warner, Farshchi was the VP of Global Information Security at Visa, where he was responsible for protecting over $7T of payment card transactions annually and transforming Visa's cyber program into one of the most mature within the financial services industry. In 2009, Farshchi served as the CISO at the Los Alamos National Laboratory with responsibility for defending some of the United States' most sensitive national security and nuclear weapon assets. He has also served in a variety of risk, operational, and technology leadership roles at organizations including Sitel Corp., NextWave Wireless, and the National Aeronautics and Space Administration (NASA). Currently, he serves on the Board of Directors for the Institute for Information Security and Privacy at Georgia Tech, and the Piedmont Park Conservancy, and is also a mentor in the Columbia University Technology Management program. Farshchi holds a bachelor's degree in Business Administration from the University of Oklahoma and a master's degree from the Wharton School at the University of Pennsylvania. He also completed the Harvard Business School's Program for Leadership Development.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats