T.E.N. Announces 2018 ISE® North America Award Winners

Executives and Projects from The Ohio State University, Columbia University, Georgia Department of Revenue, Comcast, Shell, U.S. Bancorp, Horace Mann, Baxter International and Children's Healthcare of Atlanta take home top awards.

T.E.N., a technology and information security executive networking and relationship-marketing firm, honored finalists and winners Wednesday evening at the 2018 ISE® North America Leadership Summit and Awards Gala at the Summit Chicago and Hyatt Regency in Chicago, Illinois.

The ISE® North America awards recognize both information security executives and project teams for outstanding achievements in risk management, data asset protection, compliance, privacy, and network security. Award program participants are located across the U.S. and Canada, and nominations were considered within four categories based on industry classification, including Academic/Public Sector, Commercial, Financial Services, and Health Care.

“We were thoroughly impressed by the significant achievements and dedication exhibited by our executive and project nominees,” said Marci McCarthy, CEO and president of T.E.N. “The executives nominated showcase the industry’s brightest minds, and many of the projects are major game changers developed by creative teams.”

Academic/Public Sector Category 
Helen Patton, CISO for The Ohio State University, won the ISE® North America Executive of the Year Award in the Academic/Public Sector Category. With more than 20 years of experience in the Security, Risk and Resiliency profession, Helen Patton (CRISC, CISA) brings a wealth of experience in managing information, technology and operational risk for global organizations, and advocates using Information Risk and Security Management to enable the mission of the Institution. Since July 2013 Helen has assumed the role of Chief Information Security Officer at The Ohio State University, where she works to enable a risk-aware culture. She manages the Enterprise Security team and oversees Information Risk and Control Governance across University units. Helen works to encourage collaboration across and between industries, to enable better information security practices. She believes in improving diversity in the Information Security profession, and mentors people interested in pursuing a career in Security, Privacy and Risk Management.

Columbia University’s “Rebuilding Identity Access Management for the 21st Century” Project; and The Georgia Department of Revenue’s “CISO Sentinel Security and Compliance Risk Management Platform” Project were dual winners for the ISE® North America Project Award in the Academic/Public Sector Category.

At Columbia University, with a history of 264 years, IAM had evolved as needed. IAM included Open LDAP, 880,000 users in Kerberos for authentication, 28 Active Directories at schools, and Lenel physical access system across campus, all operating in silos making it difficult to ensure secure, synchronized IAM across Columbia. In the last 18 months, in the Rebuilding Identity Access Management for the 21st Century” Project, Columbia built secured Enterprise Active Directory (EAD) consolidating individual ADs with unified authentication, added MFA, implemented web applications SSO, provided group management, supported Shibboleth (SAML) for industry SSO, linked IAM to physical access management system Lenel, and achieved InCommon “SIRTFI” ID flag status.

The Georgia Department of Revenue’s Office of Information Security is responsible for securing a threat and regulatory landscape that encompasses multiple Federal mandates and 3rd Party Information Service providers. This project implemented a security and compliance risk management platform, CISO Sentinel, to capture operating efficiencies in management of the program. Using continuous monitoring and management, the platform enables greater control of cybersecurity risks by effectively managing the processes associated with obtaining, identifying, processing and aggregating key information. Significant elements of the project focused upon prioritizing the review of critical security alerts, automating governance processes, eliminating redundant silos, and streamlining compliance and management reporting.

Commercial Category
Noopur Davis, SVP, Chief Product & Information Security Officer for Comcast was awarded the ISE® North America Executive of the Year Award for the Commercial Category. Noopur Davis is the Chief Product and Information Security officer for Comcast. Her responsibilities include information, infrastructure, and product security. Noopur ensures best practices are built into all product development and operations activities to mitigate potential security risks. She partners with peers across the company to ensure alignment with overall company security and privacy strategy. Noopur oversees product security and privacy, identity and access management, governance, risk, and compliance, security intelligence and analytics, security engineering, security operations and incident response, vulnerability management, security architecture, and much more.

The ISE® North America Project of the Year in the Commercial Category was Shell’s “Digital Transformation (IAM): Enterprise User Access Management/Shell Identity Management (EUAM|SIM)” Project. As part of a Digital Transformation initiative centered on Identity and Access Management, this project focuses on both enterprise access governance and enterprise access management. This initiative has two components: Enterprise User Access Management (EUAM) and Shell Identity Management (SIM). The project aims to automate the various security controls within Shell for all business-critical applications. This would bring all business-critical application on a common platform in terms of access management. The goal is to bring in the complete Segregation of Duties (SOD) ruleset of Shell under an automated platform to manage SOD, which is currently being done using spreadsheets or legacy tools. This will help enable automated certification campaigns for 60,000 users across the globe and insure compliance and satisfaction of audit requirements.

Financial Services Category 
Jason Witty, EVP & Chief Information Security Officer for U.S. Bancorp, was selected as the ISE® North America Executive of the Year Award Winner in the Financial Services Category. Jason Witty is Executive Vice President and Chief Information Security Officer at U.S. Bancorp, providing singular accountability for all information security controls in the company. An award-winning CISO, Jason was recognized as a 2017 Ponemon Fellow; the 2017 SecureWorld Ambassador of the Year; a 2015 “CISO Superhero” at I.S.E. North America; the 2014 I.S.E. North America People’s Choice Award winner; 2013“CISO of the Year” by the Information Systems Security Association of Chicago and the Association of Information Technology Professionals; and one of Information Security Magazine’s 2013 “Security 7” representing the Financial Sector. He is a highly rated public speaker, frequently keynoting on cyber security topics at large events including CSA Cloud Summit, Finsec, InfosecEurope, RSA Conference, SecureWorld, and others. Over his career, Jason has been involved in 57 acquisition related network integrations, set up secure eCommerce environments, and led multiple cross-industry forums. Providing industry leadership, Jason is Chairman of the Board of Directors of the Financial Services Information Sharing and Analysis Center (FS/ISAC); Vice Chairman of the Board of Directors of the National Technology Security Coalition (NTSC); and a Board Advisor to Arbor Networks, Amgen, Forcepoint, Kohl’s and Qualys. He was also on the Program Committee of the RSA Conference (2013-2017) and serves as FBI’s Chicago Infragard Sector Chief for Finance. Jason also partners passionately with Rahab’s Daughters, a not-for-profit organization that specializes in rescuing victims of human trafficking.

Horace Mann’s project, “Blend the NOC and SOC Together, Creating an Integrated Operations Center (IOC)” was selected as the ISE® North America Project of the Year in the Financial Services Category. Horace Mann set out to merge their NOC and SOC together into a single, blended platform creating an IOC (Integrated Operations Center) - one platform ingesting two environments. The team introduced security orchestration, automation and incident response tools to replace antiquated manual processes. This allowed them to meet mandated governance and compliance and decrease auditor enhanced fatigue. In parallel, the project delivered metrics driven report functionality for risk management that allowed newly created operational activities to be identified, addressed, and aligned to support Horace Mann’s business goals and objectives, including, meeting regulatory compliance for oversight transparency.

Health Care Category
Nicole Darden Ford, Vice President, IT, Security and Compliance and Global Chief Information Security Officer for Baxter International Inc., was selected as the ISE® North America Executive of the Year Award Winner for the Health Care Category. Nicole Darden Ford has global responsibility for Information Security, as well as Information Technology Quality Compliance and Information Governance supporting Baxter International Inc. Nicole joined Baxter in December 2016 from Venable LLP, an AMLAW 100 law firm, where she was Director of Information Security. Nicole has held leadership roles in the private sector and federal government, including the Joint Chiefs of Staff. She has extensive knowledge and application experience with cybersecurity, cyber forensics, and homeland security practices. She holds C|CISO, CISM, CEH and CISSP certifications. Nicole serves on the board of directors for the Health Information Sharing and Analysis Center (H-ISAC) and the National Technology Security Coalition (NTSC).

Children’s Healthcare of Atlanta’s “Mobile Clinician Project” was selected as the ISE® North America Project of the Year in the Health Care Category. To improve clinician to clinician communication, Children's Healthcare of Atlanta replaced the existing hospital communication solution to provide enhanced services, including barcode scanning, secure messaging and integration with Epic. The purpose of this project was to develop and implement the necessary clinical and infrastructure components to improve operational workflows in order to provide a seamless and secure means of communication and medication administration documentation. Objectives included providing secure messaging compliance, increasing the mobile efficiency of nurses and clinicians, improving communications effectiveness between caregivers, integrate alerting, nurse-call, and bed-management, and reducing the number of devices needed for the care process.

People’s Choice Award 
Steve Kozman, SVP, Identity Access Management and Security Services for AIG, was named the ISE® North America People’s Choice Award Winner. This award represents the nominee who best exemplifies information security leadership as voted on by peers in information security.

Luminary Leadership Award 
Also honored during Wednesday’s awards program were the 2018 Luminary Leadership Award Winners: Roland Cloutier, SVP & CSO for ADP; and Gene “Spaf” Spafford, Professor of Computer Sciences and Executive Director Emeritus of the Center for Education and Research in Information Assurance and Security (CERIAS) of Purdue University. Presented annually, the award celebrates the achievements of an outstanding leader and industry practitioner for his or her distinguished service, stewardship and contributions in advancing the information security industry.

A full list of this year’s nominees can be found on the T.E.N. website:
Executive: http://ten-inc.com/ise/north_america/exec_nominees.asp
Project: http://ten-inc.com/ise/north_america/project_nominees.asp

About T.E.N.
T.E.N., a national technology, and security executive marketing and networking organization, facilitates peer-to-peer relationships between top executives, industry visionaries and solutions providers in the cybersecurity industry. Nominated for numerous industry awards, T.E.N.’s executive leadership programs enable information exchange, collaboration and decision-making opportunities for Information Security Executives and cybersecurity solution providers alike. Its flagship program, the nationally-acclaimed Information Security Executive® (ISE®) of the Year Program Series and Awards, is North America’s largest leadership recognition and networking program for security professionals. T.E.N. delivers ISE® Private Dinners across 44 major cities throughout the U.S. and Canada to create even more opportunities for Information Security Executives, professionals and security solution providers to Connect, Collaborate, and Celebrate.

About ISE® Award Program Series
For more than a decade, the Information Security Executive® (ISE®) of the Year Award Program Series has empowered security executives and their project teams to Connect, Collaborate and Celebrate. Recognized as the industry’s most prestigious IT Security award program, it has become the most anticipated award program for security executives and their project teams. Winners have included executives and project teams from leading organizations such as Aetna, AT&T, Bank of America, Comcast, Cox Automotive, Ellie Mae, HMS, Jabil, PayPal, and SunTrust.

About ISE® Judges
Our distinguished ISE® Judges are past nominees representing a cross-section of industries, including commercial, government, health care, and academic sectors. For this reason, the ISE® Awards represent the best achievements of the year as evaluated by those regarded as the industry’s most influential and successful thought leaders. Coupled with a one- or two-day executive summit, the ISE® Awards are held across the country and Canada in major cities including Atlanta, Chicago, Dallas, New York, and San Francisco. The ISE® Awards Program Series has reached more than 10,000 executives across a broad range of industries and has been a major influence in executives' careers, knowledge sharing, and the development of peer-to-peer relationships.

Source: T.E.N.