Type your search and hit enter
Menu
What Would You Do As Chief Information Security Officer?

What Would You Do As Chief Information Security Officer?

Four CSOs share insights into what's involved in being the security guardians of their enterprises

Name: Jalal Zamanali

Title: Senior vice president of information technology and chief information security officer at US-based Temple-Inland and its subsidiary Guaranty Financial Services.

Installed base: 16,000 end users, mainly in North America, in a primarily Windows-based computing environment, with 1200 servers and mainframe.

One of the first things that Jalal Zamanali did after joining Temple-Inland, a large firm with interests in corrugated packaging, forestry, real estate and financial services, was to do a security assessment "to see where we are and where we ought to be", he notes.

He also organized the staff of 17 security specialists into three teams — one to conduct penetration testing, a second to handle security monitoring and management, and the third dedicated to "security governance", which he describes as "policy development and standards development".

"The standards specify elements in the policy, such as authorization, authentication, and their requirements," says Zamanali.

Now at Temple-Inland for about one-and-a-half years, one of Zamanali's first priorities was deploying a security-information management product to centralize security-event reporting, in this case one from NetIQ.

"Without tools to identity some events we're interested in, it can be like finding a needle in a haystack," said Zamanali, who reports to the chief risk officer, who in turn reports to the CEO. Upper management's concerns generally relate to compliance with regulations that include Sarbanes-Oxley and Gramm-Leach-Bliley, he notes.

Zamanali, who came to Temple-Inland after stints in top security jobs at JP Morgan Chase, IBM Global Services and Dell, says his early work life actually began as an engineer designing nuclear submarines. Like many others living through the age of rapid expansion of information technology and security, he said he simply became fascinated with it and decided to switch careers.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about ACTAmerican Express AustraliaBlackBerryDefence DepartmentDellDeloitte & ToucheDovetail DistributionErnst & YoungErnst & YoungGuaranty FinancialHISIBM AustraliaIPSJP MorganMcAfee AustraliaMorganNATONetIQOak Ridge National LaboratoryPLUSSECSecurities and Exchange CommissionTippingPointTippingPointWells Fargo

Show Comments
[]