2010 Forecasted Security Issues
02-08-2010
2010 will see an increase in hacking and CIRT events, new regulatory requirements, and lack of staff / management interest in data protection.
1) Lack of ongoing security risk assessments
2) Inadequate patch management on both server and workstation levels
3) Poor data classifications
4) Continued exploitation of poor web application security
5) Failure to update DR and BCP plans
6) Discontinued security awareness programs
7) Poor investigation techniques and CIRT procedures
8) New regulatory requirements or standards (i.e. PCI DSS) not being added to the InfoSec program
9) Hacking schools in China will increase targeting U.S. websites
2010 will see an increase in hacking and CIRT events, new regulatory requirements, and lack of staff / management interest in data protection.
1) Lack of ongoing security risk assessments
2) Inadequate patch management on both server and workstation levels
3) Poor data classifications
4) Continued exploitation of poor web application security
5) Failure to update DR and BCP plans
6) Discontinued security awareness programs
7) Poor investigation techniques and CIRT procedures
8) New regulatory requirements or standards (i.e. PCI DSS) not being added to the InfoSec program
9) Hacking schools in China will increase targeting U.S. websites
Career Summary
A proven Information Security executive with over 25 years in the information technology field, Mr. Purcell is widely respected for his leadership and vision in all facets of information protection.
He has worked in key positions for such well-known firms and brands such as Avon Products, Reader's Digest, Thompson Professional Publishing, Covenant House, Peoples Bank, and North Shore Long Island Jewish Healthcare System. He rapidly rose through the ranks of information technology teams while providing first class knowledge in network implementation, remote access, web-site security and change management when most technologies were in their infancy.
Over the last 15 years, Mr. Purcell utilized his talents in developing many of the first information security programs and teams dedicated in protecting a firms' information assets. He has improved regulatory compliance, provided security signoffs for change management, and introduced compliance into the SDLC programs at several major organizations.
Mr. Purcell has also had experience in protecting information assets across the globe, negotiated complex contracts with vendors, developed and managed cross-functional teams, presented security briefings to c-level managers, and developed ongoing training and awareness programs at multiple companies. Mr. Purcell currently holds the Certified Information Systems Security Professional (CISSP), the Associate Business Continuity Planner (ABCP), ITIL Foundation Specialist, and the Microsoft Certified Systems Engineer (MCSE) certifications.
Mr. Purcell is active with several organizations with specific direction towards information security. He has spoken at several DPMA meetings, and has active memberships with ISSA (Information Systems Security Association) and Infragard. He has also spoken to several community groups such as the Rotary Club, Chamber of Commerce, Lions clubs, and several PTAs in matters of business security, internet access for children, disaster recovery, and risk assessments.
