BiographySecurity Executive with over 29 years of IT and 17 years of Information Security experience, leading matrixed security organizations and programs with globally dispersed teams. He has been known to challenge the status quo by creating new value propositions. Core expertise include International Security Programs, GRC, Privacy, IAM/IDM, Application and Cloud Security.
With over 7 years of his career at leading Big-4 consulting companies in executive or senior management roles he has worked for many Fortune 100 companies. Some of his roles include Director of Information Security for a $4B business unit, Security Executive (CISO) for the largest outsourcing deal of a Big-4 consulting company and Security Architect for the cloud initiative of a Fortune 10 financial institution.
In 2008 he established his own security consulting company 1SSA, providing services to U.S. government entities and commercial companies in the U.S. and Europe. He has presented at International Security Conferences and has published throughout his whole career. His first book is scheduled for release in 2013.
Mr. Siepmann holds a degree in Electrical Engineering with a specialization in Industrial Control Systems (ICS). He worked as an ICS expert between 1987 and 1991 at Bayer AG.
Information Security with a focus on Information Security Programs, Risk Management, Industrial Control Systems (ICS) security and Identity and Access Management (IAM/IDM).
Areas of Research / Professional Expertise
- Impact of outsourced operations on the overall risk posture of an organization.
- Risks, Security and safety of Industrial Control Systems in an Internet connect industry.
Bicycle, Cars, Movies, Travel, Working Out
By: Frank Siepmann
Subjects: Computer Science & Engineering, Homeland Security, Information Technology
I have been working with the contractor team, the team at NIST and the Whitehouse since the relaease of the discussion draft, to improve the framework. The goal is that by the time of the release of the first official versionthe framework is a useful document for all 13 critical infrastrcture sectors, no matter if you are a small organization or a large one, the framework should help you to address cyber security risks.