CISOs Can Report to CIOs and Be Successful

When the CISO reports to the CIO what does a good relationship look like? How does a CISO succeed when there is a perceived inherent friction or “conflict of interest” between the two roles? Perhaps most importantly, who owns cyber risk and the budget needed to manage the program? These questions and more will be answered by our guests Becky Vasquez (CIO) and David Mashburn (CISO) and who will share how they’ve made this reporting dynamic work. Host: Jerich Beason | @blanketsec Guests: Becky Vasquez, CIO & David Mashburn, CISO: Embry-Riddle Aeronautical University Becky Vasquez Becky L. Vasquez is the Vice President and Chief Information Officer for Embry-Riddle Aeronautical University. Becky has been with the university for over 20 years in various technology leadership positions, including the role of Chief Technology Officer for the Worldwide Campus. She is responsible for the overall technology vision, mission and strategy for the university and provides thought leadership for the technology strategic plan, cloud strategy, and IT risk management plan. A service-oriented technologist, Becky is a champion for an effortless technical environment. She holds a GIAC Information Security Fundamentals certification and is an advocate for information security best practices and raising cybersecurity awareness among the university community. A two-time CIO 100 award winner, Becky is a member of educational software corporation advisory boards and regularly participates in industry wide activities supporting the advancement of technology in education. David Mashburn is CISO at Embry-Riddle Aeronautical University, a SANS Certified Instructor, and co-author of SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis. He has experience working as an IT security professional for several civilian federal agencies, and over 20 years of experience in IT. He holds a master's degree in computer science from John Hopkins University, and a bachelor’s