SIM Cyber-Security SIG
Implementing a SOC 2 – The What, How, Why, and What It Buys You
by Mike Davis
This presentation will talk about why and how companies get a SOC (Service Organization Control), the various types of SOCs, how to choose what fits your company, and how this framework and standards provide confidence for those who rely on the controls. This presentation will discuss how to implement this, and the cultural changes that this change will entail.
Mike Davis, CISO, alliantgroup
As Chief Information Security Officer (CISO), Mike operationalizes Data Security, Privacy, & Risk Management while advising leadership on protecting critical information resources and managing an enterprise cyber security portfolio. As CISO, his mission includes executing a risk-based security strategy that supports enabling the company’s success objectives by securing and protecting both sensitive company and client information.
An experienced cyber security professional with 20+ years in diverse leadership positions: CISO, Senior Cyber Technical Authority, Cyber Security / Risk management consultant, Cyber Program Manager, and Chief Systems Engineer, among others. Mike is also a retired U.S. Navy Engineering Duty Officer and Federal Government employee (GS-15).
Mike supports several security associations: the FBI InfraGard, SD IEEE (Cyber SIG), ISSA/ISC2, and ISACA among others. His certifications are: CISSP, CISO, and Systems Engineering, along with senior qualifications in Program Management and Risk Management, and holds a MS in Electrical Engineering and a MA in Management.
Generously sponsored by Alert Logic
Security & Compliance for Any Environment
Get an award-winning threat management platform, expert intelligence, and an elite team of 24x7 security pros.