Certification - May 2008 - (Page 28)

As is the case with many high-level positions, Lohrmann is doing less of the nitty-gritty work and more of the management. About 10 to 15 percent is technical work, while the other 85 to 90 percent is overseeing his staff, communicating with other departments and going to meetings. Because of his job breakdown, Lohrmann has to employ good managerial skills, work as a team player and communicate well, but he also needs to have a thorough understanding of technology to draw upon when needed. When asked if he missed being knee-deep in computer parts, he said “yes” and “no.” “I do miss it sometimes, but I’m providing better value to the state, to the taxpayers, to this organization,” Lohrmann said. “I love making security better for this state [in] innovative, new ways.” corporations because of a regulation under the Health Insurance Portability and Accountability Act (HIPAA). As a result, in 2000, Chuck Klawans became the first information security officer for the Children’s Hospital and Health System in Milwaukee. Although his formal title is ISO, his role is that of a typical CISO. The Future of CISOs When Lohrmann began his career in security, there wasn’t an information assurance track. Now there are programs all around the country, and those studying IT can be trained to become security professionals. Lohrmann said there is and always will be a huge demand for information security in banking and financial institutions, but the need for it in government is just as big. “People don’t have an option when dealing with government. We become a sole source, if you will, for citizens, so we have a lot of their personal information, whether it is tax information or driver’s licenses.” “[The] information security officer has the primary responsibility for coordinating the confidentiality, integrity and availability of information resources,” Klawans said. “How it is defined in any particular organization varies by organization. In my role here, I [am] responsible for doing the back-end work — the analysis, investigation and auditing — to make sure that our security controls are appropriate and doing what they’re supposed to [do]. I also have staff that has the “We hold a lot of information,” he said. “People don’t have an option when dealing with government. We become a sole source, if you will, for citizens, so we have a lot of their personal information, whether it is tax information or driver’s licenses. But I do think all large organizations will have a big need for cybersecurity.” Not Just Government Because of patient medical records, hospitals had information security officers long before most 28 CERTIFICATION MAGAZINE May 2008 Table of Contents for the Digital Edition of Certification - May 2008Certification - May 2008Editor's LetterContentsData StreamTech CareersAcademic ConnectionDear TechieVirtual VillageTake a Bite Out of Data TheftInside CertificationCISO: Getting Serious About SecurityInterfaceSecuring Your Wireless Access NetworkEndtagAd IndexCertification - May 2008Certification - May 2008 - (Page Intro)Certification - May 2008 - Certification - May 2008 (Page Cover1)Certification - May 2008 - Certification - May 2008 (Page Cover2)Certification - May 2008 - Editor's Letter (Page 3)Certification - May 2008 - Contents (Page 4)Certification - May 2008 - Contents (Page 5)Certification - May 2008 - Data Stream (Page 6)Certification - May 2008 - Data Stream (Page 7)Certification - May 2008 - Tech Careers (Page 8)Certification - May 2008 - Tech Careers (Page 9)Certification - May 2008 - Academic Connection (Page 10)Certification - May 2008 - Academic Connection (Page 11)Certification - May 2008 - Dear Techie (Page 12)Certification - May 2008 - Dear Techie (Page 15)Certification - May 2008 - Virtual Village (Page 16)Certification - May 2008 - Virtual Village (Page 17)Certification - May 2008 - Take a Bite Out of Data Theft (Page 18)Certification - May 2008 - Take a Bite Out of Data Theft (Page 19)Certification - May 2008 - Take a Bite Out of Data Theft (Page 20)Certification - May 2008 - Take a Bite Out of Data Theft (Page 21)Certification - May 2008 - Take a Bite Out of Data Theft (Page 22)Certification - May 2008 - Take a Bite Out of Data Theft (Page 23)Certification - May 2008 - Inside Certification (Page 24)Certification - May 2008 - Inside Certification (Page 25)Certification - May 2008 - CISO: Getting Serious About Security (Page 26)Certification - May 2008 - CISO: Getting Serious About Security (Page 27)Certification - May 2008 - CISO: Getting Serious About Security (Page 28)Certification - May 2008 - CISO: Getting Serious About Security (Page 29)Certification - May 2008 - Interface (Page 30)Certification - May 2008 - Interface (Page 33)Certification - May 2008 - Securing Your Wireless Access Network (Page 34)Certification - May 2008 - Securing Your Wireless Access Network (Page 35)Certification - May 2008 - Securing Your Wireless Access Network (Page 36)Certification - May 2008 - Securing Your Wireless Access Network (Page 37)Certification - May 2008 - Securing Your Wireless Access Network (Page 38)Certification - May 2008 - Securing Your Wireless Access Network (Page 39)Certification - May 2008 - Securing Your Wireless Access Network (Page 40)Certification - May 2008 - Ad Index (Page 41)Certification - May 2008 - Endtag (Page 42)Certification - May 2008 - Endtag (Page Cover3)Certification - May 2008 - Endtag (Page Cover4)http://www.nxtbookMEDIA.com

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.