Evidence-Based Solutions for Information Security GRC

I watched Jeff deliver a speech on IT Risk Management to the ISSA Northwest Regional Security Conference, attended by 80+ information security professionals from Washington and Oregon. As a speaker, Jeff was very engaging and entertaining despite the potentially dry subject matter and did an outstanding job of holding the attention of his audience. It was very clear that Jeff not only knew the subject matter, but had a passion for the topic. He shared some very innovative ideas about how to leverage insights from diverse fields in the IT Risk Management space and illustrated how understanding business needs and practices was fundamental to a successful Information Risk Management / Information Security Risk Management professional. I look forward to hearing how he will further develop his ideas and thoughts as they pertain to the Information Assurance, information Risk Management, and Information Security risk management.

Jens Laundrup, CISSP, HISP, Board Member – Secretary, ISSA

I had the opportunity recently to attend a presentation Jeff gave through the ISSA and was impressed at his attention to detail and interaction with those in attendance. He has a wealth of knowledge and experience from which to draw and it shows in his delivery of the subject material!

Kevin Morrison, MBA, Network Security Analyst, BECU

I found Jeff’s presentation (material and style) at the 2008 NW Security Regional Conference: interesting; detailed; useable for my organization. The use of personal examples where very important to me and allowed me to understand the difficulties that Jeff and his organization has faced and continues to face. I believe that many of the participants have not even begun to consider the risks and risk management that Jeff addressed. To many information security professionals forget or do not understand the importance of risk management, they believe that they can eliminate risk. Jeff’s presentation brought clarity to risk management, pitfalls and successes.

Kyle Miller, Chief Information Security Officer, State of Oregon, Dept. of Human Services, Information Security Office

I am the Co-Director of the Information Security Compliance and Risk Management Institute, an annual advanced IT security conference. Jeff spoke on IT risk management at our 2008 conference and did an outstanding job: The content was solid and at the forefront of current thinking, and his presentation style was engaging. I wouldn’t hesitate to have Jeff speak again, and I recommend him wholeheartedly.

John Christiansen, Managing Director/Attorney, Christiansen IT Law

Jeff Lowder is a very informative and engaging speaker. I have had the pleasure of attending several sessions at which Jeff presented. I always come away knowing something I didn’t know before, or with a great tip to add to my security toolkit.

Laurie Leer CISSP, CISM, Information Security Mgr & Sr Sec Architect, Premera Blue Cross

Jeff’s presentation at SecureWorld Seattle on Compliance Management Life Cycle (CMLC) and GRC overall was outstanding. His ability to discuss his findings and work in layman terms allowed everyone in the room a glimpse into what could be within their own organizations. In my opinion Jeff is the leader within CMLC.

Tab Pierce, Business Development Manager, Consciere LLC

I attend a lot of presentations where the same old stale “recent developments” are relayed as new and interesting. It is a pleasant change to listen to Jeff, who is obviously passionate about what he does and genuinely is pushing the envelope with the content of his presentations. He was well prepared – having additional slides which answered a specific question that he had anticipated from the audience and answering questions fully and intelligently. I would highly recommend Jeff as a speaker for future events.

Aaron Weller, Managing Director and Co-Founder, Concise Consulting Group

I attended Jeff’s presentation on Compliance Management Life Cycle (CMLC) and GRC at the Seattle SecureWorld Expo in October, 2009. Jeff discussed an innovative, comprehensive, and proven approach to more effectively manage a compliance driven security program. His approach is an open model that allows multiple compliance requirements to be managed under one program. The methodology is thorough enough for organizations to prove they are practicing good security and not just checking the “in place” box. As an auditor, this level of detail and ongoing maintenance activity is exactly the type of program I would love to see more organizations adopt. Great job Jeff! I look forward to watching this approach evolve over time.

Seth Peter, Chief Technology Officer, NetSPI

I have had the pleasure of working with Jeff professionally as well as attending industry events where he presented. He is a true visionary with practical experience and real-world success to back it up. I look forward to more opportunities to hear his ideas.

Mark Benoit, Strategic Account Development – US Security Services, Verizon Business

Next testimonial

All Jeff's testimonials

• Connect with me on LinkedIn
• Follow me on Twitter
• Telephone me: (001) 206 588 5694

• Send me a message:

  Your name (required)
  

  Your email (required)
  

  Your message