Abstracts Menu
Use these links to access the abstracts below:Cybersecurity Assessments
"A lot of added value. Major takeaways. Tools we can use immediately. I appreciate how Gideon got granular for us instead of staying only high level within only 60 minutes. Excellent work Gideon."
"This was an excellent start to the ISC2 conference. I have been trying to put together a risk assessment and Gideon showed the audience how to streamline the process. If he is presenting next year I will be attending again! Thanks Gideon for all the pointers."
"Excellent presentation - I loved the work papers the most. Very valuable to me. Hope to host your other topics in the future!"
"I just attended a session on assessments that Gideon presented. He has a good presentation, and included a lot of good info for you, if you're considering someone to give your company an assessment, or you're a security practitioner."
"I attended Gideon's presentation to the CERIAS of Purdue University. I appreciated him sharing his expertise in how he conducts risk assessments as a vCISO. He was gracious with tips he utilizes when interviewing companies to evaluate security controls. It was a great hour, and hopefully someday our paths will cross again."
"Had an opportunity to listen to Gideon present recently and was impressed with the grasp of solid foundation materials and knowledge and able to articulate to C-speak without much of the jargon. Gideon can help organizations to start or continue an IT Security process with an in-depth look with ease."
"Great to hear from someone with hands on experience. Thank you for sharing with the ISACA Kentuckiana chapter today! Your communication style and presentation was outstanding."
"Determining your tools to drive your cybersecurity risk methodologies will be a challenge. Gideon has some great direction in building a solid and cost-effective approach we all can apply. Thanks for the great detail guiding folks on measuring their environment in confidentiality, integrity, and availability of your assets."
"Very interesting. Very well presented. Very thorough and detailed. Speaker was very good. Liked work paper segment. Liked how he fleshed out his audit evidence decision tree. Liked how he called out response confusion, contract language issues, etc. He validated our processes which was nice too."
"Thanks for the great presentation, very valuable and timely information for me. I am always looking for practical advice that I can take back and that is exactly what you provided."
"Fantastic! What an efficient use of time! I learned a lot and have take-aways I can implement right away. Thank you very much!"
"Great presentation by Gideon for the Central Pennsylvania Institute of Internal Auditors on Cybersecurity Risk Assessments. Valuable information and tools that our regional members could use in their professional roles. Thank you Gideon!"
Third Party Risk Management
"Great presentation, Gideon! Our business team was able to get a lot of questions answered related to our TPRM Program. This session was very insightful!"
"That was a fantastic crash course and appreciate the military like delivery. 😂 Personally, my biggest takeaway from that was the use of a Welcome Packet to vendors to aid in expectation management. Brilliant and thank you so much for making the time to do this!"
"This was a VERY insightful presentation! Gideon really provided valuable information."
"This is a great presentation, and a great parallel with manufacturing Supplier Quality. I’m really glad I attended!"
"Very insightful presentation at Bsides today. Thank you very much for adding to my TPRM knowledge."
"Very informative. Great material and well presented. We enjoyed having you present. Looking forward to future talks. Thank you. 👍"
Metrics, KPIs and KRIs
"I learned so much during this meeting. Some really good slides and clear explanations the value of metrics. I'm looking forward to chatting with my coworkers about this tomorrow to see what they think."
"This was an excellent presentation. Gideon talked about developing metrics and provided practical tips for how to effectively implement them. This was probably one of the most immediately useful presentations. I really wish I hadn't missed the first part of this session and will look for Gideon at future conferences."
"This crash course on Cybersecurity Metrics, KPI and KRI during the meeting is a must learn and apply for every Cybersecurity personnel out there. Great presentation. Thanks for sharing. #knowledgeispower #knowledgesharing"
"Attended Gideon's session today at B-Sides Tampa and it was extremely insightful in not only the implementation of Cybersecurity metrics but how they can be used as well!"
"Gideon T. Rasmussen thanks for sharing such valuable content today during your presentation. I walked away with many great take aways!"
"I just attended Gideon's presentation on Cybersecurity Metrics, KPIs, and KRIs. It was very informative and I walked away with some great ideas to implement in the monitoring of my programs. Thanks again Gideon!"
"Thanks for the great presentation, definitely gave me some solid inspiration to implement new metrics for my team."
"Your presentation at our Chapter today was a delight! The clear and concise articulation of key Cybersecurity metrics and the list of references are immediate takeaways. Thank you for sharing with us!"
"Thank you for giving such a well thought out and concise presentation. I'll certainly be taking the information into consideration as I track my own metrics."
"Cybersecurity metrics in a nutshell with excellent references for further learning. Exactly what I was looking for. Thank you. 👍👍"
Program Maturity
"Attended a local ISC2 Chapter meeting last evening where we had the pleasure of hearing Gideon's Program Maturity presentation. Great stuff! Gideon made easy work of covering some very dense and 'wonky' material with a ton of real world advice on how we as security practitioners can engage our business counterparts constructively. Well done!"
"Thank you so much Gideon T. Rasmussen for your time on behalf of the IIA Central Penn Chapter. Outstanding presentation with great insights!!"
Application Security
"Great Presenter!--Excellent presentation with real situations and have to improve relationship btw dev and secops. Also he articulated very well the risks not only for development, business but also for auditors. --Great presentation of using existing processes and controls to handle new technologies and methodologies such as DevSecOps.--This class was very fast paced. More in depth agile training and DevOps would be nice. --great content, great exposure to devsecops. thanks--great presentation"
"--Great session! My favorite so far. There were many takeaways that I can take back to my team. --This was by far the best session I attended!!! Speaker stated that he would not be able to go thru all the slides because of lack of time; however, he did in flying colors!!--Speaker was excellent and very knowledgeable"
"My favorite session today was Gideon Rasmussen. His discussion of Software development security operations (DevSecOps - that’s a Navy term) Program Architecture was on point. A refreshing viewpoint from a real security practitioner. www.virtualcso.com"
"Thank you for your fantastic presentation on application security fundamentals, best practices for developer security training, metrics, maturity roadmap for application development and ideas on how to continue moving forward once a mature process is reached. Your insights on managing application security are invaluable."
"Great presentation - practical, insightful information! Definitely can use with my team of developers! #continuouslearning #devsecops"
"Amazing presentation. In less than an hour Gideon was able to summarize an end-to-end cybersecurity strategy. Thank you for sharing your knowledge."
"At the beginning of the presentation, you mentioned each slide could be its own 1-hour talk. I didn't believe you, and I was wrong. Great content, really showed your knowledge and experience."
"Excellent presentation! Very insightful simplified guidance over complex security challenges within DevSecOps."
"Gideon, thank you for your practical and insightful DevSecOps presentation today and for carving time from your consulting engagements to advance the knowledge of others at a number of national and international conferences."
"Thank you for delivering such an enlightening presentation that was clearly backed by extensive experience and in-depth knowledge. Your insights were invaluable and provided me with comprehensive understanding of DevSecOps."
"DevSecOps is such a vital part of the GRC process and your presentation just helped to confirm that."
"Excellent presentation! Learned a lot and can't wait to implement! Looking forward to the next one."
"Great presentation. Looking forward to the opportunity to hear you speak again."
Career Advice: Cybersecurity Professionals
"One of the best presentations I’ve attended focusing on career growth. Gideon presented clear, concise ideas and why they’re important to both the individual as well as the company they work for. I highly recommend attending his presentations."
"It was a really strong session for anyone looking how to frame the necessary conversations in their career. How to say the words execs will hear, is a learned skill. Thanks for such great advice!"
Career Advice: Cybersecurity Leaders
"Incredibly timely and actionable presentation by Gideon. We are all feeling the global challenge of finding cyber defenders which makes retaining and developing our current teams an imperative!"
"Had the chance to meet Gideon in person this week and soak up some of his experience in building and growing teams. Great presentation, great presenter!"
"This was a great presentation by a well spoken leader. Gideon has a breadth of experience in Cybersecurity and more importantly, building and growing effective teams."
"Great session today @ ISACA Conference. Thank you Gideon, you provide such great examples of Team Development and retention. Here is a great take away: Succession Planning: Who is "ready now" on the team, Who is a good candidate elsewhere, Grooming for the next role."
"This session is full of useful information. I have seen some talented folks leave an organization because they felt they are just a number and receive little feedback."
"Excellent and inspiring presentation. Thanks so much for sharing your expertise and experience."
"Thanks so much for the session! I really valued your insights on applying the principles in a practical way!"
"Gideon joined us as a keynote speaker for a cybersecurity event based in Austin, Texas, sharing insights on the topic "Cybersecurity Team Development and Retention." He was excellent to work with throughout the whole process, from preparing talking points, to promoting the event actively with his network, to excellent delivery on stage. The audience enjoyed the talk and engaged with Gideon through an active Q&A -- one attendee even remarked to event organizers: "We rarely get content on how to become a manager in security, or how to best support your team and also advocate for yourself. This was just as helpful as the technical topics we typically get at conferences -- if not more." With feedback like that, we would recommend Gideon as a partner for any paid speaker engagement!"
Fraud Prevention
"Attended Gideon’s session and as usual he did a great job framing up the topic with background info and then walked through several real world fraud scenarios. I definitely have a much better understanding of the fraud-cyber relationship! Thanks Gideon!"
"I appreciated the discussion on fraud events being captured by SIEM/SOC. This could be an entire topic on its own."
"I'm already starting our fraud tabletop exercise based on his list of 15 examples."
"The information provided on the types of fraud and the types of "fraudsters" was very interesting."
"Excellent information with some actionable takeaways. The fraud workflows provide a starting point for inclusion in our office."
"Thanks for a great presentation, Gideon. Reviewing your presentation again as it has helpful actionable steps to incorporate fraud prevention into risk assessment projects."
"I am also an expert in this area and can attest that Gideon’s presentation is well thought out and delivered."
"I attended "The Intersection of Fraud Prevention and Cybersecurity" presented by Gideon at the 35th ACFE Global Fraud Conference. It was a great presentation to connect both areas. For person like me working decades in financial industry, this is very helpful for me."
"Gideon provided a paid security speaking engagement for a business unit of our company and was very comprehensive. He provided all content and resources and was extremely well prepared. He even went so far as to arrange several calls ahead of the presentation with myself (security professional) and the group head to ensure that the content of the presentation was well tailored for our group. Gideon's presentation was very well received by the team to which he spoke. He got our business people thinking about security and kept them engaged for the duration of the talk."
Assert Influence to Gain Support and Funding
"This was an excellent presentation! Great angles on talking to executives and Boards in a non-technical risk-based format to help secure spend. Very informative and helpful in the world of overly technical presentations that bore executive management teams and boards!"
"#fistbump Gideon T. Rasmussen #VCISO extraordinary providing quality #CPE for our ISC2 Alamo Chapter meeting attendees today! "Selling Security to Senior Executives" is an Art and Science. If you want to become an alchemist of risk management, come to the #whisperer to #informationsecurity professionals like Gideon T. Rasmussen! We appreciate you and your comprehensive presentation today! 😎"
"At our ISC2 Silicon Valley Chapter meeting, Gideon gave an interesting presentation on selling security to executive, that outlined the importance in speaking about security in the terms of risk and value. These are the issues that resonate with senior executives. He also outlined various tools to help frame those conversations and drive consensus. I found the material relevant, not only for selling security internally but also arming our customers on how to promote security initiatives to their senior manage. Time well spent!"
"That was an excellent presentation, Gideon T. Rasmussen! I appreciate the practical tips on framing security investments in terms of business value. The "Hook" concept, emphasizing the importance of Always Be Closing, and thinking from the executives' shoes were incredibly insightful."
"Is your organization missing critical security controls? Facing challenges in securing funding to address risks and ensure compliance? Attending Gideon’s presentation provided actual scenarios and valuable insights into effectively communicating with executives, understanding the importance of financial acumen, and building a well-funded and staffed cybersecurity team to manage risks and maintain compliance."
"Thank you Gideon T. Rasmussen for your presentation on "Selling security to senior executives" at the ISC2 Alamo Chapter. I really appreciate you taking us step by step through the systems and techniques you use in the risk analysis/risk assessment process. You provided valuable wisdom and insight to everyone on the call. I'm grateful that I was able to attend."
"Great session! Since not all organizations have adopted the BISO role yet, understanding how to work with business units to align security measures with business goals is more important than ever."
"Really enjoyed this talk. Gideon covered a wide range of impactful topics with an outcome driven tone. Love a good talk that helps give you the mindset and tools to influence change."
"Gideon T. Rasmussen Thanks for generously sharing your knowledge at the meetup yesterday. Wish I had your framework early on in my career so that I didn't learn things the hard way. Highly recommend Gideon T. Rasmussen's talks."
"Thank you for the presentation Gideon. Valuable insight on best practices for security practitioners seeking budget."
"Gideon T. Rasmussen it was an enjoyable session. Very good ideas on leading executives to a predictable plan and path in order to justify spend."
"Great presentation! Gideon T. Rasmussen provided lots of excellent takeaway points about "Selling security to senior executives." I'm glad I was able to attend the event."
"Gideon T. Rasmussen put on an outstanding presentation!! Learned a lot and had some valuable interaction with the audience throughout. Well done!"
Insider Risk Monitoring and Response
"Awesome session! I will definitely be taking your insights back to my team. Thank you for sharing you experience and expertise with the community."
"I really enjoyed this presentation and had actionable items to include in any Insider Threat and Incident Response plans."
"Thank you for a great session Gideon T. Rasmussen! Lots of great content and actionable takeaways on this very important topic."
"The session was incredibly insightful and engaging! Gideon T. Rasmussen’s expertise and comprehensive knowledge on the topic ‘Insider Risk Monitoring and Response’ surely made it an enriching experience for all attendees.
I'm grateful for the opportunity to have been a part of it. Was a truly remarkable experience!"
"The session was thoughtfully tailored to address practical needs. It was both an enjoyable and enlightening experience. Thank you Gideon T. Rasmussen."
Crisis Communications - In the Gravest Extreme
"Your presentation on crisis communications was incredibly informative and engaging, offering valuable insights and practical tips for effectively managing and navigating this challenging situation. Great job Gideon!"
"Great presentation. It's obvious that you have lots of experience in crisis communications and I appreciate you sharing it!"
"Gideon T. Rasmussen, Thanks for presenting again for members of the ISACA New England chapter and for the guests who joined the webinar from around the world. Thank you as well for always sharing your expertise with fellow professionals. Look forward to your 'Adaptive Cybersecurity Risk Assessments' presentation on August 20th hosted by the ISACA San Antonio Chapter."