David Schlesinger, CISSP
Security Architect, Metadata Security LLC
In The Hidden Corporation, David illustrates why the largest single cause of inappropriate data exposure events, according to research, is employee ignorance of the sensitivity of the information they are handling or authorizing access by others. The book illustrates why these gaps form the root cause for exposing and losing confidential and highly regulated information. It then explains, in non-technical language, how leveraging the existing data management resources of the company with the powerful tools and capabilities of Information Security professionals, can eliminate hidden governance gaps between business groups, information security groups, and data management groups.
With more than 26 years experience in Information Management, David was for many years a Data Security Architect at Intel Corporation, and designed an Enterprise Access Control Automation process that generated two US Patents for data security methodology. He pioneered the employment of Metadata categorizations to automate management and auditing of user authorizations. The method he devised, outlined in his book The Hidden Corporation, is both logical and easily maintained. His Metadata Security system links information metadata definitions to security classifications, user groups, and data regulatory requirements.
As a frequent speaker on Data Security Architecture at national conferences, David has brought information security into focus as a missing aspect of management within the data administration community. David is CISSP Security certified; is a member of the Information Systems Security Association (ISSA), ICS2, INFRAGARD, and the Data Administrators Management Association, (DAMA); all of which give him a unique view of Enterprise Information Protection as an indispensable governance practice.
He was President of the Phoenix Chapter of ISSA for several years and Vice President for several more. He contributes a blog to www.dataversity.net and has served on the Academic Advisory Boards of several Arizona technical schools and community colleges regarding curriculum development for information security programs. He was named a Senior Member by the Information Systems Security Association (ISSA) during its Winter 2013 Fellow Program.