Predictive Security Intelligence: Achieving Holistic Cybersecurity

No longer can security programs rely on “if it’s not broke, don’t fix it” — adversaries could already be inside systems, stealing data or probing to get in.  Too many CIOs and CISOs have thought their systems and data were secure when in fact the opposite was true.   Security programs need effective protection of valuable information and systems to prevent data breaches, and to comply with the ever increasing federal compliance requirements (such as the Federal Information Security Management Act (FISMA), the Privacy Act, policy and guidance from the Office of Management and Budget (OMB) an

Protecting Privacy and Security

Managing Advanced Threats in the Digital Age: Addressing security, risk and compliance for U.S. Public Sector executives

These attacks are relentless, aggressive and constantly evolving, and have clearly shown that federal agencies and organizations are struggling in managing security threats, despite the stricter security protocols that are often in place at government agencies. Cyber threats are “among the most urgent dangers to America’s economic and national security,” President Obama was quoted as saying in a Wall Street Journal article in 2015.

Pages

Former Cybersecurity Fellow
IBM Center for The Business of Government
United States

Mr. Lainhart (deceased) was our Cybersecurity Fellow and the IBM Global Business Services (GBS) US Public Sector Cybersecurity & Privacy Service Area Leader. He was the Co-chair of the US National Association of Counties (NACo) Cyber Security Task Force. He also served as Co-chair of the COBIT 5 Task Force and Principal Volunteer Advisor for IT Governance, COBIT, ValIT and RiskIT related initiatives. Mr. Lainhart was recognized as the “father” of the Certified Information Systems Auditor (CISA) program. He also co-authored two books on information systems auditing -- System Development Auditor and Computerized Information Systems (CIS) Audit Manual and a National Institute of Standards and Technology special publication on systems development life cycle auditing. Previously, on November 14, 1993, Mr. Lainhart became an Officer of the U.S. House of Representatives, being appointed the first Inspector General. He was reappointed for the 104th through the 106th Congresses. Unanimously appointed by the Speaker, Majority Leader and Minority Leader, Mr. Lainhart was responsible for conducting periodic audits of the financial and administrative functions of the House and joint entities, and notifying the Speaker, Majority Leader, Minority Leader, and the Chairman and ranking minority member of the Committee on House Administration of the results of the audits conducted. He retired from Federal service on March 31, 1999. Prior to his service with the House of Representatives, Mr. Lainhart was a member of the Federal Government's Senior Executive Service in the Office of Inspector General (OIG), U.S. Department of Transportation (DOT). He served as the Assistant Inspector General for Policy, Planning, and Resources and was responsible for overall OIG policy and planning for audits, evaluations, and investigations; developing applicable audit, evaluation, and investigative standards and procedures; and providing necessary financial management, administrative, human resources, and information technology support. Mr. Lainhart also served as Group Director in the Information Management and Technology Division and Human Resources Division, U.S. Government Accountability Office (GAO). As such, he was responsible for performing all information systems audits of Federal programs administered by the Departments of Health and Human Services (including the Social Security Administration), Education, and Labor, and Veterans Affairs. He was also responsible for providing Computer Assisted Audit Techniques (CAATS) assistance to GAO audit staff. In addition, he wrote several GAO audit guides and articles detailing the procedures required to perform audits in the information system environment. Mr. Lainhart remained very active in the ISACA and the IT Governance Institute, having served as 1984-1985 International President. He was a member of the National Capital Chapter since its inception in 1974. He was a Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Controls (CRISC), Certified Information Privacy Professional/Government (CIPP/G) and Certified Information Privacy Professional/US (CIPP/US). While with GAO, Mr. Lainhart received several awards for innovative computer auditing techniques. While with DOT, Mr. Lainhart was the 1988 Paul R. Boucher, Presidential Award winner--the President's Council on Integrity and Efficiency's highest award; in November 1991, he received the Presidential Rank Award of Meritorious Executive; and in November 1993, he was awarded DOT's Exceptional Service Award. In June 1988, he was awarded the ISACA/F's highest award, the Eugene M. Frank Award for Meritorious Service, and in June 1991 he became the 14th recipient of the ISACA New York Metropolitan Chapter's Joseph J. Wasserman Award. He also received ISACA’s 1995, 1996 and 2007 President’s Awards. In November 1996 he became the first recipient of ISACA’s John Lainhart Common Body of Knowledge Award and in 2012 received his namesake award again for his COBIT 5 leadership. In August 2007, he was awarded an Honorary CPA and lifetime membership to the AICPA. He received the 2008 V. Lee Conyers Award from the ISACA National Capital ea Chapter for outstanding contributions to the IT Assurance, Governance and Security Profession. Also, in October 1994, he was awarded the Navy Commendation Medal. Mr. Lainhart received a B.A. in Business Administration from Davis and Elkins College and a M.A. in Management and Supervision from Central Michigan University. Mr. Lainhart is a retired Captain in the U.S. Navy.