Over my many years of security consulting with organizations, I've always had a love for helping to create effective vulnerability management programs. The reality within both Fortune 100 and SMB organizations is that vulnerability management programs often struggle (and sometimes fail) within three common areas. My presentation will focus around how I've found success in addressing these program failures. I'm planning to include a lot of stories based on my experiences along with a few stories I've heard from other industry experts. My goal is to provide guidance and an approach so that members of the audience will be able to help build effective vulnerability management programs of their own.

Andy Jordan

Andy Jordan (CISSP, CISM, MCSA, MCP, Security+, Network+, ITIL v3, LeanIT) has built and managed multiple security programs for numerous large and small organizations throughout his 12-year career. He uses lean and agile methodologies to create demonstrable value within complex infrastructure and security programs. He is an active figure in the information security community, having presented at several venues as well as contributing to SC Magazine.