Chris Brown is an information security strategist and risk strategist with over 12 years experience leading and advising information security programs. From 2004-2010 he worked in security management as an information security and privacy officer. From 2001-2004 and 2010 to present he provided technical and security program consulting for companies in healthcare, manufacturing, and banking. Prior to this he held a variety of positions and responsibilities, including two years managing IT operations and security, two years managing firewalls, and many years of networking and web programming positions.Formerly the Privacy and Information Security Officer for Independent Health (voted one of the nation's top health care insurance companies), Chris brought a risk management and business operations focus to the security program. He also recognized dependencies that the information security program had on other organizational processes. As a result he started initiatives to implement change management, change control control, business continuity, security risk assessment, operational risk assessment, project risk assessment, process improvement, IT work-flow management, vendor management, and initiated process improvements in specific operational areas such as human resources and facilities. He was also instrumental in initiating the enterprise risk management function.
Previously, Mr. Brown was Senior Consultant in the CTG Information Security Solutions practice. In addition to being a consultant, Mr. Brown was concurrently serving as the Manager of Information Security for CTG. He has also served as CTG's Global Manager of IT Infrastructure and Operations.
His technical background includes a variety of experiences as a system and network administrator and analyst, and he has experience in web application development, network architecture and management, and in the planning, design and development of business critical applications.
Mr. Brown is the founder and past president of the Information System Security Association (ISSA) Buffalo Niagara chapter. He is past president of the Information Systems Audit and Control Association (ISACA) Western New York chapter. He has also served as a member of various Information Systems Security Association committees, including the Ethics Committee and the Certification Committee. Mr. Brown holds a Bachelor of Science in Computer Science from the University of New York at Buffalo.