This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

March 2014:Matt Shufeldt: "Data Breaches"

Jump to: navigation, search

Matt Shufeldt discussed a topic we all love (when advocating for budget) and all hate (when that time arrives), data breaches. Because of the recent Target breach (along with a slew of other breaches announced by Retail organizations), Matt's presentation as CISO of The Sports Authority was both timely and heartfelt.

Data Breaches: Strive to Prevent, Be Quick to React and Know your Roles and Obligations. It is every Information Security professional and senior executive's nightmare. Two dreaded words, Data Breach. Now more than ever it is important to know the different types and size of breaches. It is also imperative to understand how to be a hard target for those actors targeting you. Finally, we will discuss the different factors you should consider when you think you might have been compromised or you know you have been compromised.

Matt Shufeldt is an Information Security consultant as well the Director of Information Security and Compliance for Sports Authority. Matt has over 20 years of experience in Information Systems and is a certified expert in all areas of Information Security and Release/Change Management. He has designed and implemented successful security and compliance programs and solutions for multiple companies. In addition to design, implementation and operational experience, Matt has ample experience overseeing consultation, negotiation and remediation efforts for governmental and private regulations. This includes several successful Sarbanes-Oxley and PCI audits/assessments. Matt is a long time Certified Information Systems Security Professional (CISSP) and holds an ITIL Foundation certification.