Accomplishments at Principal Financial Group
Rebecca helped build Principal Financial Group's (PFG) Information Protection department and
functions. As a result of her efforts, PFG was awarded the Computer Security Institute Outstanding
Information Security Program of the Year award in 1998. While at PFG, Rebecca:
Rebecca helped build Principal Financial Group's (PFG) Information Protection department and
functions. As a result of her efforts, PFG was awarded the Computer Security Institute Outstanding
Information Security Program of the Year award in 1998. While at PFG, Rebecca:
- Developed the corporate anti-virus strategy including a risk identification and mitigation process.
- Participated in new systems and application development projects to identify information security risks,
then recommended and oversaw the implementation of controls to address the identified risks. - Developed the corporate strategy to identify and control the use of modems.
- Created the Internet access strategy and the accompanying procedures for establishing and updating
the Internet firewall settings. - Developed a quarterly and yearly report analyzing and evaluating the state of information security
within the organization. Distributed the report to appropriate managers and executives. - Developed the strategy for non-employee access and risk reduction.
- Developed and established e-commerce security requirements to reduce risks in web applications.
- Created the information protection awareness and training strategy, framework and program aligned to
business objectives. Rebecca included training and awareness activities covering applicable laws and
regulations. - Met regularly with corporate leaders and management to explain information security objectives and
obtain their support and commitment for information security activities, technologies and policies. - Created the organization’s corporate-wide information security and privacy policies and created the
roll-out strategy and plan to ensure all managers were aware of their responsibilities and that
personnel knew, understood and followed the privacy policies and procedures. - Created the corporate strategy for protecting customer information that included creating and leading
a corporate group of business unit leaders to discuss the business goals and objectives for handling
customer information in a secure manner that also allowed business objectives to be achieved. - Performed an analysis of non-employee access to the corporate network and created a non-employee
access strategy and policies to support the information security program while allowing necessary
connections from business partners to securely be established. - Performed IT audits to identify risks to PFG's information and recommended effective solutions. One
of Rebecca's audits recommended that PFG create an Information Protection department. - Analyzed requirements for IBM CISS systems.
(c) Rebecca Herold, LLC 2008 Email Rebecca Herold
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |