PMP, CISA, ITIL, ISO
Paige is the founder and CEO of Needling Worldwide, LLC, a fast-growing cybersecurity firm specializing in standards-based security compliance and certification. Paige has more than 20 years of experience addressing the challenges of network security, data privacy, risk management, and corporate cybersecurity strategy. Paige has been featured in a variety of industry publications and is a frequent speaker at industry symposia. Her entire career has been dedicated to the evolving landscape of information security; and, she is a leader by example, boasting numerous credentials including Certified Lead Auditor for ISO 9001 and ISO 27001. She has led the efforts for multiple organizations in achieving compliance and certification to ISO 27001, ISO 20000, HIPAA, SOC2, NIST, PCI DSS, and CMMC standards. Prior to Needling Worldwide, she served as Chief Information Security Officer for OneAmerica Financial Services, Reverse Technology Group, and San Juan Construction, Inc., Chief Compliance Officer and Global Director of Information Security and Compliance for Recall Holdings, Director of Data Privacy and Information Management for IHG and other Senior Management roles including for The Coca-Cola Company.
Abstract for Cyber Strategy Retreat in Atlanta
“Walking the Talk of Cybersecurity”
The core concept of the talk? That too many organizations are on the verge of going off the proverbial cliff by neglecting to do the difficult, non-glamorous work beneath the headlines and the furious investments in cyberdefense technology.
As a consultant deeply involved with organizations of every size all across the United States, Paige sees first hand – and from a ‘crow’s nest’ perspective – the troubling disconnects starting to bare their ugly teeth in so many companies. These are organizations trying to do the right thing, which in most cases is throw talk and as much money as they can at perimeter security, authentication protocols and all manner of goods and gadgets that the headlines say will make them safer. And perhaps they will. But, according to Ms. Needling, crucial “basics” are being ignored and they threaten to undermine the “real world” security footing of these organizations. Simple things are always simple to do. Which may explain why so many companies pay lip service, at best, to things like Security Awareness Training for employees – why an ultra-secure office is still wide open to breach from vendors and business partners, either physically entering their building or introducing hack vectors through unsecure (or non-integrated) systems.
Central to this discussion are a series of critical “disconnects” and lack of alignment within organizations, making cybersecurity a top “talking point” for senior executives and Boards who don’t necessarily have the cyber IQ or strategic incentive to connect all the dots down in the trenches. It’s the reason that the CISO still has trouble finding audience with the Board, and why, in most companies, their own employees are still the greatest threat to security.