Compliance Program Manager, Interagency Security Committee
Cybersecurity and Infrastructure Security Agency
Deana Bollaci serves as compliance program manager for the Interagency Security Committee (ISC) within the Infrastructure Security Division of the Cybersecurity and Infrastructure Security Agency (CISA). In this role, she is responsible for developing the ISC’s processes on how to assess the compliance of the federal enterprise with the ISC standards and policies as per EO 12977. The compliance program has three main components under her supervision: annual reporting, assistance to stakeholders and compliance verification.
Prior to her joining CISA as a federal employee, Bollaci worked in the private sector as a consultant and program manager supporting several federal agencies to include the U.S. Department of Defense, the U.S. Department of Homeland Security, U.S. Customs and Border Protection, the U.S. Secret Service and CISA. While providing consulting services for CISA, she supported the ISC and the Cyber Security Division.
Bollaci is an experienced protection and security professional with over 15 years of program leadership. She holds a Master of Public Administration from Columbia University’s School of International and Public Affairs and a political science and business administration degree from Northeastern University. She holds Project Management Professional, Certified ScrumMaster and Lean Six Sigma Green Belt certifications.
Convergence is no longer something to aim for – it is a strategic imperative. Today’s threats include hybrid attacks targeting both physical and cyber assets. Advancements in technology and the integration of the Internet of Things into security operations and business processes have connected individual security devices and operational technology to the vast virtual ecosystem, expanding the potential attack surface of facilities and making traditional physical security and safety systems more vulnerable.
Providing reliable security for organizational assets presents numerous challenges for the security professional. Unfortunately, in many organizations, security is often controlled by separate authorities, resulting in a siloed approach to security. When organizational elements operate independently with minimal or no collaboration, the organization’s overall security is reduced.
This session will touch on the challenges of security convergence before providing an in-depth set of solutions and their associated long-term benefits, with a special emphasis on the recent Interagency Security Committee publication Security Convergence: Achieving Integrated Security: An Interagency Security Committee Best Practice.