Testimonials

Testimonials from Colleagues:

Dennis Bovin, Investment Banker, former Bear Stearns: An outstanding professional and a classy lady!

Peter Cherasia, Head of IT and Operations, JP Morgan Investment Banking Division: Jennifer was always looking out for the best way to secure our systems, and motivated the rest of us to excel in security as well.

Buzz Moschetti, Head of Architecture, JP Morgan Investment Banking Division: Jennifer has a unique blend of security practice, audit, and technical down-to-the-network skills. Combined with her energy, focus, and hands-on, goal-oriented personality, she can design and implement complete security solutions that have solid technical and process management plans.

Steven Wexman, JP Morgan Chase IT Risk Management: Jennifer is a bright, tireless and energetic security professional whose ability to solve or mitigate IT security risk in a cost effective manner brought her much admiration and well deserved respect. In my prior role as the IT Audit Director at Bear Stearns, I valued her partnership and often sought her counsel and appreciated her contributions and opinions.

Rick Wysocki, JP Morgan Prime Broker Product Development: For many clients, a significant concern of theirs is data security and confidentiality. We often invited Jennifer to client conversations devoted to this topic. Jennifer truly shines during these meetings. Her participation helps us win this type of business.

Bear Stearns Human Resources: Coincidentally, the month Bear collapsed into JP Morgan was Women's History Month. The HR department coordinated the Bear Stearns Intranet Website observation of Women's History Month and featured Jennifer, providing a convenient Bear Stearns testimonial.

Testimonials from Industry Associations:

Susan Caldwell, CEO, Information Audit and Control Association (ISACA) ( www.isaca.org): We have been pleased to feature Jennifer Bayuk as a speaker at several ISACA conferences both in the United States and in Europe. Given her attainment of the Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and Certified in the Governance of Enterprise IT (CGEIT) credentials, and her authorship of two successful books, she is well qualified to address topics in IT audit and assurance, information security management, IT governance, and IT control issues. Her expertise, professional perspective, and well-organized presentations are always well received by the conference attendees—especially because of the practical and immediately useful nature of the information she imparts.

Robert Richardson, Director, Computer Security Institute ( www.gocsi.com): Jennifer is one of CSI’s key “reality check” resources when it comes to what’s really going on in upper-level management of Information Security. She’s someone who’s always looking for the upcoming issues our community will have to deal with—she not only masters them herself, but makes them easily accessible by our less experienced members.

Pricilla Tate, Executive Director, Technology Managers Forum ( www.techforum.com): Jennifer Bayuk is a consummate IT professional and one of those speakers that hits you with a velvet glove. She's not only articulate about the enterprise security issues facing financial services organizations, she speaks with authority--she's walked the walk. Her credentials in information security and IT governance will blow your socks off. Credentials aside, she shares her knowledge and experience generously, and gives back to the security community at-large. A frequent speaker at our Security Forums for senior IT managers from the Fortune 500--when we're lucky enough to get her--Jennifer's a huge draw for attendees who know her in person and by reputation. She wields clout and influence in the security world for a good reason. She knows her stuff. But she also knows how to communicate her knowledge to her audience in a clear and engaging way. We can't recommend her more highly as a speaker at IT events.

Art Trager, former Vice President, Technology & Affinity Programs, Securities Industry and Financial Markets Association ( www.sifma.org): Jennifer is WICKED smart on information security matters and a great speaker as well. She is "TOPS" in her field. She has Chaired an industry Info Security Committee for our members (financial services) for the last several years and easily provides practical answers to InfoSec questions from the heads of technology and legal for brokerage firms no matter what their base level of InfoSec knowledge.

Testimonials from Luminaries:

Warren Axelrod: (Jennifer's) range of experience brings the balance and reason that is expressed so well in the book. ... It takes the experience of the author, as expressed in the book, to ... guide the auditor and auditee along a path that is win-win for the participants and benefits the audited organization as a whole. - in ISACA Control Journal, Volume 5, 2005
(Jennifer's second book) is so full of information, issues and advice, it may require careful reading and rereading to internalize some of the most critical areas, but it is well worth the effort. - in ISACA Control Journal, Volume 3, 2008

William Safire: A brilliant executive - in On Language Column, NY Times, 12/04/05

Luminary Endorsement Quotes for the book: Enterprise Security for the Executive: Setting the Tone at the Top Praeger

Ed Amoroso, Chief Information Security Officer, AT&T, author of CyberSecurity, Intrusion Detection, and Fundamentals of Computer Security. :
“Jennifer's book will prove invaluable to anyone concerned with improving security!”

Warren Axelrod, Financial Services technology Officer, former Chief Information Security Officer, author of Outsourcing Information Security, and editor, Enterprise Security and Privacy.:
“Author Jennifer Bayuk, a well-known thought leader among information security professionals, masterfully draws from her broad experience to guide readers easily through the complexities of security governance.”

Dan Geer, Chief Information Security Officer, In-Q-Tel :
“The one true power of the executive is the power to appoint. The one true measure of the executive is what did not happen on their watch. These truths are rarely acknowledged, and uncommonly understood. Jennifer Bayuk understands them as she has lived them, and she has lived them because she understands. She does not write for everyone; perhaps she writes for you.”

Robert F. Gleason, Director Strategic Relations, Ernst & Young LLP :
“Enterprise Security for the Executive is a refreshing approach to the realities of what is really needed in the executive ranks to facilitate and drive results around improving your security posture and minimizing your risk exposures. Bayuk provides proven insights around the cultural and political minefields one needs to navigate as you build consensus to drive change across the enterprise. Tone at the top is the motivator in the business world cultural environment. Without it you will struggle to reach meaningful goals and at best will effectuate departmental or perhaps divisional improvements in your profile. This is a must read for anyone who is trying to learn more effective ways to get the ‘people and process’ side of the equation right before they consider technology.”

Richard Power, Distinguished Fellow, Carnegie Mellon CyLab :
"Jennifer Bayuk is one of the savviest security professionals in the field today, and so it is no surprise that Enterprise Security for the Executive is an important contribution. It addresses the most challenging and pressing information security issue: the lack of practical experience and institutional memory at the C-level and in the Board Room. Put Enterprise Security for the Executive in the hands of a responsible executive, and you have something more formidable than the most sophisticated authentication system or the most powerful crypto -- someone who can make a mandate meaningful and a plan pervasive."

Prof. Howard A. Schmidt, President & CEO, Information Security Forum, White House Cyber Security Advisor for Bush and Obama :
“One of the challenges that we have found over the years is translating “security speak” into clear business terms and articulating the return on security investment (ROSI). Jennifer, based on a successful career in Information Security, explains the successful way to accomplish this difficult mission. A must read for security and non security professionals.”

Dan Schutzer, Executive Director, Financial Services Technology Consortium :
“This book is an excellent read of the practical aspects of building, marketing and maintaining an effective security program, within a business enterprise. It tells it like it is, including how to deal with corporate culture.”

Testimonials from Clients gathered from first consulting assignments.
Note that I stopped collecting testimonials for website posting after the first few, as my business generally comes via word of mouth. But current client references are of course available upon request.

Don Fergus, Vice President and Chief Marketing Officer, Lowers and Associates: As an international risk mitigation services firm, there are times when our clients require a level of experience and insight related to Information Security Governance not available in-house. Jennifer not only brings this difficult-to-find subject matter expertise, but her persistence and focus on the end game is exemplary.

John Jack, CEO, Fortify Software: Jennifer really understands how to reach an InfoSec audience. Her webinar set records for attendance and the product features she recommends are spot-on with our customer's feedback.

Gene Kim,CTO, Tripwire: Information security is a discipline that impacts almost every aspect of a business, spanning from protecting shareholder value and company reputation, protecting systems and data and ensuring compliance. There are grave implications when information security fails, and yet success often hinges on both logical rigor and effective organizational influence. Jennifer has clearly mastered both. Jennifer Bayuk has done more than anyone I know to state precisely what is required for information security to succeed, spanning both theory and practice. I consider myself very fortunate for her mentorship and coaching since 2000 in areas of IT operations, information security, IT governance, risk management and metrics. In forty years, I'm sure everyone will understand what she knows, but in the meantime, her expertise, understanding, and clarity of thinking is rare, valuable and unmatched.

Alain Mayer, CTO and Founder, RedSeal Systems: Jennifer not only produced an innovative and thorough set of requirements, she also helped us understand how CIOs and CISOs think.

Joe Schenk, Managing Partner, First NY Securities: As a CEO of a diverse financial services firm, issues of online security and technology efficiency are always a major concern. Having someone of Jennifer’s caliber come in and assess our current systems -- as well as propose and execute efficient solutions -- offers me peace of mind and allows me to concentrate on continuing to build our business.

Home