Razvan C. Grigorescu

Razvan C. Grigorescu

Razvan C. Grigorescu

Information Security Manager / CISO CEC BANK SA


Information Security Manager / CISO CEC BANK SA

– More than 20 Years of experience in designing, implementing, operating and securing IT&C infrastructures inside financial institutions;

– Certified in the information security management, information systems auditor, project management, vulnerability management and policy compliance, business continuity, risk management, governance of enterprise IT;

– Holds a PhD in Computer Science with the title of thesis: “Satellite communication techniques with applications in the banking sector / First documented ATM connected to a satellite VSAT network”.

Razvan is responsible for the management of the information security strategy of CEC BANK. He performs regular risk assessments in order to identify, develop, implement and maintain security processes to control operational risk, adjusting accordingly the incident response program and resources and limit the negative effects in case of security incidents. He develops internal information security policies, standards and procedures and is accounted for their compliance. Provides decision support to the Board and / or Managing Committee, briefing about the information security critical risks that are (or tend to be) outside of the committed risk level; Collaborates with all other internal departments to identify and implement appropriate mechanisms for the protection of information assets, being part of the projects/systems development lifecycle; Develops in collaboration with the other departments involved, The Business Continuity Plan and resuming disaster procedures”; He performs periodic assessments of the impact on the business functions (Business Impact Assessment) and proposes improvements in order to decrease the operational risks that may arise in the current activity.



CISO Reborned – Leading The New Management Information Security Model

The business landscape is rapidly evolving. As customer data and intellectual property evolve and invite new forms of information theft, besides the well-established duties of monitoring, repelling, and responding to cyber threats, CISO’s are facing now challenging responsibilities by meeting compliance with the latest EU requirements.

A modern approach to address the current state of cyber warfare, would be to adopt an Information security management model on three different levels :

Strategic : Involves creating security policies, dealing with people issues (high-level issues of functionality for all stakeholders) and evaluating threats and risks.

Development of enterprise security architecture requires a shared vision among the stakeholders, by integrating the information security principles in the management processes and policies of the enterprise. The security professional must advise top management on strategic security decisions and be able to gain their support

Tactical : Involves how the security systems are developed and implemented to meet policy requirements.

The tactical aspect of information security can be viewed as a security development life cycle (SecDLC) which includes the development of security standards and effective security management practices.

Operational:  management involves maintaining and monitoring the enforcement of information security policies, building an information security architecture with emerging niche technologies, specialized personnel and incident response teams.

We are talking about an active operational role that CISO has to take, by coordinate activities related to the people, processes and technologies involved in providing situational awareness through the detection, containment, and remediation of IT&C threats. CISO will be in charge with SOC/iSOC coordination, managing incidents for the enterprise, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. These dedicated information security teams will also monitor applications to identify a possible cyber-attack or intrusion (event) and determines if it is a real, malicious threat (incident), and if it could have a business impact.

Cyber Security Congress